From fe9576c86129632051bb92ebb99a7ed294a586ba Mon Sep 17 00:00:00 2001 From: Zhen Lian Date: Mon, 11 Nov 2019 18:51:51 -0800 Subject: [PATCH] [Exposing ALTS Context 2/2] Provide a Utility Function to Get Context --- BUILD | 16 +++ CMakeLists.txt | 119 ++++++++++++++++++ Makefile | 174 ++++++++++++++++++++++++++- build.yaml | 26 ++++ grpc.gyp | 12 ++ include/grpcpp/alts_context.h | 39 ++++++ src/cpp/common/alts_context.cc | 44 +++++++ src/proto/grpc/gcp/BUILD | 8 ++ test/cpp/common/BUILD | 13 ++ test/cpp/common/alts_context_test.cc | 96 +++++++++++++++ tools/run_tests/generated/tests.json | 24 ++++ 11 files changed, 569 insertions(+), 2 deletions(-) create mode 100644 include/grpcpp/alts_context.h create mode 100644 src/cpp/common/alts_context.cc create mode 100644 test/cpp/common/alts_context_test.cc diff --git a/BUILD b/BUILD index 54d653f98cb..1f2a4e6b08d 100644 --- a/BUILD +++ b/BUILD @@ -428,6 +428,22 @@ grpc_cc_library( ], ) +grpc_cc_library( + name = "grpc++_alts", + srcs = [ + "src/cpp/common/alts_context.cc", + ], + hdrs = [ + "include/grpcpp/alts_context.h", + ], + language = "c++", + standalone = True, + deps = [ + "grpc++", + "//src/proto/grpc/gcp:alts_handshaker_cc_proto", + ], +) + grpc_cc_library( name = "grpc_csharp_ext", srcs = [ diff --git a/CMakeLists.txt b/CMakeLists.txt index 0b242b8121a..a1340f51cf9 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -286,6 +286,12 @@ protobuf_generate_grpc_cpp( protobuf_generate_grpc_cpp( src/proto/grpc/core/stats.proto ) +protobuf_generate_grpc_cpp( + src/proto/grpc/gcp/altscontext.proto +) +protobuf_generate_grpc_cpp( + src/proto/grpc/gcp/transport_security_common.proto +) protobuf_generate_grpc_cpp( src/proto/grpc/health/v1/health.proto ) @@ -629,6 +635,7 @@ if(gRPC_BUILD_TESTS) if(_gRPC_PLATFORM_LINUX) add_dependencies(buildtests_cxx alts_concurrent_connectivity_test) endif() + add_dependencies(buildtests_cxx alts_context_test) add_dependencies(buildtests_cxx alts_counter_test) add_dependencies(buildtests_cxx alts_crypt_test) add_dependencies(buildtests_cxx alts_crypter_test) @@ -3825,6 +3832,78 @@ if(gRPC_INSTALL) ) endif() + +if(gRPC_BUILD_CODEGEN) +add_library(grpc++_alts + ${_gRPC_PROTO_GENS_DIR}/src/proto/grpc/gcp/altscontext.pb.cc + ${_gRPC_PROTO_GENS_DIR}/src/proto/grpc/gcp/altscontext.grpc.pb.cc + ${_gRPC_PROTO_GENS_DIR}/src/proto/grpc/gcp/altscontext.pb.h + ${_gRPC_PROTO_GENS_DIR}/src/proto/grpc/gcp/altscontext.grpc.pb.h + ${_gRPC_PROTO_GENS_DIR}/src/proto/grpc/gcp/transport_security_common.pb.cc + ${_gRPC_PROTO_GENS_DIR}/src/proto/grpc/gcp/transport_security_common.grpc.pb.cc + ${_gRPC_PROTO_GENS_DIR}/src/proto/grpc/gcp/transport_security_common.pb.h + ${_gRPC_PROTO_GENS_DIR}/src/proto/grpc/gcp/transport_security_common.grpc.pb.h + src/cpp/common/alts_context.cc +) + +set_target_properties(grpc++_alts PROPERTIES + VERSION ${gRPC_CPP_VERSION} + SOVERSION ${gRPC_CPP_SOVERSION} +) + +if(WIN32 AND MSVC) + set_target_properties(grpc++_alts PROPERTIES COMPILE_PDB_NAME "grpc++_alts" + COMPILE_PDB_OUTPUT_DIRECTORY "${CMAKE_BINARY_DIR}" + ) + if(gRPC_INSTALL) + install(FILES ${CMAKE_CURRENT_BINARY_DIR}/grpc++_alts.pdb + DESTINATION ${gRPC_INSTALL_LIBDIR} OPTIONAL + ) + endif() +endif() + +target_include_directories(grpc++_alts + PUBLIC $ $ + PRIVATE + ${CMAKE_CURRENT_SOURCE_DIR} + ${_gRPC_ADDRESS_SORTING_INCLUDE_DIR} + ${_gRPC_SSL_INCLUDE_DIR} + ${_gRPC_UPB_GENERATED_DIR} + ${_gRPC_UPB_GRPC_GENERATED_DIR} + ${_gRPC_UPB_INCLUDE_DIR} + ${_gRPC_ZLIB_INCLUDE_DIR} + ${_gRPC_PROTO_GENS_DIR} +) +target_link_libraries(grpc++_alts + ${_gRPC_BASELIB_LIBRARIES} + ${_gRPC_PROTOBUF_LIBRARIES} + ${_gRPC_ALLTARGETS_LIBRARIES} + grpc++ +) + +foreach(_hdr + include/grpcpp/alts_context.h + include/grpcpp/impl/codegen/security/auth_context.h +) + string(REPLACE "include/" "" _path ${_hdr}) + get_filename_component(_path ${_path} PATH) + install(FILES ${_hdr} + DESTINATION "${gRPC_INSTALL_INCLUDEDIR}/${_path}" + ) +endforeach() +endif() + +if(gRPC_BUILD_CODEGEN) + +if(gRPC_INSTALL) + install(TARGETS grpc++_alts EXPORT gRPCTargets + RUNTIME DESTINATION ${gRPC_INSTALL_BINDIR} + LIBRARY DESTINATION ${gRPC_INSTALL_LIBDIR} + ARCHIVE DESTINATION ${gRPC_INSTALL_LIBDIR} + ) +endif() + +endif() if(gRPC_BUILD_TESTS) if(gRPC_BUILD_CODEGEN) @@ -9930,6 +10009,46 @@ endif() endif() if(gRPC_BUILD_TESTS) +add_executable(alts_context_test + test/cpp/common/alts_context_test.cc + third_party/googletest/googletest/src/gtest-all.cc + third_party/googletest/googlemock/src/gmock-all.cc +) + +target_include_directories(alts_context_test + PRIVATE + ${CMAKE_CURRENT_SOURCE_DIR} + ${CMAKE_CURRENT_SOURCE_DIR}/include + ${_gRPC_ADDRESS_SORTING_INCLUDE_DIR} + ${_gRPC_SSL_INCLUDE_DIR} + ${_gRPC_UPB_GENERATED_DIR} + ${_gRPC_UPB_GRPC_GENERATED_DIR} + ${_gRPC_UPB_INCLUDE_DIR} + ${_gRPC_ZLIB_INCLUDE_DIR} + third_party/googletest/googletest/include + third_party/googletest/googletest + third_party/googletest/googlemock/include + third_party/googletest/googlemock + ${_gRPC_PROTO_GENS_DIR} +) + +target_link_libraries(alts_context_test + ${_gRPC_PROTOBUF_LIBRARIES} + ${_gRPC_ALLTARGETS_LIBRARIES} + grpc++_test_util + grpc_test_util + grpc++_alts + grpc++ + grpc + gpr + grpc++_test_config + ${_gRPC_GFLAGS_LIBRARIES} +) + + +endif() +if(gRPC_BUILD_TESTS) + add_executable(alts_counter_test test/core/tsi/alts/frame_protector/alts_counter_test.cc third_party/googletest/googletest/src/gtest-all.cc diff --git a/Makefile b/Makefile index 0c4e5920ff2..1392a7bd17e 100644 --- a/Makefile +++ b/Makefile @@ -1154,6 +1154,7 @@ uri_fuzzer_test: $(BINDIR)/$(CONFIG)/uri_fuzzer_test uri_parser_test: $(BINDIR)/$(CONFIG)/uri_parser_test alarm_test: $(BINDIR)/$(CONFIG)/alarm_test alts_concurrent_connectivity_test: $(BINDIR)/$(CONFIG)/alts_concurrent_connectivity_test +alts_context_test: $(BINDIR)/$(CONFIG)/alts_context_test alts_counter_test: $(BINDIR)/$(CONFIG)/alts_counter_test alts_crypt_test: $(BINDIR)/$(CONFIG)/alts_crypt_test alts_crypter_test: $(BINDIR)/$(CONFIG)/alts_crypter_test @@ -1412,14 +1413,14 @@ static: static_c static_cxx static_c: pc_c pc_c_unsecure cache.mk $(LIBDIR)/$(CONFIG)/libaddress_sorting.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgrpc_cronet.a $(LIBDIR)/$(CONFIG)/libgrpc_unsecure.a $(LIBDIR)/$(CONFIG)/libupb.a -static_cxx: pc_cxx pc_cxx_unsecure cache.mk $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBDIR)/$(CONFIG)/libgrpc++_error_details.a $(LIBDIR)/$(CONFIG)/libgrpc++_reflection.a $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.a $(LIBDIR)/$(CONFIG)/libgrpcpp_channelz.a +static_cxx: pc_cxx pc_cxx_unsecure cache.mk $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBDIR)/$(CONFIG)/libgrpc++_alts.a $(LIBDIR)/$(CONFIG)/libgrpc++_error_details.a $(LIBDIR)/$(CONFIG)/libgrpc++_reflection.a $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.a $(LIBDIR)/$(CONFIG)/libgrpcpp_channelz.a static_csharp: static_c $(LIBDIR)/$(CONFIG)/libgrpc_csharp_ext.a shared: shared_c shared_cxx shared_c: pc_c pc_c_unsecure cache.mk $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)address_sorting$(SHARED_VERSION_CORE).$(SHARED_EXT_CORE) $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)gpr$(SHARED_VERSION_CORE).$(SHARED_EXT_CORE) $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpc$(SHARED_VERSION_CORE).$(SHARED_EXT_CORE) $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpc_cronet$(SHARED_VERSION_CORE).$(SHARED_EXT_CORE) $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpc_unsecure$(SHARED_VERSION_CORE).$(SHARED_EXT_CORE) $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)upb$(SHARED_VERSION_CORE).$(SHARED_EXT_CORE) -shared_cxx: pc_cxx pc_cxx_unsecure cache.mk $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpc++$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpc++_error_details$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpc++_reflection$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpc++_unsecure$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpcpp_channelz$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) +shared_cxx: pc_cxx pc_cxx_unsecure cache.mk $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpc++$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpc++_alts$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpc++_error_details$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpc++_reflection$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpc++_unsecure$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpcpp_channelz$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) shared_csharp: shared_c $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpc_csharp_ext$(SHARED_VERSION_CSHARP).$(SHARED_EXT_CSHARP) grpc_csharp_ext: shared_csharp @@ -1634,6 +1635,7 @@ ifeq ($(EMBED_OPENSSL),true) buildtests_cxx: privatelibs_cxx \ $(BINDIR)/$(CONFIG)/alarm_test \ $(BINDIR)/$(CONFIG)/alts_concurrent_connectivity_test \ + $(BINDIR)/$(CONFIG)/alts_context_test \ $(BINDIR)/$(CONFIG)/alts_counter_test \ $(BINDIR)/$(CONFIG)/alts_crypt_test \ $(BINDIR)/$(CONFIG)/alts_crypter_test \ @@ -1806,6 +1808,7 @@ else buildtests_cxx: privatelibs_cxx \ $(BINDIR)/$(CONFIG)/alarm_test \ $(BINDIR)/$(CONFIG)/alts_concurrent_connectivity_test \ + $(BINDIR)/$(CONFIG)/alts_context_test \ $(BINDIR)/$(CONFIG)/alts_counter_test \ $(BINDIR)/$(CONFIG)/alts_crypt_test \ $(BINDIR)/$(CONFIG)/alts_crypter_test \ @@ -2244,6 +2247,8 @@ test_cxx: buildtests_cxx $(Q) $(BINDIR)/$(CONFIG)/alarm_test || ( echo test alarm_test failed ; exit 1 ) $(E) "[RUN] Testing alts_concurrent_connectivity_test" $(Q) $(BINDIR)/$(CONFIG)/alts_concurrent_connectivity_test || ( echo test alts_concurrent_connectivity_test failed ; exit 1 ) + $(E) "[RUN] Testing alts_context_test" + $(Q) $(BINDIR)/$(CONFIG)/alts_context_test || ( echo test alts_context_test failed ; exit 1 ) $(E) "[RUN] Testing alts_counter_test" $(Q) $(BINDIR)/$(CONFIG)/alts_counter_test || ( echo test alts_counter_test failed ; exit 1 ) $(E) "[RUN] Testing alts_crypt_test" @@ -2590,6 +2595,8 @@ strip-static_cxx: static_cxx ifeq ($(CONFIG),opt) $(E) "[STRIP] Stripping libgrpc++.a" $(Q) $(STRIP) $(LIBDIR)/$(CONFIG)/libgrpc++.a + $(E) "[STRIP] Stripping libgrpc++_alts.a" + $(Q) $(STRIP) $(LIBDIR)/$(CONFIG)/libgrpc++_alts.a $(E) "[STRIP] Stripping libgrpc++_error_details.a" $(Q) $(STRIP) $(LIBDIR)/$(CONFIG)/libgrpc++_error_details.a $(E) "[STRIP] Stripping libgrpc++_reflection.a" @@ -2620,6 +2627,8 @@ strip-shared_cxx: shared_cxx ifeq ($(CONFIG),opt) $(E) "[STRIP] Stripping $(SHARED_PREFIX)grpc++$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP)" $(Q) $(STRIP) $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpc++$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) + $(E) "[STRIP] Stripping $(SHARED_PREFIX)grpc++_alts$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP)" + $(Q) $(STRIP) $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpc++_alts$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(E) "[STRIP] Stripping $(SHARED_PREFIX)grpc++_error_details$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP)" $(Q) $(STRIP) $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpc++_error_details$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(E) "[STRIP] Stripping $(SHARED_PREFIX)grpc++_reflection$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP)" @@ -2697,6 +2706,38 @@ $(GENDIR)/src/proto/grpc/core/stats.grpc.pb.cc: src/proto/grpc/core/stats.proto $(Q) $(PROTOC) -Ithird_party/protobuf/src -I. --grpc_out=$(GENDIR) --plugin=protoc-gen-grpc=$(PROTOC_PLUGINS_DIR)/grpc_cpp_plugin$(EXECUTABLE_SUFFIX) $< endif +ifeq ($(NO_PROTOC),true) +$(GENDIR)/src/proto/grpc/gcp/altscontext.pb.cc: protoc_dep_error +$(GENDIR)/src/proto/grpc/gcp/altscontext.grpc.pb.cc: protoc_dep_error +else + +$(GENDIR)/src/proto/grpc/gcp/altscontext.pb.cc: src/proto/grpc/gcp/altscontext.proto $(PROTOBUF_DEP) $(PROTOC_PLUGINS) $(GENDIR)/src/proto/grpc/gcp/transport_security_common.pb.cc + $(E) "[PROTOC] Generating protobuf CC file from $<" + $(Q) mkdir -p `dirname $@` + $(Q) $(PROTOC) -Ithird_party/protobuf/src -I. --cpp_out=$(GENDIR) $< + +$(GENDIR)/src/proto/grpc/gcp/altscontext.grpc.pb.cc: src/proto/grpc/gcp/altscontext.proto $(GENDIR)/src/proto/grpc/gcp/altscontext.pb.cc $(PROTOBUF_DEP) $(PROTOC_PLUGINS) $(GENDIR)/src/proto/grpc/gcp/transport_security_common.pb.cc $(GENDIR)/src/proto/grpc/gcp/transport_security_common.grpc.pb.cc + $(E) "[GRPC] Generating gRPC's protobuf service CC file from $<" + $(Q) mkdir -p `dirname $@` + $(Q) $(PROTOC) -Ithird_party/protobuf/src -I. --grpc_out=$(GENDIR) --plugin=protoc-gen-grpc=$(PROTOC_PLUGINS_DIR)/grpc_cpp_plugin$(EXECUTABLE_SUFFIX) $< +endif + +ifeq ($(NO_PROTOC),true) +$(GENDIR)/src/proto/grpc/gcp/transport_security_common.pb.cc: protoc_dep_error +$(GENDIR)/src/proto/grpc/gcp/transport_security_common.grpc.pb.cc: protoc_dep_error +else + +$(GENDIR)/src/proto/grpc/gcp/transport_security_common.pb.cc: src/proto/grpc/gcp/transport_security_common.proto $(PROTOBUF_DEP) $(PROTOC_PLUGINS) + $(E) "[PROTOC] Generating protobuf CC file from $<" + $(Q) mkdir -p `dirname $@` + $(Q) $(PROTOC) -Ithird_party/protobuf/src -I. --cpp_out=$(GENDIR) $< + +$(GENDIR)/src/proto/grpc/gcp/transport_security_common.grpc.pb.cc: src/proto/grpc/gcp/transport_security_common.proto $(GENDIR)/src/proto/grpc/gcp/transport_security_common.pb.cc $(PROTOBUF_DEP) $(PROTOC_PLUGINS) + $(E) "[GRPC] Generating gRPC's protobuf service CC file from $<" + $(Q) mkdir -p `dirname $@` + $(Q) $(PROTOC) -Ithird_party/protobuf/src -I. --grpc_out=$(GENDIR) --plugin=protoc-gen-grpc=$(PROTOC_PLUGINS_DIR)/grpc_cpp_plugin$(EXECUTABLE_SUFFIX) $< +endif + ifeq ($(NO_PROTOC),true) $(GENDIR)/src/proto/grpc/health/v1/health.pb.cc: protoc_dep_error $(GENDIR)/src/proto/grpc/health/v1/health.grpc.pb.cc: protoc_dep_error @@ -3195,6 +3236,9 @@ install-static_cxx: static_cxx strip-static_cxx install-pkg-config_cxx $(E) "[INSTALL] Installing libgrpc++.a" $(Q) $(INSTALL) -d $(prefix)/lib $(Q) $(INSTALL) $(LIBDIR)/$(CONFIG)/libgrpc++.a $(prefix)/lib/libgrpc++.a + $(E) "[INSTALL] Installing libgrpc++_alts.a" + $(Q) $(INSTALL) -d $(prefix)/lib + $(Q) $(INSTALL) $(LIBDIR)/$(CONFIG)/libgrpc++_alts.a $(prefix)/lib/libgrpc++_alts.a $(E) "[INSTALL] Installing libgrpc++_error_details.a" $(Q) $(INSTALL) -d $(prefix)/lib $(Q) $(INSTALL) $(LIBDIR)/$(CONFIG)/libgrpc++_error_details.a $(prefix)/lib/libgrpc++_error_details.a @@ -3281,6 +3325,15 @@ ifeq ($(SYSTEM),MINGW32) else ifneq ($(SYSTEM),Darwin) $(Q) ln -sf $(SHARED_PREFIX)grpc++$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(prefix)/lib/libgrpc++.so.1 $(Q) ln -sf $(SHARED_PREFIX)grpc++$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(prefix)/lib/libgrpc++.so +endif + $(E) "[INSTALL] Installing $(SHARED_PREFIX)grpc++_alts$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP)" + $(Q) $(INSTALL) -d $(prefix)/lib + $(Q) $(INSTALL) $(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpc++_alts$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(prefix)/lib/$(SHARED_PREFIX)grpc++_alts$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) +ifeq ($(SYSTEM),MINGW32) + $(Q) $(INSTALL) $(LIBDIR)/$(CONFIG)/libgrpc++_alts$(SHARED_VERSION_CPP)-dll.a $(prefix)/lib/libgrpc++_alts.a +else ifneq ($(SYSTEM),Darwin) + $(Q) ln -sf $(SHARED_PREFIX)grpc++_alts$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(prefix)/lib/libgrpc++_alts.so.1 + $(Q) ln -sf $(SHARED_PREFIX)grpc++_alts$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(prefix)/lib/libgrpc++_alts.so endif $(E) "[INSTALL] Installing $(SHARED_PREFIX)grpc++_error_details$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP)" $(Q) $(INSTALL) -d $(prefix)/lib @@ -6225,6 +6278,79 @@ endif endif +LIBGRPC++_ALTS_SRC = \ + $(GENDIR)/src/proto/grpc/gcp/altscontext.pb.cc $(GENDIR)/src/proto/grpc/gcp/altscontext.grpc.pb.cc \ + $(GENDIR)/src/proto/grpc/gcp/transport_security_common.pb.cc $(GENDIR)/src/proto/grpc/gcp/transport_security_common.grpc.pb.cc \ + src/cpp/common/alts_context.cc \ + +PUBLIC_HEADERS_CXX += \ + include/grpcpp/alts_context.h \ + include/grpcpp/impl/codegen/security/auth_context.h \ + +LIBGRPC++_ALTS_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(LIBGRPC++_ALTS_SRC)))) + + +ifeq ($(NO_SECURE),true) + +# You can't build secure libraries if you don't have OpenSSL. + +$(LIBDIR)/$(CONFIG)/libgrpc++_alts.a: openssl_dep_error + +$(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpc++_alts$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP): openssl_dep_error + +else + +ifeq ($(NO_PROTOBUF),true) + +# You can't build a C++ library if you don't have protobuf - a bit overreached, but still okay. + +$(LIBDIR)/$(CONFIG)/libgrpc++_alts.a: protobuf_dep_error + +$(LIBDIR)/$(CONFIG)/$(SHARED_PREFIX)grpc++_alts$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP): protobuf_dep_error + +else + +$(LIBDIR)/$(CONFIG)/libgrpc++_alts.a: $(ZLIB_DEP) $(OPENSSL_DEP) $(CARES_DEP) $(ADDRESS_SORTING_DEP) $(UPB_DEP) $(PROTOBUF_DEP) $(LIBGRPC++_ALTS_OBJS) $(LIBGPR_OBJS) $(ZLIB_MERGE_OBJS) $(CARES_MERGE_OBJS) $(ADDRESS_SORTING_MERGE_OBJS) $(UPB_MERGE_OBJS) + $(E) "[AR] Creating $@" + $(Q) mkdir -p `dirname $@` + $(Q) rm -f $(LIBDIR)/$(CONFIG)/libgrpc++_alts.a + $(Q) $(AR) $(AROPTS) $(LIBDIR)/$(CONFIG)/libgrpc++_alts.a $(LIBGRPC++_ALTS_OBJS) $(LIBGPR_OBJS) $(ZLIB_MERGE_OBJS) $(CARES_MERGE_OBJS) $(ADDRESS_SORTING_MERGE_OBJS) $(UPB_MERGE_OBJS) +ifeq ($(SYSTEM),Darwin) + $(Q) ranlib -no_warning_for_no_symbols $(LIBDIR)/$(CONFIG)/libgrpc++_alts.a +endif + + + +ifeq ($(SYSTEM),MINGW32) +$(LIBDIR)/$(CONFIG)/grpc++_alts$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP): $(LIBGRPC++_ALTS_OBJS) $(ZLIB_DEP) $(CARES_DEP) $(ADDRESS_SORTING_DEP) $(UPB_DEP) $(PROTOBUF_DEP) $(LIBDIR)/$(CONFIG)/grpc++$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(OPENSSL_DEP) + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -shared -Wl,--output-def=$(LIBDIR)/$(CONFIG)/grpc++_alts$(SHARED_VERSION_CPP).def -Wl,--out-implib=$(LIBDIR)/$(CONFIG)/libgrpc++_alts$(SHARED_VERSION_CPP)-dll.a -o $(LIBDIR)/$(CONFIG)/grpc++_alts$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(LIBGRPC++_ALTS_OBJS) $(ZLIB_MERGE_LIBS) $(CARES_MERGE_LIBS) $(ADDRESS_SORTING_MERGE_LIBS) $(UPB_MERGE_LIBS) $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) -lgrpc++$(SHARED_VERSION_CPP)-dll +else +$(LIBDIR)/$(CONFIG)/libgrpc++_alts$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP): $(LIBGRPC++_ALTS_OBJS) $(ZLIB_DEP) $(CARES_DEP) $(ADDRESS_SORTING_DEP) $(UPB_DEP) $(PROTOBUF_DEP) $(LIBDIR)/$(CONFIG)/libgrpc++.$(SHARED_EXT_CPP) $(OPENSSL_DEP) + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` +ifeq ($(SYSTEM),Darwin) + $(Q) $(LDXX) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -install_name $(SHARED_PREFIX)grpc++_alts$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) -dynamiclib -o $(LIBDIR)/$(CONFIG)/libgrpc++_alts$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(LIBGRPC++_ALTS_OBJS) $(ZLIB_MERGE_LIBS) $(CARES_MERGE_LIBS) $(ADDRESS_SORTING_MERGE_LIBS) $(UPB_MERGE_LIBS) $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) -lgrpc++ +else + $(Q) $(LDXX) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -shared -Wl,-soname,libgrpc++_alts.so.1 -o $(LIBDIR)/$(CONFIG)/libgrpc++_alts$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(LIBGRPC++_ALTS_OBJS) $(ZLIB_MERGE_LIBS) $(CARES_MERGE_LIBS) $(ADDRESS_SORTING_MERGE_LIBS) $(UPB_MERGE_LIBS) $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) -lgrpc++ + $(Q) ln -sf $(SHARED_PREFIX)grpc++_alts$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(LIBDIR)/$(CONFIG)/libgrpc++_alts$(SHARED_VERSION_CPP).so.1 + $(Q) ln -sf $(SHARED_PREFIX)grpc++_alts$(SHARED_VERSION_CPP).$(SHARED_EXT_CPP) $(LIBDIR)/$(CONFIG)/libgrpc++_alts$(SHARED_VERSION_CPP).so +endif +endif + +endif + +endif + +ifneq ($(NO_SECURE),true) +ifneq ($(NO_DEPS),true) +-include $(LIBGRPC++_ALTS_OBJS:.o=.dep) +endif +endif +$(OBJDIR)/$(CONFIG)/src/cpp/common/alts_context.o: $(GENDIR)/src/proto/grpc/gcp/altscontext.pb.cc $(GENDIR)/src/proto/grpc/gcp/altscontext.grpc.pb.cc $(GENDIR)/src/proto/grpc/gcp/transport_security_common.pb.cc $(GENDIR)/src/proto/grpc/gcp/transport_security_common.grpc.pb.cc + + LIBGRPC++_CORE_STATS_SRC = \ $(GENDIR)/src/proto/grpc/core/stats.pb.cc $(GENDIR)/src/proto/grpc/core/stats.grpc.pb.cc \ src/cpp/util/core_stats.cc \ @@ -13815,6 +13941,49 @@ $(OBJDIR)/$(CONFIG)/test/core/tsi/alts/fake_handshaker/fake_handshaker_server.o: $(OBJDIR)/$(CONFIG)/test/core/tsi/alts/handshaker/alts_concurrent_connectivity_test.o: $(GENDIR)/test/core/tsi/alts/fake_handshaker/handshaker.pb.cc $(GENDIR)/test/core/tsi/alts/fake_handshaker/handshaker.grpc.pb.cc $(GENDIR)/test/core/tsi/alts/fake_handshaker/transport_security_common.pb.cc $(GENDIR)/test/core/tsi/alts/fake_handshaker/transport_security_common.grpc.pb.cc +ALTS_CONTEXT_TEST_SRC = \ + test/cpp/common/alts_context_test.cc \ + +ALTS_CONTEXT_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(ALTS_CONTEXT_TEST_SRC)))) +ifeq ($(NO_SECURE),true) + +# You can't build secure targets if you don't have OpenSSL. + +$(BINDIR)/$(CONFIG)/alts_context_test: openssl_dep_error + +else + + + + +ifeq ($(NO_PROTOBUF),true) + +# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.5.0+. + +$(BINDIR)/$(CONFIG)/alts_context_test: protobuf_dep_error + +else + +$(BINDIR)/$(CONFIG)/alts_context_test: $(PROTOBUF_DEP) $(ALTS_CONTEXT_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgrpc++_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc++_alts.a $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc++_test_config.a + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) $(ALTS_CONTEXT_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgrpc++_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc++_alts.a $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc++_test_config.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/alts_context_test + +endif + +endif + +$(OBJDIR)/$(CONFIG)/test/cpp/common/alts_context_test.o: $(LIBDIR)/$(CONFIG)/libgrpc++_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc++_alts.a $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc++_test_config.a + +deps_alts_context_test: $(ALTS_CONTEXT_TEST_OBJS:.o=.dep) + +ifneq ($(NO_SECURE),true) +ifneq ($(NO_DEPS),true) +-include $(ALTS_CONTEXT_TEST_OBJS:.o=.dep) +endif +endif + + ALTS_COUNTER_TEST_SRC = \ test/core/tsi/alts/frame_protector/alts_counter_test.cc \ @@ -23232,6 +23401,7 @@ src/core/tsi/ssl_transport_security.cc: $(OPENSSL_DEP) src/core/tsi/transport_security.cc: $(OPENSSL_DEP) src/core/tsi/transport_security_grpc.cc: $(OPENSSL_DEP) src/cpp/client/secure_credentials.cc: $(OPENSSL_DEP) +src/cpp/common/alts_context.cc: $(OPENSSL_DEP) src/cpp/common/auth_property_iterator.cc: $(OPENSSL_DEP) src/cpp/common/secure_auth_context.cc: $(OPENSSL_DEP) src/cpp/common/secure_channel_arguments.cc: $(OPENSSL_DEP) diff --git a/build.yaml b/build.yaml index 7b35307df7e..b26ed6eddc7 100644 --- a/build.yaml +++ b/build.yaml @@ -1881,6 +1881,19 @@ libs: - grpc++_codegen_proto - grpc++_codegen_base_src secure: check +- name: grpc++_alts + build: all + language: c++ + public_headers: + - include/grpcpp/alts_context.h + - include/grpcpp/impl/codegen/security/auth_context.h + src: + - src/proto/grpc/gcp/altscontext.proto + - src/proto/grpc/gcp/transport_security_common.proto + - src/cpp/common/alts_context.cc + deps: + - grpc++ + baselib: true - name: grpc++_core_stats build: private language: c++ @@ -3937,6 +3950,19 @@ targets: - grpc++_test_config platforms: - linux +- name: alts_context_test + build: test + language: c++ + src: + - test/cpp/common/alts_context_test.cc + deps: + - grpc++_test_util + - grpc_test_util + - grpc++_alts + - grpc++ + - grpc + - gpr + - grpc++_test_config - name: alts_counter_test build: test language: c++ diff --git a/grpc.gyp b/grpc.gyp index 5b6dbd3d44b..cf41f2dc1c8 100644 --- a/grpc.gyp +++ b/grpc.gyp @@ -1754,6 +1754,18 @@ 'src/cpp/codegen/codegen_init.cc', ], }, + { + 'target_name': 'grpc++_alts', + 'type': 'static_library', + 'dependencies': [ + 'grpc++', + ], + 'sources': [ + 'src/proto/grpc/gcp/altscontext.proto', + 'src/proto/grpc/gcp/transport_security_common.proto', + 'src/cpp/common/alts_context.cc', + ], + }, { 'target_name': 'grpc++_core_stats', 'type': 'static_library', diff --git a/include/grpcpp/alts_context.h b/include/grpcpp/alts_context.h new file mode 100644 index 00000000000..ae4ce2bf69a --- /dev/null +++ b/include/grpcpp/alts_context.h @@ -0,0 +1,39 @@ +/* + * + * Copyright 2019 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPCPP_ALTS_CONTEXT_H +#define GRPCPP_ALTS_CONTEXT_H + +#include +#include + +namespace grpc { + +namespace gcp { +class AltsContext; +} // namespace gcp + +// GetAltsContextFromAuthContext helps to get the AltsContext from AuthContext. +// Please make sure the underlying protocol is ALTS before calling this +// function. Otherwise a nullptr will be returned. +std::unique_ptr GetAltsContextFromAuthContext( + const AuthContext& auth_context); + +} // namespace grpc + +#endif // GRPCPP_ALTS_CONTEXT_H diff --git a/src/cpp/common/alts_context.cc b/src/cpp/common/alts_context.cc new file mode 100644 index 00000000000..5e41a8797a9 --- /dev/null +++ b/src/cpp/common/alts_context.cc @@ -0,0 +1,44 @@ +/* + * + * Copyright 2019 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include +#include + +#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h" +#include "src/cpp/common/secure_auth_context.h" +#include "src/proto/grpc/gcp/altscontext.pb.h" + +namespace grpc { +std::unique_ptr GetAltsContextFromAuthContext( + const AuthContext& auth_context) { + std::vector ctx_vector = + auth_context.FindPropertyValues(TSI_ALTS_CONTEXT); + if (ctx_vector.size() != 1) { + gpr_log(GPR_ERROR, "contains zero or more than one ALTS context."); + return nullptr; + } + std::unique_ptr uniq_ctx(new gcp::AltsContext()); + bool success = uniq_ctx.get()->ParseFromArray(ctx_vector[0].data(), + ctx_vector[0].size()); + if (!success) { + gpr_log(GPR_ERROR, "fails to parse ALTS context."); + return nullptr; + } + return uniq_ctx; +} +} // namespace grpc diff --git a/src/proto/grpc/gcp/BUILD b/src/proto/grpc/gcp/BUILD index 1c22d89e464..f93de9c7a1b 100644 --- a/src/proto/grpc/gcp/BUILD +++ b/src/proto/grpc/gcp/BUILD @@ -23,3 +23,11 @@ proto_library( ], visibility = ["//visibility:public"], ) + +cc_proto_library( + name = "alts_handshaker_cc_proto", + visibility = ["//visibility:public"], + deps = [ + "alts_handshaker_proto", + ], +) diff --git a/test/cpp/common/BUILD b/test/cpp/common/BUILD index 05e7bda330a..c6fc9a8ed91 100644 --- a/test/cpp/common/BUILD +++ b/test/cpp/common/BUILD @@ -108,3 +108,16 @@ grpc_cc_test( "//test/cpp/util:test_util", ], ) + +grpc_cc_test( + name = "alts_context_test", + srcs = ["alts_context_test.cc"], + external_deps = [ + "gtest", + ], + deps = [ + "//:grpc++_alts", + "//test/core/util:grpc_test_util", + "//test/cpp/util:test_util", + ], +) diff --git a/test/cpp/common/alts_context_test.cc b/test/cpp/common/alts_context_test.cc new file mode 100644 index 00000000000..a3b77e2f1aa --- /dev/null +++ b/test/cpp/common/alts_context_test.cc @@ -0,0 +1,96 @@ +/* + * + * Copyright 2019 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include +#include + +#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h" +#include "src/cpp/common/secure_auth_context.h" +#include "src/proto/grpc/gcp/altscontext.pb.h" +#include "test/cpp/util/string_ref_helper.h" + +#include + +using grpc::testing::ToString; + +namespace grpc { +namespace { + +TEST(AltsContextTest, EmptyAuthContext) { + SecureAuthContext context(nullptr); + std::unique_ptr alts_context = + GetAltsContextFromAuthContext(context); + EXPECT_EQ(alts_context.get(), nullptr); +} + +TEST(AltsContextTest, AuthContextWithMoreThanOneAltsContext) { + grpc_core::RefCountedPtr ctx = + grpc_core::MakeRefCounted(nullptr); + SecureAuthContext context(ctx.get()); + ctx.reset(); + context.AddProperty(TSI_ALTS_CONTEXT, "context1"); + context.AddProperty(TSI_ALTS_CONTEXT, "context2"); + std::unique_ptr alts_context = + GetAltsContextFromAuthContext(context); + EXPECT_EQ(alts_context.get(), nullptr); +} + +TEST(AltsContextTest, AuthContextWithBadAltsContext) { + grpc_core::RefCountedPtr ctx = + grpc_core::MakeRefCounted(nullptr); + SecureAuthContext context(ctx.get()); + ctx.reset(); + context.AddProperty(TSI_ALTS_CONTEXT, "bad context string serialization"); + std::unique_ptr alts_context = + GetAltsContextFromAuthContext(context); + EXPECT_EQ(alts_context.get(), nullptr); +} + +TEST(AltsContextTest, AuthContextWithGoodAltsContext) { + grpc_core::RefCountedPtr ctx = + grpc_core::MakeRefCounted(nullptr); + SecureAuthContext context(ctx.get()); + ctx.reset(); + std::string expected_application_protocol("application protocol"); + std::string expected_record_protocol("record protocol"); + std::string expected_peer_id("peer"); + std::string expected_local_id("local"); + gcp::AltsContext expect_alts_ctx; + expect_alts_ctx.set_application_protocol(expected_application_protocol); + expect_alts_ctx.set_record_protocol(expected_record_protocol); + expect_alts_ctx.set_peer_service_account(expected_peer_id); + expect_alts_ctx.set_local_service_account(expected_local_id); + std::string serialized_alts_ctx; + bool success = expect_alts_ctx.SerializeToString(&serialized_alts_ctx); + EXPECT_TRUE(success); + context.AddProperty(TSI_ALTS_CONTEXT, serialized_alts_ctx); + std::unique_ptr alts_ctx = + GetAltsContextFromAuthContext(context); + EXPECT_EQ(expected_application_protocol, alts_ctx->application_protocol()); + EXPECT_EQ(expected_record_protocol, alts_ctx->record_protocol()); + EXPECT_EQ(expected_peer_id, alts_ctx->peer_service_account()); + EXPECT_EQ(expected_local_id, alts_ctx->local_service_account()); +} + +} // namespace +} // namespace grpc + +int main(int argc, char** argv) { + ::testing::InitGoogleTest(&argc, argv); + return RUN_ALL_TESTS(); +} diff --git a/tools/run_tests/generated/tests.json b/tools/run_tests/generated/tests.json index 0f3920e95fc..52a49d900bf 100644 --- a/tools/run_tests/generated/tests.json +++ b/tools/run_tests/generated/tests.json @@ -3031,6 +3031,30 @@ ], "uses_polling": true }, + { + "args": [], + "benchmark": false, + "ci_platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "cpu_cost": 1.0, + "exclude_configs": [], + "exclude_iomgrs": [], + "flaky": false, + "gtest": false, + "language": "c++", + "name": "alts_context_test", + "platforms": [ + "linux", + "mac", + "posix", + "windows" + ], + "uses_polling": true + }, { "args": [], "benchmark": false,