diff --git a/Makefile b/Makefile index 186aec6b82b..8c6fc3220da 100644 --- a/Makefile +++ b/Makefile @@ -942,13 +942,13 @@ static: static_c static_cxx static_c: $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgrpc_unsecure.a -static_cxx: $(LIBDIR)/$(CONFIG)/libgrpc++.a +static_cxx: $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.a shared: shared_c shared_cxx shared_c: $(LIBDIR)/$(CONFIG)/libgpr.$(SHARED_EXT) $(LIBDIR)/$(CONFIG)/libgrpc.$(SHARED_EXT) $(LIBDIR)/$(CONFIG)/libgrpc_unsecure.$(SHARED_EXT) -shared_cxx: $(LIBDIR)/$(CONFIG)/libgrpc++.$(SHARED_EXT) +shared_cxx: $(LIBDIR)/$(CONFIG)/libgrpc++.$(SHARED_EXT) $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.$(SHARED_EXT) shared_csharp: shared_c $(LIBDIR)/$(CONFIG)/libgrpc_csharp_ext.$(SHARED_EXT) grpc_csharp_ext: shared_csharp @@ -1844,6 +1844,8 @@ strip-static_cxx: static_cxx ifeq ($(CONFIG),opt) $(E) "[STRIP] Stripping libgrpc++.a" $(Q) $(STRIP) $(LIBDIR)/$(CONFIG)/libgrpc++.a + $(E) "[STRIP] Stripping libgrpc++_unsecure.a" + $(Q) $(STRIP) $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.a endif strip-shared_c: shared_c @@ -1860,6 +1862,8 @@ strip-shared_cxx: shared_cxx ifeq ($(CONFIG),opt) $(E) "[STRIP] Stripping libgrpc++.so" $(Q) $(STRIP) $(LIBDIR)/$(CONFIG)/libgrpc++.$(SHARED_EXT) + $(E) "[STRIP] Stripping libgrpc++_unsecure.so" + $(Q) $(STRIP) $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.$(SHARED_EXT) endif strip-shared_csharp: shared_csharp @@ -2019,6 +2023,9 @@ install-static_cxx: static_cxx strip-static_cxx $(E) "[INSTALL] Installing libgrpc++.a" $(Q) $(INSTALL) -d $(prefix)/lib $(Q) $(INSTALL) $(LIBDIR)/$(CONFIG)/libgrpc++.a $(prefix)/lib/libgrpc++.a + $(E) "[INSTALL] Installing libgrpc++_unsecure.a" + $(Q) $(INSTALL) -d $(prefix)/lib + $(Q) $(INSTALL) $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.a $(prefix)/lib/libgrpc++_unsecure.a @@ -2083,6 +2090,19 @@ ifneq ($(SYSTEM),Darwin) $(Q) ln -sf libgrpc++.$(SHARED_EXT) $(prefix)/lib/libgrpc++.so endif endif +ifeq ($(SYSTEM),MINGW32) + $(E) "[INSTALL] Installing grpc++_unsecure.$(SHARED_EXT)" + $(Q) $(INSTALL) -d $(prefix)/lib + $(Q) $(INSTALL) $(LIBDIR)/$(CONFIG)/grpc++_unsecure.$(SHARED_EXT) $(prefix)/lib/grpc++_unsecure.$(SHARED_EXT) + $(Q) $(INSTALL) $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure-imp.a $(prefix)/lib/libgrpc++_unsecure-imp.a +else + $(E) "[INSTALL] Installing libgrpc++_unsecure.$(SHARED_EXT)" + $(Q) $(INSTALL) -d $(prefix)/lib + $(Q) $(INSTALL) $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.$(SHARED_EXT) $(prefix)/lib/libgrpc++_unsecure.$(SHARED_EXT) +ifneq ($(SYSTEM),Darwin) + $(Q) ln -sf libgrpc++_unsecure.$(SHARED_EXT) $(prefix)/lib/libgrpc++_unsecure.so +endif +endif ifneq ($(SYSTEM),MINGW32) ifneq ($(SYSTEM),Darwin) $(Q) ldconfig || true @@ -2350,7 +2370,6 @@ LIBGRPC_SRC = \ src/core/security/server_secure_chttp2.c \ src/core/surface/init_secure.c \ src/core/surface/secure_channel_create.c \ - src/core/surface/secure_server_create.c \ src/core/tsi/fake_transport_security.c \ src/core/tsi/ssl_transport_security.c \ src/core/tsi/transport_security.c \ @@ -2496,7 +2515,6 @@ src/core/security/security_context.c: $(OPENSSL_DEP) src/core/security/server_secure_chttp2.c: $(OPENSSL_DEP) src/core/surface/init_secure.c: $(OPENSSL_DEP) src/core/surface/secure_channel_create.c: $(OPENSSL_DEP) -src/core/surface/secure_server_create.c: $(OPENSSL_DEP) src/core/tsi/fake_transport_security.c: $(OPENSSL_DEP) src/core/tsi/ssl_transport_security.c: $(OPENSSL_DEP) src/core/tsi/transport_security.c: $(OPENSSL_DEP) @@ -2602,13 +2620,13 @@ $(LIBDIR)/$(CONFIG)/libgrpc.a: $(ZLIB_DEP) $(OPENSSL_DEP) $(LIBGRPC_OBJS) $(Q) mkdir -p `dirname $@` $(Q) rm -f $(LIBDIR)/$(CONFIG)/libgrpc.a $(Q) $(AR) rcs $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBGRPC_OBJS) - $(Q) rm -rf tmp-merge - $(Q) mkdir tmp-merge - $(Q) ( cd tmp-merge ; $(AR) x ../$(LIBDIR)/$(CONFIG)/libgrpc.a ) - $(Q) for l in $(OPENSSL_MERGE_LIBS) ; do ( cd tmp-merge ; ar x ../$${l} ) ; done - $(Q) rm -f $(LIBDIR)/$(CONFIG)/libgrpc.a tmp-merge/__.SYMDEF* - $(Q) ar rcs $(LIBDIR)/$(CONFIG)/libgrpc.a tmp-merge/* - $(Q) rm -rf tmp-merge + $(Q) rm -rf tmp-merge-grpc + $(Q) mkdir tmp-merge-grpc + $(Q) ( cd tmp-merge-grpc ; $(AR) x ../$(LIBDIR)/$(CONFIG)/libgrpc.a ) + $(Q) for l in $(OPENSSL_MERGE_LIBS) ; do ( cd tmp-merge-grpc ; ar x ../$${l} ) ; done + $(Q) rm -f $(LIBDIR)/$(CONFIG)/libgrpc.a tmp-merge-grpc/__.SYMDEF* + $(Q) ar rcs $(LIBDIR)/$(CONFIG)/libgrpc.a tmp-merge-grpc/* + $(Q) rm -rf tmp-merge-grpc ifeq ($(SYSTEM),Darwin) $(Q) ranlib $(LIBDIR)/$(CONFIG)/libgrpc.a endif @@ -2659,7 +2677,6 @@ $(OBJDIR)/$(CONFIG)/src/core/security/security_context.o: $(OBJDIR)/$(CONFIG)/src/core/security/server_secure_chttp2.o: $(OBJDIR)/$(CONFIG)/src/core/surface/init_secure.o: $(OBJDIR)/$(CONFIG)/src/core/surface/secure_channel_create.o: -$(OBJDIR)/$(CONFIG)/src/core/surface/secure_server_create.o: $(OBJDIR)/$(CONFIG)/src/core/tsi/fake_transport_security.o: $(OBJDIR)/$(CONFIG)/src/core/tsi/ssl_transport_security.o: $(OBJDIR)/$(CONFIG)/src/core/tsi/transport_security.o: @@ -3074,17 +3091,21 @@ $(OBJDIR)/$(CONFIG)/src/core/transport/transport.o: LIBGRPC++_SRC = \ + src/cpp/client/secure_credentials.cc \ + src/cpp/server/secure_server_credentials.cc \ src/cpp/client/channel.cc \ src/cpp/client/channel_arguments.cc \ src/cpp/client/client_context.cc \ src/cpp/client/client_unary_call.cc \ src/cpp/client/create_channel.cc \ src/cpp/client/credentials.cc \ + src/cpp/client/insecure_credentials.cc \ src/cpp/client/internal_stub.cc \ src/cpp/common/call.cc \ src/cpp/common/completion_queue.cc \ src/cpp/common/rpc_method.cc \ src/cpp/proto/proto_utils.cc \ + src/cpp/server/insecure_server_credentials.cc \ src/cpp/server/server.cc \ src/cpp/server/server_builder.cc \ src/cpp/server/server_context.cc \ @@ -3151,17 +3172,21 @@ ifneq ($(OPENSSL_DEP),) # This is to ensure the embedded OpenSSL is built beforehand, properly # installing headers to their final destination on the drive. We need this # otherwise parallel compilation will fail if a source is compiled first. +src/cpp/client/secure_credentials.cc: $(OPENSSL_DEP) +src/cpp/server/secure_server_credentials.cc: $(OPENSSL_DEP) src/cpp/client/channel.cc: $(OPENSSL_DEP) src/cpp/client/channel_arguments.cc: $(OPENSSL_DEP) src/cpp/client/client_context.cc: $(OPENSSL_DEP) src/cpp/client/client_unary_call.cc: $(OPENSSL_DEP) src/cpp/client/create_channel.cc: $(OPENSSL_DEP) src/cpp/client/credentials.cc: $(OPENSSL_DEP) +src/cpp/client/insecure_credentials.cc: $(OPENSSL_DEP) src/cpp/client/internal_stub.cc: $(OPENSSL_DEP) src/cpp/common/call.cc: $(OPENSSL_DEP) src/cpp/common/completion_queue.cc: $(OPENSSL_DEP) src/cpp/common/rpc_method.cc: $(OPENSSL_DEP) src/cpp/proto/proto_utils.cc: $(OPENSSL_DEP) +src/cpp/server/insecure_server_credentials.cc: $(OPENSSL_DEP) src/cpp/server/server.cc: $(OPENSSL_DEP) src/cpp/server/server_builder.cc: $(OPENSSL_DEP) src/cpp/server/server_context.cc: $(OPENSSL_DEP) @@ -3186,15 +3211,15 @@ ifeq ($(SYSTEM),MINGW32) $(LIBDIR)/$(CONFIG)/grpc++.$(SHARED_EXT): $(LIBGRPC++_OBJS) $(ZLIB_DEP)$(LIBDIR)/$(CONFIG)/gpr.$(SHARED_EXT)$(LIBDIR)/$(CONFIG)/grpc.$(SHARED_EXT) $(OPENSSL_DEP) $(E) "[LD] Linking $@" $(Q) mkdir -p `dirname $@` - $(Q) $(LDXX) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -shared -Wl,--output-def=$(LIBDIR)/$(CONFIG)/grpc++.def -Wl,--out-implib=$(LIBDIR)/$(CONFIG)/libgrpc++-imp.a -o $(LIBDIR)/$(CONFIG)/grpc++.$(SHARED_EXT) $(LIBGRPC++_OBJS) $(LDLIBS) $(LDLIBS_SECURE) $(OPENSSL_MERGE_LIBS) $(LDLIBSXX) $(LDLIBS_PROTOBUF) -lgpr-imp -lgrpc-imp + $(Q) $(LDXX) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -shared -Wl,--output-def=$(LIBDIR)/$(CONFIG)/grpc++.def -Wl,--out-implib=$(LIBDIR)/$(CONFIG)/libgrpc++-imp.a -o $(LIBDIR)/$(CONFIG)/grpc++.$(SHARED_EXT) $(LIBGRPC++_OBJS) $(LDLIBS) $(LDLIBSXX) $(LDLIBS_PROTOBUF) -lgpr-imp -lgrpc-imp else $(LIBDIR)/$(CONFIG)/libgrpc++.$(SHARED_EXT): $(LIBGRPC++_OBJS) $(ZLIB_DEP) $(LIBDIR)/$(CONFIG)/libgpr.$(SHARED_EXT) $(LIBDIR)/$(CONFIG)/libgrpc.$(SHARED_EXT) $(OPENSSL_DEP) $(E) "[LD] Linking $@" $(Q) mkdir -p `dirname $@` ifeq ($(SYSTEM),Darwin) - $(Q) $(LDXX) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -dynamiclib -o $(LIBDIR)/$(CONFIG)/libgrpc++.$(SHARED_EXT) $(LIBGRPC++_OBJS) $(LDLIBS) $(LDLIBS_SECURE) $(OPENSSL_MERGE_LIBS) $(LDLIBSXX) $(LDLIBS_PROTOBUF) -lgpr -lgrpc + $(Q) $(LDXX) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -dynamiclib -o $(LIBDIR)/$(CONFIG)/libgrpc++.$(SHARED_EXT) $(LIBGRPC++_OBJS) $(LDLIBS) $(LDLIBSXX) $(LDLIBS_PROTOBUF) -lgpr -lgrpc else - $(Q) $(LDXX) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -shared -Wl,-soname,libgrpc++.so.0 -o $(LIBDIR)/$(CONFIG)/libgrpc++.$(SHARED_EXT) $(LIBGRPC++_OBJS) $(LDLIBS) $(LDLIBS_SECURE) $(OPENSSL_MERGE_LIBS) $(LDLIBSXX) $(LDLIBS_PROTOBUF) -lgpr -lgrpc + $(Q) $(LDXX) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -shared -Wl,-soname,libgrpc++.so.0 -o $(LIBDIR)/$(CONFIG)/libgrpc++.$(SHARED_EXT) $(LIBGRPC++_OBJS) $(LDLIBS) $(LDLIBSXX) $(LDLIBS_PROTOBUF) -lgpr -lgrpc $(Q) ln -sf libgrpc++.$(SHARED_EXT) $(LIBDIR)/$(CONFIG)/libgrpc++.so.0 $(Q) ln -sf libgrpc++.$(SHARED_EXT) $(LIBDIR)/$(CONFIG)/libgrpc++.so endif @@ -3210,17 +3235,21 @@ ifneq ($(NO_DEPS),true) endif endif +$(OBJDIR)/$(CONFIG)/src/cpp/client/secure_credentials.o: +$(OBJDIR)/$(CONFIG)/src/cpp/server/secure_server_credentials.o: $(OBJDIR)/$(CONFIG)/src/cpp/client/channel.o: $(OBJDIR)/$(CONFIG)/src/cpp/client/channel_arguments.o: $(OBJDIR)/$(CONFIG)/src/cpp/client/client_context.o: $(OBJDIR)/$(CONFIG)/src/cpp/client/client_unary_call.o: $(OBJDIR)/$(CONFIG)/src/cpp/client/create_channel.o: $(OBJDIR)/$(CONFIG)/src/cpp/client/credentials.o: +$(OBJDIR)/$(CONFIG)/src/cpp/client/insecure_credentials.o: $(OBJDIR)/$(CONFIG)/src/cpp/client/internal_stub.o: $(OBJDIR)/$(CONFIG)/src/cpp/common/call.o: $(OBJDIR)/$(CONFIG)/src/cpp/common/completion_queue.o: $(OBJDIR)/$(CONFIG)/src/cpp/common/rpc_method.o: $(OBJDIR)/$(CONFIG)/src/cpp/proto/proto_utils.o: +$(OBJDIR)/$(CONFIG)/src/cpp/server/insecure_server_credentials.o: $(OBJDIR)/$(CONFIG)/src/cpp/server/server.o: $(OBJDIR)/$(CONFIG)/src/cpp/server/server_builder.o: $(OBJDIR)/$(CONFIG)/src/cpp/server/server_context.o: @@ -3295,6 +3324,125 @@ endif $(OBJDIR)/$(CONFIG)/test/cpp/util/create_test_channel.o: $(GENDIR)/test/cpp/util/messages.pb.cc $(GENDIR)/test/cpp/util/echo.pb.cc $(GENDIR)/test/cpp/util/echo_duplicate.pb.cc +LIBGRPC++_UNSECURE_SRC = \ + src/cpp/client/channel.cc \ + src/cpp/client/channel_arguments.cc \ + src/cpp/client/client_context.cc \ + src/cpp/client/client_unary_call.cc \ + src/cpp/client/create_channel.cc \ + src/cpp/client/credentials.cc \ + src/cpp/client/insecure_credentials.cc \ + src/cpp/client/internal_stub.cc \ + src/cpp/common/call.cc \ + src/cpp/common/completion_queue.cc \ + src/cpp/common/rpc_method.cc \ + src/cpp/proto/proto_utils.cc \ + src/cpp/server/insecure_server_credentials.cc \ + src/cpp/server/server.cc \ + src/cpp/server/server_builder.cc \ + src/cpp/server/server_context.cc \ + src/cpp/server/server_credentials.cc \ + src/cpp/server/thread_pool.cc \ + src/cpp/util/status.cc \ + src/cpp/util/time.cc \ + +PUBLIC_HEADERS_CXX += \ + include/grpc++/async_unary_call.h \ + include/grpc++/channel_arguments.h \ + include/grpc++/channel_interface.h \ + include/grpc++/client_context.h \ + include/grpc++/completion_queue.h \ + include/grpc++/config.h \ + include/grpc++/create_channel.h \ + include/grpc++/credentials.h \ + include/grpc++/impl/call.h \ + include/grpc++/impl/client_unary_call.h \ + include/grpc++/impl/internal_stub.h \ + include/grpc++/impl/rpc_method.h \ + include/grpc++/impl/rpc_service_method.h \ + include/grpc++/impl/service_type.h \ + include/grpc++/server.h \ + include/grpc++/server_builder.h \ + include/grpc++/server_context.h \ + include/grpc++/server_credentials.h \ + include/grpc++/status.h \ + include/grpc++/status_code_enum.h \ + include/grpc++/stream.h \ + include/grpc++/thread_pool_interface.h \ + +LIBGRPC++_UNSECURE_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(LIBGRPC++_UNSECURE_SRC)))) + +ifeq ($(NO_PROTOBUF),true) + +# You can't build a C++ library if you don't have protobuf - a bit overreached, but still okay. + +$(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.a: protobuf_dep_error + +ifeq ($(SYSTEM),MINGW32) +$(LIBDIR)/$(CONFIG)/grpc++_unsecure.$(SHARED_EXT): protobuf_dep_error +else +$(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.$(SHARED_EXT): protobuf_dep_error +endif + +else + +$(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.a: $(ZLIB_DEP) $(PROTOBUF_DEP) $(LIBGRPC++_UNSECURE_OBJS) + $(E) "[AR] Creating $@" + $(Q) mkdir -p `dirname $@` + $(Q) rm -f $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.a + $(Q) $(AR) rcs $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.a $(LIBGRPC++_UNSECURE_OBJS) +ifeq ($(SYSTEM),Darwin) + $(Q) ranlib $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.a +endif + + + +ifeq ($(SYSTEM),MINGW32) +$(LIBDIR)/$(CONFIG)/grpc++_unsecure.$(SHARED_EXT): $(LIBGRPC++_UNSECURE_OBJS) $(ZLIB_DEP)$(LIBDIR)/$(CONFIG)/gpr.$(SHARED_EXT)$(LIBDIR)/$(CONFIG)/grpc_unsecure.$(SHARED_EXT) + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -shared -Wl,--output-def=$(LIBDIR)/$(CONFIG)/grpc++_unsecure.def -Wl,--out-implib=$(LIBDIR)/$(CONFIG)/libgrpc++_unsecure-imp.a -o $(LIBDIR)/$(CONFIG)/grpc++_unsecure.$(SHARED_EXT) $(LIBGRPC++_UNSECURE_OBJS) $(LDLIBS) $(LDLIBSXX) $(LDLIBS_PROTOBUF) -lgpr-imp -lgrpc_unsecure-imp +else +$(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.$(SHARED_EXT): $(LIBGRPC++_UNSECURE_OBJS) $(ZLIB_DEP) $(LIBDIR)/$(CONFIG)/libgpr.$(SHARED_EXT) $(LIBDIR)/$(CONFIG)/libgrpc_unsecure.$(SHARED_EXT) + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` +ifeq ($(SYSTEM),Darwin) + $(Q) $(LDXX) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -dynamiclib -o $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.$(SHARED_EXT) $(LIBGRPC++_UNSECURE_OBJS) $(LDLIBS) $(LDLIBSXX) $(LDLIBS_PROTOBUF) -lgpr -lgrpc_unsecure +else + $(Q) $(LDXX) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -shared -Wl,-soname,libgrpc++_unsecure.so.0 -o $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.$(SHARED_EXT) $(LIBGRPC++_UNSECURE_OBJS) $(LDLIBS) $(LDLIBSXX) $(LDLIBS_PROTOBUF) -lgpr -lgrpc_unsecure + $(Q) ln -sf libgrpc++_unsecure.$(SHARED_EXT) $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.so.0 + $(Q) ln -sf libgrpc++_unsecure.$(SHARED_EXT) $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.so +endif +endif + +endif + +ifneq ($(NO_DEPS),true) +-include $(LIBGRPC++_UNSECURE_OBJS:.o=.dep) +endif + +$(OBJDIR)/$(CONFIG)/src/cpp/client/channel.o: +$(OBJDIR)/$(CONFIG)/src/cpp/client/channel_arguments.o: +$(OBJDIR)/$(CONFIG)/src/cpp/client/client_context.o: +$(OBJDIR)/$(CONFIG)/src/cpp/client/client_unary_call.o: +$(OBJDIR)/$(CONFIG)/src/cpp/client/create_channel.o: +$(OBJDIR)/$(CONFIG)/src/cpp/client/credentials.o: +$(OBJDIR)/$(CONFIG)/src/cpp/client/insecure_credentials.o: +$(OBJDIR)/$(CONFIG)/src/cpp/client/internal_stub.o: +$(OBJDIR)/$(CONFIG)/src/cpp/common/call.o: +$(OBJDIR)/$(CONFIG)/src/cpp/common/completion_queue.o: +$(OBJDIR)/$(CONFIG)/src/cpp/common/rpc_method.o: +$(OBJDIR)/$(CONFIG)/src/cpp/proto/proto_utils.o: +$(OBJDIR)/$(CONFIG)/src/cpp/server/insecure_server_credentials.o: +$(OBJDIR)/$(CONFIG)/src/cpp/server/server.o: +$(OBJDIR)/$(CONFIG)/src/cpp/server/server_builder.o: +$(OBJDIR)/$(CONFIG)/src/cpp/server/server_context.o: +$(OBJDIR)/$(CONFIG)/src/cpp/server/server_credentials.o: +$(OBJDIR)/$(CONFIG)/src/cpp/server/thread_pool.o: +$(OBJDIR)/$(CONFIG)/src/cpp/util/status.o: +$(OBJDIR)/$(CONFIG)/src/cpp/util/time.o: + + LIBPUBSUB_CLIENT_LIB_SRC = \ $(GENDIR)/examples/pubsub/label.pb.cc \ $(GENDIR)/examples/pubsub/empty.pb.cc \ @@ -3468,15 +3616,15 @@ ifeq ($(SYSTEM),MINGW32) $(LIBDIR)/$(CONFIG)/grpc_csharp_ext.$(SHARED_EXT): $(LIBGRPC_CSHARP_EXT_OBJS) $(ZLIB_DEP)$(LIBDIR)/$(CONFIG)/gpr.$(SHARED_EXT)$(LIBDIR)/$(CONFIG)/grpc.$(SHARED_EXT) $(OPENSSL_DEP) $(E) "[LD] Linking $@" $(Q) mkdir -p `dirname $@` - $(Q) $(LD) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -shared -Wl,--output-def=$(LIBDIR)/$(CONFIG)/grpc_csharp_ext.def -Wl,--out-implib=$(LIBDIR)/$(CONFIG)/libgrpc_csharp_ext-imp.a -o $(LIBDIR)/$(CONFIG)/grpc_csharp_ext.$(SHARED_EXT) $(LIBGRPC_CSHARP_EXT_OBJS) $(LDLIBS) $(LDLIBS_SECURE) $(OPENSSL_MERGE_LIBS) -lgpr-imp -lgrpc-imp + $(Q) $(LD) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -shared -Wl,--output-def=$(LIBDIR)/$(CONFIG)/grpc_csharp_ext.def -Wl,--out-implib=$(LIBDIR)/$(CONFIG)/libgrpc_csharp_ext-imp.a -o $(LIBDIR)/$(CONFIG)/grpc_csharp_ext.$(SHARED_EXT) $(LIBGRPC_CSHARP_EXT_OBJS) $(LDLIBS) -lgpr-imp -lgrpc-imp else $(LIBDIR)/$(CONFIG)/libgrpc_csharp_ext.$(SHARED_EXT): $(LIBGRPC_CSHARP_EXT_OBJS) $(ZLIB_DEP) $(LIBDIR)/$(CONFIG)/libgpr.$(SHARED_EXT) $(LIBDIR)/$(CONFIG)/libgrpc.$(SHARED_EXT) $(OPENSSL_DEP) $(E) "[LD] Linking $@" $(Q) mkdir -p `dirname $@` ifeq ($(SYSTEM),Darwin) - $(Q) $(LD) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -dynamiclib -o $(LIBDIR)/$(CONFIG)/libgrpc_csharp_ext.$(SHARED_EXT) $(LIBGRPC_CSHARP_EXT_OBJS) $(LDLIBS) $(LDLIBS_SECURE) $(OPENSSL_MERGE_LIBS) -lgpr -lgrpc + $(Q) $(LD) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -dynamiclib -o $(LIBDIR)/$(CONFIG)/libgrpc_csharp_ext.$(SHARED_EXT) $(LIBGRPC_CSHARP_EXT_OBJS) $(LDLIBS) -lgpr -lgrpc else - $(Q) $(LD) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -shared -Wl,-soname,libgrpc_csharp_ext.so.0 -o $(LIBDIR)/$(CONFIG)/libgrpc_csharp_ext.$(SHARED_EXT) $(LIBGRPC_CSHARP_EXT_OBJS) $(LDLIBS) $(LDLIBS_SECURE) $(OPENSSL_MERGE_LIBS) -lgpr -lgrpc + $(Q) $(LD) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -shared -Wl,-soname,libgrpc_csharp_ext.so.0 -o $(LIBDIR)/$(CONFIG)/libgrpc_csharp_ext.$(SHARED_EXT) $(LIBGRPC_CSHARP_EXT_OBJS) $(LDLIBS) -lgpr -lgrpc $(Q) ln -sf libgrpc_csharp_ext.$(SHARED_EXT) $(LIBDIR)/$(CONFIG)/libgrpc_csharp_ext.so.0 $(Q) ln -sf libgrpc_csharp_ext.$(SHARED_EXT) $(LIBDIR)/$(CONFIG)/libgrpc_csharp_ext.so endif diff --git a/build.json b/build.json index fdf87f311d9..c9500ebe1bd 100644 --- a/build.json +++ b/build.json @@ -9,6 +9,61 @@ } }, "filegroups": [ + { + "name": "grpc++_base", + "public_headers": [ + "include/grpc++/async_unary_call.h", + "include/grpc++/channel_arguments.h", + "include/grpc++/channel_interface.h", + "include/grpc++/client_context.h", + "include/grpc++/completion_queue.h", + "include/grpc++/config.h", + "include/grpc++/create_channel.h", + "include/grpc++/credentials.h", + "include/grpc++/impl/call.h", + "include/grpc++/impl/client_unary_call.h", + "include/grpc++/impl/internal_stub.h", + "include/grpc++/impl/rpc_method.h", + "include/grpc++/impl/rpc_service_method.h", + "include/grpc++/impl/service_type.h", + "include/grpc++/server.h", + "include/grpc++/server_builder.h", + "include/grpc++/server_context.h", + "include/grpc++/server_credentials.h", + "include/grpc++/status.h", + "include/grpc++/status_code_enum.h", + "include/grpc++/stream.h", + "include/grpc++/thread_pool_interface.h" + ], + "headers": [ + "src/cpp/client/channel.h", + "src/cpp/proto/proto_utils.h", + "src/cpp/server/thread_pool.h", + "src/cpp/util/time.h" + ], + "src": [ + "src/cpp/client/channel.cc", + "src/cpp/client/channel_arguments.cc", + "src/cpp/client/client_context.cc", + "src/cpp/client/client_unary_call.cc", + "src/cpp/client/create_channel.cc", + "src/cpp/client/credentials.cc", + "src/cpp/client/insecure_credentials.cc", + "src/cpp/client/internal_stub.cc", + "src/cpp/common/call.cc", + "src/cpp/common/completion_queue.cc", + "src/cpp/common/rpc_method.cc", + "src/cpp/proto/proto_utils.cc", + "src/cpp/server/insecure_server_credentials.cc", + "src/cpp/server/server.cc", + "src/cpp/server/server_builder.cc", + "src/cpp/server/server_context.cc", + "src/cpp/server/server_credentials.cc", + "src/cpp/server/thread_pool.cc", + "src/cpp/util/status.cc", + "src/cpp/util/time.cc" + ] + }, { "name": "grpc_base", "public_headers": [ @@ -80,7 +135,6 @@ "src/core/surface/completion_queue.h", "src/core/surface/event_string.h", "src/core/surface/init.h", - "src/core/surface/lame_client.h", "src/core/surface/server.h", "src/core/surface/surface_trace.h", "src/core/transport/chttp2/bin_encoder.h", @@ -276,7 +330,7 @@ "src/core/support/time_posix.c", "src/core/support/time_win32.c" ], - "secure": false, + "secure": "no", "vs_project_guid": "{B23D3D1A-9438-4EDA-BEB6-9A0A03D17792}" }, { @@ -333,7 +387,6 @@ "src/core/security/server_secure_chttp2.c", "src/core/surface/init_secure.c", "src/core/surface/secure_channel_create.c", - "src/core/surface/secure_server_create.c", "src/core/tsi/fake_transport_security.c", "src/core/tsi/ssl_transport_security.c", "src/core/tsi/transport_security.c" @@ -345,7 +398,7 @@ "filegroups": [ "grpc_base" ], - "secure": true, + "secure": "yes", "vs_project_guid": "{29D16885-7228-4C31-81ED-5F9187C7F2A9}" }, { @@ -385,68 +438,26 @@ "filegroups": [ "grpc_base" ], - "secure": false, + "secure": "no", "vs_project_guid": "{46CEDFFF-9692-456A-AA24-38B5D6BCF4C5}" }, { "name": "grpc++", "build": "all", "language": "c++", - "public_headers": [ - "include/grpc++/async_unary_call.h", - "include/grpc++/channel_arguments.h", - "include/grpc++/channel_interface.h", - "include/grpc++/client_context.h", - "include/grpc++/completion_queue.h", - "include/grpc++/config.h", - "include/grpc++/create_channel.h", - "include/grpc++/credentials.h", - "include/grpc++/impl/call.h", - "include/grpc++/impl/client_unary_call.h", - "include/grpc++/impl/internal_stub.h", - "include/grpc++/impl/rpc_method.h", - "include/grpc++/impl/rpc_service_method.h", - "include/grpc++/impl/service_type.h", - "include/grpc++/server.h", - "include/grpc++/server_builder.h", - "include/grpc++/server_context.h", - "include/grpc++/server_credentials.h", - "include/grpc++/status.h", - "include/grpc++/status_code_enum.h", - "include/grpc++/stream.h", - "include/grpc++/thread_pool_interface.h" - ], - "headers": [ - "src/cpp/client/channel.h", - "src/cpp/proto/proto_utils.h", - "src/cpp/server/thread_pool.h", - "src/cpp/util/time.h" - ], "src": [ - "src/cpp/client/channel.cc", - "src/cpp/client/channel_arguments.cc", - "src/cpp/client/client_context.cc", - "src/cpp/client/client_unary_call.cc", - "src/cpp/client/create_channel.cc", - "src/cpp/client/credentials.cc", - "src/cpp/client/internal_stub.cc", - "src/cpp/common/call.cc", - "src/cpp/common/completion_queue.cc", - "src/cpp/common/rpc_method.cc", - "src/cpp/proto/proto_utils.cc", - "src/cpp/server/server.cc", - "src/cpp/server/server_builder.cc", - "src/cpp/server/server_context.cc", - "src/cpp/server/server_credentials.cc", - "src/cpp/server/thread_pool.cc", - "src/cpp/util/status.cc", - "src/cpp/util/time.cc" + "src/cpp/client/secure_credentials.cc", + "src/cpp/server/secure_server_credentials.cc" ], "deps": [ "gpr", "grpc" ], - "secure": true, + "baselib": true, + "filegroups": [ + "grpc++_base" + ], + "secure": "check", "vs_project_guid": "{C187A093-A0FE-489D-A40A-6E33DE0F9FEB}" }, { @@ -460,6 +471,20 @@ "test/cpp/util/create_test_channel.cc" ] }, + { + "name": "grpc++_unsecure", + "build": "all", + "language": "c++", + "deps": [ + "gpr", + "grpc_unsecure" + ], + "baselib": true, + "filegroups": [ + "grpc++_base" + ], + "secure": "no" + }, { "name": "pubsub_client_lib", "build": "private", @@ -1686,7 +1711,7 @@ "src/compiler/cpp_plugin.cc" ], "deps": [], - "secure": false + "secure": "no" }, { "name": "grpc_python_plugin", @@ -1700,7 +1725,7 @@ "src/compiler/python_plugin.cc" ], "deps": [], - "secure": false + "secure": "no" }, { "name": "grpc_ruby_plugin", @@ -1711,7 +1736,7 @@ "src/compiler/ruby_plugin.cc" ], "deps": [], - "secure": false + "secure": "no" }, { "name": "interop_client", diff --git a/examples/pubsub/main.cc b/examples/pubsub/main.cc index ce22cfa1560..6f7737e2476 100644 --- a/examples/pubsub/main.cc +++ b/examples/pubsub/main.cc @@ -79,8 +79,7 @@ int main(int argc, char** argv) { ss << FLAGS_server_host << ":" << FLAGS_server_port; - std::unique_ptr creds = - grpc::CredentialsFactory::GoogleDefaultCredentials(); + std::unique_ptr creds = grpc::GoogleDefaultCredentials(); std::shared_ptr channel = grpc::CreateChannel(ss.str(), creds, grpc::ChannelArguments()); diff --git a/examples/pubsub/publisher_test.cc b/examples/pubsub/publisher_test.cc index c988b4802eb..f9b6bb3418d 100644 --- a/examples/pubsub/publisher_test.cc +++ b/examples/pubsub/publisher_test.cc @@ -40,6 +40,7 @@ #include #include #include +#include #include #include @@ -106,12 +107,11 @@ class PublisherTest : public ::testing::Test { int port = grpc_pick_unused_port_or_die(); server_address_ << "localhost:" << port; ServerBuilder builder; - builder.AddPort(server_address_.str()); + builder.AddPort(server_address_.str(), grpc::InsecureServerCredentials()); builder.RegisterService(&service_); server_ = builder.BuildAndStart(); - channel_ = - CreateChannelDeprecated(server_address_.str(), ChannelArguments()); + channel_ = CreateChannel(server_address_.str(), grpc::InsecureCredentials(), ChannelArguments()); publisher_.reset(new grpc::examples::pubsub::Publisher(channel_)); } diff --git a/examples/pubsub/subscriber_test.cc b/examples/pubsub/subscriber_test.cc index 4ff125f4b3a..2d606336add 100644 --- a/examples/pubsub/subscriber_test.cc +++ b/examples/pubsub/subscriber_test.cc @@ -40,6 +40,7 @@ #include #include #include +#include #include #include @@ -104,12 +105,11 @@ class SubscriberTest : public ::testing::Test { int port = grpc_pick_unused_port_or_die(); server_address_ << "localhost:" << port; ServerBuilder builder; - builder.AddPort(server_address_.str()); + builder.AddPort(server_address_.str(), grpc::InsecureServerCredentials()); builder.RegisterService(&service_); server_ = builder.BuildAndStart(); - channel_ = - CreateChannelDeprecated(server_address_.str(), ChannelArguments()); + channel_ = CreateChannel(server_address_.str(), grpc::InsecureCredentials(), ChannelArguments()); subscriber_.reset(new grpc::examples::pubsub::Subscriber(channel_)); } diff --git a/include/grpc++/channel_arguments.h b/include/grpc++/channel_arguments.h index ad96ef14ae3..b649ba23b85 100644 --- a/include/grpc++/channel_arguments.h +++ b/include/grpc++/channel_arguments.h @@ -62,6 +62,9 @@ class ChannelArguments { void SetInt(const grpc::string& key, int value); void SetString(const grpc::string& key, const grpc::string& value); + // Populates given channel_args with args_, does not take ownership. + void SetChannelArgs(grpc_channel_args* channel_args) const; + private: friend class Channel; friend class testing::ChannelArgumentsTest; @@ -73,9 +76,6 @@ class ChannelArguments { // Returns empty string when it is not set. grpc::string GetSslTargetNameOverride() const; - // Populates given channel_args with args_, does not take ownership. - void SetChannelArgs(grpc_channel_args* channel_args) const; - std::vector args_; std::list strings_; }; diff --git a/include/grpc++/create_channel.h b/include/grpc++/create_channel.h index 3f13188365c..da375b97db4 100644 --- a/include/grpc++/create_channel.h +++ b/include/grpc++/create_channel.h @@ -43,11 +43,6 @@ namespace grpc { class ChannelArguments; class ChannelInterface; -// Deprecation warning: This function will soon be deleted -// (See pull request #711) -std::shared_ptr CreateChannelDeprecated( - const grpc::string& target, const ChannelArguments& args); - // If creds does not hold an object or is invalid, a lame channel is returned. std::shared_ptr CreateChannel( const grpc::string& target, const std::unique_ptr& creds, diff --git a/include/grpc++/credentials.h b/include/grpc++/credentials.h index 12c1a2fc98a..c677cc3e0a3 100644 --- a/include/grpc++/credentials.h +++ b/include/grpc++/credentials.h @@ -39,29 +39,29 @@ #include -struct grpc_credentials; - namespace grpc { +class ChannelArguments; +class ChannelInterface; +class SecureCredentials; -// grpc_credentials wrapper class. Typical use in C++ applications is limited -// to creating an instance using CredentialsFactory, and passing it down -// during channel construction. - -class Credentials GRPC_FINAL { +class Credentials { public: - ~Credentials(); + virtual ~Credentials(); - // TODO(abhikumar): Specify a plugin API here to be implemented by - // credentials that do not have a corresponding implementation in C. + protected: + friend std::unique_ptr CompositeCredentials( + const std::unique_ptr& creds1, + const std::unique_ptr& creds2); - private: - explicit Credentials(grpc_credentials*); - grpc_credentials* GetRawCreds(); + virtual SecureCredentials* AsSecureCredentials() = 0; - friend class Channel; - friend class CredentialsFactory; + private: + friend std::shared_ptr CreateChannel( + const grpc::string& target, const std::unique_ptr& creds, + const ChannelArguments& args); - grpc_credentials* creds_; + virtual std::shared_ptr CreateChannel( + const grpc::string& target, const ChannelArguments& args) = 0; }; // Options used to build SslCredentials @@ -79,57 +79,44 @@ struct SslCredentialsOptions { grpc::string pem_cert_chain; }; -// Factory for building different types of Credentials -// The methods may return empty unique_ptr when credentials cannot be created. +// Factories for building different types of Credentials +// The functions may return empty unique_ptr when credentials cannot be created. // If a Credentials pointer is returned, it can still be invalid when used to // create a channel. A lame channel will be created then and all rpcs will // fail on it. -class CredentialsFactory { - public: - // Builds google credentials with reasonable defaults. - // WARNING: Do NOT use this credentials to connect to a non-google service as - // this could result in an oauth2 token leak. - static std::unique_ptr GoogleDefaultCredentials(); - - // Builds SSL Credentials given SSL specific options - static std::unique_ptr SslCredentials( - const SslCredentialsOptions& options); - - // Builds credentials for use when running in GCE - // WARNING: Do NOT use this credentials to connect to a non-google service as - // this could result in an oauth2 token leak. - static std::unique_ptr ComputeEngineCredentials(); - - // Builds service account credentials. - // WARNING: Do NOT use this credentials to connect to a non-google service as - // this could result in an oauth2 token leak. - // json_key is the JSON key string containing the client's private key. - // scope is a space-delimited list of the requested permissions. - // token_lifetime is the lifetime of each token acquired through this service - // account credentials. It should be positive and should not exceed - // grpc_max_auth_token_lifetime or will be cropped to this value. - static std::unique_ptr ServiceAccountCredentials( - const grpc::string& json_key, const grpc::string& scope, - std::chrono::seconds token_lifetime); - - // Builds JWT credentials. - // json_key is the JSON key string containing the client's private key. - // token_lifetime is the lifetime of each Json Web Token (JWT) created with - // this credentials. It should not exceed grpc_max_auth_token_lifetime or - // will be cropped to this value. - static std::unique_ptr JWTCredentials( - const grpc::string& json_key, std::chrono::seconds token_lifetime); - - // Builds IAM credentials. - static std::unique_ptr IAMCredentials( - const grpc::string& authorization_token, - const grpc::string& authority_selector); - - // Combines two credentials objects into a composite credentials - static std::unique_ptr CompositeCredentials( - const std::unique_ptr& creds1, - const std::unique_ptr& creds2); -}; + +// Builds credentials with reasonable defaults. +std::unique_ptr GoogleDefaultCredentials(); + +// Builds SSL Credentials given SSL specific options +std::unique_ptr SslCredentials( + const SslCredentialsOptions& options); + +// Builds credentials for use when running in GCE +std::unique_ptr ComputeEngineCredentials(); + +// Builds service account credentials. +// json_key is the JSON key string containing the client's private key. +// scope is a space-delimited list of the requested permissions. +// token_lifetime is the lifetime of each token acquired through this service +// account credentials. It should be positive and should not exceed +// grpc_max_auth_token_lifetime or will be cropped to this value. +std::unique_ptr ServiceAccountCredentials( + const grpc::string& json_key, const grpc::string& scope, + std::chrono::seconds token_lifetime); + +// Builds IAM credentials. +std::unique_ptr IAMCredentials( + const grpc::string& authorization_token, + const grpc::string& authority_selector); + +// Combines two credentials objects into a composite credentials +std::unique_ptr CompositeCredentials( + const std::unique_ptr& creds1, + const std::unique_ptr& creds2); + +// Credentials for an unencrypted, unauthenticated channel +std::unique_ptr InsecureCredentials(); } // namespace grpc diff --git a/include/grpc++/server.h b/include/grpc++/server.h index e3ba93e4877..cc9cbe2e8dd 100644 --- a/include/grpc++/server.h +++ b/include/grpc++/server.h @@ -75,15 +75,14 @@ class Server GRPC_FINAL : private CallHook, class AsyncRequest; // ServerBuilder use only - Server(ThreadPoolInterface* thread_pool, bool thread_pool_owned, - ServerCredentials* creds); - Server(); + Server(ThreadPoolInterface* thread_pool, bool thread_pool_owned); + Server() = delete; // Register a service. This call does not take ownership of the service. // The service must exist for the lifetime of the Server instance. bool RegisterService(RpcService* service); bool RegisterAsyncService(AsynchronousService* service); // Add a listening port. Can be called multiple times. - int AddPort(const grpc::string& addr); + int AddPort(const grpc::string& addr, ServerCredentials* creds); // Start the server. bool Start(); @@ -113,13 +112,11 @@ class Server GRPC_FINAL : private CallHook, std::list sync_methods_; // Pointer to the c grpc server. - grpc_server* server_; + grpc_server* const server_; ThreadPoolInterface* thread_pool_; // Whether the thread pool is created and owned by the server. bool thread_pool_owned_; - // Whether the server is created with credentials. - bool secure_; }; } // namespace grpc diff --git a/include/grpc++/server_builder.h b/include/grpc++/server_builder.h index 5566002dc22..a3270775637 100644 --- a/include/grpc++/server_builder.h +++ b/include/grpc++/server_builder.h @@ -65,11 +65,9 @@ class ServerBuilder { void RegisterAsyncService(AsynchronousService* service); // Add a listening port. Can be called multiple times. - void AddPort(const grpc::string& addr); - - // Set a ServerCredentials. Can only be called once. - // TODO(yangg) move this to be part of AddPort - void SetCredentials(const std::shared_ptr& creds); + void AddPort(const grpc::string& addr, + std::shared_ptr creds, + int* selected_port = nullptr); // Set the thread pool used for running appliation rpc handlers. // Does not take ownership. @@ -79,9 +77,15 @@ class ServerBuilder { std::unique_ptr BuildAndStart(); private: + struct Port { + grpc::string addr; + std::shared_ptr creds; + int* selected_port; + }; + std::vector services_; std::vector async_services_; - std::vector ports_; + std::vector ports_; std::shared_ptr creds_; ThreadPoolInterface* thread_pool_; }; diff --git a/include/grpc++/server_credentials.h b/include/grpc++/server_credentials.h index 45cd279e0b0..83ae9fd1eb0 100644 --- a/include/grpc++/server_credentials.h +++ b/include/grpc++/server_credentials.h @@ -39,24 +39,21 @@ #include -struct grpc_server_credentials; +struct grpc_server; namespace grpc { +class Server; // grpc_server_credentials wrapper class. -class ServerCredentials GRPC_FINAL { +class ServerCredentials { public: - ~ServerCredentials(); + virtual ~ServerCredentials(); private: - explicit ServerCredentials(grpc_server_credentials* c_creds); + friend class ::grpc::Server; - grpc_server_credentials* GetRawCreds(); - - friend class ServerCredentialsFactory; - friend class Server; - - grpc_server_credentials* creds_; + virtual int AddPortToServer(const grpc::string& addr, + grpc_server* server) = 0; }; // Options to create ServerCredentials with SSL @@ -69,13 +66,11 @@ struct SslServerCredentialsOptions { std::vector pem_key_cert_pairs; }; -// Factory for building different types of ServerCredentials -class ServerCredentialsFactory { - public: - // Builds SSL ServerCredentials given SSL specific options - static std::shared_ptr SslCredentials( - const SslServerCredentialsOptions& options); -}; +// Builds SSL ServerCredentials given SSL specific options +std::shared_ptr SslServerCredentials( + const SslServerCredentialsOptions& options); + +std::shared_ptr InsecureServerCredentials(); } // namespace grpc diff --git a/include/grpc/grpc.h b/include/grpc/grpc.h index bb1653101f4..e401da873bb 100644 --- a/include/grpc/grpc.h +++ b/include/grpc/grpc.h @@ -436,6 +436,9 @@ grpc_call_error grpc_call_start_batch(grpc_call *call, const grpc_op *ops, grpc_channel *grpc_channel_create(const char *target, const grpc_channel_args *args); +/* Create a lame client: this client fails every operation attempted on it. */ +grpc_channel *grpc_lame_client_channel_create(void); + /* Close and destroy a grpc channel */ void grpc_channel_destroy(grpc_channel *channel); diff --git a/include/grpc/grpc_security.h b/include/grpc/grpc_security.h index 577f03e85fe..ab2cc08489d 100644 --- a/include/grpc/grpc_security.h +++ b/include/grpc/grpc_security.h @@ -169,17 +169,12 @@ grpc_server_credentials *grpc_fake_transport_security_server_credentials_create( /* --- Secure server creation. --- */ -/* Creates a secure server using the passed-in server credentials. */ -grpc_server *grpc_secure_server_create(grpc_server_credentials *creds, - grpc_completion_queue *cq, - const grpc_channel_args *args); - /* Add a HTTP2 over an encrypted link over tcp listener. Server must have been created with grpc_secure_server_create. Returns bound port number on success, 0 on failure. REQUIRES: server not started */ -int grpc_server_add_secure_http2_port(grpc_server *server, const char *addr); - +int grpc_server_add_secure_http2_port(grpc_server *server, const char *addr, + grpc_server_credentials *creds); #ifdef __cplusplus } diff --git a/src/core/security/factories.c b/src/core/security/factories.c index c9701b9080d..02267d55457 100644 --- a/src/core/security/factories.c +++ b/src/core/security/factories.c @@ -33,9 +33,9 @@ #include +#include #include "src/core/security/credentials.h" #include "src/core/security/security_context.h" -#include "src/core/surface/lame_client.h" #include #include #include @@ -50,31 +50,3 @@ grpc_channel *grpc_secure_channel_create(grpc_credentials *creds, return grpc_secure_channel_create_with_factories( factories, GPR_ARRAY_SIZE(factories), creds, target, args); } - -grpc_server *grpc_secure_server_create(grpc_server_credentials *creds, - grpc_completion_queue *cq, - const grpc_channel_args *args) { - grpc_security_status status = GRPC_SECURITY_ERROR; - grpc_security_context *ctx = NULL; - grpc_server *server = NULL; - if (creds == NULL) return NULL; /* TODO(ctiller): Return lame server. */ - - if (!strcmp(creds->type, GRPC_CREDENTIALS_TYPE_SSL)) { - status = grpc_ssl_server_security_context_create( - grpc_ssl_server_credentials_get_config(creds), &ctx); - } else if (!strcmp(creds->type, - GRPC_CREDENTIALS_TYPE_FAKE_TRANSPORT_SECURITY)) { - ctx = grpc_fake_server_security_context_create(); - status = GRPC_SECURITY_OK; - } - - if (status != GRPC_SECURITY_OK) { - gpr_log(GPR_ERROR, - "Unable to create secure server with credentials of type %s.", - creds->type); - return NULL; /* TODO(ctiller): Return lame server. */ - } - server = grpc_secure_server_create_internal(cq, args, ctx); - grpc_security_context_unref(ctx); - return server; -} diff --git a/src/core/security/security_context.c b/src/core/security/security_context.c index 0dc37fa73c0..62264e41050 100644 --- a/src/core/security/security_context.c +++ b/src/core/security/security_context.c @@ -42,7 +42,6 @@ #include "src/core/support/env.h" #include "src/core/support/file.h" #include "src/core/support/string.h" -#include "src/core/surface/lame_client.h" #include "src/core/transport/chttp2/alpn.h" #include diff --git a/src/core/security/server_secure_chttp2.c b/src/core/security/server_secure_chttp2.c index bd6f8473cb7..b15c553b82c 100644 --- a/src/core/security/server_secure_chttp2.c +++ b/src/core/security/server_secure_chttp2.c @@ -33,6 +33,8 @@ #include +#include + #include "src/core/channel/http_filter.h" #include "src/core/channel/http_server_filter.h" #include "src/core/iomgr/endpoint.h" @@ -50,6 +52,7 @@ typedef struct grpc_server_secure_state { grpc_server *server; grpc_tcp_server *tcp; + grpc_security_context *ctx; int is_shutdown; gpr_mu mu; gpr_refcount refcount; @@ -61,6 +64,7 @@ static void state_ref(grpc_server_secure_state *state) { static void state_unref(grpc_server_secure_state *state) { if (gpr_unref(&state->refcount)) { + grpc_security_context_unref(state->ctx); gpr_free(state); } } @@ -99,15 +103,10 @@ static void on_secure_transport_setup_done(void *statep, static void on_accept(void *statep, grpc_endpoint *tcp) { grpc_server_secure_state *state = statep; - const grpc_channel_args *args = grpc_server_get_channel_args(state->server); - grpc_security_context *ctx = grpc_find_security_context_in_args(args); - GPR_ASSERT(ctx); state_ref(state); - grpc_setup_secure_transport(ctx, tcp, on_secure_transport_setup_done, state); + grpc_setup_secure_transport(state->ctx, tcp, on_secure_transport_setup_done, state); } -/* Note: the following code is the same with server_chttp2.c */ - /* Server callback: start listening on our ports */ static void start(grpc_server *server, void *statep, grpc_pollset **pollsets, size_t pollset_count) { @@ -126,7 +125,7 @@ static void destroy(grpc_server *server, void *statep) { state_unref(state); } -int grpc_server_add_secure_http2_port(grpc_server *server, const char *addr) { +int grpc_server_add_secure_http2_port(grpc_server *server, const char *addr, grpc_server_credentials *creds) { grpc_resolved_addresses *resolved = NULL; grpc_tcp_server *tcp = NULL; grpc_server_secure_state *state = NULL; @@ -134,7 +133,29 @@ int grpc_server_add_secure_http2_port(grpc_server *server, const char *addr) { unsigned count = 0; int port_num = -1; int port_temp; + grpc_security_status status = GRPC_SECURITY_ERROR; + grpc_security_context *ctx = NULL; + + /* create security context */ + if (creds == NULL) goto error; + + if (!strcmp(creds->type, GRPC_CREDENTIALS_TYPE_SSL)) { + status = grpc_ssl_server_security_context_create( + grpc_ssl_server_credentials_get_config(creds), &ctx); + } else if (!strcmp(creds->type, + GRPC_CREDENTIALS_TYPE_FAKE_TRANSPORT_SECURITY)) { + ctx = grpc_fake_server_security_context_create(); + status = GRPC_SECURITY_OK; + } + if (status != GRPC_SECURITY_OK) { + gpr_log(GPR_ERROR, + "Unable to create secure server with credentials of type %s.", + creds->type); + goto error; + } + + /* resolve address */ resolved = grpc_blocking_resolve_address(addr, "https"); if (!resolved) { goto error; @@ -173,6 +194,7 @@ int grpc_server_add_secure_http2_port(grpc_server *server, const char *addr) { state = gpr_malloc(sizeof(*state)); state->server = server; state->tcp = tcp; + state->ctx = ctx; state->is_shutdown = 0; gpr_mu_init(&state->mu); gpr_ref_init(&state->refcount, 1); @@ -184,11 +206,17 @@ int grpc_server_add_secure_http2_port(grpc_server *server, const char *addr) { /* Error path: cleanup and return */ error: + if (ctx) { + grpc_security_context_unref(ctx); + } if (resolved) { grpc_resolved_addresses_destroy(resolved); } if (tcp) { grpc_tcp_server_destroy(tcp); } + if (state) { + gpr_free(state); + } return 0; } diff --git a/src/core/surface/lame_client.c b/src/core/surface/lame_client.c index 57f6ddf0f7f..b40c48381f4 100644 --- a/src/core/surface/lame_client.c +++ b/src/core/surface/lame_client.c @@ -31,7 +31,7 @@ * */ -#include "src/core/surface/lame_client.h" +#include #include diff --git a/src/cpp/client/channel.cc b/src/cpp/client/channel.cc index 450cf67ac8b..5380d3a232c 100644 --- a/src/cpp/client/channel.cc +++ b/src/cpp/client/channel.cc @@ -53,43 +53,23 @@ namespace grpc { -Channel::Channel(const grpc::string &target, const ChannelArguments &args) - : target_(target) { - grpc_channel_args channel_args; - args.SetChannelArgs(&channel_args); - c_channel_ = grpc_channel_create( - target_.c_str(), channel_args.num_args > 0 ? &channel_args : nullptr); -} - -Channel::Channel(const grpc::string &target, - const std::unique_ptr &creds, - const ChannelArguments &args) - : target_(args.GetSslTargetNameOverride().empty() - ? target - : args.GetSslTargetNameOverride()) { - grpc_channel_args channel_args; - args.SetChannelArgs(&channel_args); - grpc_credentials *c_creds = creds ? creds->GetRawCreds() : nullptr; - c_channel_ = grpc_secure_channel_create( - c_creds, target.c_str(), - channel_args.num_args > 0 ? &channel_args : nullptr); -} +Channel::Channel(const grpc::string& target, grpc_channel* channel) + : target_(target), c_channel_(channel) {} Channel::~Channel() { grpc_channel_destroy(c_channel_); } -Call Channel::CreateCall(const RpcMethod &method, ClientContext *context, - CompletionQueue *cq) { - auto c_call = - grpc_channel_create_call( - c_channel_, cq->cq(), method.name(), - context->authority().empty() ? target_.c_str() - : context->authority().c_str(), - context->RawDeadline()); +Call Channel::CreateCall(const RpcMethod& method, ClientContext* context, + CompletionQueue* cq) { + auto c_call = grpc_channel_create_call(c_channel_, cq->cq(), method.name(), + context->authority().empty() + ? target_.c_str() + : context->authority().c_str(), + context->RawDeadline()); context->set_call(c_call); return Call(c_call, this, cq); } -void Channel::PerformOpsOnCall(CallOpBuffer *buf, Call *call) { +void Channel::PerformOpsOnCall(CallOpBuffer* buf, Call* call) { static const size_t MAX_OPS = 8; size_t nops = MAX_OPS; grpc_op ops[MAX_OPS]; diff --git a/src/cpp/client/channel.h b/src/cpp/client/channel.h index 63c6e2bde6d..a1de3817e69 100644 --- a/src/cpp/client/channel.h +++ b/src/cpp/client/channel.h @@ -51,10 +51,7 @@ class StreamContextInterface; class Channel GRPC_FINAL : public ChannelInterface { public: - Channel(const grpc::string &target, const ChannelArguments &args); - Channel(const grpc::string &target, const std::unique_ptr &creds, - const ChannelArguments &args); - + Channel(const grpc::string &target, grpc_channel *c_channel); ~Channel() GRPC_OVERRIDE; virtual Call CreateCall(const RpcMethod &method, ClientContext *context, @@ -63,7 +60,7 @@ class Channel GRPC_FINAL : public ChannelInterface { private: const grpc::string target_; - grpc_channel *c_channel_; // owned + grpc_channel *const c_channel_; // owned }; } // namespace grpc diff --git a/src/cpp/client/create_channel.cc b/src/cpp/client/create_channel.cc index 583e072799b..57d215d0f33 100644 --- a/src/cpp/client/create_channel.cc +++ b/src/cpp/client/create_channel.cc @@ -40,14 +40,10 @@ namespace grpc { class ChannelArguments; -std::shared_ptr CreateChannelDeprecated( - const grpc::string &target, const ChannelArguments &args) { - return std::shared_ptr(new Channel(target, args)); -} - std::shared_ptr CreateChannel( const grpc::string &target, const std::unique_ptr &creds, const ChannelArguments &args) { - return std::shared_ptr(new Channel(target, creds, args)); + return creds ? creds->CreateChannel(target, args) : + std::shared_ptr(new Channel(target, grpc_lame_client_channel_create())); } } // namespace grpc diff --git a/src/cpp/client/credentials.cc b/src/cpp/client/credentials.cc index eff0892810b..e8062849887 100644 --- a/src/cpp/client/credentials.cc +++ b/src/cpp/client/credentials.cc @@ -31,98 +31,10 @@ * */ -#include - -#include -#include - #include namespace grpc { -Credentials::Credentials(grpc_credentials *c_creds) : creds_(c_creds) {} - -Credentials::~Credentials() { grpc_credentials_release(creds_); } -grpc_credentials *Credentials::GetRawCreds() { return creds_; } - -std::unique_ptr CredentialsFactory::GoogleDefaultCredentials() { - grpc_credentials *c_creds = grpc_google_default_credentials_create(); - std::unique_ptr cpp_creds( - c_creds == nullptr ? nullptr : new Credentials(c_creds)); - return cpp_creds; -} - -// Builds SSL Credentials given SSL specific options -std::unique_ptr CredentialsFactory::SslCredentials( - const SslCredentialsOptions &options) { - grpc_ssl_pem_key_cert_pair pem_key_cert_pair = { - options.pem_private_key.c_str(), options.pem_cert_chain.c_str()}; - - grpc_credentials *c_creds = grpc_ssl_credentials_create( - options.pem_root_certs.empty() ? nullptr : options.pem_root_certs.c_str(), - options.pem_private_key.empty() ? nullptr : &pem_key_cert_pair); - std::unique_ptr cpp_creds( - c_creds == nullptr ? nullptr : new Credentials(c_creds)); - return cpp_creds; -} - -// Builds credentials for use when running in GCE -std::unique_ptr CredentialsFactory::ComputeEngineCredentials() { - grpc_credentials *c_creds = grpc_compute_engine_credentials_create(); - std::unique_ptr cpp_creds( - c_creds == nullptr ? nullptr : new Credentials(c_creds)); - return cpp_creds; -} - -// Builds service account credentials. -std::unique_ptr CredentialsFactory::ServiceAccountCredentials( - const grpc::string &json_key, const grpc::string &scope, - std::chrono::seconds token_lifetime) { - gpr_timespec lifetime = gpr_time_from_seconds( - token_lifetime.count() > 0 ? token_lifetime.count() : 0); - grpc_credentials *c_creds = grpc_service_account_credentials_create( - json_key.c_str(), scope.c_str(), lifetime); - std::unique_ptr cpp_creds( - c_creds == nullptr ? nullptr : new Credentials(c_creds)); - return cpp_creds; -} - -// Builds JWT credentials. -std::unique_ptr CredentialsFactory::JWTCredentials( - const grpc::string &json_key, std::chrono::seconds token_lifetime) { - gpr_timespec lifetime = gpr_time_from_seconds( - token_lifetime.count() > 0 ? token_lifetime.count() : 0); - grpc_credentials *c_creds = - grpc_jwt_credentials_create(json_key.c_str(), lifetime); - std::unique_ptr cpp_creds( - c_creds == nullptr ? nullptr : new Credentials(c_creds)); - return cpp_creds; -} - -// Builds IAM credentials. -std::unique_ptr CredentialsFactory::IAMCredentials( - const grpc::string &authorization_token, - const grpc::string &authority_selector) { - grpc_credentials *c_creds = grpc_iam_credentials_create( - authorization_token.c_str(), authority_selector.c_str()); - std::unique_ptr cpp_creds( - c_creds == nullptr ? nullptr : new Credentials(c_creds)); - return cpp_creds; -} - -// Combines two credentials objects into a composite credentials. -std::unique_ptr CredentialsFactory::CompositeCredentials( - const std::unique_ptr &creds1, - const std::unique_ptr &creds2) { - // Note that we are not saving unique_ptrs to the two credentials - // passed in here. This is OK because the underlying C objects (i.e., - // creds1 and creds2) into grpc_composite_credentials_create will see their - // refcounts incremented. - grpc_credentials *c_creds = grpc_composite_credentials_create( - creds1->GetRawCreds(), creds2->GetRawCreds()); - std::unique_ptr cpp_creds( - c_creds == nullptr ? nullptr : new Credentials(c_creds)); - return cpp_creds; -} +Credentials::~Credentials() {} } // namespace grpc diff --git a/src/core/surface/secure_server_create.c b/src/cpp/client/insecure_credentials.cc similarity index 66% rename from src/core/surface/secure_server_create.c rename to src/cpp/client/insecure_credentials.cc index 1d5b9279977..2dcfe69591a 100644 --- a/src/core/surface/secure_server_create.c +++ b/src/cpp/client/insecure_credentials.cc @@ -31,27 +31,35 @@ * */ -#include +#include -#include "src/core/channel/channel_args.h" -#include "src/core/security/security_context.h" -#include "src/core/surface/completion_queue.h" -#include "src/core/surface/server.h" +#include #include -grpc_server *grpc_secure_server_create_internal( - grpc_completion_queue *cq, const grpc_channel_args *args, - grpc_security_context *context) { - grpc_arg context_arg; - grpc_channel_args *args_copy; - grpc_server *server; - if (grpc_find_security_context_in_args(args) != NULL) { - gpr_log(GPR_ERROR, "Cannot set security context in channel args."); +#include +#include +#include +#include "src/cpp/client/channel.h" + +namespace grpc { + +namespace { +class InsecureCredentialsImpl GRPC_FINAL : public Credentials { + public: + std::shared_ptr CreateChannel( + const string& target, const grpc::ChannelArguments& args) GRPC_OVERRIDE { + grpc_channel_args channel_args; + args.SetChannelArgs(&channel_args); + return std::shared_ptr(new Channel( + target, grpc_channel_create(target.c_str(), &channel_args))); } - context_arg = grpc_security_context_to_arg(context); - args_copy = grpc_channel_args_copy_and_add(args, &context_arg); - server = grpc_server_create_from_filters(cq, NULL, 0, args_copy); - grpc_channel_args_destroy(args_copy); - return server; + SecureCredentials* AsSecureCredentials() { return nullptr; } +}; +} // namespace + +std::unique_ptr InsecureCredentials() { + return std::unique_ptr(new InsecureCredentialsImpl()); } + +} // namespace grpc diff --git a/src/cpp/client/secure_credentials.cc b/src/cpp/client/secure_credentials.cc new file mode 100644 index 00000000000..5eb5c547942 --- /dev/null +++ b/src/cpp/client/secure_credentials.cc @@ -0,0 +1,131 @@ +/* + * + * Copyright 2015, Google Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following disclaimer + * in the documentation and/or other materials provided with the + * distribution. + * * Neither the name of Google Inc. nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include + +#include +#include + +#include +#include +#include +#include "src/cpp/client/channel.h" + +namespace grpc { + +class SecureCredentials GRPC_FINAL : public Credentials { + public: + explicit SecureCredentials(grpc_credentials* c_creds) : c_creds_(c_creds) {} + ~SecureCredentials() GRPC_OVERRIDE { grpc_credentials_release(c_creds_); } + grpc_credentials* GetRawCreds() { return c_creds_; } + + std::shared_ptr CreateChannel( + const string& target, const grpc::ChannelArguments& args) GRPC_OVERRIDE { + grpc_channel_args channel_args; + args.SetChannelArgs(&channel_args); + return std::shared_ptr(new Channel( + target, + grpc_secure_channel_create(c_creds_, target.c_str(), &channel_args))); + } + + SecureCredentials* AsSecureCredentials() { return this; } + + private: + grpc_credentials* const c_creds_; +}; + +namespace { +std::unique_ptr WrapCredentials(grpc_credentials* creds) { + return creds == nullptr + ? nullptr + : std::unique_ptr(new SecureCredentials(creds)); +} +} // namespace + +std::unique_ptr GoogleDefaultCredentials() { + return WrapCredentials(grpc_google_default_credentials_create()); +} + +// Builds SSL Credentials given SSL specific options +std::unique_ptr SslCredentials( + const SslCredentialsOptions& options) { + grpc_ssl_pem_key_cert_pair pem_key_cert_pair = { + options.pem_private_key.c_str(), options.pem_cert_chain.c_str()}; + + grpc_credentials* c_creds = grpc_ssl_credentials_create( + options.pem_root_certs.empty() ? nullptr : options.pem_root_certs.c_str(), + options.pem_private_key.empty() ? nullptr : &pem_key_cert_pair); + return WrapCredentials(c_creds); +} + +// Builds credentials for use when running in GCE +std::unique_ptr ComputeEngineCredentials() { + return WrapCredentials(grpc_compute_engine_credentials_create()); +} + +// Builds service account credentials. +std::unique_ptr ServiceAccountCredentials( + const grpc::string& json_key, const grpc::string& scope, + std::chrono::seconds token_lifetime) { + gpr_timespec lifetime = gpr_time_from_seconds( + token_lifetime.count() > 0 ? token_lifetime.count() : 0); + return WrapCredentials(grpc_service_account_credentials_create( + json_key.c_str(), scope.c_str(), lifetime)); +} + +// Builds IAM credentials. +std::unique_ptr IAMCredentials( + const grpc::string& authorization_token, + const grpc::string& authority_selector) { + return WrapCredentials(grpc_iam_credentials_create( + authorization_token.c_str(), authority_selector.c_str())); +} + +// Combines two credentials objects into a composite credentials. +std::unique_ptr CompositeCredentials( + const std::unique_ptr& creds1, + const std::unique_ptr& creds2) { + // Note that we are not saving unique_ptrs to the two credentials + // passed in here. This is OK because the underlying C objects (i.e., + // creds1 and creds2) into grpc_composite_credentials_create will see their + // refcounts incremented. + SecureCredentials* s1 = creds1->AsSecureCredentials(); + SecureCredentials* s2 = creds2->AsSecureCredentials(); + if (s1 && s2) { + return WrapCredentials(grpc_composite_credentials_create( + s1->GetRawCreds(), s2->GetRawCreds())); + } + return nullptr; +} + +} // namespace grpc diff --git a/src/core/surface/lame_client.h b/src/cpp/server/insecure_server_credentials.cc similarity index 74% rename from src/core/surface/lame_client.h rename to src/cpp/server/insecure_server_credentials.cc index b13e8cb6efe..f5e4732f730 100644 --- a/src/core/surface/lame_client.h +++ b/src/cpp/server/insecure_server_credentials.cc @@ -31,12 +31,22 @@ * */ -#ifndef GRPC_INTERNAL_CORE_SURFACE_LAME_CLIENT_H -#define GRPC_INTERNAL_CORE_SURFACE_LAME_CLIENT_H +#include +#include -#include +namespace grpc { +namespace { +class InsecureServerCredentialsImpl GRPC_FINAL : public ServerCredentials { + public: + int AddPortToServer(const grpc::string& addr, + grpc_server* server) GRPC_OVERRIDE { + return grpc_server_add_http2_port(server, addr.c_str()); + } +}; +} // namespace -/* Create a lame client: this client fails every operation attempted on it. */ -grpc_channel *grpc_lame_client_channel_create(void); +std::shared_ptr InsecureServerCredentials() { + return std::shared_ptr(new InsecureServerCredentialsImpl()); +} -#endif /* GRPC_INTERNAL_CORE_SURFACE_LAME_CLIENT_H */ +} // namespace grpc diff --git a/src/cpp/server/secure_server_credentials.cc b/src/cpp/server/secure_server_credentials.cc new file mode 100644 index 00000000000..ff356385034 --- /dev/null +++ b/src/cpp/server/secure_server_credentials.cc @@ -0,0 +1,71 @@ +/* + * + * Copyright 2015, Google Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following disclaimer + * in the documentation and/or other materials provided with the + * distribution. + * * Neither the name of Google Inc. nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include + +#include + +namespace grpc { + +namespace { +class SecureServerCredentials GRPC_FINAL : public ServerCredentials { + public: + explicit SecureServerCredentials(grpc_server_credentials* creds) : creds_(creds) {} + ~SecureServerCredentials() GRPC_OVERRIDE { + grpc_server_credentials_release(creds_); + } + + int AddPortToServer(const grpc::string& addr, + grpc_server* server) GRPC_OVERRIDE { + return grpc_server_add_secure_http2_port(server, addr.c_str(), creds_); + } + + private: + grpc_server_credentials* const creds_; +}; +} // namespace + +std::shared_ptr SslServerCredentials( + const SslServerCredentialsOptions &options) { + std::vector pem_key_cert_pairs; + for (const auto &key_cert_pair : options.pem_key_cert_pairs) { + pem_key_cert_pairs.push_back( + {key_cert_pair.private_key.c_str(), key_cert_pair.cert_chain.c_str()}); + } + grpc_server_credentials *c_creds = grpc_ssl_server_credentials_create( + options.pem_root_certs.empty() ? nullptr : options.pem_root_certs.c_str(), + &pem_key_cert_pairs[0], pem_key_cert_pairs.size()); + return std::shared_ptr(new SecureServerCredentials(c_creds)); +} + +} // namespace grpc diff --git a/src/cpp/server/server.cc b/src/cpp/server/server.cc index 2a5a7fe5ebd..e69032a657d 100644 --- a/src/cpp/server/server.cc +++ b/src/cpp/server/server.cc @@ -170,26 +170,13 @@ class Server::SyncRequest GRPC_FINAL : public CompletionQueueTag { grpc_completion_queue* cq_; }; -Server::Server(ThreadPoolInterface* thread_pool, bool thread_pool_owned, - ServerCredentials* creds) +Server::Server(ThreadPoolInterface* thread_pool, bool thread_pool_owned) : started_(false), shutdown_(false), num_running_cb_(0), + server_(grpc_server_create(cq_.cq(), nullptr)), thread_pool_(thread_pool), - thread_pool_owned_(thread_pool_owned), - secure_(creds != nullptr) { - if (creds) { - server_ = - grpc_secure_server_create(creds->GetRawCreds(), cq_.cq(), nullptr); - } else { - server_ = grpc_server_create(cq_.cq(), nullptr); - } -} - -Server::Server() { - // Should not be called. - GPR_ASSERT(false); -} + thread_pool_owned_(thread_pool_owned) {} Server::~Server() { std::unique_lock lock(mu_); @@ -239,13 +226,9 @@ bool Server::RegisterAsyncService(AsynchronousService* service) { return true; } -int Server::AddPort(const grpc::string& addr) { +int Server::AddPort(const grpc::string& addr, ServerCredentials* creds) { GPR_ASSERT(!started_); - if (secure_) { - return grpc_server_add_secure_http2_port(server_, addr.c_str()); - } else { - return grpc_server_add_http2_port(server_, addr.c_str()); - } + return creds->AddPortToServer(addr, server_); } bool Server::Start() { diff --git a/src/cpp/server/server_builder.cc b/src/cpp/server/server_builder.cc index ae60f3d8b67..5de592334d7 100644 --- a/src/cpp/server/server_builder.cc +++ b/src/cpp/server/server_builder.cc @@ -51,14 +51,10 @@ void ServerBuilder::RegisterAsyncService(AsynchronousService* service) { async_services_.push_back(service); } -void ServerBuilder::AddPort(const grpc::string& addr) { - ports_.push_back(addr); -} - -void ServerBuilder::SetCredentials( - const std::shared_ptr& creds) { - GPR_ASSERT(!creds_); - creds_ = creds; +void ServerBuilder::AddPort(const grpc::string& addr, + std::shared_ptr creds, + int* selected_port) { + ports_.push_back(Port{addr, creds, selected_port}); } void ServerBuilder::SetThreadPool(ThreadPoolInterface* thread_pool) { @@ -71,14 +67,13 @@ std::unique_ptr ServerBuilder::BuildAndStart() { gpr_log(GPR_ERROR, "Mixing async and sync services is unsupported for now"); return nullptr; } - if (!thread_pool_ && services_.size()) { + if (!thread_pool_ && !services_.empty()) { int cores = gpr_cpu_num_cores(); if (!cores) cores = 4; thread_pool_ = new ThreadPool(cores); thread_pool_owned = true; } - std::unique_ptr server( - new Server(thread_pool_, thread_pool_owned, creds_.get())); + std::unique_ptr server(new Server(thread_pool_, thread_pool_owned)); for (auto* service : services_) { if (!server->RegisterService(service)) { return nullptr; @@ -90,8 +85,10 @@ std::unique_ptr ServerBuilder::BuildAndStart() { } } for (auto& port : ports_) { - if (!server->AddPort(port)) { - return nullptr; + int r = server->AddPort(port.addr, port.creds.get()); + if (!r) return nullptr; + if (port.selected_port != nullptr) { + *port.selected_port = r; } } if (!server->Start()) { diff --git a/src/cpp/server/server_credentials.cc b/src/cpp/server/server_credentials.cc index 69ad000ccc6..6bdb465baaa 100644 --- a/src/cpp/server/server_credentials.cc +++ b/src/cpp/server/server_credentials.cc @@ -37,26 +37,6 @@ namespace grpc { -ServerCredentials::ServerCredentials(grpc_server_credentials *c_creds) - : creds_(c_creds) {} - -ServerCredentials::~ServerCredentials() { - grpc_server_credentials_release(creds_); -} - -grpc_server_credentials *ServerCredentials::GetRawCreds() { return creds_; } - -std::shared_ptr ServerCredentialsFactory::SslCredentials( - const SslServerCredentialsOptions &options) { - std::vector pem_key_cert_pairs; - for (const auto &key_cert_pair : options.pem_key_cert_pairs) { - pem_key_cert_pairs.push_back( - {key_cert_pair.private_key.c_str(), key_cert_pair.cert_chain.c_str()}); - } - grpc_server_credentials *c_creds = grpc_ssl_server_credentials_create( - options.pem_root_certs.empty() ? nullptr : options.pem_root_certs.c_str(), - &pem_key_cert_pairs[0], pem_key_cert_pairs.size()); - return std::shared_ptr(new ServerCredentials(c_creds)); -} +ServerCredentials::~ServerCredentials() {} } // namespace grpc diff --git a/src/node/ext/server.cc b/src/node/ext/server.cc index 5050042daa7..e47bac833bd 100644 --- a/src/node/ext/server.cc +++ b/src/node/ext/server.cc @@ -165,19 +165,7 @@ NAN_METHOD(Server::New) { if (args[0]->IsUndefined()) { wrapped_server = grpc_server_create(queue, NULL); } else if (args[0]->IsObject()) { - grpc_server_credentials *creds = NULL; - Handle args_hash(args[0]->ToObject()->Clone()); - if (args_hash->HasOwnProperty(NanNew("credentials"))) { - Handle creds_value = args_hash->Get(NanNew("credentials")); - if (!ServerCredentials::HasInstance(creds_value)) { - return NanThrowTypeError( - "credentials arg must be a ServerCredentials object"); - } - ServerCredentials *creds_object = - ObjectWrap::Unwrap(creds_value->ToObject()); - creds = creds_object->GetWrappedServerCredentials(); - args_hash->Delete(NanNew("credentials")); - } + Handle args_hash(args[0]->ToObject()); Handle keys(args_hash->GetOwnPropertyNames()); grpc_channel_args channel_args; channel_args.num_args = keys->Length(); @@ -204,11 +192,7 @@ NAN_METHOD(Server::New) { return NanThrowTypeError("Arg values must be strings"); } } - if (creds == NULL) { - wrapped_server = grpc_server_create(queue, &channel_args); - } else { - wrapped_server = grpc_secure_server_create(creds, queue, &channel_args); - } + wrapped_server = grpc_server_create(queue, &channel_args); free(channel_args.args); } else { return NanThrowTypeError("Server expects an object"); @@ -259,11 +243,19 @@ NAN_METHOD(Server::AddSecureHttp2Port) { "addSecureHttp2Port can only be called on a Server"); } if (!args[0]->IsString()) { - return NanThrowTypeError("addSecureHttp2Port's argument must be a String"); + return NanThrowTypeError( + "addSecureHttp2Port's first argument must be a String"); + } + if (!ServerCredentials::HasInstance(args[1])) { + return NanThrowTypeError( + "addSecureHttp2Port's second argument must be ServerCredentials"); } Server *server = ObjectWrap::Unwrap(args.This()); + ServerCredentials *creds = ObjectWrap::Unwrap( + args[1]->ToObject()); NanReturnValue(NanNew(grpc_server_add_secure_http2_port( - server->wrapped_server, *NanUtf8String(args[0])))); + server->wrapped_server, *NanUtf8String(args[0]), + creds->GetWrappedServerCredentials()))); } NAN_METHOD(Server::Start) { diff --git a/src/node/interop/interop_server.js b/src/node/interop/interop_server.js index 125ede17464..8e5c03666fa 100644 --- a/src/node/interop/interop_server.js +++ b/src/node/interop/interop_server.js @@ -165,16 +165,16 @@ function handleHalfDuplex(call) { function getServer(port, tls) { // TODO(mlumish): enable TLS functionality var options = {}; + var server_creds = null; if (tls) { var key_path = path.join(__dirname, '../test/data/server1.key'); var pem_path = path.join(__dirname, '../test/data/server1.pem'); var key_data = fs.readFileSync(key_path); var pem_data = fs.readFileSync(pem_path); - var server_creds = grpc.ServerCredentials.createSsl(null, - key_data, - pem_data); - options.credentials = server_creds; + server_creds = grpc.ServerCredentials.createSsl(null, + key_data, + pem_data); } var server = new Server({ 'grpc.testing.TestService' : { @@ -186,7 +186,7 @@ function getServer(port, tls) { halfDuplexCall: handleHalfDuplex } }, null, options); - var port_num = server.bind('0.0.0.0:' + port, tls); + var port_num = server.bind('0.0.0.0:' + port, server_creds); return {server: server, port: port_num}; } diff --git a/src/node/src/server.js b/src/node/src/server.js index 91dde022518..b72d110666e 100644 --- a/src/node/src/server.js +++ b/src/node/src/server.js @@ -517,14 +517,15 @@ Server.prototype.register = function(name, handler, serialize, deserialize, }; /** - * Binds the server to the given port, with SSL enabled if secure is specified + * Binds the server to the given port, with SSL enabled if creds is given * @param {string} port The port that the server should bind on, in the format * "address:port" - * @param {boolean=} secure Whether the server should open a secure port + * @param {boolean=} creds Server credential object to be used for SSL. Pass + * nothing for an insecure port */ -Server.prototype.bind = function(port, secure) { - if (secure) { - return this._server.addSecureHttp2Port(port); +Server.prototype.bind = function(port, creds) { + if (creds) { + return this._server.addSecureHttp2Port(port, creds); } else { return this._server.addHttp2Port(port); } @@ -604,14 +605,14 @@ function makeServerConstructor(services) { } /** - * Binds the server to the given port, with SSL enabled if secure is specified + * Binds the server to the given port, with SSL enabled if creds is supplied * @param {string} port The port that the server should bind on, in the format * "address:port" - * @param {boolean=} secure Whether the server should open a secure port + * @param {boolean=} creds Credentials to use for SSL * @return {SurfaceServer} this */ - SurfaceServer.prototype.bind = function(port, secure) { - return this.inner_server.bind(port, secure); + SurfaceServer.prototype.bind = function(port, creds) { + return this.inner_server.bind(port, creds); }; /** diff --git a/src/php/ext/grpc/server.c b/src/php/ext/grpc/server.c index 32cc19775c0..00d08c6ecf0 100644 --- a/src/php/ext/grpc/server.c +++ b/src/php/ext/grpc/server.c @@ -96,9 +96,6 @@ PHP_METHOD(Server, __construct) { zval *queue_obj; zval *args_array = NULL; grpc_channel_args args; - HashTable *array_hash; - zval **creds_obj = NULL; - wrapped_grpc_server_credentials *creds = NULL; /* "O|a" == 1 Object, 1 optional array */ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "O|a", &queue_obj, grpc_ce_completion_queue, &args_array) == FAILURE) { @@ -114,28 +111,8 @@ PHP_METHOD(Server, __construct) { if (args_array == NULL) { server->wrapped = grpc_server_create(queue->wrapped, NULL); } else { - array_hash = Z_ARRVAL_P(args_array); - if (zend_hash_find(array_hash, "credentials", sizeof("credentials"), - (void **)&creds_obj) == SUCCESS) { - if (zend_get_class_entry(*creds_obj TSRMLS_CC) != - grpc_ce_server_credentials) { - zend_throw_exception(spl_ce_InvalidArgumentException, - "credentials must be a ServerCredentials object", - 1 TSRMLS_CC); - return; - } - creds = (wrapped_grpc_server_credentials *)zend_object_store_get_object( - *creds_obj TSRMLS_CC); - zend_hash_del(array_hash, "credentials", sizeof("credentials")); - } php_grpc_read_args_array(args_array, &args); - if (creds == NULL) { - server->wrapped = grpc_server_create(queue->wrapped, &args); - } else { - gpr_log(GPR_DEBUG, "Initialized secure server"); - server->wrapped = - grpc_secure_server_create(creds->wrapped, queue->wrapped, &args); - } + server->wrapped = grpc_server_create(queue->wrapped, &args); efree(args.args); } } @@ -187,14 +164,21 @@ PHP_METHOD(Server, add_secure_http2_port) { (wrapped_grpc_server *)zend_object_store_get_object(getThis() TSRMLS_CC); const char *addr; int addr_len; - /* "s" == 1 string */ - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &addr, &addr_len) == + zval *creds_obj; + /* "sO" == 1 string, 1 object */ + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &addr, &addr_len, + &creds_obj, grpc_ce_server_credentials) == FAILURE) { - zend_throw_exception(spl_ce_InvalidArgumentException, - "add_http2_port expects a string", 1 TSRMLS_CC); + zend_throw_exception( + spl_ce_InvalidArgumentException, + "add_http2_port expects a string and a ServerCredentials", 1 TSRMLS_CC); return; } - RETURN_LONG(grpc_server_add_secure_http2_port(server->wrapped, addr)); + wrapped_grpc_server_credentials *creds = + (wrapped_grpc_server_credentials *)zend_object_store_get_object( + creds_obj TSRMLS_CC); + RETURN_LONG(grpc_server_add_secure_http2_port(server->wrapped, addr, + creds->wrapped)); } /** diff --git a/src/php/tests/unit_tests/SecureEndToEndTest.php b/src/php/tests/unit_tests/SecureEndToEndTest.php index c23dd791acf..896afeac49a 100755 --- a/src/php/tests/unit_tests/SecureEndToEndTest.php +++ b/src/php/tests/unit_tests/SecureEndToEndTest.php @@ -41,9 +41,9 @@ class SecureEndToEndTest extends PHPUnit_Framework_TestCase{ null, file_get_contents(dirname(__FILE__) . '/../data/server1.key'), file_get_contents(dirname(__FILE__) . '/../data/server1.pem')); - $this->server = new Grpc\Server($this->server_queue, - ['credentials' => $server_credentials]); - $port = $this->server->add_secure_http2_port('0.0.0.0:0'); + $this->server = new Grpc\Server($this->server_queue); + $port = $this->server->add_secure_http2_port('0.0.0.0:0', + $server_credentials); $this->channel = new Grpc\Channel( 'localhost:' . $port, [ diff --git a/src/python/src/grpc/_adapter/_c_test.py b/src/python/src/grpc/_adapter/_c_test.py index e11835746b8..437a6730cd2 100644 --- a/src/python/src/grpc/_adapter/_c_test.py +++ b/src/python/src/grpc/_adapter/_c_test.py @@ -93,7 +93,7 @@ class _CTest(unittest.TestCase): _c.init() completion_queue = _c.CompletionQueue() - server = _c.Server(completion_queue, None) + server = _c.Server(completion_queue) server.add_http2_addr('[::]:0') server.start() server.stop() @@ -103,7 +103,7 @@ class _CTest(unittest.TestCase): service_tag = object() completion_queue = _c.CompletionQueue() - server = _c.Server(completion_queue, None) + server = _c.Server(completion_queue) server.add_http2_addr('[::]:0') server.start() server.service(service_tag) @@ -120,7 +120,7 @@ class _CTest(unittest.TestCase): del completion_queue completion_queue = _c.CompletionQueue() - server = _c.Server(completion_queue, None) + server = _c.Server(completion_queue) server.add_http2_addr('[::]:0') server.start() thread = threading.Thread(target=completion_queue.get, args=(_FUTURE,)) diff --git a/src/python/src/grpc/_adapter/_low_test.py b/src/python/src/grpc/_adapter/_low_test.py index 03e3f473a3e..b04ac1c9509 100644 --- a/src/python/src/grpc/_adapter/_low_test.py +++ b/src/python/src/grpc/_adapter/_low_test.py @@ -82,7 +82,7 @@ class EchoTest(unittest.TestCase): self.host = 'localhost' self.server_completion_queue = _low.CompletionQueue() - self.server = _low.Server(self.server_completion_queue, None) + self.server = _low.Server(self.server_completion_queue) port = self.server.add_http2_addr('[::]:0') self.server.start() @@ -260,7 +260,7 @@ class CancellationTest(unittest.TestCase): self.host = 'localhost' self.server_completion_queue = _low.CompletionQueue() - self.server = _low.Server(self.server_completion_queue, None) + self.server = _low.Server(self.server_completion_queue) port = self.server.add_http2_addr('[::]:0') self.server.start() diff --git a/src/python/src/grpc/_adapter/_server.c b/src/python/src/grpc/_adapter/_server.c index ae7ae5b5d23..181b6c21fcf 100644 --- a/src/python/src/grpc/_adapter/_server.c +++ b/src/python/src/grpc/_adapter/_server.c @@ -42,30 +42,16 @@ static int pygrpc_server_init(Server *self, PyObject *args, PyObject *kwds) { const PyObject *completion_queue; - PyObject *server_credentials; - static char *kwlist[] = {"completion_queue", "server_credentials", NULL}; + static char *kwlist[] = {"completion_queue", NULL}; - if (!PyArg_ParseTupleAndKeywords(args, kwds, "O!O:Server", kwlist, + if (!PyArg_ParseTupleAndKeywords(args, kwds, "O!:Server", kwlist, &pygrpc_CompletionQueueType, - &completion_queue, &server_credentials)) { - return -1; - } - if (server_credentials == Py_None) { - self->c_server = grpc_server_create( - ((CompletionQueue *)completion_queue)->c_completion_queue, NULL); - return 0; - } else if (PyObject_TypeCheck(server_credentials, - &pygrpc_ServerCredentialsType)) { - self->c_server = grpc_secure_server_create( - ((ServerCredentials *)server_credentials)->c_server_credentials, - ((CompletionQueue *)completion_queue)->c_completion_queue, NULL); - return 0; - } else { - PyErr_Format(PyExc_TypeError, - "server_credentials must be _grpc.ServerCredentials, not %s", - Py_TYPE(server_credentials)->tp_name); + &completion_queue)) { return -1; } + self->c_server = grpc_server_create( + ((CompletionQueue *)completion_queue)->c_completion_queue, NULL); + return 0; } static void pygrpc_server_dealloc(Server *self) { @@ -92,13 +78,21 @@ static PyObject *pygrpc_server_add_http2_addr(Server *self, PyObject *args) { } static PyObject *pygrpc_server_add_secure_http2_addr(Server *self, - PyObject *args) { + PyObject *args, + PyObject *kwargs) { const char *addr; + PyObject *server_credentials; + static char *kwlist[] = {"addr", "server_credentials", NULL}; int port; - if (!PyArg_ParseTuple(args, "s:add_secure_http2_addr", &addr)) { + + if (!PyArg_ParseTupleAndKeywords(args, kwargs, "sO!:add_secure_http2_addr", + kwlist, &addr, &pygrpc_ServerCredentialsType, + &server_credentials)) { return NULL; } - port = grpc_server_add_secure_http2_port(self->c_server, addr); + port = grpc_server_add_secure_http2_port( + self->c_server, addr, + ((ServerCredentials *)server_credentials)->c_server_credentials); if (port == 0) { PyErr_SetString(PyExc_RuntimeError, "Couldn't add port to server!"); return NULL; @@ -138,8 +132,7 @@ static PyMethodDef methods[] = { METH_VARARGS, "Add a secure HTTP2 address."}, {"start", (PyCFunction)pygrpc_server_start, METH_NOARGS, "Starts the server."}, - {"service", (PyCFunction)pygrpc_server_service, METH_O, - "Services a call."}, + {"service", (PyCFunction)pygrpc_server_service, METH_O, "Services a call."}, {"stop", (PyCFunction)pygrpc_server_stop, METH_NOARGS, "Stops the server."}, {NULL}}; diff --git a/src/python/src/grpc/_adapter/fore.py b/src/python/src/grpc/_adapter/fore.py index b08b9f48bc6..6ef9e600062 100644 --- a/src/python/src/grpc/_adapter/fore.py +++ b/src/python/src/grpc/_adapter/fore.py @@ -280,13 +280,14 @@ class ForeLink(ticket_interfaces.ForeLink, activated.Activated): 0 if self._requested_port is None else self._requested_port) self._completion_queue = _low.CompletionQueue() if self._root_certificates is None and not self._key_chain_pairs: - self._server = _low.Server(self._completion_queue, None) + self._server = _low.Server(self._completion_queue) self._port = self._server.add_http2_addr(address) else: server_credentials = _low.ServerCredentials( self._root_certificates, self._key_chain_pairs) - self._server = _low.Server(self._completion_queue, server_credentials) - self._port = self._server.add_secure_http2_addr(address) + self._server = _low.Server(self._completion_queue) + self._port = self._server.add_secure_http2_addr( + address, server_credentials) self._server.start() self._server.service(None) diff --git a/src/ruby/bin/interop/interop_server.rb b/src/ruby/bin/interop/interop_server.rb index b3b7d0c5a3a..0819ba9bbcc 100755 --- a/src/ruby/bin/interop/interop_server.rb +++ b/src/ruby/bin/interop/interop_server.rb @@ -176,12 +176,11 @@ end def main opts = parse_options host = "0.0.0.0:#{opts['port']}" + s = GRPC::RpcServer.new if opts['secure'] - s = GRPC::RpcServer.new(creds: test_server_creds) - s.add_http2_port(host, true) + s.add_http2_port(host, test_server_creds) logger.info("... running securely on #{host}") else - s = GRPC::RpcServer.new s.add_http2_port(host) logger.info("... running insecurely on #{host}") end diff --git a/src/ruby/bin/math_server.rb b/src/ruby/bin/math_server.rb index 93277e39320..5cc76134893 100755 --- a/src/ruby/bin/math_server.rb +++ b/src/ruby/bin/math_server.rb @@ -173,12 +173,11 @@ def main end end.parse! + s = GRPC::RpcServer.new if options['secure'] - s = GRPC::RpcServer.new(creds: test_server_creds) - s.add_http2_port(options['host'], true) + s.add_http2_port(options['host'], test_server_creds) logger.info("... running securely on #{options['host']}") else - s = GRPC::RpcServer.new s.add_http2_port(options['host']) logger.info("... running insecurely on #{options['host']}") end diff --git a/src/ruby/bin/noproto_server.rb b/src/ruby/bin/noproto_server.rb index 435f8f4ebf4..9979cb7ebbd 100755 --- a/src/ruby/bin/noproto_server.rb +++ b/src/ruby/bin/noproto_server.rb @@ -95,12 +95,11 @@ def main end end.parse! + s = GRPC::RpcServer.new if options['secure'] - s = GRPC::RpcServer.new(creds: test_server_creds) - s.add_http2_port(options['host'], true) + s.add_http2_port(options['host'], test_server_creds) logger.info("... running securely on #{options['host']}") else - s = GRPC::RpcServer.new s.add_http2_port(options['host']) logger.info("... running insecurely on #{options['host']}") end diff --git a/src/ruby/ext/grpc/rb_server.c b/src/ruby/ext/grpc/rb_server.c index 5954e27d024..c54f02e87af 100644 --- a/src/ruby/ext/grpc/rb_server.c +++ b/src/ruby/ext/grpc/rb_server.c @@ -97,35 +97,19 @@ static VALUE grpc_rb_server_alloc(VALUE cls) { /* call-seq: cq = CompletionQueue.new - insecure_server = Server.new(cq, {'arg1': 'value1'}) - server_creds = ... - secure_server = Server.new(cq, {'arg1': 'value1'}, server_creds) + server = Server.new(cq, {'arg1': 'value1'}) Initializes server instances. */ -static VALUE grpc_rb_server_init(int argc, VALUE *argv, VALUE self) { - VALUE cqueue = Qnil; - VALUE credentials = Qnil; - VALUE channel_args = Qnil; +static VALUE grpc_rb_server_init(VALUE self, VALUE cqueue, VALUE channel_args) { grpc_completion_queue *cq = NULL; - grpc_server_credentials *creds = NULL; grpc_rb_server *wrapper = NULL; grpc_server *srv = NULL; grpc_channel_args args; MEMZERO(&args, grpc_channel_args, 1); - - /* "21" == 2 mandatory args, 1 (credentials) is optional */ - rb_scan_args(argc, argv, "21", &cqueue, &channel_args, &credentials); cq = grpc_rb_get_wrapped_completion_queue(cqueue); - Data_Get_Struct(self, grpc_rb_server, wrapper); grpc_rb_hash_convert_to_channel_args(channel_args, &args); srv = grpc_server_create(cq, &args); - if (credentials == Qnil) { - srv = grpc_server_create(cq, &args); - } else { - creds = grpc_rb_get_wrapped_server_credentials(credentials); - srv = grpc_secure_server_create(creds, cq, &args); - } if (args.args != NULL) { xfree(args.args); /* Allocated by grpc_rb_hash_convert_to_channel_args */ @@ -215,33 +199,36 @@ static VALUE grpc_rb_server_destroy(VALUE self) { // secure port server_creds = ... - secure_server = Server.new(cq, {'arg1': 'value1'}, creds) - secure_server.add_http_port('mydomain:7575', True) + secure_server = Server.new(cq, {'arg1': 'value1'}) + secure_server.add_http_port('mydomain:7575', server_creds) Adds a http2 port to server */ static VALUE grpc_rb_server_add_http2_port(int argc, VALUE *argv, VALUE self) { VALUE port = Qnil; - VALUE is_secure = Qnil; + VALUE rb_creds = Qnil; grpc_rb_server *s = NULL; + grpc_server_credentials *creds = NULL; int recvd_port = 0; - /* "11" == 1 mandatory args, 1 (is_secure) is optional */ - rb_scan_args(argc, argv, "11", &port, &is_secure); + /* "11" == 1 mandatory args, 1 (rb_creds) is optional */ + rb_scan_args(argc, argv, "11", &port, &rb_creds); Data_Get_Struct(self, grpc_rb_server, s); if (s->wrapped == NULL) { rb_raise(rb_eRuntimeError, "closed!"); return Qnil; - } else if (is_secure == Qnil || TYPE(is_secure) != T_TRUE) { + } else if (rb_creds == Qnil) { recvd_port = grpc_server_add_http2_port(s->wrapped, StringValueCStr(port)); if (recvd_port == 0) { rb_raise(rb_eRuntimeError, "could not add port %s to server, not sure why", StringValueCStr(port)); } - } else if (TYPE(is_secure) != T_FALSE) { + } else { + creds = grpc_rb_get_wrapped_server_credentials(rb_creds); recvd_port = - grpc_server_add_secure_http2_port(s->wrapped, StringValueCStr(port)); + grpc_server_add_secure_http2_port(s->wrapped, StringValueCStr(port), + creds); if (recvd_port == 0) { rb_raise(rb_eRuntimeError, "could not add secure port %s to server, not sure why", @@ -258,7 +245,7 @@ void Init_grpc_server() { rb_define_alloc_func(rb_cServer, grpc_rb_server_alloc); /* Provides a ruby constructor and support for dup/clone. */ - rb_define_method(rb_cServer, "initialize", grpc_rb_server_init, -1); + rb_define_method(rb_cServer, "initialize", grpc_rb_server_init, 2); rb_define_method(rb_cServer, "initialize_copy", grpc_rb_server_init_copy, 1); /* Add the server methods. */ diff --git a/src/ruby/lib/grpc/generic/rpc_server.rb b/src/ruby/lib/grpc/generic/rpc_server.rb index 6938f718922..35e84023be9 100644 --- a/src/ruby/lib/grpc/generic/rpc_server.rb +++ b/src/ruby/lib/grpc/generic/rpc_server.rb @@ -81,7 +81,6 @@ module GRPC max_waiting_requests:DEFAULT_MAX_WAITING_REQUESTS, poll_period:INFINITE_FUTURE, completion_queue_override:nil, - creds:nil, server_override:nil, **kw) if completion_queue_override.nil? @@ -95,13 +94,7 @@ module GRPC @cq = cq if server_override.nil? - if creds.nil? - srv = Core::Server.new(@cq, kw) - elsif !creds.is_a? Core::ServerCredentials - fail(ArgumentError, 'not a ServerCredentials') - else - srv = Core::Server.new(@cq, kw, creds) - end + srv = Core::Server.new(@cq, kw) else srv = server_override fail(ArgumentError, 'not a Server') unless srv.is_a? Core::Server diff --git a/src/ruby/spec/client_server_spec.rb b/src/ruby/spec/client_server_spec.rb index 35d9db1a894..49a2d3bb4df 100644 --- a/src/ruby/spec/client_server_spec.rb +++ b/src/ruby/spec/client_server_spec.rb @@ -350,8 +350,8 @@ describe 'the secure http client/server' do @client_queue = GRPC::Core::CompletionQueue.new @server_queue = GRPC::Core::CompletionQueue.new server_creds = GRPC::Core::ServerCredentials.new(nil, certs[1], certs[2]) - @server = GRPC::Core::Server.new(@server_queue, nil, server_creds) - server_port = @server.add_http2_port(server_host, true) + @server = GRPC::Core::Server.new(@server_queue, nil) + server_port = @server.add_http2_port(server_host, server_creds) @server.start args = { Channel::SSL_TARGET => 'foo.test.google.fr' } @ch = Channel.new("0.0.0.0:#{server_port}", args, @@ -362,11 +362,9 @@ describe 'the secure http client/server' do @server.close end - # TODO: uncomment after updating the to the new c api it_behaves_like 'basic GRPC message delivery is OK' do end - # TODO: uncomment after updating the to the new c api it_behaves_like 'GRPC metadata delivery works OK' do end end diff --git a/src/ruby/spec/generic/rpc_server_spec.rb b/src/ruby/spec/generic/rpc_server_spec.rb index e8c70604461..d5421d400c9 100644 --- a/src/ruby/spec/generic/rpc_server_spec.rb +++ b/src/ruby/spec/generic/rpc_server_spec.rb @@ -164,19 +164,6 @@ describe GRPC::RpcServer do expect(&blk).to raise_error end - it 'can be created with the creds as valid ServerCedentials' do - certs = load_test_certs - server_creds = GRPC::Core::ServerCredentials.new(nil, certs[1], certs[2]) - blk = proc do - opts = { - a_channel_arg: 'an_arg', - creds: server_creds - } - RpcServer.new(**opts) - end - expect(&blk).to_not raise_error - end - it 'can be created with a server override' do opts = { a_channel_arg: 'an_arg', server_override: @server } blk = proc do diff --git a/src/ruby/spec/server_spec.rb b/src/ruby/spec/server_spec.rb index 5b81f195371..a47e484f971 100644 --- a/src/ruby/spec/server_spec.rb +++ b/src/ruby/spec/server_spec.rb @@ -118,10 +118,11 @@ describe Server do end describe 'for secure servers' do + let(:cert) { create_test_cert } it 'runs without failing' do blk = proc do s = Server.new(@cq, nil) - s.add_http2_port('localhost:0', true) + s.add_http2_port('localhost:0', cert) s.close end expect(&blk).to_not raise_error @@ -130,7 +131,7 @@ describe Server do it 'fails if the server is closed' do s = Server.new(@cq, nil) s.close - blk = proc { s.add_http2_port('localhost:0', true) } + blk = proc { s.add_http2_port('localhost:0', cert) } expect(&blk).to raise_error(RuntimeError) end end @@ -138,7 +139,7 @@ describe Server do shared_examples '#new' do it 'takes a completion queue with nil channel args' do - expect { Server.new(@cq, nil, create_test_cert) }.to_not raise_error + expect { Server.new(@cq, nil) }.to_not raise_error end it 'does not take a hash with bad keys as channel args' do @@ -195,14 +196,6 @@ describe Server do it_behaves_like '#new' end - describe '#new with a secure channel' do - def construct_with_args(a) - proc { Server.new(@cq, a, create_test_cert) } - end - - it_behaves_like '#new' - end - def start_a_server s = Server.new(@cq, nil) s.add_http2_port('0.0.0.0:0') diff --git a/templates/Makefile.template b/templates/Makefile.template index 24fd450dff5..6573e03f7f5 100644 --- a/templates/Makefile.template +++ b/templates/Makefile.template @@ -917,7 +917,7 @@ PUBLIC_HEADERS_C += \\ LIB${lib.name.upper()}_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(LIB${lib.name.upper()}_SRC)))) ## If the library requires OpenSSL with ALPN, let's add some restrictions. -% if lib.get('secure', True): +% if lib.get('secure', 'check') == 'yes' or lib.get('secure', 'check') == 'check': ifeq ($(NO_SECURE),true) # You can't build secure libraries if you don't have OpenSSL with ALPN. @@ -993,14 +993,14 @@ $(LIBDIR)/$(CONFIG)/lib${lib.name}.a: $(ZLIB_DEP)\ $(Q) rm -f $(LIBDIR)/$(CONFIG)/lib${lib.name}.a $(Q) $(AR) rcs $(LIBDIR)/$(CONFIG)/lib${lib.name}.a $(LIB${lib.name.upper()}_OBJS) % if lib.get('baselib', False): -% if lib.get('secure', True): - $(Q) rm -rf tmp-merge - $(Q) mkdir tmp-merge - $(Q) ( cd tmp-merge ; $(AR) x ../$(LIBDIR)/$(CONFIG)/lib${lib.name}.a ) - $(Q) for l in $(OPENSSL_MERGE_LIBS) ; do ( cd tmp-merge ; <%text>ar x ../$${l} ) ; done - $(Q) rm -f $(LIBDIR)/$(CONFIG)/lib${lib.name}.a tmp-merge/__.SYMDEF* - $(Q) ar rcs $(LIBDIR)/$(CONFIG)/lib${lib.name}.a tmp-merge/* - $(Q) rm -rf tmp-merge +% if lib.get('secure', 'check') == 'yes': + $(Q) rm -rf tmp-merge-${lib.name} + $(Q) mkdir tmp-merge-${lib.name} + $(Q) ( cd tmp-merge-${lib.name} ; $(AR) x ../$(LIBDIR)/$(CONFIG)/lib${lib.name}.a ) + $(Q) for l in $(OPENSSL_MERGE_LIBS) ; do ( cd tmp-merge-${lib.name} ; <%text>ar x ../$${l} ) ; done + $(Q) rm -f $(LIBDIR)/$(CONFIG)/lib${lib.name}.a tmp-merge-${lib.name}/__.SYMDEF* + $(Q) ar rcs $(LIBDIR)/$(CONFIG)/lib${lib.name}.a tmp-merge-${lib.name}/* + $(Q) rm -rf tmp-merge-${lib.name} % endif % endif ifeq ($(SYSTEM),Darwin) @@ -1028,8 +1028,10 @@ endif mingw_libs = mingw_libs + ' -l' + dep + '-imp' mingw_lib_deps = mingw_lib_deps + '$(LIBDIR)/$(CONFIG)/' + dep + '.$(SHARED_EXT)' - if lib.get('secure', True): + if lib.get('secure', 'check') == 'yes': common = common + ' $(LDLIBS_SECURE) $(OPENSSL_MERGE_LIBS)' + + if lib.get('secure', 'check') == 'yes' or lib.get('secure', 'check') == 'check': lib_deps = lib_deps + ' $(OPENSSL_DEP)' mingw_lib_deps = mingw_lib_deps + ' $(OPENSSL_DEP)' @@ -1056,7 +1058,7 @@ else endif endif % endif -% if lib.get('secure', True): +% if lib.get('secure', 'check') == 'yes' or lib.get('secure', 'check') == 'check': ## If the lib was secure, we have to close the Makefile's if that tested ## the presence of an ALPN-capable OpenSSL. @@ -1069,13 +1071,13 @@ endif endif % endif -% if lib.get('secure', True): +% if lib.get('secure', 'check') == 'yes' or lib.get('secure', 'check') == 'check': ifneq ($(NO_SECURE),true) % endif ifneq ($(NO_DEPS),true) -include $(LIB${lib.name.upper()}_OBJS:.o=.dep) endif -% if lib.get('secure', True): +% if lib.get('secure', 'check') == 'yes' or lib.get('secure', 'check') == 'check': endif % endif @@ -1102,7 +1104,7 @@ ${tgt.name.upper()}_SRC = \\ ${tgt.name.upper()}_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(${tgt.name.upper()}_SRC)))) -% if tgt.get('secure', True): +% if tgt.get('secure', 'check') == 'yes' or tgt.get('secure', 'check') == 'check': ifeq ($(NO_SECURE),true) # You can't build secure targets if you don't have OpenSSL with ALPN. @@ -1176,7 +1178,7 @@ $(BINDIR)/$(CONFIG)/${tgt.name}: $(${tgt.name.upper()}_OBJS)\ % endif % if tgt.build == 'protoc': $(HOST_LDLIBS_PROTOC)\ -% elif tgt.get('secure', True): +% elif tgt.get('secure', 'check') == 'yes' or tgt.get('secure', 'check') == 'check': $(LDLIBS_SECURE)\ % endif -o $(BINDIR)/$(CONFIG)/${tgt.name} @@ -1184,7 +1186,7 @@ $(BINDIR)/$(CONFIG)/${tgt.name}: $(${tgt.name.upper()}_OBJS)\ endif % endif -% if tgt.get('secure', True): +% if tgt.get('secure', 'check') == 'yes' or tgt.get('secure', 'check') == 'check': endif % endif @@ -1199,13 +1201,13 @@ $(OBJDIR)/$(CONFIG)/${os.path.splitext(src)[0]}.o: \ deps_${tgt.name}: $(${tgt.name.upper()}_OBJS:.o=.dep) -% if tgt.get('secure', True): +% if tgt.get('secure', 'check') == 'yes' or tgt.get('secure', 'check') == 'check': ifneq ($(NO_SECURE),true) % endif ifneq ($(NO_DEPS),true) -include $(${tgt.name.upper()}_OBJS:.o=.dep) endif -% if tgt.get('secure', True): +% if tgt.get('secure', 'check') == 'yes' or tgt.get('secure', 'check') == 'check': endif % endif diff --git a/test/core/echo/server.c b/test/core/echo/server.c index bc84645a040..e888a0c8770 100644 --- a/test/core/echo/server.c +++ b/test/core/echo/server.c @@ -143,8 +143,8 @@ int main(int argc, char **argv) { test_server1_cert}; grpc_server_credentials *ssl_creds = grpc_ssl_server_credentials_create(NULL, &pem_key_cert_pair, 1); - server = grpc_secure_server_create(ssl_creds, cq, &args); - GPR_ASSERT(grpc_server_add_secure_http2_port(server, addr)); + server = grpc_server_create(cq, &args); + GPR_ASSERT(grpc_server_add_secure_http2_port(server, addr, ssl_creds)); grpc_server_credentials_release(ssl_creds); } else { server = grpc_server_create(cq, &args); diff --git a/test/core/end2end/fixtures/chttp2_fake_security.c b/test/core/end2end/fixtures/chttp2_fake_security.c index 247d1fd3223..047d482be34 100644 --- a/test/core/end2end/fixtures/chttp2_fake_security.c +++ b/test/core/end2end/fixtures/chttp2_fake_security.c @@ -84,9 +84,9 @@ static void chttp2_init_server_secure_fullstack( grpc_server_destroy(f->server); } f->server = - grpc_secure_server_create(server_creds, f->server_cq, server_args); + grpc_server_create(f->server_cq, server_args); + GPR_ASSERT(grpc_server_add_secure_http2_port(f->server, ffd->localaddr, server_creds)); grpc_server_credentials_release(server_creds); - GPR_ASSERT(grpc_server_add_secure_http2_port(f->server, ffd->localaddr)); grpc_server_start(f->server); } diff --git a/test/core/end2end/fixtures/chttp2_simple_ssl_fullstack.c b/test/core/end2end/fixtures/chttp2_simple_ssl_fullstack.c index 3df2e40806d..16433f5f87c 100644 --- a/test/core/end2end/fixtures/chttp2_simple_ssl_fullstack.c +++ b/test/core/end2end/fixtures/chttp2_simple_ssl_fullstack.c @@ -87,9 +87,9 @@ static void chttp2_init_server_secure_fullstack( grpc_server_destroy(f->server); } f->server = - grpc_secure_server_create(server_creds, f->server_cq, server_args); + grpc_server_create(f->server_cq, server_args); + GPR_ASSERT(grpc_server_add_secure_http2_port(f->server, ffd->localaddr, server_creds)); grpc_server_credentials_release(server_creds); - GPR_ASSERT(grpc_server_add_secure_http2_port(f->server, ffd->localaddr)); grpc_server_start(f->server); } diff --git a/test/core/end2end/fixtures/chttp2_simple_ssl_with_oauth2_fullstack.c b/test/core/end2end/fixtures/chttp2_simple_ssl_with_oauth2_fullstack.c index 8d6c561d25d..99031df8e54 100644 --- a/test/core/end2end/fixtures/chttp2_simple_ssl_with_oauth2_fullstack.c +++ b/test/core/end2end/fixtures/chttp2_simple_ssl_with_oauth2_fullstack.c @@ -85,9 +85,9 @@ static void chttp2_init_server_secure_fullstack( grpc_server_destroy(f->server); } f->server = - grpc_secure_server_create(server_creds, f->server_cq, server_args); + grpc_server_create(f->server_cq, server_args); + GPR_ASSERT(grpc_server_add_secure_http2_port(f->server, ffd->localaddr, server_creds)); grpc_server_credentials_release(server_creds); - GPR_ASSERT(grpc_server_add_secure_http2_port(f->server, ffd->localaddr)); grpc_server_start(f->server); } diff --git a/test/core/end2end/gen_build_json.py b/test/core/end2end/gen_build_json.py index 96d85557992..67fc0a6e539 100755 --- a/test/core/end2end/gen_build_json.py +++ b/test/core/end2end/gen_build_json.py @@ -107,7 +107,7 @@ def main(): 'name': 'end2end_fixture_%s' % f, 'build': 'private', 'language': 'c', - 'secure': True, + 'secure': 'check', 'src': ['test/core/end2end/fixtures/%s.c' % f] } for f in END2END_FIXTURES] + [ @@ -115,7 +115,7 @@ def main(): 'name': 'end2end_test_%s' % t, 'build': 'private', 'language': 'c', - 'secure': False, + 'secure': 'no', 'src': ['test/core/end2end/tests/%s.c' % t], 'headers': ['test/core/end2end/tests/cancel_test_helpers.h'] } diff --git a/test/core/fling/server.c b/test/core/fling/server.c index 5c1ab14d034..ca39cd84b13 100644 --- a/test/core/fling/server.c +++ b/test/core/fling/server.c @@ -205,8 +205,8 @@ int main(int argc, char **argv) { test_server1_cert}; grpc_server_credentials *ssl_creds = grpc_ssl_server_credentials_create(NULL, &pem_key_cert_pair, 1); - server = grpc_secure_server_create(ssl_creds, cq, NULL); - GPR_ASSERT(grpc_server_add_secure_http2_port(server, addr)); + server = grpc_server_create(cq, NULL); + GPR_ASSERT(grpc_server_add_secure_http2_port(server, addr, ssl_creds)); grpc_server_credentials_release(ssl_creds); } else { server = grpc_server_create(cq, NULL); diff --git a/test/core/surface/lame_client_test.c b/test/core/surface/lame_client_test.c index 3653c5a1b0d..f0420896eeb 100644 --- a/test/core/surface/lame_client_test.c +++ b/test/core/surface/lame_client_test.c @@ -31,7 +31,7 @@ * */ -#include "src/core/surface/lame_client.h" +#include #include "test/core/end2end/cq_verifier.h" #include "test/core/util/test_config.h" diff --git a/test/cpp/client/credentials_test.cc b/test/cpp/client/credentials_test.cc index dc8d76d7eff..59ca33cc297 100644 --- a/test/cpp/client/credentials_test.cc +++ b/test/cpp/client/credentials_test.cc @@ -47,8 +47,7 @@ class CredentialsTest : public ::testing::Test { TEST_F(CredentialsTest, InvalidServiceAccountCreds) { std::unique_ptr bad1 = - CredentialsFactory::ServiceAccountCredentials("", "", - std::chrono::seconds(1)); + ServiceAccountCredentials("", "", std::chrono::seconds(1)); EXPECT_EQ(nullptr, bad1.get()); } diff --git a/test/cpp/end2end/async_end2end_test.cc b/test/cpp/end2end/async_end2end_test.cc index 331a5ef8a02..70df9e14b21 100644 --- a/test/cpp/end2end/async_end2end_test.cc +++ b/test/cpp/end2end/async_end2end_test.cc @@ -47,6 +47,7 @@ #include #include #include +#include #include #include #include "test/core/util/port.h" @@ -84,7 +85,7 @@ class AsyncEnd2endTest : public ::testing::Test { server_address_ << "localhost:" << port; // Setup server ServerBuilder builder; - builder.AddPort(server_address_.str()); + builder.AddPort(server_address_.str(), grpc::InsecureServerCredentials()); builder.RegisterAsyncService(&service_); server_ = builder.BuildAndStart(); } @@ -102,8 +103,8 @@ class AsyncEnd2endTest : public ::testing::Test { } void ResetStub() { - std::shared_ptr channel = - CreateChannelDeprecated(server_address_.str(), ChannelArguments()); + std::shared_ptr channel = CreateChannel( + server_address_.str(), InsecureCredentials(), ChannelArguments()); stub_ = std::move(grpc::cpp::test::util::TestService::NewStub(channel)); } diff --git a/test/cpp/end2end/end2end_test.cc b/test/cpp/end2end/end2end_test.cc index 1d5dfc4e342..c586849349c 100644 --- a/test/cpp/end2end/end2end_test.cc +++ b/test/cpp/end2end/end2end_test.cc @@ -47,6 +47,7 @@ #include #include #include +#include #include #include #include "test/core/util/port.h" @@ -150,7 +151,7 @@ class End2endTest : public ::testing::Test { server_address_ << "localhost:" << port; // Setup server ServerBuilder builder; - builder.AddPort(server_address_.str()); + builder.AddPort(server_address_.str(), InsecureServerCredentials()); builder.RegisterService(&service_); builder.RegisterService(&dup_pkg_service_); builder.SetThreadPool(&thread_pool_); @@ -160,8 +161,8 @@ class End2endTest : public ::testing::Test { void TearDown() GRPC_OVERRIDE { server_->Shutdown(); } void ResetStub() { - std::shared_ptr channel = - CreateChannelDeprecated(server_address_.str(), ChannelArguments()); + std::shared_ptr channel = CreateChannel( + server_address_.str(), InsecureCredentials(), ChannelArguments()); stub_ = std::move(grpc::cpp::test::util::TestService::NewStub(channel)); } @@ -371,8 +372,8 @@ TEST_F(End2endTest, BidiStream) { // Talk to the two services with the same name but different package names. // The two stubs are created on the same channel. TEST_F(End2endTest, DiffPackageServices) { - std::shared_ptr channel = - CreateChannelDeprecated(server_address_.str(), ChannelArguments()); + std::shared_ptr channel = CreateChannel( + server_address_.str(), InsecureCredentials(), ChannelArguments()); EchoRequest request; EchoResponse response; @@ -397,8 +398,7 @@ TEST_F(End2endTest, DiffPackageServices) { // rpc and stream should fail on bad credentials. TEST_F(End2endTest, BadCredentials) { std::unique_ptr bad_creds = - CredentialsFactory::ServiceAccountCredentials("", "", - std::chrono::seconds(1)); + ServiceAccountCredentials("", "", std::chrono::seconds(1)); EXPECT_EQ(nullptr, bad_creds.get()); std::shared_ptr channel = CreateChannel(server_address_.str(), bad_creds, ChannelArguments()); diff --git a/test/cpp/interop/client.cc b/test/cpp/interop/client.cc index f7537c2d7b2..ae68f7a5564 100644 --- a/test/cpp/interop/client.cc +++ b/test/cpp/interop/client.cc @@ -82,9 +82,10 @@ DEFINE_string(oauth_scope, "", "Scope for OAuth tokens."); using grpc::ChannelInterface; using grpc::ClientContext; +using grpc::ComputeEngineCredentials; using grpc::CreateTestChannel; using grpc::Credentials; -using grpc::CredentialsFactory; +using grpc::ServiceAccountCredentials; using grpc::testing::ResponseParameters; using grpc::testing::SimpleRequest; using grpc::testing::SimpleResponse; @@ -96,8 +97,8 @@ using grpc::testing::TestService; // In some distros, gflags is in the namespace google, and in some others, // in gflags. This hack is enabling us to find both. -namespace google { } -namespace gflags { } +namespace google {} +namespace gflags {} using namespace google; using namespace gflags; @@ -135,14 +136,14 @@ std::shared_ptr CreateChannelForTestCase( std::unique_ptr creds; GPR_ASSERT(FLAGS_enable_ssl); grpc::string json_key = GetServiceAccountJsonKey(); - creds = CredentialsFactory::ServiceAccountCredentials( - json_key, FLAGS_oauth_scope, std::chrono::hours(1)); + creds = ServiceAccountCredentials(json_key, FLAGS_oauth_scope, + std::chrono::hours(1)); return CreateTestChannel(host_port, FLAGS_server_host_override, FLAGS_enable_ssl, FLAGS_use_prod_roots, creds); } else if (test_case == "compute_engine_creds") { std::unique_ptr creds; GPR_ASSERT(FLAGS_enable_ssl); - creds = CredentialsFactory::ComputeEngineCredentials(); + creds = ComputeEngineCredentials(); return CreateTestChannel(host_port, FLAGS_server_host_override, FLAGS_enable_ssl, FLAGS_use_prod_roots, creds); } else { @@ -202,7 +203,7 @@ void DoComputeEngineCreds() { GPR_ASSERT(!response.username().empty()); GPR_ASSERT(response.username().c_str() == FLAGS_default_service_account); GPR_ASSERT(!response.oauth_scope().empty()); - const char *oauth_scope_str = response.oauth_scope().c_str(); + const char* oauth_scope_str = response.oauth_scope().c_str(); GPR_ASSERT(FLAGS_oauth_scope.find(oauth_scope_str) != grpc::string::npos); gpr_log(GPR_INFO, "Large unary with compute engine creds done."); } @@ -221,7 +222,7 @@ void DoServiceAccountCreds() { GPR_ASSERT(!response.oauth_scope().empty()); grpc::string json_key = GetServiceAccountJsonKey(); GPR_ASSERT(json_key.find(response.username()) != grpc::string::npos); - const char *oauth_scope_str = response.oauth_scope().c_str(); + const char* oauth_scope_str = response.oauth_scope().c_str(); GPR_ASSERT(FLAGS_oauth_scope.find(oauth_scope_str) != grpc::string::npos); gpr_log(GPR_INFO, "Large unary with service account creds done."); } diff --git a/test/cpp/interop/server.cc b/test/cpp/interop/server.cc index 9810ff6622b..743482e9671 100644 --- a/test/cpp/interop/server.cc +++ b/test/cpp/interop/server.cc @@ -60,7 +60,6 @@ using grpc::Server; using grpc::ServerBuilder; using grpc::ServerContext; using grpc::ServerCredentials; -using grpc::ServerCredentialsFactory; using grpc::ServerReader; using grpc::ServerReaderWriter; using grpc::ServerWriter; @@ -78,8 +77,8 @@ using grpc::Status; // In some distros, gflags is in the namespace google, and in some others, // in gflags. This hack is enabling us to find both. -namespace google { } -namespace gflags { } +namespace google {} +namespace gflags {} using namespace google; using namespace gflags; @@ -211,15 +210,14 @@ void RunServer() { SimpleResponse response; ServerBuilder builder; - builder.AddPort(server_address.str()); builder.RegisterService(&service); + std::shared_ptr creds = grpc::InsecureServerCredentials(); if (FLAGS_enable_ssl) { SslServerCredentialsOptions ssl_opts = { "", {{test_server1_key, test_server1_cert}}}; - std::shared_ptr creds = - ServerCredentialsFactory::SslCredentials(ssl_opts); - builder.SetCredentials(creds); + creds = grpc::SslServerCredentials(ssl_opts); } + builder.AddPort(server_address.str(), creds); std::unique_ptr server(builder.BuildAndStart()); gpr_log(GPR_INFO, "Server listening on %s", server_address.str().c_str()); while (!got_sigint) { diff --git a/test/cpp/qps/driver.cc b/test/cpp/qps/driver.cc index 6d5df799a27..d29ca1de947 100644 --- a/test/cpp/qps/driver.cc +++ b/test/cpp/qps/driver.cc @@ -103,7 +103,7 @@ ScenarioResult RunScenario(const ClientConfig& initial_client_config, for (size_t i = 0; i < num_servers; i++) { ServerData sd; sd.stub = std::move(Worker::NewStub( - CreateChannelDeprecated(workers[i], ChannelArguments()))); + CreateChannel(workers[i], InsecureCredentials(), ChannelArguments()))); ServerArgs args; *args.mutable_setup() = server_config; sd.stream = std::move(sd.stub->RunServer(alloc_context())); @@ -131,8 +131,8 @@ ScenarioResult RunScenario(const ClientConfig& initial_client_config, vector clients; for (size_t i = 0; i < num_clients; i++) { ClientData cd; - cd.stub = std::move(Worker::NewStub( - CreateChannelDeprecated(workers[i + num_servers], ChannelArguments()))); + cd.stub = std::move(Worker::NewStub(CreateChannel( + workers[i + num_servers], InsecureCredentials(), ChannelArguments()))); ClientArgs args; *args.mutable_setup() = client_config; cd.stream = std::move(cd.stub->RunTest(alloc_context())); diff --git a/test/cpp/qps/server.cc b/test/cpp/qps/server.cc new file mode 100644 index 00000000000..005f0f9c5e2 --- /dev/null +++ b/test/cpp/qps/server.cc @@ -0,0 +1,172 @@ +/* + * + * Copyright 2015, Google Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following disclaimer + * in the documentation and/or other materials provided with the + * distribution. + * * Neither the name of Google Inc. nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include +#include +#include +#include + +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "src/cpp/server/thread_pool.h" +#include "test/core/util/grpc_profiler.h" +#include "test/cpp/qps/qpstest.pb.h" + +#include +#include + +DEFINE_bool(enable_ssl, false, "Whether to use ssl/tls."); +DEFINE_int32(port, 0, "Server port."); +DEFINE_int32(server_threads, 4, "Number of server threads."); + +using grpc::Server; +using grpc::ServerBuilder; +using grpc::ServerContext; +using grpc::ThreadPool; +using grpc::testing::Payload; +using grpc::testing::PayloadType; +using grpc::testing::ServerStats; +using grpc::testing::SimpleRequest; +using grpc::testing::SimpleResponse; +using grpc::testing::StatsRequest; +using grpc::testing::TestService; +using grpc::Status; + +// In some distros, gflags is in the namespace google, and in some others, +// in gflags. This hack is enabling us to find both. +namespace google { } +namespace gflags { } +using namespace google; +using namespace gflags; + +static bool got_sigint = false; + +static void sigint_handler(int x) { got_sigint = 1; } + +static double time_double(struct timeval* tv) { + return tv->tv_sec + 1e-6 * tv->tv_usec; +} + +static bool SetPayload(PayloadType type, int size, Payload* payload) { + PayloadType response_type = type; + // TODO(yangg): Support UNCOMPRESSABLE payload. + if (type != PayloadType::COMPRESSABLE) { + return false; + } + payload->set_type(response_type); + std::unique_ptr body(new char[size]()); + payload->set_body(body.get(), size); + return true; +} + +namespace { + +class TestServiceImpl GRPC_FINAL : public TestService::Service { + public: + Status CollectServerStats(ServerContext* context, const StatsRequest*, + ServerStats* response) { + struct rusage usage; + struct timeval tv; + gettimeofday(&tv, NULL); + getrusage(RUSAGE_SELF, &usage); + response->set_time_now(time_double(&tv)); + response->set_time_user(time_double(&usage.ru_utime)); + response->set_time_system(time_double(&usage.ru_stime)); + return Status::OK; + } + Status UnaryCall(ServerContext* context, const SimpleRequest* request, + SimpleResponse* response) { + if (request->has_response_size() && request->response_size() > 0) { + if (!SetPayload(request->response_type(), request->response_size(), + response->mutable_payload())) { + return Status(grpc::StatusCode::INTERNAL, "Error creating payload."); + } + } + return Status::OK; + } +}; + +} // namespace + +static void RunServer() { + char* server_address = NULL; + gpr_join_host_port(&server_address, "::", FLAGS_port); + + TestServiceImpl service; + + SimpleRequest request; + SimpleResponse response; + + ServerBuilder builder; + builder.AddPort(server_address, grpc::InsecureServerCredentials()); + builder.RegisterService(&service); + + std::unique_ptr pool(new ThreadPool(FLAGS_server_threads)); + builder.SetThreadPool(pool.get()); + + std::unique_ptr server(builder.BuildAndStart()); + gpr_log(GPR_INFO, "Server listening on %s\n", server_address); + + grpc_profiler_start("qps_server.prof"); + + while (!got_sigint) { + sleep(5); + } + + grpc_profiler_stop(); + + gpr_free(server_address); +} + +int main(int argc, char** argv) { + grpc_init(); + ParseCommandLineFlags(&argc, &argv, true); + + signal(SIGINT, sigint_handler); + + GPR_ASSERT(FLAGS_port != 0); + GPR_ASSERT(!FLAGS_enable_ssl); + RunServer(); + + grpc_shutdown(); + return 0; +} diff --git a/test/cpp/qps/server_async.cc b/test/cpp/qps/server_async.cc index 64aca957e4c..19778e5a7cd 100644 --- a/test/cpp/qps/server_async.cc +++ b/test/cpp/qps/server_async.cc @@ -46,6 +46,7 @@ #include #include #include +#include #include #include #include "src/cpp/server/thread_pool.h" @@ -67,7 +68,7 @@ class AsyncQpsServerTest : public Server { gpr_join_host_port(&server_address, "::", port); ServerBuilder builder; - builder.AddPort(server_address); + builder.AddPort(server_address, InsecureServerCredentials()); gpr_free(server_address); builder.RegisterAsyncService(&async_service_); diff --git a/test/cpp/qps/server_sync.cc b/test/cpp/qps/server_sync.cc index beee688608e..5c6541989c6 100644 --- a/test/cpp/qps/server_sync.cc +++ b/test/cpp/qps/server_sync.cc @@ -43,6 +43,7 @@ #include #include #include +#include #include #include #include "src/cpp/server/thread_pool.h" @@ -83,7 +84,7 @@ class SynchronousServer GRPC_FINAL : public grpc::testing::Server { char* server_address = NULL; gpr_join_host_port(&server_address, "::", port); - builder.AddPort(server_address); + builder.AddPort(server_address, InsecureServerCredentials()); gpr_free(server_address); builder.RegisterService(&service_); diff --git a/test/cpp/qps/worker.cc b/test/cpp/qps/worker.cc index 3a46a22665d..faabfd11477 100644 --- a/test/cpp/qps/worker.cc +++ b/test/cpp/qps/worker.cc @@ -51,6 +51,7 @@ #include #include #include +#include #include #include "test/core/util/grpc_profiler.h" #include "test/cpp/util/create_test_channel.h" @@ -209,7 +210,7 @@ static void RunServer() { WorkerImpl service; ServerBuilder builder; - builder.AddPort(server_address); + builder.AddPort(server_address, InsecureServerCredentials()); builder.RegisterService(&service); gpr_free(server_address); diff --git a/test/cpp/util/create_test_channel.cc b/test/cpp/util/create_test_channel.cc index 745496f4630..d3b84b29653 100644 --- a/test/cpp/util/create_test_channel.cc +++ b/test/cpp/util/create_test_channel.cc @@ -61,12 +61,10 @@ std::shared_ptr CreateTestChannel( const std::unique_ptr& creds) { ChannelArguments channel_args; if (enable_ssl) { - const char* roots_certs = - use_prod_roots ? "" : test_root_cert; + const char* roots_certs = use_prod_roots ? "" : test_root_cert; SslCredentialsOptions ssl_opts = {roots_certs, "", ""}; - std::unique_ptr channel_creds = - CredentialsFactory::SslCredentials(ssl_opts); + std::unique_ptr channel_creds = SslCredentials(ssl_opts); if (!server.empty() && !override_hostname.empty()) { channel_args.SetSslTargetNameOverride(override_hostname); @@ -75,11 +73,11 @@ std::shared_ptr CreateTestChannel( server.empty() ? override_hostname : server; if (creds.get()) { channel_creds = - CredentialsFactory::CompositeCredentials(creds, channel_creds); + CompositeCredentials(creds, channel_creds); } return CreateChannel(connect_to, channel_creds, channel_args); } else { - return CreateChannelDeprecated(server, channel_args); + return CreateChannel(server, InsecureCredentials(), channel_args); } } diff --git a/tools/run_tests/run_tests.py b/tools/run_tests/run_tests.py index 12a45f3ad9a..aee19cdc42d 100755 --- a/tools/run_tests/run_tests.py +++ b/tools/run_tests/run_tests.py @@ -379,7 +379,7 @@ test_cache.maybe_load() if forever: success = True while True: - dw = watch_dirs.DirWatcher(['src', 'include', 'test']) + dw = watch_dirs.DirWatcher(['src', 'include', 'test', 'examples']) initial_time = dw.most_recent_change() have_files_changed = lambda: dw.most_recent_change() != initial_time previous_success = success diff --git a/vsprojects/vs2013/grpc.vcxproj b/vsprojects/vs2013/grpc.vcxproj index 60dc9802420..9d0bcb32716 100644 --- a/vsprojects/vs2013/grpc.vcxproj +++ b/vsprojects/vs2013/grpc.vcxproj @@ -161,7 +161,6 @@ - @@ -224,8 +223,6 @@ - - diff --git a/vsprojects/vs2013/grpc.vcxproj.filters b/vsprojects/vs2013/grpc.vcxproj.filters index 9fc70e74d9d..af38d8de35a 100644 --- a/vsprojects/vs2013/grpc.vcxproj.filters +++ b/vsprojects/vs2013/grpc.vcxproj.filters @@ -55,9 +55,6 @@ src\core\surface - - src\core\surface - src\core\tsi @@ -599,9 +596,6 @@ src\core\surface - - src\core\surface - src\core\surface diff --git a/vsprojects/vs2013/grpc_shared.vcxproj b/vsprojects/vs2013/grpc_shared.vcxproj index 5c2e23b5139..f5575dc3f12 100644 --- a/vsprojects/vs2013/grpc_shared.vcxproj +++ b/vsprojects/vs2013/grpc_shared.vcxproj @@ -165,7 +165,6 @@ - @@ -228,8 +227,6 @@ - - diff --git a/vsprojects/vs2013/grpc_shared.vcxproj.filters b/vsprojects/vs2013/grpc_shared.vcxproj.filters index 9fc70e74d9d..af38d8de35a 100644 --- a/vsprojects/vs2013/grpc_shared.vcxproj.filters +++ b/vsprojects/vs2013/grpc_shared.vcxproj.filters @@ -55,9 +55,6 @@ src\core\surface - - src\core\surface - src\core\tsi @@ -599,9 +596,6 @@ src\core\surface - - src\core\surface - src\core\surface diff --git a/vsprojects/vs2013/grpc_unsecure.vcxproj b/vsprojects/vs2013/grpc_unsecure.vcxproj index 9181db0b4e1..ad7bf4762f5 100644 --- a/vsprojects/vs2013/grpc_unsecure.vcxproj +++ b/vsprojects/vs2013/grpc_unsecure.vcxproj @@ -146,7 +146,6 @@ - diff --git a/vsprojects/vs2013/grpc_unsecure.vcxproj.filters b/vsprojects/vs2013/grpc_unsecure.vcxproj.filters index 4583fa41eab..205942a4509 100644 --- a/vsprojects/vs2013/grpc_unsecure.vcxproj.filters +++ b/vsprojects/vs2013/grpc_unsecure.vcxproj.filters @@ -491,9 +491,6 @@ src\core\surface - - src\core\surface - src\core\surface