Load default roots.pem in Node via grpc_set_ssl_roots_override_callback

pull/6325/head
murgatroid99 9 years ago
parent cca098e77c
commit 6f6076659f
  1. 35
      src/node/ext/node_grpc.cc
  2. 7
      src/node/index.js

@ -35,6 +35,8 @@
#include <nan.h> #include <nan.h>
#include <v8.h> #include <v8.h>
#include "grpc/grpc.h" #include "grpc/grpc.h"
#include "grpc/grpc_security.h"
#include "grpc/support/alloc.h"
#include "call.h" #include "call.h"
#include "call_credentials.h" #include "call_credentials.h"
@ -51,6 +53,8 @@ using v8::Object;
using v8::Uint32; using v8::Uint32;
using v8::String; using v8::String;
static char *pem_root_certs = NULL;
void InitStatusConstants(Local<Object> exports) { void InitStatusConstants(Local<Object> exports) {
Nan::HandleScope scope; Nan::HandleScope scope;
Local<Object> status = Nan::New<Object>(); Local<Object> status = Nan::New<Object>();
@ -268,9 +272,36 @@ NAN_METHOD(MetadataKeyIsBinary) {
grpc_is_binary_header(key_str, static_cast<size_t>(key->Length())))); grpc_is_binary_header(key_str, static_cast<size_t>(key->Length()))));
} }
static grpc_ssl_roots_override_result get_ssl_roots_override(
char **pem_root_certs_ptr) {
*pem_root_certs_ptr = pem_root_certs;
if (pem_root_certs == NULL) {
return GRPC_SSL_ROOTS_OVERRIDE_FAIL;
} else {
return GRPC_SSL_ROOTS_OVERRIDE_OK;
}
}
/* This should only be called once, and only before creating any
*ServerCredentials */
NAN_METHOD(SetDefaultRootsPem) {
if (!info[0]->IsString()) {
return Nan::ThrowTypeError(
"setDefaultRootsPem's argument must be a string");
}
Nan::Utf8String utf8_roots(info[0]);
size_t length = static_cast<size_t>(utf8_roots.length());
if (length > 0) {
const char *data = *utf8_roots;
pem_root_certs = (char *)gpr_malloc((length + 1) * sizeof(char));
memcpy(pem_root_certs, data, length + 1);
}
}
void init(Local<Object> exports) { void init(Local<Object> exports) {
Nan::HandleScope scope; Nan::HandleScope scope;
grpc_init(); grpc_init();
grpc_set_ssl_roots_override_callback(get_ssl_roots_override);
InitStatusConstants(exports); InitStatusConstants(exports);
InitCallErrorConstants(exports); InitCallErrorConstants(exports);
InitOpTypeConstants(exports); InitOpTypeConstants(exports);
@ -298,6 +329,10 @@ void init(Local<Object> exports) {
Nan::GetFunction( Nan::GetFunction(
Nan::New<FunctionTemplate>(MetadataKeyIsBinary) Nan::New<FunctionTemplate>(MetadataKeyIsBinary)
).ToLocalChecked()); ).ToLocalChecked());
Nan::Set(exports, Nan::New("setDefaultRootsPem").ToLocalChecked(),
Nan::GetFunction(
Nan::New<FunctionTemplate>(SetDefaultRootsPem)
).ToLocalChecked());
} }
NODE_MODULE(grpc_node, init) NODE_MODULE(grpc_node, init)

@ -34,13 +34,10 @@
'use strict'; 'use strict';
var path = require('path'); var path = require('path');
var fs = require('fs');
var SSL_ROOTS_PATH = path.resolve(__dirname, '..', '..', 'etc', 'roots.pem'); var SSL_ROOTS_PATH = path.resolve(__dirname, '..', '..', 'etc', 'roots.pem');
if (!process.env.GRPC_DEFAULT_SSL_ROOTS_FILE_PATH) {
process.env.GRPC_DEFAULT_SSL_ROOTS_FILE_PATH = SSL_ROOTS_PATH;
}
var _ = require('lodash'); var _ = require('lodash');
var ProtoBuf = require('protobufjs'); var ProtoBuf = require('protobufjs');
@ -53,6 +50,8 @@ var Metadata = require('./src/metadata.js');
var grpc = require('./src/grpc_extension'); var grpc = require('./src/grpc_extension');
grpc.setDefaultRootsPem(fs.readFileSync(SSL_ROOTS_PATH, 'ascii'));
/** /**
* Load a gRPC object from an existing ProtoBuf.Reflect object. * Load a gRPC object from an existing ProtoBuf.Reflect object.
* @param {ProtoBuf.Reflect.Namespace} value The ProtoBuf object to load. * @param {ProtoBuf.Reflect.Namespace} value The ProtoBuf object to load.

Loading…
Cancel
Save