From 5b724c09c5fe0b6caa729bf88d280aa68bccbbef Mon Sep 17 00:00:00 2001
From: David Chamberlin <david.chamberlin@gs.com>
Date: Fri, 19 Jan 2024 17:19:20 -0800
Subject: [PATCH] [tls] Add copy constructor for TlsCredentialsOptions (#35499)

<!--

If you know who should review your pull request, please assign it to that
person, otherwise the pull request would get assigned randomly.

If your pull request is for a specific language, please add the appropriate
lang label.

-->

Closes #35499

COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/35499 from dawidcha:cred_opts_copy_constr 330165930f5911fff7bb19642a57378a05b1eca4
PiperOrigin-RevId: 599977221
---
 .../grpcpp/security/tls_credentials_options.h  |  6 ++++++
 src/cpp/common/tls_credentials_options.cc      |  6 ++++++
 test/cpp/client/credentials_test.cc            | 18 ++++++++++++++++++
 3 files changed, 30 insertions(+)

diff --git a/include/grpcpp/security/tls_credentials_options.h b/include/grpcpp/security/tls_credentials_options.h
index 7f5cb8208fa..6adf9faac64 100644
--- a/include/grpcpp/security/tls_credentials_options.h
+++ b/include/grpcpp/security/tls_credentials_options.h
@@ -45,6 +45,12 @@ class TlsCredentialsOptions {
   // will be used in the TLS handshake
   TlsCredentialsOptions();
   ~TlsCredentialsOptions();
+
+  // Copy constructor does a deep copy of the underlying pointer. No assignment
+  // permitted
+  TlsCredentialsOptions(const TlsCredentialsOptions& other);
+  TlsCredentialsOptions& operator=(const TlsCredentialsOptions& other) = delete;
+
   // ---- Setters for member fields ----
   // Sets the certificate provider used to store root certs and identity certs.
   void set_certificate_provider(
diff --git a/src/cpp/common/tls_credentials_options.cc b/src/cpp/common/tls_credentials_options.cc
index 6732aca3454..56664e501fd 100644
--- a/src/cpp/common/tls_credentials_options.cc
+++ b/src/cpp/common/tls_credentials_options.cc
@@ -39,6 +39,12 @@ TlsCredentialsOptions::~TlsCredentialsOptions() {
   grpc_tls_credentials_options_destroy(c_credentials_options_);
 }
 
+TlsCredentialsOptions::TlsCredentialsOptions(
+    const TlsCredentialsOptions& other) {
+  c_credentials_options_ =
+      grpc_tls_credentials_options_copy(other.c_credentials_options_);
+}
+
 void TlsCredentialsOptions::set_certificate_provider(
     std::shared_ptr<CertificateProviderInterface> certificate_provider) {
   certificate_provider_ = certificate_provider;
diff --git a/test/cpp/client/credentials_test.cc b/test/cpp/client/credentials_test.cc
index edf78b44f12..e033bc802c8 100644
--- a/test/cpp/client/credentials_test.cc
+++ b/test/cpp/client/credentials_test.cc
@@ -423,6 +423,24 @@ TEST(CredentialsTest, TlsChannelCredentialsWithCrlProviderAndDirectory) {
   GPR_ASSERT(channel_credentials.get() != nullptr);
 }
 
+TEST(CredentialsTest, TlsCredentialsOptionsCopyConstructor) {
+  // define a class that grants access to the internal
+  // grpc_tls_credentials_options pointer
+  class TlsTestCredentialsOptions
+      : public grpc::experimental::TlsCredentialsOptions {
+   public:
+    grpc_tls_credentials_options* internal_cred_opts() {
+      return mutable_c_credentials_options();
+    }
+  };
+  TlsTestCredentialsOptions options;
+  TlsTestCredentialsOptions copied_options = options;
+
+  // Make sure the copy constructor cloned the internal pointer
+  GPR_ASSERT(options.internal_cred_opts() !=
+             copied_options.internal_cred_opts());
+}
+
 TEST(CredentialsTest, TlsCredentialsOptionsDoesNotLeak) {
   TlsCredentialsOptions options;
   (void)options;