diff --git a/BUILD b/BUILD
index c3ca67a489a..641169ea01e 100644
--- a/BUILD
+++ b/BUILD
@@ -1649,7 +1649,7 @@ grpc_cc_library(
"src/core/lib/security/credentials/plugin/plugin_credentials.cc",
"src/core/lib/security/credentials/ssl/ssl_credentials.cc",
"src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc",
- "src/core/lib/security/credentials/tls/spiffe_credentials.cc",
+ "src/core/lib/security/credentials/tls/tls_credentials.cc",
"src/core/lib/security/security_connector/alts/alts_security_connector.cc",
"src/core/lib/security/security_connector/fake/fake_security_connector.cc",
"src/core/lib/security/security_connector/load_system_roots_fallback.cc",
@@ -1659,7 +1659,7 @@ grpc_cc_library(
"src/core/lib/security/security_connector/ssl/ssl_security_connector.cc",
"src/core/lib/security/security_connector/ssl_utils.cc",
"src/core/lib/security/security_connector/ssl_utils_config.cc",
- "src/core/lib/security/security_connector/tls/spiffe_security_connector.cc",
+ "src/core/lib/security/security_connector/tls/tls_security_connector.cc",
"src/core/lib/security/transport/client_auth_filter.cc",
"src/core/lib/security/transport/secure_endpoint.cc",
"src/core/lib/security/transport/security_handshaker.cc",
@@ -1687,7 +1687,7 @@ grpc_cc_library(
"src/core/lib/security/credentials/plugin/plugin_credentials.h",
"src/core/lib/security/credentials/ssl/ssl_credentials.h",
"src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h",
- "src/core/lib/security/credentials/tls/spiffe_credentials.h",
+ "src/core/lib/security/credentials/tls/tls_credentials.h",
"src/core/lib/security/security_connector/alts/alts_security_connector.h",
"src/core/lib/security/security_connector/fake/fake_security_connector.h",
"src/core/lib/security/security_connector/load_system_roots.h",
@@ -1697,7 +1697,7 @@ grpc_cc_library(
"src/core/lib/security/security_connector/ssl/ssl_security_connector.h",
"src/core/lib/security/security_connector/ssl_utils.h",
"src/core/lib/security/security_connector/ssl_utils_config.h",
- "src/core/lib/security/security_connector/tls/spiffe_security_connector.h",
+ "src/core/lib/security/security_connector/tls/tls_security_connector.h",
"src/core/lib/security/transport/auth_filters.h",
"src/core/lib/security/transport/secure_endpoint.h",
"src/core/lib/security/transport/security_handshaker.h",
diff --git a/BUILD.gn b/BUILD.gn
index 2d84429ad1f..910bdc3ac75 100644
--- a/BUILD.gn
+++ b/BUILD.gn
@@ -733,8 +733,8 @@ config("grpc_config") {
"src/core/lib/security/credentials/ssl/ssl_credentials.h",
"src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc",
"src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h",
- "src/core/lib/security/credentials/tls/spiffe_credentials.cc",
- "src/core/lib/security/credentials/tls/spiffe_credentials.h",
+ "src/core/lib/security/credentials/tls/tls_credentials.cc",
+ "src/core/lib/security/credentials/tls/tls_credentials.h",
"src/core/lib/security/security_connector/alts/alts_security_connector.cc",
"src/core/lib/security/security_connector/alts/alts_security_connector.h",
"src/core/lib/security/security_connector/fake/fake_security_connector.cc",
@@ -753,8 +753,8 @@ config("grpc_config") {
"src/core/lib/security/security_connector/ssl_utils.h",
"src/core/lib/security/security_connector/ssl_utils_config.cc",
"src/core/lib/security/security_connector/ssl_utils_config.h",
- "src/core/lib/security/security_connector/tls/spiffe_security_connector.cc",
- "src/core/lib/security/security_connector/tls/spiffe_security_connector.h",
+ "src/core/lib/security/security_connector/tls/tls_security_connector.cc",
+ "src/core/lib/security/security_connector/tls/tls_security_connector.h",
"src/core/lib/security/transport/auth_filters.h",
"src/core/lib/security/transport/client_auth_filter.cc",
"src/core/lib/security/transport/secure_endpoint.cc",
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 32add78b99b..ae5a18a9a06 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -746,7 +746,7 @@ if(gRPC_BUILD_TESTS)
add_dependencies(buildtests_cxx grpc_cli)
add_dependencies(buildtests_cxx grpc_fetch_oauth2)
add_dependencies(buildtests_cxx grpc_linux_system_roots_test)
- add_dependencies(buildtests_cxx grpc_spiffe_security_connector_test)
+ add_dependencies(buildtests_cxx grpc_tls_security_connector_test)
add_dependencies(buildtests_cxx grpc_tool_test)
add_dependencies(buildtests_cxx grpclb_api_test)
add_dependencies(buildtests_cxx grpclb_end2end_test)
@@ -1306,7 +1306,7 @@ add_library(grpc
src/core/lib/security/credentials/plugin/plugin_credentials.cc
src/core/lib/security/credentials/ssl/ssl_credentials.cc
src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc
- src/core/lib/security/credentials/tls/spiffe_credentials.cc
+ src/core/lib/security/credentials/tls/tls_credentials.cc
src/core/lib/security/security_connector/alts/alts_security_connector.cc
src/core/lib/security/security_connector/fake/fake_security_connector.cc
src/core/lib/security/security_connector/load_system_roots_fallback.cc
@@ -1316,7 +1316,7 @@ add_library(grpc
src/core/lib/security/security_connector/ssl/ssl_security_connector.cc
src/core/lib/security/security_connector/ssl_utils.cc
src/core/lib/security/security_connector/ssl_utils_config.cc
- src/core/lib/security/security_connector/tls/spiffe_security_connector.cc
+ src/core/lib/security/security_connector/tls/tls_security_connector.cc
src/core/lib/security/transport/client_auth_filter.cc
src/core/lib/security/transport/secure_endpoint.cc
src/core/lib/security/transport/security_handshaker.cc
@@ -1821,7 +1821,7 @@ add_library(grpc_cronet
src/core/lib/security/credentials/plugin/plugin_credentials.cc
src/core/lib/security/credentials/ssl/ssl_credentials.cc
src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc
- src/core/lib/security/credentials/tls/spiffe_credentials.cc
+ src/core/lib/security/credentials/tls/tls_credentials.cc
src/core/lib/security/security_connector/alts/alts_security_connector.cc
src/core/lib/security/security_connector/fake/fake_security_connector.cc
src/core/lib/security/security_connector/load_system_roots_fallback.cc
@@ -1831,7 +1831,7 @@ add_library(grpc_cronet
src/core/lib/security/security_connector/ssl/ssl_security_connector.cc
src/core/lib/security/security_connector/ssl_utils.cc
src/core/lib/security/security_connector/ssl_utils_config.cc
- src/core/lib/security/security_connector/tls/spiffe_security_connector.cc
+ src/core/lib/security/security_connector/tls/tls_security_connector.cc
src/core/lib/security/transport/client_auth_filter.cc
src/core/lib/security/transport/secure_endpoint.cc
src/core/lib/security/transport/security_handshaker.cc
@@ -13185,13 +13185,13 @@ endif()
endif()
if(gRPC_BUILD_TESTS)
-add_executable(grpc_spiffe_security_connector_test
- test/core/security/spiffe_security_connector_test.cc
+add_executable(grpc_tls_security_connector_test
+ test/core/security/tls_security_connector_test.cc
third_party/googletest/googletest/src/gtest-all.cc
third_party/googletest/googlemock/src/gmock-all.cc
)
-target_include_directories(grpc_spiffe_security_connector_test
+target_include_directories(grpc_tls_security_connector_test
PRIVATE
${CMAKE_CURRENT_SOURCE_DIR}
${CMAKE_CURRENT_SOURCE_DIR}/include
@@ -13208,7 +13208,7 @@ target_include_directories(grpc_spiffe_security_connector_test
${_gRPC_PROTO_GENS_DIR}
)
-target_link_libraries(grpc_spiffe_security_connector_test
+target_link_libraries(grpc_tls_security_connector_test
${_gRPC_PROTOBUF_LIBRARIES}
${_gRPC_ALLTARGETS_LIBRARIES}
grpc_test_util
diff --git a/Makefile b/Makefile
index 5f591c4361f..cfb20e3d213 100644
--- a/Makefile
+++ b/Makefile
@@ -1237,7 +1237,7 @@ grpc_objective_c_plugin: $(BINDIR)/$(CONFIG)/grpc_objective_c_plugin
grpc_php_plugin: $(BINDIR)/$(CONFIG)/grpc_php_plugin
grpc_python_plugin: $(BINDIR)/$(CONFIG)/grpc_python_plugin
grpc_ruby_plugin: $(BINDIR)/$(CONFIG)/grpc_ruby_plugin
-grpc_spiffe_security_connector_test: $(BINDIR)/$(CONFIG)/grpc_spiffe_security_connector_test
+grpc_tls_security_connector_test: $(BINDIR)/$(CONFIG)/grpc_tls_security_connector_test
grpc_tool_test: $(BINDIR)/$(CONFIG)/grpc_tool_test
grpclb_api_test: $(BINDIR)/$(CONFIG)/grpclb_api_test
grpclb_end2end_test: $(BINDIR)/$(CONFIG)/grpclb_end2end_test
@@ -1705,7 +1705,7 @@ buildtests_cxx: privatelibs_cxx \
$(BINDIR)/$(CONFIG)/grpc_cli \
$(BINDIR)/$(CONFIG)/grpc_fetch_oauth2 \
$(BINDIR)/$(CONFIG)/grpc_linux_system_roots_test \
- $(BINDIR)/$(CONFIG)/grpc_spiffe_security_connector_test \
+ $(BINDIR)/$(CONFIG)/grpc_tls_security_connector_test \
$(BINDIR)/$(CONFIG)/grpc_tool_test \
$(BINDIR)/$(CONFIG)/grpclb_api_test \
$(BINDIR)/$(CONFIG)/grpclb_end2end_test \
@@ -1878,7 +1878,7 @@ buildtests_cxx: privatelibs_cxx \
$(BINDIR)/$(CONFIG)/grpc_cli \
$(BINDIR)/$(CONFIG)/grpc_fetch_oauth2 \
$(BINDIR)/$(CONFIG)/grpc_linux_system_roots_test \
- $(BINDIR)/$(CONFIG)/grpc_spiffe_security_connector_test \
+ $(BINDIR)/$(CONFIG)/grpc_tls_security_connector_test \
$(BINDIR)/$(CONFIG)/grpc_tool_test \
$(BINDIR)/$(CONFIG)/grpclb_api_test \
$(BINDIR)/$(CONFIG)/grpclb_end2end_test \
@@ -2383,8 +2383,8 @@ test_cxx: buildtests_cxx
$(Q) $(BINDIR)/$(CONFIG)/grpc_alts_credentials_options_test || ( echo test grpc_alts_credentials_options_test failed ; exit 1 )
$(E) "[RUN] Testing grpc_linux_system_roots_test"
$(Q) $(BINDIR)/$(CONFIG)/grpc_linux_system_roots_test || ( echo test grpc_linux_system_roots_test failed ; exit 1 )
- $(E) "[RUN] Testing grpc_spiffe_security_connector_test"
- $(Q) $(BINDIR)/$(CONFIG)/grpc_spiffe_security_connector_test || ( echo test grpc_spiffe_security_connector_test failed ; exit 1 )
+ $(E) "[RUN] Testing grpc_tls_security_connector_test"
+ $(Q) $(BINDIR)/$(CONFIG)/grpc_tls_security_connector_test || ( echo test grpc_tls_security_connector_test failed ; exit 1 )
$(E) "[RUN] Testing grpc_tool_test"
$(Q) $(BINDIR)/$(CONFIG)/grpc_tool_test || ( echo test grpc_tool_test failed ; exit 1 )
$(E) "[RUN] Testing grpclb_api_test"
@@ -3788,7 +3788,7 @@ LIBGRPC_SRC = \
src/core/lib/security/credentials/plugin/plugin_credentials.cc \
src/core/lib/security/credentials/ssl/ssl_credentials.cc \
src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc \
- src/core/lib/security/credentials/tls/spiffe_credentials.cc \
+ src/core/lib/security/credentials/tls/tls_credentials.cc \
src/core/lib/security/security_connector/alts/alts_security_connector.cc \
src/core/lib/security/security_connector/fake/fake_security_connector.cc \
src/core/lib/security/security_connector/load_system_roots_fallback.cc \
@@ -3798,7 +3798,7 @@ LIBGRPC_SRC = \
src/core/lib/security/security_connector/ssl/ssl_security_connector.cc \
src/core/lib/security/security_connector/ssl_utils.cc \
src/core/lib/security/security_connector/ssl_utils_config.cc \
- src/core/lib/security/security_connector/tls/spiffe_security_connector.cc \
+ src/core/lib/security/security_connector/tls/tls_security_connector.cc \
src/core/lib/security/transport/client_auth_filter.cc \
src/core/lib/security/transport/secure_endpoint.cc \
src/core/lib/security/transport/security_handshaker.cc \
@@ -4295,7 +4295,7 @@ LIBGRPC_CRONET_SRC = \
src/core/lib/security/credentials/plugin/plugin_credentials.cc \
src/core/lib/security/credentials/ssl/ssl_credentials.cc \
src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc \
- src/core/lib/security/credentials/tls/spiffe_credentials.cc \
+ src/core/lib/security/credentials/tls/tls_credentials.cc \
src/core/lib/security/security_connector/alts/alts_security_connector.cc \
src/core/lib/security/security_connector/fake/fake_security_connector.cc \
src/core/lib/security/security_connector/load_system_roots_fallback.cc \
@@ -4305,7 +4305,7 @@ LIBGRPC_CRONET_SRC = \
src/core/lib/security/security_connector/ssl/ssl_security_connector.cc \
src/core/lib/security/security_connector/ssl_utils.cc \
src/core/lib/security/security_connector/ssl_utils_config.cc \
- src/core/lib/security/security_connector/tls/spiffe_security_connector.cc \
+ src/core/lib/security/security_connector/tls/tls_security_connector.cc \
src/core/lib/security/transport/client_auth_filter.cc \
src/core/lib/security/transport/secure_endpoint.cc \
src/core/lib/security/transport/security_handshaker.cc \
@@ -17423,15 +17423,15 @@ ifneq ($(NO_DEPS),true)
endif
-GRPC_SPIFFE_SECURITY_CONNECTOR_TEST_SRC = \
- test/core/security/spiffe_security_connector_test.cc \
+GRPC_TLS_SECURITY_CONNECTOR_TEST_SRC = \
+ test/core/security/tls_security_connector_test.cc \
-GRPC_SPIFFE_SECURITY_CONNECTOR_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(GRPC_SPIFFE_SECURITY_CONNECTOR_TEST_SRC))))
+GRPC_TLS_SECURITY_CONNECTOR_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(GRPC_TLS_SECURITY_CONNECTOR_TEST_SRC))))
ifeq ($(NO_SECURE),true)
# You can't build secure targets if you don't have OpenSSL.
-$(BINDIR)/$(CONFIG)/grpc_spiffe_security_connector_test: openssl_dep_error
+$(BINDIR)/$(CONFIG)/grpc_tls_security_connector_test: openssl_dep_error
else
@@ -17442,26 +17442,26 @@ ifeq ($(NO_PROTOBUF),true)
# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.5.0+.
-$(BINDIR)/$(CONFIG)/grpc_spiffe_security_connector_test: protobuf_dep_error
+$(BINDIR)/$(CONFIG)/grpc_tls_security_connector_test: protobuf_dep_error
else
-$(BINDIR)/$(CONFIG)/grpc_spiffe_security_connector_test: $(PROTOBUF_DEP) $(GRPC_SPIFFE_SECURITY_CONNECTOR_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc++_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a
+$(BINDIR)/$(CONFIG)/grpc_tls_security_connector_test: $(PROTOBUF_DEP) $(GRPC_TLS_SECURITY_CONNECTOR_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc++_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a
$(E) "[LD] Linking $@"
$(Q) mkdir -p `dirname $@`
- $(Q) $(LDXX) $(LDFLAGS) $(GRPC_SPIFFE_SECURITY_CONNECTOR_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc++_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/grpc_spiffe_security_connector_test
+ $(Q) $(LDXX) $(LDFLAGS) $(GRPC_TLS_SECURITY_CONNECTOR_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc++_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/grpc_tls_security_connector_test
endif
endif
-$(OBJDIR)/$(CONFIG)/test/core/security/spiffe_security_connector_test.o: $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc++_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a
+$(OBJDIR)/$(CONFIG)/test/core/security/tls_security_connector_test.o: $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc++_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a
-deps_grpc_spiffe_security_connector_test: $(GRPC_SPIFFE_SECURITY_CONNECTOR_TEST_OBJS:.o=.dep)
+deps_grpc_tls_security_connector_test: $(GRPC_TLS_SECURITY_CONNECTOR_TEST_OBJS:.o=.dep)
ifneq ($(NO_SECURE),true)
ifneq ($(NO_DEPS),true)
--include $(GRPC_SPIFFE_SECURITY_CONNECTOR_TEST_OBJS:.o=.dep)
+-include $(GRPC_TLS_SECURITY_CONNECTOR_TEST_OBJS:.o=.dep)
endif
endif
@@ -23112,7 +23112,7 @@ src/core/lib/security/credentials/oauth2/oauth2_credentials.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/plugin/plugin_credentials.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/ssl/ssl_credentials.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc: $(OPENSSL_DEP)
-src/core/lib/security/credentials/tls/spiffe_credentials.cc: $(OPENSSL_DEP)
+src/core/lib/security/credentials/tls/tls_credentials.cc: $(OPENSSL_DEP)
src/core/lib/security/security_connector/alts/alts_security_connector.cc: $(OPENSSL_DEP)
src/core/lib/security/security_connector/fake/fake_security_connector.cc: $(OPENSSL_DEP)
src/core/lib/security/security_connector/load_system_roots_fallback.cc: $(OPENSSL_DEP)
@@ -23122,7 +23122,7 @@ src/core/lib/security/security_connector/security_connector.cc: $(OPENSSL_DEP)
src/core/lib/security/security_connector/ssl/ssl_security_connector.cc: $(OPENSSL_DEP)
src/core/lib/security/security_connector/ssl_utils.cc: $(OPENSSL_DEP)
src/core/lib/security/security_connector/ssl_utils_config.cc: $(OPENSSL_DEP)
-src/core/lib/security/security_connector/tls/spiffe_security_connector.cc: $(OPENSSL_DEP)
+src/core/lib/security/security_connector/tls/tls_security_connector.cc: $(OPENSSL_DEP)
src/core/lib/security/transport/client_auth_filter.cc: $(OPENSSL_DEP)
src/core/lib/security/transport/secure_endpoint.cc: $(OPENSSL_DEP)
src/core/lib/security/transport/security_handshaker.cc: $(OPENSSL_DEP)
diff --git a/build.yaml b/build.yaml
index d29dc2b5499..f840b42c03f 100644
--- a/build.yaml
+++ b/build.yaml
@@ -1282,7 +1282,7 @@ filegroups:
- src/core/lib/security/credentials/plugin/plugin_credentials.h
- src/core/lib/security/credentials/ssl/ssl_credentials.h
- src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h
- - src/core/lib/security/credentials/tls/spiffe_credentials.h
+ - src/core/lib/security/credentials/tls/tls_credentials.h
- src/core/lib/security/security_connector/alts/alts_security_connector.h
- src/core/lib/security/security_connector/fake/fake_security_connector.h
- src/core/lib/security/security_connector/load_system_roots.h
@@ -1292,7 +1292,7 @@ filegroups:
- src/core/lib/security/security_connector/ssl/ssl_security_connector.h
- src/core/lib/security/security_connector/ssl_utils.h
- src/core/lib/security/security_connector/ssl_utils_config.h
- - src/core/lib/security/security_connector/tls/spiffe_security_connector.h
+ - src/core/lib/security/security_connector/tls/tls_security_connector.h
- src/core/lib/security/transport/auth_filters.h
- src/core/lib/security/transport/secure_endpoint.h
- src/core/lib/security/transport/security_handshaker.h
@@ -1318,7 +1318,7 @@ filegroups:
- src/core/lib/security/credentials/plugin/plugin_credentials.cc
- src/core/lib/security/credentials/ssl/ssl_credentials.cc
- src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc
- - src/core/lib/security/credentials/tls/spiffe_credentials.cc
+ - src/core/lib/security/credentials/tls/tls_credentials.cc
- src/core/lib/security/security_connector/alts/alts_security_connector.cc
- src/core/lib/security/security_connector/fake/fake_security_connector.cc
- src/core/lib/security/security_connector/load_system_roots_fallback.cc
@@ -1328,7 +1328,7 @@ filegroups:
- src/core/lib/security/security_connector/ssl/ssl_security_connector.cc
- src/core/lib/security/security_connector/ssl_utils.cc
- src/core/lib/security/security_connector/ssl_utils_config.cc
- - src/core/lib/security/security_connector/tls/spiffe_security_connector.cc
+ - src/core/lib/security/security_connector/tls/tls_security_connector.cc
- src/core/lib/security/transport/client_auth_filter.cc
- src/core/lib/security/transport/secure_endpoint.cc
- src/core/lib/security/transport/security_handshaker.cc
@@ -5078,12 +5078,12 @@ targets:
deps:
- grpc_plugin_support
secure: false
-- name: grpc_spiffe_security_connector_test
+- name: grpc_tls_security_connector_test
gtest: true
build: test
language: c++
src:
- - test/core/security/spiffe_security_connector_test.cc
+ - test/core/security/tls_security_connector_test.cc
deps:
- grpc_test_util
- grpc++_test_util
diff --git a/config.m4 b/config.m4
index e0e85f3e09f..81f723ba4bb 100644
--- a/config.m4
+++ b/config.m4
@@ -362,7 +362,7 @@ if test "$PHP_GRPC" != "no"; then
src/core/lib/security/credentials/plugin/plugin_credentials.cc \
src/core/lib/security/credentials/ssl/ssl_credentials.cc \
src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc \
- src/core/lib/security/credentials/tls/spiffe_credentials.cc \
+ src/core/lib/security/credentials/tls/tls_credentials.cc \
src/core/lib/security/security_connector/alts/alts_security_connector.cc \
src/core/lib/security/security_connector/fake/fake_security_connector.cc \
src/core/lib/security/security_connector/load_system_roots_fallback.cc \
@@ -372,7 +372,7 @@ if test "$PHP_GRPC" != "no"; then
src/core/lib/security/security_connector/ssl/ssl_security_connector.cc \
src/core/lib/security/security_connector/ssl_utils.cc \
src/core/lib/security/security_connector/ssl_utils_config.cc \
- src/core/lib/security/security_connector/tls/spiffe_security_connector.cc \
+ src/core/lib/security/security_connector/tls/tls_security_connector.cc \
src/core/lib/security/transport/client_auth_filter.cc \
src/core/lib/security/transport/secure_endpoint.cc \
src/core/lib/security/transport/security_handshaker.cc \
diff --git a/config.w32 b/config.w32
index 2da55d6085f..bd9d70326fc 100644
--- a/config.w32
+++ b/config.w32
@@ -265,7 +265,7 @@ if (PHP_GRPC != "no") {
"src\\core\\lib\\security\\credentials\\plugin\\plugin_credentials.cc " +
"src\\core\\lib\\security\\credentials\\ssl\\ssl_credentials.cc " +
"src\\core\\lib\\security\\credentials\\tls\\grpc_tls_credentials_options.cc " +
- "src\\core\\lib\\security\\credentials\\tls\\spiffe_credentials.cc " +
+ "src\\core\\lib\\security\\credentials\\tls\\tls_credentials.cc " +
"src\\core\\lib\\security\\security_connector\\alts\\alts_security_connector.cc " +
"src\\core\\lib\\security\\security_connector\\fake\\fake_security_connector.cc " +
"src\\core\\lib\\security\\security_connector\\load_system_roots_fallback.cc " +
@@ -275,7 +275,7 @@ if (PHP_GRPC != "no") {
"src\\core\\lib\\security\\security_connector\\ssl\\ssl_security_connector.cc " +
"src\\core\\lib\\security\\security_connector\\ssl_utils.cc " +
"src\\core\\lib\\security\\security_connector\\ssl_utils_config.cc " +
- "src\\core\\lib\\security\\security_connector\\tls\\spiffe_security_connector.cc " +
+ "src\\core\\lib\\security\\security_connector\\tls\\tls_security_connector.cc " +
"src\\core\\lib\\security\\transport\\client_auth_filter.cc " +
"src\\core\\lib\\security\\transport\\secure_endpoint.cc " +
"src\\core\\lib\\security\\transport\\security_handshaker.cc " +
diff --git a/gRPC-C++.podspec b/gRPC-C++.podspec
index 80495bf319d..c5338ae0a7a 100644
--- a/gRPC-C++.podspec
+++ b/gRPC-C++.podspec
@@ -545,7 +545,7 @@ Pod::Spec.new do |s|
'src/core/lib/security/credentials/plugin/plugin_credentials.h',
'src/core/lib/security/credentials/ssl/ssl_credentials.h',
'src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h',
- 'src/core/lib/security/credentials/tls/spiffe_credentials.h',
+ 'src/core/lib/security/credentials/tls/tls_credentials.h',
'src/core/lib/security/security_connector/alts/alts_security_connector.h',
'src/core/lib/security/security_connector/fake/fake_security_connector.h',
'src/core/lib/security/security_connector/load_system_roots.h',
@@ -555,7 +555,7 @@ Pod::Spec.new do |s|
'src/core/lib/security/security_connector/ssl/ssl_security_connector.h',
'src/core/lib/security/security_connector/ssl_utils.h',
'src/core/lib/security/security_connector/ssl_utils_config.h',
- 'src/core/lib/security/security_connector/tls/spiffe_security_connector.h',
+ 'src/core/lib/security/security_connector/tls/tls_security_connector.h',
'src/core/lib/security/transport/auth_filters.h',
'src/core/lib/security/transport/secure_endpoint.h',
'src/core/lib/security/transport/security_handshaker.h',
@@ -1133,7 +1133,7 @@ Pod::Spec.new do |s|
'src/core/lib/security/credentials/plugin/plugin_credentials.h',
'src/core/lib/security/credentials/ssl/ssl_credentials.h',
'src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h',
- 'src/core/lib/security/credentials/tls/spiffe_credentials.h',
+ 'src/core/lib/security/credentials/tls/tls_credentials.h',
'src/core/lib/security/security_connector/alts/alts_security_connector.h',
'src/core/lib/security/security_connector/fake/fake_security_connector.h',
'src/core/lib/security/security_connector/load_system_roots.h',
@@ -1143,7 +1143,7 @@ Pod::Spec.new do |s|
'src/core/lib/security/security_connector/ssl/ssl_security_connector.h',
'src/core/lib/security/security_connector/ssl_utils.h',
'src/core/lib/security/security_connector/ssl_utils_config.h',
- 'src/core/lib/security/security_connector/tls/spiffe_security_connector.h',
+ 'src/core/lib/security/security_connector/tls/tls_security_connector.h',
'src/core/lib/security/transport/auth_filters.h',
'src/core/lib/security/transport/secure_endpoint.h',
'src/core/lib/security/transport/security_handshaker.h',
diff --git a/gRPC-Core.podspec b/gRPC-Core.podspec
index 0f2d193e63e..ff9dd3a4708 100644
--- a/gRPC-Core.podspec
+++ b/gRPC-Core.podspec
@@ -785,8 +785,8 @@ Pod::Spec.new do |s|
'src/core/lib/security/credentials/ssl/ssl_credentials.h',
'src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc',
'src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h',
- 'src/core/lib/security/credentials/tls/spiffe_credentials.cc',
- 'src/core/lib/security/credentials/tls/spiffe_credentials.h',
+ 'src/core/lib/security/credentials/tls/tls_credentials.cc',
+ 'src/core/lib/security/credentials/tls/tls_credentials.h',
'src/core/lib/security/security_connector/alts/alts_security_connector.cc',
'src/core/lib/security/security_connector/alts/alts_security_connector.h',
'src/core/lib/security/security_connector/fake/fake_security_connector.cc',
@@ -805,8 +805,8 @@ Pod::Spec.new do |s|
'src/core/lib/security/security_connector/ssl_utils.h',
'src/core/lib/security/security_connector/ssl_utils_config.cc',
'src/core/lib/security/security_connector/ssl_utils_config.h',
- 'src/core/lib/security/security_connector/tls/spiffe_security_connector.cc',
- 'src/core/lib/security/security_connector/tls/spiffe_security_connector.h',
+ 'src/core/lib/security/security_connector/tls/tls_security_connector.cc',
+ 'src/core/lib/security/security_connector/tls/tls_security_connector.h',
'src/core/lib/security/transport/auth_filters.h',
'src/core/lib/security/transport/client_auth_filter.cc',
'src/core/lib/security/transport/secure_endpoint.cc',
@@ -1238,7 +1238,7 @@ Pod::Spec.new do |s|
'src/core/lib/security/credentials/plugin/plugin_credentials.h',
'src/core/lib/security/credentials/ssl/ssl_credentials.h',
'src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h',
- 'src/core/lib/security/credentials/tls/spiffe_credentials.h',
+ 'src/core/lib/security/credentials/tls/tls_credentials.h',
'src/core/lib/security/security_connector/alts/alts_security_connector.h',
'src/core/lib/security/security_connector/fake/fake_security_connector.h',
'src/core/lib/security/security_connector/load_system_roots.h',
@@ -1248,7 +1248,7 @@ Pod::Spec.new do |s|
'src/core/lib/security/security_connector/ssl/ssl_security_connector.h',
'src/core/lib/security/security_connector/ssl_utils.h',
'src/core/lib/security/security_connector/ssl_utils_config.h',
- 'src/core/lib/security/security_connector/tls/spiffe_security_connector.h',
+ 'src/core/lib/security/security_connector/tls/tls_security_connector.h',
'src/core/lib/security/transport/auth_filters.h',
'src/core/lib/security/transport/secure_endpoint.h',
'src/core/lib/security/transport/security_handshaker.h',
diff --git a/grpc.gemspec b/grpc.gemspec
index a91cf0d9eb3..ec53658ba9a 100644
--- a/grpc.gemspec
+++ b/grpc.gemspec
@@ -697,8 +697,8 @@ Gem::Specification.new do |s|
s.files += %w( src/core/lib/security/credentials/ssl/ssl_credentials.h )
s.files += %w( src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc )
s.files += %w( src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h )
- s.files += %w( src/core/lib/security/credentials/tls/spiffe_credentials.cc )
- s.files += %w( src/core/lib/security/credentials/tls/spiffe_credentials.h )
+ s.files += %w( src/core/lib/security/credentials/tls/tls_credentials.cc )
+ s.files += %w( src/core/lib/security/credentials/tls/tls_credentials.h )
s.files += %w( src/core/lib/security/security_connector/alts/alts_security_connector.cc )
s.files += %w( src/core/lib/security/security_connector/alts/alts_security_connector.h )
s.files += %w( src/core/lib/security/security_connector/fake/fake_security_connector.cc )
@@ -717,8 +717,8 @@ Gem::Specification.new do |s|
s.files += %w( src/core/lib/security/security_connector/ssl_utils.h )
s.files += %w( src/core/lib/security/security_connector/ssl_utils_config.cc )
s.files += %w( src/core/lib/security/security_connector/ssl_utils_config.h )
- s.files += %w( src/core/lib/security/security_connector/tls/spiffe_security_connector.cc )
- s.files += %w( src/core/lib/security/security_connector/tls/spiffe_security_connector.h )
+ s.files += %w( src/core/lib/security/security_connector/tls/tls_security_connector.cc )
+ s.files += %w( src/core/lib/security/security_connector/tls/tls_security_connector.h )
s.files += %w( src/core/lib/security/transport/auth_filters.h )
s.files += %w( src/core/lib/security/transport/client_auth_filter.cc )
s.files += %w( src/core/lib/security/transport/secure_endpoint.cc )
diff --git a/grpc.gyp b/grpc.gyp
index e4e4aff7ddf..766da996e2e 100644
--- a/grpc.gyp
+++ b/grpc.gyp
@@ -434,7 +434,7 @@
'src/core/lib/security/credentials/plugin/plugin_credentials.cc',
'src/core/lib/security/credentials/ssl/ssl_credentials.cc',
'src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc',
- 'src/core/lib/security/credentials/tls/spiffe_credentials.cc',
+ 'src/core/lib/security/credentials/tls/tls_credentials.cc',
'src/core/lib/security/security_connector/alts/alts_security_connector.cc',
'src/core/lib/security/security_connector/fake/fake_security_connector.cc',
'src/core/lib/security/security_connector/load_system_roots_fallback.cc',
@@ -444,7 +444,7 @@
'src/core/lib/security/security_connector/ssl/ssl_security_connector.cc',
'src/core/lib/security/security_connector/ssl_utils.cc',
'src/core/lib/security/security_connector/ssl_utils_config.cc',
- 'src/core/lib/security/security_connector/tls/spiffe_security_connector.cc',
+ 'src/core/lib/security/security_connector/tls/tls_security_connector.cc',
'src/core/lib/security/transport/client_auth_filter.cc',
'src/core/lib/security/transport/secure_endpoint.cc',
'src/core/lib/security/transport/security_handshaker.cc',
diff --git a/include/grpc/grpc_security.h b/include/grpc/grpc_security.h
index 2bd30d912b7..164c6dacdb0 100644
--- a/include/grpc/grpc_security.h
+++ b/include/grpc/grpc_security.h
@@ -698,7 +698,7 @@ GRPCAPI grpc_channel_credentials* grpc_local_credentials_create(
GRPCAPI grpc_server_credentials* grpc_local_server_credentials_create(
grpc_local_connect_type type);
-/** --- SPIFFE and HTTPS-based TLS channel/server credentials ---
+/** --- TLS channel/server credentials ---
* It is used for experimental purpose for now and subject to change. */
/** Config for TLS key materials. It is used for
@@ -938,10 +938,8 @@ grpc_tls_server_authorization_check_config_create(
grpc_tls_server_authorization_check_arg* arg),
void (*destruct)(void* config_user_data));
-/** --- SPIFFE channel/server credentials --- **/
-
/**
- * This method creates a TLS SPIFFE channel credential object.
+ * This method creates a TLS channel credential object.
* It takes ownership of the options parameter.
*
* - options: grpc TLS credentials options instance.
@@ -952,7 +950,7 @@ grpc_tls_server_authorization_check_config_create(
* to change.
*/
-grpc_channel_credentials* grpc_tls_spiffe_credentials_create(
+grpc_channel_credentials* grpc_tls_credentials_create(
grpc_tls_credentials_options* options);
/**
@@ -966,7 +964,7 @@ grpc_channel_credentials* grpc_tls_spiffe_credentials_create(
* It is used for experimental purpose for now and subject
* to change.
*/
-grpc_server_credentials* grpc_tls_spiffe_server_credentials_create(
+grpc_server_credentials* grpc_tls_server_credentials_create(
grpc_tls_credentials_options* options);
#ifdef __cplusplus
diff --git a/package.xml b/package.xml
index 3066eca92b7..431ec4505a5 100644
--- a/package.xml
+++ b/package.xml
@@ -680,8 +680,8 @@
-
-
+
+
@@ -700,8 +700,8 @@
-
-
+
+
diff --git a/src/core/lib/security/credentials/tls/spiffe_credentials.cc b/src/core/lib/security/credentials/tls/tls_credentials.cc
similarity index 73%
rename from src/core/lib/security/credentials/tls/spiffe_credentials.cc
rename to src/core/lib/security/credentials/tls/tls_credentials.cc
index 078bc578a4f..701fd3b1502 100644
--- a/src/core/lib/security/credentials/tls/spiffe_credentials.cc
+++ b/src/core/lib/security/credentials/tls/tls_credentials.cc
@@ -18,7 +18,7 @@
#include
-#include "src/core/lib/security/credentials/tls/spiffe_credentials.h"
+#include "src/core/lib/security/credentials/tls/tls_credentials.h"
#include
@@ -28,24 +28,23 @@
#include
#include "src/core/lib/channel/channel_args.h"
-#include "src/core/lib/security/security_connector/tls/spiffe_security_connector.h"
+#include "src/core/lib/security/security_connector/tls/tls_security_connector.h"
-#define GRPC_CREDENTIALS_TYPE_SPIFFE "Spiffe"
+#define GRPC_CREDENTIALS_TYPE_TLS "Tls"
namespace {
bool CredentialOptionSanityCheck(const grpc_tls_credentials_options* options,
bool is_client) {
if (options == nullptr) {
- gpr_log(GPR_ERROR, "SPIFFE TLS credentials options is nullptr.");
+ gpr_log(GPR_ERROR, "TLS credentials options is nullptr.");
return false;
}
if (options->key_materials_config() == nullptr &&
options->credential_reload_config() == nullptr) {
- gpr_log(
- GPR_ERROR,
- "SPIFFE TLS credentials options must specify either key materials or "
- "credential reload config.");
+ gpr_log(GPR_ERROR,
+ "TLS credentials options must specify either key materials or "
+ "credential reload config.");
return false;
}
if (!is_client && options->server_authorization_check_config() != nullptr) {
@@ -58,15 +57,15 @@ bool CredentialOptionSanityCheck(const grpc_tls_credentials_options* options,
} // namespace
-SpiffeCredentials::SpiffeCredentials(
+TlsCredentials::TlsCredentials(
grpc_core::RefCountedPtr options)
- : grpc_channel_credentials(GRPC_CREDENTIALS_TYPE_SPIFFE),
+ : grpc_channel_credentials(GRPC_CREDENTIALS_TYPE_TLS),
options_(std::move(options)) {}
-SpiffeCredentials::~SpiffeCredentials() {}
+TlsCredentials::~TlsCredentials() {}
grpc_core::RefCountedPtr
-SpiffeCredentials::create_security_connector(
+TlsCredentials::create_security_connector(
grpc_core::RefCountedPtr call_creds,
const char* target_name, const grpc_channel_args* args,
grpc_channel_args** new_args) {
@@ -84,8 +83,8 @@ SpiffeCredentials::create_security_connector(
static_cast(arg->value.pointer.p);
}
}
- grpc_core::RefCountedPtr sc = grpc_core::
- SpiffeChannelSecurityConnector::CreateSpiffeChannelSecurityConnector(
+ grpc_core::RefCountedPtr sc =
+ grpc_core::TlsChannelSecurityConnector::CreateTlsChannelSecurityConnector(
this->Ref(), std::move(call_creds), target_name,
overridden_target_name, ssl_session_cache);
if (sc == nullptr) {
@@ -97,33 +96,33 @@ SpiffeCredentials::create_security_connector(
return sc;
}
-SpiffeServerCredentials::SpiffeServerCredentials(
+TlsServerCredentials::TlsServerCredentials(
grpc_core::RefCountedPtr options)
- : grpc_server_credentials(GRPC_CREDENTIALS_TYPE_SPIFFE),
+ : grpc_server_credentials(GRPC_CREDENTIALS_TYPE_TLS),
options_(std::move(options)) {}
-SpiffeServerCredentials::~SpiffeServerCredentials() {}
+TlsServerCredentials::~TlsServerCredentials() {}
grpc_core::RefCountedPtr
-SpiffeServerCredentials::create_security_connector() {
- return grpc_core::SpiffeServerSecurityConnector::
- CreateSpiffeServerSecurityConnector(this->Ref());
+TlsServerCredentials::create_security_connector() {
+ return grpc_core::TlsServerSecurityConnector::
+ CreateTlsServerSecurityConnector(this->Ref());
}
-grpc_channel_credentials* grpc_tls_spiffe_credentials_create(
+grpc_channel_credentials* grpc_tls_credentials_create(
grpc_tls_credentials_options* options) {
if (!CredentialOptionSanityCheck(options, true /* is_client */)) {
return nullptr;
}
- return new SpiffeCredentials(
+ return new TlsCredentials(
grpc_core::RefCountedPtr(options));
}
-grpc_server_credentials* grpc_tls_spiffe_server_credentials_create(
+grpc_server_credentials* grpc_tls_server_credentials_create(
grpc_tls_credentials_options* options) {
if (!CredentialOptionSanityCheck(options, false /* is_client */)) {
return nullptr;
}
- return new SpiffeServerCredentials(
+ return new TlsServerCredentials(
grpc_core::RefCountedPtr(options));
}
diff --git a/src/core/lib/security/credentials/tls/spiffe_credentials.h b/src/core/lib/security/credentials/tls/tls_credentials.h
similarity index 77%
rename from src/core/lib/security/credentials/tls/spiffe_credentials.h
rename to src/core/lib/security/credentials/tls/tls_credentials.h
index 4985fda4a7e..388c71f6b73 100644
--- a/src/core/lib/security/credentials/tls/spiffe_credentials.h
+++ b/src/core/lib/security/credentials/tls/tls_credentials.h
@@ -16,8 +16,8 @@
*
*/
-#ifndef GRPC_CORE_LIB_SECURITY_CREDENTIALS_TLS_SPIFFE_CREDENTIALS_H
-#define GRPC_CORE_LIB_SECURITY_CREDENTIALS_TLS_SPIFFE_CREDENTIALS_H
+#ifndef GRPC_CORE_LIB_SECURITY_CREDENTIALS_TLS_TLS_CREDENTIALS_H
+#define GRPC_CORE_LIB_SECURITY_CREDENTIALS_TLS_TLS_CREDENTIALS_H
#include
@@ -26,11 +26,11 @@
#include "src/core/lib/security/credentials/credentials.h"
#include "src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h"
-class SpiffeCredentials final : public grpc_channel_credentials {
+class TlsCredentials final : public grpc_channel_credentials {
public:
- explicit SpiffeCredentials(
+ explicit TlsCredentials(
grpc_core::RefCountedPtr options);
- ~SpiffeCredentials() override;
+ ~TlsCredentials() override;
grpc_core::RefCountedPtr
create_security_connector(
@@ -44,11 +44,11 @@ class SpiffeCredentials final : public grpc_channel_credentials {
grpc_core::RefCountedPtr options_;
};
-class SpiffeServerCredentials final : public grpc_server_credentials {
+class TlsServerCredentials final : public grpc_server_credentials {
public:
- explicit SpiffeServerCredentials(
+ explicit TlsServerCredentials(
grpc_core::RefCountedPtr options);
- ~SpiffeServerCredentials() override;
+ ~TlsServerCredentials() override;
grpc_core::RefCountedPtr
create_security_connector() override;
@@ -59,4 +59,4 @@ class SpiffeServerCredentials final : public grpc_server_credentials {
grpc_core::RefCountedPtr options_;
};
-#endif /* GRPC_CORE_LIB_SECURITY_CREDENTIALS_TLS_SPIFFE_CREDENTIALS_H */
+#endif /* GRPC_CORE_LIB_SECURITY_CREDENTIALS_TLS_TLS_CREDENTIALS_H */
diff --git a/src/core/lib/security/security_connector/tls/spiffe_security_connector.cc b/src/core/lib/security/security_connector/tls/tls_security_connector.cc
similarity index 85%
rename from src/core/lib/security/security_connector/tls/spiffe_security_connector.cc
rename to src/core/lib/security/security_connector/tls/tls_security_connector.cc
index a388f9d5739..62948eff57a 100644
--- a/src/core/lib/security/security_connector/tls/spiffe_security_connector.cc
+++ b/src/core/lib/security/security_connector/tls/tls_security_connector.cc
@@ -18,7 +18,7 @@
#include
-#include "src/core/lib/security/security_connector/tls/spiffe_security_connector.h"
+#include "src/core/lib/security/security_connector/tls/tls_security_connector.h"
#include
#include
@@ -30,7 +30,7 @@
#include "src/core/lib/gprpp/host_port.h"
#include "src/core/lib/security/credentials/ssl/ssl_credentials.h"
-#include "src/core/lib/security/credentials/tls/spiffe_credentials.h"
+#include "src/core/lib/security/credentials/tls/tls_credentials.h"
#include "src/core/lib/security/security_connector/ssl_utils.h"
#include "src/core/lib/security/transport/security_handshaker.h"
#include "src/core/lib/slice/slice_internal.h"
@@ -62,7 +62,7 @@ tsi_ssl_pem_key_cert_pair* ConvertToTsiPemKeyCertPair(
} // namespace
-/** -- Util function to fetch SPIFFE server/channel credentials. -- */
+/** -- Util function to fetch TLS server/channel credentials. -- */
grpc_status_code TlsFetchKeyMaterials(
const grpc_core::RefCountedPtr&
key_materials_config,
@@ -111,7 +111,7 @@ grpc_status_code TlsFetchKeyMaterials(
return status;
}
-SpiffeChannelSecurityConnector::SpiffeChannelSecurityConnector(
+TlsChannelSecurityConnector::TlsChannelSecurityConnector(
grpc_core::RefCountedPtr channel_creds,
grpc_core::RefCountedPtr request_metadata_creds,
const char* target_name, const char* overridden_target_name)
@@ -129,7 +129,7 @@ SpiffeChannelSecurityConnector::SpiffeChannelSecurityConnector(
target_name_ = grpc_core::StringViewToCString(host);
}
-SpiffeChannelSecurityConnector::~SpiffeChannelSecurityConnector() {
+TlsChannelSecurityConnector::~TlsChannelSecurityConnector() {
if (client_handshaker_factory_ != nullptr) {
tsi_ssl_client_handshaker_factory_unref(client_handshaker_factory_);
}
@@ -139,7 +139,7 @@ SpiffeChannelSecurityConnector::~SpiffeChannelSecurityConnector() {
ServerAuthorizationCheckArgDestroy(check_arg_);
}
-void SpiffeChannelSecurityConnector::add_handshakers(
+void TlsChannelSecurityConnector::add_handshakers(
const grpc_channel_args* args, grpc_pollset_set* /*interested_parties*/,
grpc_core::HandshakeManager* handshake_mgr) {
if (RefreshHandshakerFactory() != GRPC_SECURITY_OK) {
@@ -162,7 +162,7 @@ void SpiffeChannelSecurityConnector::add_handshakers(
handshake_mgr->Add(grpc_core::SecurityHandshakerCreate(tsi_hs, this, args));
}
-void SpiffeChannelSecurityConnector::check_peer(
+void TlsChannelSecurityConnector::check_peer(
tsi_peer peer, grpc_endpoint* /*ep*/,
grpc_core::RefCountedPtr* auth_context,
grpc_closure* on_peer_checked) {
@@ -175,10 +175,10 @@ void SpiffeChannelSecurityConnector::check_peer(
tsi_peer_destruct(&peer);
return;
}
- *auth_context = grpc_ssl_peer_to_auth_context(
- &peer, GRPC_TLS_SPIFFE_TRANSPORT_SECURITY_TYPE);
- const SpiffeCredentials* creds =
- static_cast(channel_creds());
+ *auth_context =
+ grpc_ssl_peer_to_auth_context(&peer, GRPC_TLS_TRANSPORT_SECURITY_TYPE);
+ const TlsCredentials* creds =
+ static_cast(channel_creds());
const grpc_tls_server_authorization_check_config* config =
creds->options().server_authorization_check_config();
/* If server authorization config is not null, use it to perform
@@ -216,10 +216,9 @@ void SpiffeChannelSecurityConnector::check_peer(
tsi_peer_destruct(&peer);
}
-int SpiffeChannelSecurityConnector::cmp(
+int TlsChannelSecurityConnector::cmp(
const grpc_security_connector* other_sc) const {
- auto* other =
- reinterpret_cast(other_sc);
+ auto* other = reinterpret_cast(other_sc);
int c = channel_security_connector_cmp(other);
if (c != 0) {
return c;
@@ -229,7 +228,7 @@ int SpiffeChannelSecurityConnector::cmp(
other->overridden_target_name_.get());
}
-bool SpiffeChannelSecurityConnector::check_call_host(
+bool TlsChannelSecurityConnector::check_call_host(
grpc_core::StringView host, grpc_auth_context* auth_context,
grpc_closure* on_call_host_checked, grpc_error** error) {
return grpc_ssl_check_call_host(host, target_name_.get(),
@@ -237,13 +236,13 @@ bool SpiffeChannelSecurityConnector::check_call_host(
on_call_host_checked, error);
}
-void SpiffeChannelSecurityConnector::cancel_check_call_host(
+void TlsChannelSecurityConnector::cancel_check_call_host(
grpc_closure* /*on_call_host_checked*/, grpc_error* error) {
GRPC_ERROR_UNREF(error);
}
grpc_core::RefCountedPtr
-SpiffeChannelSecurityConnector::CreateSpiffeChannelSecurityConnector(
+TlsChannelSecurityConnector::CreateTlsChannelSecurityConnector(
grpc_core::RefCountedPtr channel_creds,
grpc_core::RefCountedPtr request_metadata_creds,
const char* target_name, const char* overridden_target_name,
@@ -251,17 +250,17 @@ SpiffeChannelSecurityConnector::CreateSpiffeChannelSecurityConnector(
if (channel_creds == nullptr) {
gpr_log(GPR_ERROR,
"channel_creds is nullptr in "
- "SpiffeChannelSecurityConnectorCreate()");
+ "TlsChannelSecurityConnectorCreate()");
return nullptr;
}
if (target_name == nullptr) {
gpr_log(GPR_ERROR,
"target_name is nullptr in "
- "SpiffeChannelSecurityConnectorCreate()");
+ "TlsChannelSecurityConnectorCreate()");
return nullptr;
}
- grpc_core::RefCountedPtr c =
- grpc_core::MakeRefCounted(
+ grpc_core::RefCountedPtr c =
+ grpc_core::MakeRefCounted(
std::move(channel_creds), std::move(request_metadata_creds),
target_name, overridden_target_name);
if (c->InitializeHandshakerFactory(ssl_session_cache) != GRPC_SECURITY_OK) {
@@ -271,7 +270,7 @@ SpiffeChannelSecurityConnector::CreateSpiffeChannelSecurityConnector(
return c;
}
-grpc_security_status SpiffeChannelSecurityConnector::ReplaceHandshakerFactory(
+grpc_security_status TlsChannelSecurityConnector::ReplaceHandshakerFactory(
tsi_ssl_session_cache* ssl_session_cache) {
/* Free the client handshaker factory if exists. */
if (client_handshaker_factory_) {
@@ -288,12 +287,11 @@ grpc_security_status SpiffeChannelSecurityConnector::ReplaceHandshakerFactory(
return status;
}
-grpc_security_status
-SpiffeChannelSecurityConnector::InitializeHandshakerFactory(
+grpc_security_status TlsChannelSecurityConnector::InitializeHandshakerFactory(
tsi_ssl_session_cache* ssl_session_cache) {
grpc_core::MutexLock lock(&mu_);
- const SpiffeCredentials* creds =
- static_cast(channel_creds());
+ const TlsCredentials* creds =
+ static_cast(channel_creds());
grpc_tls_key_materials_config* key_materials_config =
creds->options().key_materials_config();
/* Copy key materials config from credential options. */
@@ -315,11 +313,10 @@ SpiffeChannelSecurityConnector::InitializeHandshakerFactory(
return ReplaceHandshakerFactory(ssl_session_cache);
}
-grpc_security_status
-SpiffeChannelSecurityConnector::RefreshHandshakerFactory() {
+grpc_security_status TlsChannelSecurityConnector::RefreshHandshakerFactory() {
grpc_core::MutexLock lock(&mu_);
- const SpiffeCredentials* creds =
- static_cast(channel_creds());
+ const TlsCredentials* creds =
+ static_cast(channel_creds());
grpc_ssl_certificate_config_reload_status reload_status =
GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_UNCHANGED;
if (TlsFetchKeyMaterials(key_materials_config_, creds->options(),
@@ -334,18 +331,17 @@ SpiffeChannelSecurityConnector::RefreshHandshakerFactory() {
}
}
-void SpiffeChannelSecurityConnector::ServerAuthorizationCheckDone(
+void TlsChannelSecurityConnector::ServerAuthorizationCheckDone(
grpc_tls_server_authorization_check_arg* arg) {
GPR_ASSERT(arg != nullptr);
grpc_core::ExecCtx exec_ctx;
grpc_error* error = ProcessServerAuthorizationCheckResult(arg);
- SpiffeChannelSecurityConnector* connector =
- static_cast(arg->cb_user_data);
+ TlsChannelSecurityConnector* connector =
+ static_cast(arg->cb_user_data);
grpc_core::ExecCtx::Run(DEBUG_LOCATION, connector->on_peer_checked_, error);
}
-grpc_error*
-SpiffeChannelSecurityConnector::ProcessServerAuthorizationCheckResult(
+grpc_error* TlsChannelSecurityConnector::ProcessServerAuthorizationCheckResult(
grpc_tls_server_authorization_check_arg* arg) {
grpc_error* error = GRPC_ERROR_NONE;
char* msg = nullptr;
@@ -377,7 +373,7 @@ SpiffeChannelSecurityConnector::ProcessServerAuthorizationCheckResult(
}
grpc_tls_server_authorization_check_arg*
-SpiffeChannelSecurityConnector::ServerAuthorizationCheckArgCreate(
+TlsChannelSecurityConnector::ServerAuthorizationCheckArgCreate(
void* user_data) {
grpc_tls_server_authorization_check_arg* arg =
new grpc_tls_server_authorization_check_arg();
@@ -387,7 +383,7 @@ SpiffeChannelSecurityConnector::ServerAuthorizationCheckArgCreate(
return arg;
}
-void SpiffeChannelSecurityConnector::ServerAuthorizationCheckArgDestroy(
+void TlsChannelSecurityConnector::ServerAuthorizationCheckArgDestroy(
grpc_tls_server_authorization_check_arg* arg) {
if (arg == nullptr) {
return;
@@ -401,14 +397,14 @@ void SpiffeChannelSecurityConnector::ServerAuthorizationCheckArgDestroy(
delete arg;
}
-SpiffeServerSecurityConnector::SpiffeServerSecurityConnector(
+TlsServerSecurityConnector::TlsServerSecurityConnector(
grpc_core::RefCountedPtr server_creds)
: grpc_server_security_connector(GRPC_SSL_URL_SCHEME,
std::move(server_creds)) {
key_materials_config_ = grpc_tls_key_materials_config_create()->Ref();
}
-SpiffeServerSecurityConnector::~SpiffeServerSecurityConnector() {
+TlsServerSecurityConnector::~TlsServerSecurityConnector() {
if (server_handshaker_factory_ != nullptr) {
tsi_ssl_server_handshaker_factory_unref(server_handshaker_factory_);
}
@@ -417,7 +413,7 @@ SpiffeServerSecurityConnector::~SpiffeServerSecurityConnector() {
}
}
-void SpiffeServerSecurityConnector::add_handshakers(
+void TlsServerSecurityConnector::add_handshakers(
const grpc_channel_args* args, grpc_pollset_set* /*interested_parties*/,
grpc_core::HandshakeManager* handshake_mgr) {
/* Refresh handshaker factory if needed. */
@@ -425,7 +421,7 @@ void SpiffeServerSecurityConnector::add_handshakers(
gpr_log(GPR_ERROR, "Handshaker factory refresh failed.");
return;
}
- /* Create a TLS SPIFFE TSI handshaker for server. */
+ /* Create a TLS TSI handshaker for server. */
tsi_handshaker* tsi_hs = nullptr;
tsi_result result = tsi_ssl_server_handshaker_factory_create_handshaker(
server_handshaker_factory_, &tsi_hs);
@@ -437,34 +433,34 @@ void SpiffeServerSecurityConnector::add_handshakers(
handshake_mgr->Add(grpc_core::SecurityHandshakerCreate(tsi_hs, this, args));
}
-void SpiffeServerSecurityConnector::check_peer(
+void TlsServerSecurityConnector::check_peer(
tsi_peer peer, grpc_endpoint* /*ep*/,
grpc_core::RefCountedPtr* auth_context,
grpc_closure* on_peer_checked) {
grpc_error* error = grpc_ssl_check_alpn(&peer);
- *auth_context = grpc_ssl_peer_to_auth_context(
- &peer, GRPC_TLS_SPIFFE_TRANSPORT_SECURITY_TYPE);
+ *auth_context =
+ grpc_ssl_peer_to_auth_context(&peer, GRPC_TLS_TRANSPORT_SECURITY_TYPE);
tsi_peer_destruct(&peer);
grpc_core::ExecCtx::Run(DEBUG_LOCATION, on_peer_checked, error);
}
-int SpiffeServerSecurityConnector::cmp(
+int TlsServerSecurityConnector::cmp(
const grpc_security_connector* other) const {
return server_security_connector_cmp(
static_cast(other));
}
grpc_core::RefCountedPtr
-SpiffeServerSecurityConnector::CreateSpiffeServerSecurityConnector(
+TlsServerSecurityConnector::CreateTlsServerSecurityConnector(
grpc_core::RefCountedPtr server_creds) {
if (server_creds == nullptr) {
gpr_log(GPR_ERROR,
"server_creds is nullptr in "
- "SpiffeServerSecurityConnectorCreate()");
+ "TlsServerSecurityConnectorCreate()");
return nullptr;
}
- grpc_core::RefCountedPtr c =
- grpc_core::MakeRefCounted(
+ grpc_core::RefCountedPtr c =
+ grpc_core::MakeRefCounted(
std::move(server_creds));
if (c->InitializeHandshakerFactory() != GRPC_SECURITY_OK) {
gpr_log(GPR_ERROR, "Could not initialize server handshaker factory.");
@@ -473,9 +469,9 @@ SpiffeServerSecurityConnector::CreateSpiffeServerSecurityConnector(
return c;
}
-grpc_security_status SpiffeServerSecurityConnector::ReplaceHandshakerFactory() {
- const SpiffeServerCredentials* creds =
- static_cast(server_creds());
+grpc_security_status TlsServerSecurityConnector::ReplaceHandshakerFactory() {
+ const TlsServerCredentials* creds =
+ static_cast(server_creds());
/* Free the server handshaker factory if exists. */
if (server_handshaker_factory_) {
tsi_ssl_server_handshaker_factory_unref(server_handshaker_factory_);
@@ -495,11 +491,10 @@ grpc_security_status SpiffeServerSecurityConnector::ReplaceHandshakerFactory() {
return status;
}
-grpc_security_status
-SpiffeServerSecurityConnector::InitializeHandshakerFactory() {
+grpc_security_status TlsServerSecurityConnector::InitializeHandshakerFactory() {
grpc_core::MutexLock lock(&mu_);
- const SpiffeServerCredentials* creds =
- static_cast(server_creds());
+ const TlsServerCredentials* creds =
+ static_cast(server_creds());
grpc_tls_key_materials_config* key_materials_config =
creds->options().key_materials_config();
if (key_materials_config != nullptr) {
@@ -520,10 +515,10 @@ SpiffeServerSecurityConnector::InitializeHandshakerFactory() {
return ReplaceHandshakerFactory();
}
-grpc_security_status SpiffeServerSecurityConnector::RefreshHandshakerFactory() {
+grpc_security_status TlsServerSecurityConnector::RefreshHandshakerFactory() {
grpc_core::MutexLock lock(&mu_);
- const SpiffeServerCredentials* creds =
- static_cast(server_creds());
+ const TlsServerCredentials* creds =
+ static_cast(server_creds());
grpc_ssl_certificate_config_reload_status reload_status =
GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_UNCHANGED;
if (TlsFetchKeyMaterials(key_materials_config_, creds->options(),
diff --git a/src/core/lib/security/security_connector/tls/spiffe_security_connector.h b/src/core/lib/security/security_connector/tls/tls_security_connector.h
similarity index 85%
rename from src/core/lib/security/security_connector/tls/spiffe_security_connector.h
rename to src/core/lib/security/security_connector/tls/tls_security_connector.h
index 8de2bfcd3a4..c669c6b9b75 100644
--- a/src/core/lib/security/security_connector/tls/spiffe_security_connector.h
+++ b/src/core/lib/security/security_connector/tls/tls_security_connector.h
@@ -16,8 +16,8 @@
*
*/
-#ifndef GRPC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_TLS_SPIFFE_SECURITY_CONNECTOR_H
-#define GRPC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_TLS_SPIFFE_SECURITY_CONNECTOR_H
+#ifndef GRPC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_TLS_TLS_SECURITY_CONNECTOR_H
+#define GRPC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_TLS_TLS_SECURITY_CONNECTOR_H
#include
@@ -25,27 +25,27 @@
#include "src/core/lib/security/context/security_context.h"
#include "src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h"
-#define GRPC_TLS_SPIFFE_TRANSPORT_SECURITY_TYPE "spiffe"
+#define GRPC_TLS_TRANSPORT_SECURITY_TYPE "tls"
namespace grpc_core {
-// Spiffe channel security connector.
-class SpiffeChannelSecurityConnector final
+// TLS channel security connector.
+class TlsChannelSecurityConnector final
: public grpc_channel_security_connector {
public:
- // static factory method to create a SPIFFE channel security connector.
+ // static factory method to create a TLS channel security connector.
static grpc_core::RefCountedPtr
- CreateSpiffeChannelSecurityConnector(
+ CreateTlsChannelSecurityConnector(
grpc_core::RefCountedPtr channel_creds,
grpc_core::RefCountedPtr request_metadata_creds,
const char* target_name, const char* overridden_target_name,
tsi_ssl_session_cache* ssl_session_cache);
- SpiffeChannelSecurityConnector(
+ TlsChannelSecurityConnector(
grpc_core::RefCountedPtr channel_creds,
grpc_core::RefCountedPtr request_metadata_creds,
const char* target_name, const char* overridden_target_name);
- ~SpiffeChannelSecurityConnector() override;
+ ~TlsChannelSecurityConnector() override;
void add_handshakers(const grpc_channel_args* args,
grpc_pollset_set* interested_parties,
@@ -105,18 +105,17 @@ class SpiffeChannelSecurityConnector final
grpc_core::RefCountedPtr key_materials_config_;
};
-// Spiffe server security connector.
-class SpiffeServerSecurityConnector final
- : public grpc_server_security_connector {
+// TLS server security connector.
+class TlsServerSecurityConnector final : public grpc_server_security_connector {
public:
- // static factory method to create a SPIFFE server security connector.
+ // static factory method to create a TLS server security connector.
static grpc_core::RefCountedPtr
- CreateSpiffeServerSecurityConnector(
+ CreateTlsServerSecurityConnector(
grpc_core::RefCountedPtr server_creds);
- explicit SpiffeServerSecurityConnector(
+ explicit TlsServerSecurityConnector(
grpc_core::RefCountedPtr server_creds);
- ~SpiffeServerSecurityConnector() override;
+ ~TlsServerSecurityConnector() override;
void add_handshakers(const grpc_channel_args* args,
grpc_pollset_set* interested_parties,
@@ -154,5 +153,5 @@ grpc_status_code TlsFetchKeyMaterials(
} // namespace grpc_core
-#endif /* GRPC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_TLS_SPIFFE_SECURITY_CONNECTOR_H \
+#endif /* GRPC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_TLS_TLS_SECURITY_CONNECTOR_H \
*/
diff --git a/src/cpp/client/secure_credentials.cc b/src/cpp/client/secure_credentials.cc
index a5a0794be15..ca326974f01 100644
--- a/src/cpp/client/secure_credentials.cc
+++ b/src/cpp/client/secure_credentials.cc
@@ -282,7 +282,7 @@ std::shared_ptr LocalCredentials(
std::shared_ptr TlsCredentials(
const TlsCredentialsOptions& options) {
return WrapChannelCredentials(
- grpc_tls_spiffe_credentials_create(options.c_credentials_options()));
+ grpc_tls_credentials_create(options.c_credentials_options()));
}
} // namespace experimental
diff --git a/src/cpp/server/secure_server_credentials.cc b/src/cpp/server/secure_server_credentials.cc
index 81b99913000..205ebc7872f 100644
--- a/src/cpp/server/secure_server_credentials.cc
+++ b/src/cpp/server/secure_server_credentials.cc
@@ -149,9 +149,8 @@ std::shared_ptr LocalServerCredentials(
std::shared_ptr TlsServerCredentials(
const TlsCredentialsOptions& options) {
- return std::shared_ptr(
- new SecureServerCredentials(grpc_tls_spiffe_server_credentials_create(
- options.c_credentials_options())));
+ return std::shared_ptr(new SecureServerCredentials(
+ grpc_tls_server_credentials_create(options.c_credentials_options())));
}
} // namespace experimental
diff --git a/src/python/grpcio/grpc_core_dependencies.py b/src/python/grpcio/grpc_core_dependencies.py
index 31458933f5f..a8bb3f8863e 100644
--- a/src/python/grpcio/grpc_core_dependencies.py
+++ b/src/python/grpcio/grpc_core_dependencies.py
@@ -341,7 +341,7 @@ CORE_SOURCE_FILES = [
'src/core/lib/security/credentials/plugin/plugin_credentials.cc',
'src/core/lib/security/credentials/ssl/ssl_credentials.cc',
'src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc',
- 'src/core/lib/security/credentials/tls/spiffe_credentials.cc',
+ 'src/core/lib/security/credentials/tls/tls_credentials.cc',
'src/core/lib/security/security_connector/alts/alts_security_connector.cc',
'src/core/lib/security/security_connector/fake/fake_security_connector.cc',
'src/core/lib/security/security_connector/load_system_roots_fallback.cc',
@@ -351,7 +351,7 @@ CORE_SOURCE_FILES = [
'src/core/lib/security/security_connector/ssl/ssl_security_connector.cc',
'src/core/lib/security/security_connector/ssl_utils.cc',
'src/core/lib/security/security_connector/ssl_utils_config.cc',
- 'src/core/lib/security/security_connector/tls/spiffe_security_connector.cc',
+ 'src/core/lib/security/security_connector/tls/tls_security_connector.cc',
'src/core/lib/security/transport/client_auth_filter.cc',
'src/core/lib/security/transport/secure_endpoint.cc',
'src/core/lib/security/transport/security_handshaker.cc',
diff --git a/test/core/end2end/fixtures/h2_spiffe.cc b/test/core/end2end/fixtures/h2_tls.cc
similarity index 94%
rename from test/core/end2end/fixtures/h2_spiffe.cc
rename to test/core/end2end/fixtures/h2_tls.cc
index 306e94fd1b2..905f470bd8a 100644
--- a/test/core/end2end/fixtures/h2_spiffe.cc
+++ b/test/core/end2end/fixtures/h2_tls.cc
@@ -128,7 +128,7 @@ static int server_authz_check_async(
fullstack_secure_fixture_data* ffd =
static_cast(config_user_data);
ffd->thd_list.push_back(
- grpc_core::Thread("h2_spiffe_test", &server_authz_check_cb, arg));
+ grpc_core::Thread("h2_tls_test", &server_authz_check_cb, arg));
ffd->thd_list[ffd->thd_list.size() - 1].Start();
return 1;
}
@@ -189,8 +189,8 @@ static int server_cred_reload_sync(void* /*config_user_data*/,
return 0;
}
-// Create a SPIFFE channel credential.
-static grpc_channel_credentials* create_spiffe_channel_credentials(
+// Create a TLS channel credential.
+static grpc_channel_credentials* create_tls_channel_credentials(
fullstack_secure_fixture_data* ffd) {
grpc_tls_credentials_options* options = grpc_tls_credentials_options_create();
/* Set credential reload config. */
@@ -205,13 +205,13 @@ static grpc_channel_credentials* create_spiffe_channel_credentials(
ffd, server_authz_check_async, nullptr, nullptr);
grpc_tls_credentials_options_set_server_authorization_check_config(
options, check_config);
- /* Create SPIFFE channel credentials. */
- grpc_channel_credentials* creds = grpc_tls_spiffe_credentials_create(options);
+ /* Create TLS channel credentials. */
+ grpc_channel_credentials* creds = grpc_tls_credentials_create(options);
return creds;
}
-// Create a SPIFFE server credential.
-static grpc_server_credentials* create_spiffe_server_credentials() {
+// Create a TLS server credential.
+static grpc_server_credentials* create_tls_server_credentials() {
grpc_tls_credentials_options* options = grpc_tls_credentials_options_create();
/* Set credential reload config. */
grpc_tls_credential_reload_config* reload_config =
@@ -222,14 +222,13 @@ static grpc_server_credentials* create_spiffe_server_credentials() {
/* Set client certificate request type. */
grpc_tls_credentials_options_set_cert_request_type(
options, GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY);
- grpc_server_credentials* creds =
- grpc_tls_spiffe_server_credentials_create(options);
+ grpc_server_credentials* creds = grpc_tls_server_credentials_create(options);
return creds;
}
static void chttp2_init_client(grpc_end2end_test_fixture* f,
grpc_channel_args* client_args) {
- grpc_channel_credentials* ssl_creds = create_spiffe_channel_credentials(
+ grpc_channel_credentials* ssl_creds = create_tls_channel_credentials(
static_cast(f->fixture_data));
grpc_arg ssl_name_override = {
GRPC_ARG_STRING,
@@ -255,7 +254,7 @@ static int fail_server_auth_check(grpc_channel_args* server_args) {
static void chttp2_init_server(grpc_end2end_test_fixture* f,
grpc_channel_args* server_args) {
- grpc_server_credentials* ssl_creds = create_spiffe_server_credentials();
+ grpc_server_credentials* ssl_creds = create_tls_server_credentials();
if (fail_server_auth_check(server_args)) {
grpc_auth_metadata_processor processor = {process_auth_failure, nullptr,
nullptr};
diff --git a/test/core/end2end/generate_tests.bzl b/test/core/end2end/generate_tests.bzl
index 3aa40ca4f88..38efc2f1cae 100755
--- a/test/core/end2end/generate_tests.bzl
+++ b/test/core/end2end/generate_tests.bzl
@@ -88,7 +88,7 @@ END2END_FIXTURES = {
),
"h2_ssl": _fixture_options(secure = True),
"h2_ssl_cred_reload": _fixture_options(secure = True),
- "h2_spiffe": _fixture_options(secure = True),
+ "h2_tls": _fixture_options(secure = True),
"h2_local_uds": _fixture_options(secure = True, dns_resolver = False, _platforms = ["linux", "mac", "posix"]),
"h2_local_ipv4": _fixture_options(secure = True, dns_resolver = False, _platforms = ["linux", "mac", "posix"]),
"h2_local_ipv6": _fixture_options(secure = True, dns_resolver = False, _platforms = ["linux", "mac", "posix"]),
diff --git a/test/core/security/BUILD b/test/core/security/BUILD
index 7d07157478d..25fd11e0ca0 100644
--- a/test/core/security/BUILD
+++ b/test/core/security/BUILD
@@ -259,8 +259,8 @@ grpc_cc_test(
)
grpc_cc_test(
- name = "spiffe_security_connector_test",
- srcs = ["spiffe_security_connector_test.cc"],
+ name = "tls_security_connector_test",
+ srcs = ["tls_security_connector_test.cc"],
external_deps = [
"gtest",
],
diff --git a/test/core/security/spiffe_security_connector_test.cc b/test/core/security/tls_security_connector_test.cc
similarity index 85%
rename from test/core/security/spiffe_security_connector_test.cc
rename to test/core/security/tls_security_connector_test.cc
index 406c539dd1e..bab6575a19e 100644
--- a/test/core/security/spiffe_security_connector_test.cc
+++ b/test/core/security/tls_security_connector_test.cc
@@ -25,7 +25,7 @@
#include
#include
-#include "src/core/lib/security/security_connector/tls/spiffe_security_connector.h"
+#include "src/core/lib/security/security_connector/tls/tls_security_connector.h"
#include "test/core/end2end/data/ssl_test_data.h"
#include "test/core/util/test_config.h"
@@ -75,9 +75,9 @@ int CredReloadAsync(void* /*config_user_data*/,
namespace grpc {
namespace testing {
-class SpiffeSecurityConnectorTest : public ::testing::Test {
+class TlsSecurityConnectorTest : public ::testing::Test {
protected:
- SpiffeSecurityConnectorTest() {}
+ TlsSecurityConnectorTest() {}
void SetUp() override {
options_ = grpc_tls_credentials_options_create()->Ref();
config_ = grpc_tls_key_materials_config_create()->Ref();
@@ -115,7 +115,7 @@ class SpiffeSecurityConnectorTest : public ::testing::Test {
grpc_core::RefCountedPtr config_;
};
-TEST_F(SpiffeSecurityConnectorTest, NoKeysAndConfig) {
+TEST_F(TlsSecurityConnectorTest, NoKeysAndConfig) {
grpc_ssl_certificate_config_reload_status reload_status;
grpc_status_code status =
TlsFetchKeyMaterials(config_, *options_, &reload_status);
@@ -123,7 +123,7 @@ TEST_F(SpiffeSecurityConnectorTest, NoKeysAndConfig) {
options_->Unref();
}
-TEST_F(SpiffeSecurityConnectorTest, NoKeySuccessReload) {
+TEST_F(TlsSecurityConnectorTest, NoKeySuccessReload) {
grpc_ssl_certificate_config_reload_status reload_status;
SetOptions(SUCCESS);
grpc_status_code status =
@@ -133,7 +133,7 @@ TEST_F(SpiffeSecurityConnectorTest, NoKeySuccessReload) {
options_->Unref();
}
-TEST_F(SpiffeSecurityConnectorTest, NoKeyFailReload) {
+TEST_F(TlsSecurityConnectorTest, NoKeyFailReload) {
grpc_ssl_certificate_config_reload_status reload_status;
SetOptions(FAIL);
grpc_status_code status =
@@ -143,7 +143,7 @@ TEST_F(SpiffeSecurityConnectorTest, NoKeyFailReload) {
options_->Unref();
}
-TEST_F(SpiffeSecurityConnectorTest, NoKeyAsyncReload) {
+TEST_F(TlsSecurityConnectorTest, NoKeyAsyncReload) {
grpc_ssl_certificate_config_reload_status reload_status =
GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_UNCHANGED;
SetOptions(ASYNC);
@@ -154,7 +154,7 @@ TEST_F(SpiffeSecurityConnectorTest, NoKeyAsyncReload) {
options_->Unref();
}
-TEST_F(SpiffeSecurityConnectorTest, NoKeyUnchangedReload) {
+TEST_F(TlsSecurityConnectorTest, NoKeyUnchangedReload) {
grpc_ssl_certificate_config_reload_status reload_status =
GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_UNCHANGED;
SetOptions(UNCHANGED);
@@ -165,7 +165,7 @@ TEST_F(SpiffeSecurityConnectorTest, NoKeyUnchangedReload) {
options_->Unref();
}
-TEST_F(SpiffeSecurityConnectorTest, WithKeyNoReload) {
+TEST_F(TlsSecurityConnectorTest, WithKeyNoReload) {
grpc_ssl_certificate_config_reload_status reload_status =
GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_UNCHANGED;
SetKeyMaterialsConfig();
@@ -175,7 +175,7 @@ TEST_F(SpiffeSecurityConnectorTest, WithKeyNoReload) {
options_->Unref();
}
-TEST_F(SpiffeSecurityConnectorTest, WithKeySuccessReload) {
+TEST_F(TlsSecurityConnectorTest, WithKeySuccessReload) {
grpc_ssl_certificate_config_reload_status reload_status;
SetOptions(SUCCESS);
SetKeyMaterialsConfig();
@@ -186,7 +186,7 @@ TEST_F(SpiffeSecurityConnectorTest, WithKeySuccessReload) {
options_->Unref();
}
-TEST_F(SpiffeSecurityConnectorTest, WithKeyFailReload) {
+TEST_F(TlsSecurityConnectorTest, WithKeyFailReload) {
grpc_ssl_certificate_config_reload_status reload_status;
SetOptions(FAIL);
SetKeyMaterialsConfig();
@@ -197,7 +197,7 @@ TEST_F(SpiffeSecurityConnectorTest, WithKeyFailReload) {
options_->Unref();
}
-TEST_F(SpiffeSecurityConnectorTest, WithKeyAsyncReload) {
+TEST_F(TlsSecurityConnectorTest, WithKeyAsyncReload) {
grpc_ssl_certificate_config_reload_status reload_status =
GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_UNCHANGED;
SetOptions(ASYNC);
@@ -209,7 +209,7 @@ TEST_F(SpiffeSecurityConnectorTest, WithKeyAsyncReload) {
options_->Unref();
}
-TEST_F(SpiffeSecurityConnectorTest, WithKeyUnchangedReload) {
+TEST_F(TlsSecurityConnectorTest, WithKeyUnchangedReload) {
grpc_ssl_certificate_config_reload_status reload_status =
GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_UNCHANGED;
SetOptions(UNCHANGED);
@@ -221,10 +221,10 @@ TEST_F(SpiffeSecurityConnectorTest, WithKeyUnchangedReload) {
options_->Unref();
}
-TEST_F(SpiffeSecurityConnectorTest, CreateChannelSecurityConnectorSuccess) {
+TEST_F(TlsSecurityConnectorTest, CreateChannelSecurityConnectorSuccess) {
SetOptions(SUCCESS);
auto cred = std::unique_ptr(
- grpc_tls_spiffe_credentials_create(options_.get()));
+ grpc_tls_credentials_create(options_.get()));
const char* target_name = "some_target";
grpc_channel_args* new_args = nullptr;
auto connector =
@@ -233,39 +233,39 @@ TEST_F(SpiffeSecurityConnectorTest, CreateChannelSecurityConnectorSuccess) {
grpc_channel_args_destroy(new_args);
}
-TEST_F(SpiffeSecurityConnectorTest,
+TEST_F(TlsSecurityConnectorTest,
CreateChannelSecurityConnectorFailNoTargetName) {
SetOptions(SUCCESS);
auto cred = std::unique_ptr(
- grpc_tls_spiffe_credentials_create(options_.get()));
+ grpc_tls_credentials_create(options_.get()));
grpc_channel_args* new_args = nullptr;
auto connector =
cred->create_security_connector(nullptr, nullptr, nullptr, &new_args);
EXPECT_EQ(connector, nullptr);
}
-TEST_F(SpiffeSecurityConnectorTest, CreateChannelSecurityConnectorFailInit) {
+TEST_F(TlsSecurityConnectorTest, CreateChannelSecurityConnectorFailInit) {
SetOptions(FAIL);
auto cred = std::unique_ptr(
- grpc_tls_spiffe_credentials_create(options_.get()));
+ grpc_tls_credentials_create(options_.get()));
grpc_channel_args* new_args = nullptr;
auto connector =
cred->create_security_connector(nullptr, nullptr, nullptr, &new_args);
EXPECT_EQ(connector, nullptr);
}
-TEST_F(SpiffeSecurityConnectorTest, CreateServerSecurityConnectorSuccess) {
+TEST_F(TlsSecurityConnectorTest, CreateServerSecurityConnectorSuccess) {
SetOptions(SUCCESS);
auto cred = std::unique_ptr(
- grpc_tls_spiffe_server_credentials_create(options_.get()));
+ grpc_tls_server_credentials_create(options_.get()));
auto connector = cred->create_security_connector();
EXPECT_NE(connector, nullptr);
}
-TEST_F(SpiffeSecurityConnectorTest, CreateServerSecurityConnectorFailInit) {
+TEST_F(TlsSecurityConnectorTest, CreateServerSecurityConnectorFailInit) {
SetOptions(FAIL);
auto cred = std::unique_ptr(
- grpc_tls_spiffe_server_credentials_create(options_.get()));
+ grpc_tls_server_credentials_create(options_.get()));
auto connector = cred->create_security_connector();
EXPECT_EQ(connector, nullptr);
}
diff --git a/test/cpp/client/credentials_test.cc b/test/cpp/client/credentials_test.cc
index de7dc91353f..07c428de084 100644
--- a/test/cpp/client/credentials_test.cc
+++ b/test/cpp/client/credentials_test.cc
@@ -648,7 +648,7 @@ TEST_F(CredentialsTest, TlsCredentialsOptionsCppToC) {
}
// This test demonstrates how the SPIFFE credentials will be used.
-TEST_F(CredentialsTest, LoadSpiffeChannelCredentials) {
+TEST_F(CredentialsTest, LoadTlsChannelCredentials) {
std::shared_ptr test_credential_reload(
new TestTlsCredentialReload());
std::shared_ptr credential_reload_config(
diff --git a/tools/doxygen/Doxyfile.core.internal b/tools/doxygen/Doxyfile.core.internal
index 82538fe6883..c4e0efff000 100644
--- a/tools/doxygen/Doxyfile.core.internal
+++ b/tools/doxygen/Doxyfile.core.internal
@@ -1487,8 +1487,8 @@ src/core/lib/security/credentials/ssl/ssl_credentials.cc \
src/core/lib/security/credentials/ssl/ssl_credentials.h \
src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc \
src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h \
-src/core/lib/security/credentials/tls/spiffe_credentials.cc \
-src/core/lib/security/credentials/tls/spiffe_credentials.h \
+src/core/lib/security/credentials/tls/tls_credentials.cc \
+src/core/lib/security/credentials/tls/tls_credentials.h \
src/core/lib/security/security_connector/alts/alts_security_connector.cc \
src/core/lib/security/security_connector/alts/alts_security_connector.h \
src/core/lib/security/security_connector/fake/fake_security_connector.cc \
@@ -1507,8 +1507,8 @@ src/core/lib/security/security_connector/ssl_utils.cc \
src/core/lib/security/security_connector/ssl_utils.h \
src/core/lib/security/security_connector/ssl_utils_config.cc \
src/core/lib/security/security_connector/ssl_utils_config.h \
-src/core/lib/security/security_connector/tls/spiffe_security_connector.cc \
-src/core/lib/security/security_connector/tls/spiffe_security_connector.h \
+src/core/lib/security/security_connector/tls/tls_security_connector.cc \
+src/core/lib/security/security_connector/tls/tls_security_connector.h \
src/core/lib/security/transport/auth_filters.h \
src/core/lib/security/transport/client_auth_filter.cc \
src/core/lib/security/transport/secure_endpoint.cc \
diff --git a/tools/run_tests/generated/tests.json b/tools/run_tests/generated/tests.json
index 8c4283846b1..fd10fbc679e 100644
--- a/tools/run_tests/generated/tests.json
+++ b/tools/run_tests/generated/tests.json
@@ -4726,7 +4726,7 @@
"flaky": false,
"gtest": true,
"language": "c++",
- "name": "grpc_spiffe_security_connector_test",
+ "name": "grpc_tls_security_connector_test",
"platforms": [
"linux",
"mac",