Merge github.com:grpc/grpc into proxy-crash

test/core/bad_ssl/bad_ssl_test.c

@@ -0,0 +1,171 @@
+/*
+ *
+ * Copyright 2015, Google Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ *     * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <string.h>
+#include <stdio.h>
+
+#include <grpc/grpc.h>
+#include <grpc/grpc_security.h>
+#include <grpc/support/alloc.h>
+#include <grpc/support/host_port.h>
+#include <grpc/support/log.h>
+#include <grpc/support/string_util.h>
+#include <grpc/support/subprocess.h>
+#include "src/core/support/string.h"
+#include "test/core/util/port.h"
+#include "test/core/end2end/cq_verifier.h"
+#include "test/core/util/test_config.h"
+
+static void *tag(gpr_intptr t) { return (void *)t; }
+
+static void run_test(const char *target, size_t nops) {
+  grpc_channel_credentials *ssl_creds =
+      grpc_ssl_credentials_create(NULL, NULL, NULL);
+  grpc_channel *channel;
+  grpc_call *c;
+
+  grpc_metadata_array initial_metadata_recv;
+  grpc_metadata_array trailing_metadata_recv;
+  char *details = NULL;
+  size_t details_capacity = 0;
+  grpc_status_code status;
+  grpc_call_error error;
+  gpr_timespec deadline = GRPC_TIMEOUT_SECONDS_TO_DEADLINE(5);
+  grpc_completion_queue *cq = grpc_completion_queue_create(NULL);
+  cq_verifier *cqv = cq_verifier_create(cq);
+
+  grpc_op ops[6];
+  grpc_op *op;
+
+  grpc_arg ssl_name_override = {GRPC_ARG_STRING,
+                                GRPC_SSL_TARGET_NAME_OVERRIDE_ARG,
+                                {"foo.test.google.fr"}};
+  grpc_channel_args args;
+
+  args.num_args = 1;
+  args.args = &ssl_name_override;
+
+  grpc_metadata_array_init(&initial_metadata_recv);
+  grpc_metadata_array_init(&trailing_metadata_recv);
+
+  channel = grpc_secure_channel_create(ssl_creds, target, &args, NULL);
+  c = grpc_channel_create_call(channel, NULL, GRPC_PROPAGATE_DEFAULTS, cq,
+                               "/foo", "foo.test.google.fr:1234", deadline,
+                               NULL);
+
+  op = ops;
+  op->op = GRPC_OP_SEND_INITIAL_METADATA;
+  op->data.send_initial_metadata.count = 0;
+  op->flags = 0;
+  op->reserved = NULL;
+  op++;
+  op->op = GRPC_OP_RECV_STATUS_ON_CLIENT;
+  op->data.recv_status_on_client.trailing_metadata = &trailing_metadata_recv;
+  op->data.recv_status_on_client.status = &status;
+  op->data.recv_status_on_client.status_details = &details;
+  op->data.recv_status_on_client.status_details_capacity = &details_capacity;
+  op->flags = 0;
+  op->reserved = NULL;
+  op++;
+  op->op = GRPC_OP_RECV_INITIAL_METADATA;
+  op->data.recv_initial_metadata = &initial_metadata_recv;
+  op->flags = 0;
+  op->reserved = NULL;
+  op++;
+  op->op = GRPC_OP_SEND_CLOSE_FROM_CLIENT;
+  op->flags = 0;
+  op->reserved = NULL;
+  op++;
+  error = grpc_call_start_batch(c, ops, nops, tag(1), NULL);
+  GPR_ASSERT(GRPC_CALL_OK == error);
+
+  cq_expect_completion(cqv, tag(1), 1);
+  cq_verify(cqv);
+
+  GPR_ASSERT(status != GRPC_STATUS_OK);
+
+  grpc_call_destroy(c);
+  gpr_free(details);
+  grpc_metadata_array_destroy(&initial_metadata_recv);
+  grpc_metadata_array_destroy(&trailing_metadata_recv);
+
+  grpc_channel_destroy(channel);
+  grpc_completion_queue_destroy(cq);
+  cq_verifier_destroy(cqv);
+  grpc_channel_credentials_release(ssl_creds);
+}
+
+int main(int argc, char **argv) {
+  char *me = argv[0];
+  char *lslash = strrchr(me, '/');
+  char *lunder = strrchr(me, '_');
+  char *tmp;
+  char root[1024];
+  char test[64];
+  int port = grpc_pick_unused_port_or_die();
+  char *args[10];
+  int status;
+  size_t i;
+  gpr_subprocess *svr;
+  /* figure out where we are */
+  if (lslash) {
+    memcpy(root, me, (size_t)(lslash - me));
+    root[lslash - me] = 0;
+  } else {
+    strcpy(root, ".");
+  }
+  /* figure out our test name */
+  tmp = lunder - 1;
+  while (*tmp != '_') tmp--;
+  tmp++;
+  memcpy(test, tmp, (size_t)(lunder - tmp));
+  /* start the server */
+  gpr_asprintf(&args[0], "%s/bad_ssl_%s_server%s", root, test,
+               gpr_subprocess_binary_extension());
+  args[1] = "--bind";
+  gpr_join_host_port(&args[2], "::", port);
+  svr = gpr_subprocess_create(4, (const char **)args);
+  gpr_free(args[0]);
+
+  for (i = 3; i <= 4; i++) {
+    grpc_init();
+    run_test(args[2], i);
+    grpc_shutdown();
+  }
+  gpr_free(args[2]);
+  
+  gpr_subprocess_interrupt(svr);
+  status = gpr_subprocess_join(svr);
+  gpr_subprocess_destroy(svr);
+  return status;
+}

test/core/bad_ssl/gen_build_yaml.py

@@ -0,0 +1,104 @@
+#!/usr/bin/env python2.7
+# Copyright 2015, Google Inc.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+#     * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+#     * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+"""Generates the appropriate build.json data for all the end2end tests."""
+
+
+import collections
+import yaml
+
+TestOptions = collections.namedtuple('TestOptions', 'flaky')
+default_test_options = TestOptions(False)
+
+# maps test names to options
+BAD_CLIENT_TESTS = {
+  'cert': default_test_options,
+  'alpn': default_test_options,
+}
+
+def main():
+  json = {
+      '#': 'generated with test/bad_ssl/gen_build_json.py',
+      'libs': [
+          {
+              'name': 'bad_ssl_test_server',
+              'build': 'private',
+              'language': 'c',
+              'src': ['test/core/bad_ssl/server.c'],
+              'headers': ['test/core/bad_ssl/server.h'],
+              'vs_proj_dir': 'test',
+              'platforms': ['linux', 'posix', 'mac'],
+              'deps': [
+                  'grpc_test_util',
+                  'grpc',
+                  'gpr_test_util',
+                  'gpr'
+              ]
+          }
+      ],
+      'targets': [
+          {
+              'name': 'bad_ssl_%s_server' % t,
+              'build': 'test',
+              'language': 'c',
+              'run': False,
+              'src': ['test/core/bad_ssl/servers/%s.c' % t],
+              'vs_proj_dir': 'test',
+              'platforms': ['linux', 'posix', 'mac'],
+              'deps': [
+                  'bad_ssl_test_server',
+                  'grpc_test_util',
+                  'grpc',
+                  'gpr_test_util',
+                  'gpr'
+              ]
+          }
+      for t in sorted(BAD_CLIENT_TESTS.keys())] + [
+          {
+              'name': 'bad_ssl_%s_test' % t,
+              'build': 'test',
+              'language': 'c',
+              'src': ['test/core/bad_ssl/bad_ssl_test.c'],
+              'vs_proj_dir': 'test',
+              'platforms': ['linux', 'posix', 'mac'],
+              'deps': [
+                  'grpc_test_util',
+                  'grpc',
+                  'gpr_test_util',
+                  'gpr'
+              ]
+          }
+      for t in sorted(BAD_CLIENT_TESTS.keys())]}
+  print yaml.dump(json)
+
+
+if __name__ == '__main__':
+  main()

test/core/bad_ssl/server.c

@@ -0,0 +1,114 @@
+/*
+ *
+ * Copyright 2015, Google Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ *     * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <grpc/support/cmdline.h>
+#include <grpc/support/log.h>
+#include <signal.h>
+
+#include "test/core/bad_ssl/server.h"
+#include "test/core/util/test_config.h"
+
+/* Common server implementation details for all servers in servers/.
+ * There's nothing *wrong* with these servers per-se, but they are
+ * configured to cause some failure case in the SSL connection path.
+ */
+
+static int got_sigint = 0;
+
+static void sigint_handler(int x) { got_sigint = 1; }
+
+const char *bad_ssl_addr(int argc, char **argv) {
+  gpr_cmdline *cl;
+  char *addr = NULL;
+  cl = gpr_cmdline_create("test server");
+  gpr_cmdline_add_string(cl, "bind", "Bind host:port", &addr);
+  gpr_cmdline_parse(cl, argc, argv);
+  gpr_cmdline_destroy(cl);
+  GPR_ASSERT(addr);
+  return addr;
+}
+
+void bad_ssl_run(grpc_server *server) {
+  int shutdown_started = 0;
+  int shutdown_finished = 0;
+  grpc_event ev;
+  grpc_call_error error;
+  grpc_call *s = NULL;
+  grpc_call_details call_details;
+  grpc_metadata_array request_metadata_recv;
+  grpc_completion_queue *cq = grpc_completion_queue_create(NULL);
+
+  grpc_call_details_init(&call_details);
+  grpc_metadata_array_init(&request_metadata_recv);
+
+  grpc_server_register_completion_queue(server, cq, NULL);
+  grpc_server_start(server);
+
+  error =
+      grpc_server_request_call(server, &s, &call_details,
+                               &request_metadata_recv, cq, cq, (void*)1);
+  GPR_ASSERT(GRPC_CALL_OK == error);
+
+  signal(SIGINT, sigint_handler);
+  while (!shutdown_finished) {
+    if (got_sigint && !shutdown_started) {
+      gpr_log(GPR_INFO, "Shutting down due to SIGINT");
+      grpc_server_shutdown_and_notify(server, cq, NULL);
+      GPR_ASSERT(grpc_completion_queue_pluck(
+                     cq, NULL, GRPC_TIMEOUT_SECONDS_TO_DEADLINE(5), NULL)
+                     .type == GRPC_OP_COMPLETE);
+      grpc_completion_queue_shutdown(cq);
+      shutdown_started = 1;
+    }
+    ev = grpc_completion_queue_next(
+        cq, gpr_time_add(gpr_now(GPR_CLOCK_REALTIME),
+                         gpr_time_from_micros(1000000, GPR_TIMESPAN)),
+        NULL);
+    switch (ev.type) {
+      case GRPC_OP_COMPLETE:
+        GPR_ASSERT(ev.tag == (void*)1);
+        GPR_ASSERT(ev.success == 0);
+        break;
+      case GRPC_QUEUE_SHUTDOWN:
+        GPR_ASSERT(shutdown_started);
+        shutdown_finished = 1;
+        break;
+      case GRPC_QUEUE_TIMEOUT:
+        break;
+    }
+  }
+
+  GPR_ASSERT(s == NULL);
+  grpc_call_details_destroy(&call_details);
+  grpc_metadata_array_destroy(&request_metadata_recv);
+}

test/core/bad_ssl/server.h

@@ -0,0 +1,42 @@
+/*
+ *
+ * Copyright 2015, Google Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ *     * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef GRPC_TEST_CORE_BAD_SSL_SERVER_H
+#define GRPC_TEST_CORE_BAD_SSL_SERVER_H
+
+#include <grpc/grpc.h>
+
+const char *bad_ssl_addr(int argc, char **argv);
+void bad_ssl_run(grpc_server *server);
+
+#endif /* GRPC_TEST_CORE_BAD_SSL_SERVER_H */

test/core/bad_ssl/servers/alpn.c

@@ -0,0 +1,86 @@
+/*
+ *
+ * Copyright 2015, Google Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ *     * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <string.h>
+
+#include <grpc/grpc.h>
+#include <grpc/grpc_security.h>
+#include <grpc/support/log.h>
+#include <grpc/support/useful.h>
+
+#include "src/core/transport/chttp2/alpn.h"
+#include "test/core/bad_ssl/server.h"
+#include "test/core/end2end/data/ssl_test_data.h"
+
+/* This test starts a server that is configured to advertise (via alpn and npn)
+ * a protocol that the connecting client does not support. It does this by
+ * overriding the functions declared in alpn.c from the core library. */
+
+static const char *const fake_versions[] = {"not-h2"};
+
+int grpc_chttp2_is_alpn_version_supported(const char *version, size_t size) {
+  size_t i;
+  for (i = 0; i < GPR_ARRAY_SIZE(fake_versions); i++) {
+    if (!strncmp(version, fake_versions[i], size)) return 1;
+  }
+  return 0;
+}
+
+size_t grpc_chttp2_num_alpn_versions(void) {
+  return GPR_ARRAY_SIZE(fake_versions);
+}
+
+const char *grpc_chttp2_get_alpn_version_index(size_t i) {
+  GPR_ASSERT(i < GPR_ARRAY_SIZE(fake_versions));
+  return fake_versions[i];
+}
+
+int main(int argc, char **argv) {
+  const char *addr = bad_ssl_addr(argc, argv);
+  grpc_ssl_pem_key_cert_pair pem_key_cert_pair = {test_server1_key,
+                                                  test_server1_cert};
+  grpc_server_credentials *ssl_creds;
+  grpc_server *server;
+
+  grpc_init();
+  ssl_creds =
+      grpc_ssl_server_credentials_create(NULL, &pem_key_cert_pair, 1, 0, NULL);
+  server = grpc_server_create(NULL, NULL);
+  GPR_ASSERT(grpc_server_add_secure_http2_port(server, addr, ssl_creds));
+  grpc_server_credentials_release(ssl_creds);
+
+  bad_ssl_run(server);
+  grpc_shutdown();
+
+  return 0;
+}

test/core/bad_ssl/servers/cert.c

@@ -0,0 +1,79 @@
+/*
+ *
+ * Copyright 2015, Google Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ *     * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <string.h>
+
+#include <grpc/grpc.h>
+#include <grpc/grpc_security.h>
+#include <grpc/support/log.h>
+#include <grpc/support/useful.h>
+
+#include "src/core/support/file.h"
+
+#include "test/core/bad_ssl/server.h"
+#include "test/core/end2end/data/ssl_test_data.h"
+
+/* This server will present an untrusted cert to the connecting client,
+ * causing the SSL handshake to fail */
+
+int main(int argc, char **argv) {
+  const char *addr = bad_ssl_addr(argc, argv);
+  grpc_ssl_pem_key_cert_pair pem_key_cert_pair;
+  grpc_server_credentials *ssl_creds;
+  grpc_server *server;
+  gpr_slice cert_slice, key_slice;
+  int ok;
+
+  grpc_init();
+
+  cert_slice = gpr_load_file("src/core/tsi/test_creds/badserver.pem", 1, &ok);
+  GPR_ASSERT(ok);
+  key_slice = gpr_load_file("src/core/tsi/test_creds/badserver.key", 1, &ok);
+  GPR_ASSERT(ok);
+  pem_key_cert_pair.private_key = (const char *)GPR_SLICE_START_PTR(key_slice);
+  pem_key_cert_pair.cert_chain = (const char *)GPR_SLICE_START_PTR(cert_slice);
+
+  ssl_creds =
+      grpc_ssl_server_credentials_create(NULL, &pem_key_cert_pair, 1, 0, NULL);
+  server = grpc_server_create(NULL, NULL);
+  GPR_ASSERT(grpc_server_add_secure_http2_port(server, addr, ssl_creds));
+  grpc_server_credentials_release(ssl_creds);
+
+  gpr_slice_unref(cert_slice);
+  gpr_slice_unref(key_slice);
+
+  bad_ssl_run(server);
+  grpc_shutdown();
+
+  return 0;
+}

test/core/httpcli/httpcli_test.c

@@ -151,11 +151,11 @@ int main(int argc, char **argv) {
     /* figure out where we are */
     char *root;
     if (lslash) {
-      root = gpr_malloc(lslash - me + 1);
+      root = gpr_malloc((size_t)(lslash - me + 1));
       memcpy(root, me, (size_t)(lslash - me));
       root[lslash - me] = 0;
     } else {
-      root = strdup(".");
+      root = gpr_strdup(".");
     }
     gpr_asprintf(&args[0], "%s/../../test/core/httpcli/test_server.py", root);
     gpr_free(root);

test/core/httpcli/httpscli_test.c

@@ -153,11 +153,11 @@ int main(int argc, char **argv) {
     /* figure out where we are */
     char *root;
     if (lslash) {
-      root = gpr_malloc(lslash - me + 1);
+      root = gpr_malloc((size_t)(lslash - me + 1));
       memcpy(root, me, (size_t)(lslash - me));
       root[lslash - me] = 0;
     } else {
-      strcpy(root, ".");
+      root = gpr_strdup(".");
     }
     gpr_asprintf(&args[0], "%s/../../test/core/httpcli/test_server.py", root);
     gpr_free(root);

tools/buildgen/generate_build_additions.sh

@@ -28,7 +28,7 @@
 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-gen_build_yaml_dirs="test/core/end2end test/core/bad_client"
+gen_build_yaml_dirs="test/core/end2end test/core/bad_client test/core/bad_ssl"
 gen_build_files=""
 for gen_build_yaml in $gen_build_yaml_dirs
 do

tools/http2_interop/s6.5.go

@@ -1,6 +1,7 @@
 package http2interop
 
 import (
+	"fmt"
 	"time"
 )
 
@@ -30,3 +31,60 @@ func testSmallMaxFrameSize(ctx *HTTP2InteropCtx) error {
 
 	return nil
 }
+
+// Section 6.5.3 says all settings frames must be acked.
+func testAllSettingsFramesAcked(ctx *HTTP2InteropCtx) error {
+	conn, err := connect(ctx)
+	if err != nil {
+		return err
+	}
+	defer conn.Close()
+	conn.SetDeadline(time.Now().Add(defaultTimeout))
+
+	sf := &SettingsFrame{}
+	if err := http2Connect(conn, sf); err != nil {
+		return err
+	}
+
+	// The spec says "The values in the SETTINGS frame MUST be processed in the order they
+	// appear. [...] Once all values have been processed, the recipient MUST immediately
+	// emit a SETTINGS frame with the ACK flag set."  From my understanding, processing all
+	// of no values warrants an ack per frame.
+	for i := 0; i < 10; i++ {
+		if err := streamFrame(conn, sf); err != nil {
+			return err
+		}
+	}
+
+	var settingsFramesReceived = 0
+	// The server by default sends a settings frame as part of the handshake, and another
+	// after the receipt of the initial settings frame as part of our conneection preface.
+	// This means we expected 1 + 1 + 10 = 12 settings frames in return, with all but the
+	// first having the ack bit.
+	for settingsFramesReceived < 12 {
+		f, err := parseFrame(conn)
+		if err != nil {
+			return err
+		}
+
+		// Other frames come down the wire too, including window update.  Just ignore those.
+		if f, ok := f.(*SettingsFrame); ok {
+			settingsFramesReceived += 1
+			if settingsFramesReceived == 1 {
+				if f.Header.Flags&SETTINGS_FLAG_ACK > 0 {
+					return fmt.Errorf("settings frame should not have used ack: %v")
+				}
+				continue
+			}
+
+			if f.Header.Flags&SETTINGS_FLAG_ACK == 0 {
+				return fmt.Errorf("settings frame should have used ack: %v", f)
+			}
+			if len(f.Params) != 0 {
+				return fmt.Errorf("settings ack cannot have params: %v", f)
+			}
+		}
+	}
+
+	return nil
+}

tools/http2_interop/s6.5_test.go

@@ -13,3 +13,14 @@ func TestSoonSmallMaxFrameSize(t *testing.T) {
 	err := testSmallMaxFrameSize(ctx)
 	matchError(t, err, "Got goaway frame")
 }
+
+func TestSoonAllSettingsFramesAcked(t *testing.T) {
+	defer Report(t)
+	if *testCase != "framing" {
+		t.SkipNow()
+	}
+	ctx := InteropCtx(t)
+	if err := testAllSettingsFramesAcked(ctx); err != nil {
+		t.Fatal(err)
+	}
+}

tools/http2_interop/settings.go

@@ -26,6 +26,10 @@ const (
 	SettingsMaxHeaderListSize    SettingsIdentifier = 6
 )
 
+const (
+	SETTINGS_FLAG_ACK byte = 0x01
+)
+
 func (si SettingsIdentifier) String() string {
 	switch si {
 	case SettingsHeaderTableSize:

tools/run_tests/sources_and_headers.json

@@ -17277,6 +17277,64 @@
       "test/core/bad_client/tests/unknown_frame.c"
     ]
   }, 
+  {
+    "deps": [
+      "bad_ssl_test_server", 
+      "gpr", 
+      "gpr_test_util", 
+      "grpc", 
+      "grpc_test_util"
+    ], 
+    "headers": [], 
+    "language": "c", 
+    "name": "bad_ssl_alpn_server", 
+    "src": [
+      "test/core/bad_ssl/servers/alpn.c"
+    ]
+  }, 
+  {
+    "deps": [
+      "bad_ssl_test_server", 
+      "gpr", 
+      "gpr_test_util", 
+      "grpc", 
+      "grpc_test_util"
+    ], 
+    "headers": [], 
+    "language": "c", 
+    "name": "bad_ssl_cert_server", 
+    "src": [
+      "test/core/bad_ssl/servers/cert.c"
+    ]
+  }, 
+  {
+    "deps": [
+      "gpr", 
+      "gpr_test_util", 
+      "grpc", 
+      "grpc_test_util"
+    ], 
+    "headers": [], 
+    "language": "c", 
+    "name": "bad_ssl_alpn_test", 
+    "src": [
+      "test/core/bad_ssl/bad_ssl_test.c"
+    ]
+  }, 
+  {
+    "deps": [
+      "gpr", 
+      "gpr_test_util", 
+      "grpc", 
+      "grpc_test_util"
+    ], 
+    "headers": [], 
+    "language": "c", 
+    "name": "bad_ssl_cert_test", 
+    "src": [
+      "test/core/bad_ssl/bad_ssl_test.c"
+    ]
+  }, 
   {
     "deps": [], 
     "headers": [
@@ -20844,5 +20902,22 @@
       "test/core/bad_client/bad_client.c", 
       "test/core/bad_client/bad_client.h"
     ]
+  }, 
+  {
+    "deps": [
+      "gpr", 
+      "gpr_test_util", 
+      "grpc", 
+      "grpc_test_util"
+    ], 
+    "headers": [
+      "test/core/bad_ssl/server.h"
+    ], 
+    "language": "c", 
+    "name": "bad_ssl_test_server", 
+    "src": [
+      "test/core/bad_ssl/server.c", 
+      "test/core/bad_ssl/server.h"
+    ]
   }
 ]

tools/run_tests/tests.json

@@ -18427,5 +18427,37 @@
       "posix", 
       "windows"
     ]
+  }, 
+  {
+    "ci_platforms": [
+      "linux", 
+      "mac", 
+      "posix"
+    ], 
+    "exclude_configs": [], 
+    "flaky": false, 
+    "language": "c", 
+    "name": "bad_ssl_alpn_test", 
+    "platforms": [
+      "linux", 
+      "mac", 
+      "posix"
+    ]
+  }, 
+  {
+    "ci_platforms": [
+      "linux", 
+      "mac", 
+      "posix"
+    ], 
+    "exclude_configs": [], 
+    "flaky": false, 
+    "language": "c", 
+    "name": "bad_ssl_cert_test", 
+    "platforms": [
+      "linux", 
+      "mac", 
+      "posix"
+    ]
   }
 ]