First set of small changes from development of e2e tests.

6 years ago · a7f9d943d5
parent 10a39b77c6
commit a7f9d943d5
6 changed files with 84 additions and 67 deletions
--- a/include/grpcpp/security/tls_credentials_options.h
+++ b/include/grpcpp/security/tls_credentials_options.h
@ -57,6 +57,8 @@ class TlsKeyMaterialsConfig {

  /** Setter for key materials that will be called by the user. The setter
   * transfers ownership of the arguments to the config. **/
+  void set_pem_root_certs(grpc::string pem_root_certs);
+  void add_pem_key_cert_pair(PemKeyCertPair pem_key_cert_pair);
  void set_key_materials(grpc::string pem_root_certs,
                         std::vector<PemKeyCertPair> pem_key_cert_pair_list);
  void set_version(int version) { version_ = version; };
@ -88,7 +90,7 @@ class TlsCredentialReloadArg {
   * of the key materials config, it creates a new instance of the C++ key
   * materials config from the underlying C grpc_tls_key_materials_config. **/
  void* cb_user_data() const;
-  std::shared_ptr<TlsKeyMaterialsConfig> key_materials_config() const;
+  bool is_pem_key_cert_pair_list_empty() const;
  grpc_ssl_certificate_config_reload_status status() const;
  grpc::string error_details() const;

@ -99,6 +101,8 @@ class TlsCredentialReloadArg {
   * setter function.
   * **/
  void set_cb_user_data(void* cb_user_data);
+  void set_pem_root_certs(grpc::string pem_root_certs);
+  void add_pem_key_cert_pair(TlsKeyMaterialsConfig::PemKeyCertPair pem_key_cert_pair);
  void set_key_materials_config(
      const std::shared_ptr<TlsKeyMaterialsConfig>& key_materials_config);
  void set_status(grpc_ssl_certificate_config_reload_status status);
@ -127,16 +131,23 @@ struct TlsCredentialReloadInterface {
 * used for experimental purposes for now and it is subject to change. **/
 class TlsCredentialReloadConfig {
 public:
-  /** The config takes ownership of the credential reload interface. **/
-  TlsCredentialReloadConfig(std::unique_ptr<TlsCredentialReloadInterface>
+  TlsCredentialReloadConfig(std::shared_ptr<TlsCredentialReloadInterface>
                                credential_reload_interface);
  ~TlsCredentialReloadConfig();

  int Schedule(TlsCredentialReloadArg* arg) const {
+    if (credential_reload_interface_ == nullptr) {
+      gpr_log(GPR_ERROR, "credential reload interface is nullptr");
+      return 1;
+    }
    return credential_reload_interface_->Schedule(arg);
  }

  void Cancel(TlsCredentialReloadArg* arg) const {
+    if (credential_reload_interface_ == nullptr) {
+      gpr_log(GPR_ERROR, "credential reload interface is nullptr");
+      return;
+    }
    credential_reload_interface_->Cancel(arg);
  }

@ -145,7 +156,7 @@ class TlsCredentialReloadConfig {

 private:
  grpc_tls_credential_reload_config* c_config_;
-  std::unique_ptr<TlsCredentialReloadInterface> credential_reload_interface_;
+  std::shared_ptr<TlsCredentialReloadInterface> credential_reload_interface_;
 };

 /** TLS server authorization check arguments, wraps
@ -213,18 +224,24 @@ struct TlsServerAuthorizationCheckInterface {
 *  purposes for now and it is subject to change. **/
 class TlsServerAuthorizationCheckConfig {
 public:
-  /** The config takes ownership of the server authorization check interface.
-   * **/
  TlsServerAuthorizationCheckConfig(
-      std::unique_ptr<TlsServerAuthorizationCheckInterface>
+      std::shared_ptr<TlsServerAuthorizationCheckInterface>
          server_authorization_check_interface);
  ~TlsServerAuthorizationCheckConfig();

  int Schedule(TlsServerAuthorizationCheckArg* arg) const {
+    if (server_authorization_check_interface_ == nullptr) {
+      gpr_log(GPR_ERROR, "server authorization check interface is nullptr");
+      return 1;
+    }
    return server_authorization_check_interface_->Schedule(arg);
  }

  void Cancel(TlsServerAuthorizationCheckArg* arg) const {
+    if (server_authorization_check_interface_ == nullptr) {
+      gpr_log(GPR_ERROR, "server authorization check interface is nullptr");
+      return;
+    }
    server_authorization_check_interface_->Cancel(arg);
  }

@ -235,7 +252,7 @@ class TlsServerAuthorizationCheckConfig {

 private:
  grpc_tls_server_authorization_check_config* c_config_;
-  std::unique_ptr<TlsServerAuthorizationCheckInterface>
+  std::shared_ptr<TlsServerAuthorizationCheckInterface>
      server_authorization_check_interface_;
 };

--- a/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h
+++ b/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h
@ -42,6 +42,12 @@ struct grpc_tls_key_materials_config
  int version() const { return version_; }

  /** Setters for member fields. **/
+  void set_pem_root_certs(grpc_core::UniquePtr<char> pem_root_certs) {
+    pem_root_certs_ = std::move(pem_root_certs);
+  }
+  void add_pem_key_cert_pair(grpc_core::PemKeyCertPair pem_key_cert_pair) {
+    pem_key_cert_pair_list_.push_back(pem_key_cert_pair);
+  }
  void set_key_materials(grpc_core::UniquePtr<char> pem_root_certs,
                         PemKeyCertPairList pem_key_cert_pair_list);
  void set_version(int version) { version_ = version; }
--- a/src/cpp/common/tls_credentials_options.cc
+++ b/src/cpp/common/tls_credentials_options.cc
@ -25,6 +25,14 @@ namespace grpc_impl {
 namespace experimental {

 /** TLS key materials config API implementation **/
+void TlsKeyMaterialsConfig::set_pem_root_certs(grpc::string pem_root_certs) {
+  pem_root_certs_ = std::move(pem_root_certs);
+}
+
+void TlsKeyMaterialsConfig::add_pem_key_cert_pair(PemKeyCertPair pem_key_cert_pair) {
+  pem_key_cert_pair_list_.push_back(pem_key_cert_pair);
+}
+
 void TlsKeyMaterialsConfig::set_key_materials(
    grpc::string pem_root_certs,
    std::vector<PemKeyCertPair> pem_key_cert_pair_list) {
@ -51,11 +59,6 @@ void* TlsCredentialReloadArg::cb_user_data() const {
 /** This function creates a new TlsKeyMaterialsConfig instance whose fields are
 * not shared with the corresponding key materials config fields of the
 * TlsCredentialReloadArg instance. **/
-std::shared_ptr<TlsKeyMaterialsConfig>
-TlsCredentialReloadArg::key_materials_config() const {
-  return ConvertToCppKeyMaterialsConfig(c_arg_->key_materials_config);
-}
-
 grpc_ssl_certificate_config_reload_status TlsCredentialReloadArg::status()
    const {
  return c_arg_->status;
@ -70,6 +73,20 @@ void TlsCredentialReloadArg::set_cb_user_data(void* cb_user_data) {
  c_arg_->cb_user_data = cb_user_data;
 }

+void TlsCredentialReloadArg::set_pem_root_certs(grpc::string pem_root_certs) {
+  ::grpc_core::UniquePtr<char> c_pem_root_certs(gpr_strdup(pem_root_certs.c_str()));
+  c_arg_->key_materials_config->set_pem_root_certs(std::move(c_pem_root_certs));
+}
+
+void TlsCredentialReloadArg::add_pem_key_cert_pair(TlsKeyMaterialsConfig::PemKeyCertPair pem_key_cert_pair) {
+  grpc_ssl_pem_key_cert_pair* ssl_pair = (grpc_ssl_pem_key_cert_pair*)gpr_malloc(sizeof(grpc_ssl_pem_key_cert_pair));
+  ssl_pair->private_key = gpr_strdup(pem_key_cert_pair.private_key.c_str());
+  ssl_pair->cert_chain = gpr_strdup(pem_key_cert_pair.cert_chain.c_str());
+  ::grpc_core::PemKeyCertPair c_pem_key_cert_pair =
+    ::grpc_core::PemKeyCertPair(ssl_pair);
+  c_arg_->key_materials_config->add_pem_key_cert_pair(c_pem_key_cert_pair);
+}
+
 void TlsCredentialReloadArg::set_key_materials_config(
    const std::shared_ptr<TlsKeyMaterialsConfig>& key_materials_config) {
  c_arg_->key_materials_config =
@ -96,8 +113,8 @@ void TlsCredentialReloadArg::OnCredentialReloadDoneCallback() {

 /** gRPC TLS credential reload config API implementation **/
 TlsCredentialReloadConfig::TlsCredentialReloadConfig(
-    std::unique_ptr<TlsCredentialReloadInterface> credential_reload_interface)
-    : credential_reload_interface_(std::move(credential_reload_interface)) {
+    std::shared_ptr<TlsCredentialReloadInterface> credential_reload_interface)
+    : credential_reload_interface_(credential_reload_interface) {
  c_config_ = grpc_tls_credential_reload_config_create(
      nullptr, &TlsCredentialReloadConfigCSchedule,
      &TlsCredentialReloadConfigCCancel, nullptr);
@ -182,10 +199,10 @@ void TlsServerAuthorizationCheckArg::OnServerAuthorizationCheckDoneCallback() {

 /** gRPC TLS server authorization check config API implementation. **/
 TlsServerAuthorizationCheckConfig::TlsServerAuthorizationCheckConfig(
-    std::unique_ptr<TlsServerAuthorizationCheckInterface>
+    std::shared_ptr<TlsServerAuthorizationCheckInterface>
        server_authorization_check_interface)
    : server_authorization_check_interface_(
-          std::move(server_authorization_check_interface)) {
+          server_authorization_check_interface) {
  c_config_ = grpc_tls_server_authorization_check_config_create(
      nullptr, &TlsServerAuthorizationCheckConfigCSchedule,
      &TlsServerAuthorizationCheckConfigCCancel, nullptr);
@ -202,10 +219,10 @@ TlsCredentialsOptions::TlsCredentialsOptions(
    std::shared_ptr<TlsServerAuthorizationCheckConfig>
        server_authorization_check_config)
    : cert_request_type_(cert_request_type),
-      key_materials_config_(std::move(key_materials_config)),
-      credential_reload_config_(std::move(credential_reload_config)),
+      key_materials_config_(key_materials_config),
+      credential_reload_config_(credential_reload_config),
      server_authorization_check_config_(
-          std::move(server_authorization_check_config)) {
+          server_authorization_check_config) {
  c_credentials_options_ = grpc_tls_credentials_options_create();
  grpc_tls_credentials_options_set_cert_request_type(c_credentials_options_,
                                                     cert_request_type_);
--- a/src/cpp/common/tls_credentials_options_util.cc
+++ b/src/cpp/common/tls_credentials_options_util.cc
@ -56,30 +56,6 @@ grpc_tls_key_materials_config* ConvertToCKeyMaterialsConfig(
  return c_config;
 }

-/** Converts the C key materials config to a Cpp key materials config; it
- * allocates memory for the Cpp config. **/
-std::shared_ptr<TlsKeyMaterialsConfig> ConvertToCppKeyMaterialsConfig(
-    const grpc_tls_key_materials_config* config) {
-  if (config == nullptr) {
-    return nullptr;
-  }
-  std::shared_ptr<TlsKeyMaterialsConfig> cpp_config(
-      new TlsKeyMaterialsConfig());
-  std::vector<TlsKeyMaterialsConfig::PemKeyCertPair> cpp_pem_key_cert_pair_list;
-  grpc_tls_key_materials_config::PemKeyCertPairList pem_key_cert_pair_list =
-      config->pem_key_cert_pair_list();
-  for (size_t i = 0; i < pem_key_cert_pair_list.size(); i++) {
-    ::grpc_core::PemKeyCertPair key_cert_pair = pem_key_cert_pair_list[i];
-    TlsKeyMaterialsConfig::PemKeyCertPair p = {key_cert_pair.private_key(),
-                                               key_cert_pair.cert_chain()};
-    cpp_pem_key_cert_pair_list.push_back(::std::move(p));
-  }
-  cpp_config->set_key_materials(std::move(config->pem_root_certs()),
-                                std::move(cpp_pem_key_cert_pair_list));
-  cpp_config->set_version(config->version());
-  return cpp_config;
-}
-
 /** The C schedule and cancel functions for the credential reload config.
 * They populate a C credential reload arg with the result of a C++ credential
 * reload schedule/cancel API. **/
--- a/src/cpp/common/tls_credentials_options_util.h
+++ b/src/cpp/common/tls_credentials_options_util.h
@ -27,13 +27,10 @@
 namespace grpc_impl {
 namespace experimental {

-/** The following 2 functions are exposed for testing purposes. **/
+/** The following function is exposed for testing purposes. **/
 grpc_tls_key_materials_config* ConvertToCKeyMaterialsConfig(
    const std::shared_ptr<TlsKeyMaterialsConfig>& config);

-std::shared_ptr<TlsKeyMaterialsConfig> ConvertToCppKeyMaterialsConfig(
-    const grpc_tls_key_materials_config* config);
-
 /** The following 4 functions convert the user-provided schedule or cancel
 *  functions into C style schedule or cancel functions. These are internal
 *  functions, not meant to be accessed by the user. They are exposed for
--- a/test/cpp/client/credentials_test.cc
+++ b/test/cpp/client/credentials_test.cc
@ -55,16 +55,18 @@ class TestTlsCredentialReload : public TlsCredentialReloadInterface {
    GPR_ASSERT(arg != nullptr);
    struct TlsKeyMaterialsConfig::PemKeyCertPair pair3 = {"private_key3",
                                                          "cert_chain3"};
-    std::shared_ptr<TlsKeyMaterialsConfig> key_materials_config =
-        arg->key_materials_config();
-    GPR_ASSERT(key_materials_config != nullptr);
-    std::vector<TlsKeyMaterialsConfig::PemKeyCertPair> pair_list =
-        key_materials_config->pem_key_cert_pair_list();
+    //std::shared_ptr<TlsKeyMaterialsConfig> key_materials_config =
+    //    arg->key_materials_config();
+    //GPR_ASSERT(key_materials_config != nullptr);
+    //std::vector<TlsKeyMaterialsConfig::PemKeyCertPair> pair_list =
+    //    key_materials_config->pem_key_cert_pair_list();
    pair_list.push_back(pair3);
-    pair_list[0].private_key = "private_key01";
-    pair_list[0].cert_chain = "cert_chain01";
-    key_materials_config->set_key_materials("new_pem_root_certs", pair_list);
-    arg->set_key_materials_config(key_materials_config);
+    //pair_list[0].private_key = "private_key01";
+    //pair_list[0].cert_chain = "cert_chain01";
+    //key_materials_config->set_key_materials("new_pem_root_certs", pair_list);
+    //arg->set_key_materials_config(key_materials_config);
+    arg->set_pem_root_certs("new_pem_root_certs");
+    arg->add_pem_key_cert_pair(pair3);
    arg->set_status(GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_NEW);
    return 0;
  }
@ -302,6 +304,7 @@ TEST_F(CredentialsTest, TlsKeyMaterialsConfigCppToC) {
  gpr_free(c_config);
 }

+/**
 TEST_F(CredentialsTest, TlsKeyMaterialsCtoCpp) {
  grpc_tls_key_materials_config c_config;
  grpc::string test_private_key = "private_key";
@ -328,6 +331,7 @@ TEST_F(CredentialsTest, TlsKeyMaterialsCtoCpp) {
  EXPECT_STREQ("private_key", cpp_pair_list[0].private_key.c_str());
  EXPECT_STREQ("cert_chain", cpp_pair_list[0].cert_chain.c_str());
 }
+**/

 typedef class ::grpc_impl::experimental::TlsCredentialReloadArg
    TlsCredentialReloadArg;
@ -344,7 +348,7 @@ TEST_F(CredentialsTest, TlsCredentialReloadArgCallback) {
 }

 TEST_F(CredentialsTest, TlsCredentialReloadConfigSchedule) {
-  std::unique_ptr<TestTlsCredentialReload> test_credential_reload(
+  std::shared_ptr<TestTlsCredentialReload> test_credential_reload(
      new TestTlsCredentialReload());
  TlsCredentialReloadConfig config(std::move(test_credential_reload));
  grpc_tls_credential_reload_arg c_arg;
@ -368,9 +372,9 @@ TEST_F(CredentialsTest, TlsCredentialReloadConfigSchedule) {
  int schedule_output = config.Schedule(&arg);
  EXPECT_EQ(schedule_output, 0);
  EXPECT_EQ(arg.cb_user_data(), nullptr);
-  EXPECT_STREQ(arg.key_materials_config()->pem_root_certs().c_str(),
+  EXPECT_STREQ(c_arg.key_materials_config->pem_root_certs().get(),
               "new_pem_root_certs");
-  pair_list = arg.key_materials_config()->pem_key_cert_pair_list();
+  pair_list = c_arg.key_materials_config->pem_key_cert_pair_list();
  EXPECT_EQ(static_cast<int>(pair_list.size()), 3);
  EXPECT_STREQ(pair_list[0].private_key.c_str(), "private_key01");
  EXPECT_STREQ(pair_list[0].cert_chain.c_str(), "cert_chain01");
@ -389,7 +393,7 @@ TEST_F(CredentialsTest, TlsCredentialReloadConfigSchedule) {
 }

 TEST_F(CredentialsTest, TlsCredentialReloadConfigCppToC) {
-  std::unique_ptr<TestTlsCredentialReload> test_credential_reload(
+  std::shared_ptr<TestTlsCredentialReload> test_credential_reload(
      new TestTlsCredentialReload());
  TlsCredentialReloadConfig config(std::move(test_credential_reload));
  grpc_tls_credential_reload_arg c_arg;
@ -478,7 +482,7 @@ TEST_F(CredentialsTest, TlsServerAuthorizationCheckArgCallback) {
 }

 TEST_F(CredentialsTest, TlsServerAuthorizationCheckConfigSchedule) {
-  std::unique_ptr<TestTlsServerAuthorizationCheck>
+  std::shared_ptr<TestTlsServerAuthorizationCheck>
      test_server_authorization_check(new TestTlsServerAuthorizationCheck());
  TlsServerAuthorizationCheckConfig config(
      std::move(test_server_authorization_check));
@ -515,7 +519,7 @@ TEST_F(CredentialsTest, TlsServerAuthorizationCheckConfigSchedule) {
 }

 TEST_F(CredentialsTest, TlsServerAuthorizationCheckConfigCppToC) {
-  std::unique_ptr<TestTlsServerAuthorizationCheck>
+  std::shared_ptr<TestTlsServerAuthorizationCheck>
      test_server_authorization_check(new TestTlsServerAuthorizationCheck());
  TlsServerAuthorizationCheckConfig config(
      std::move(test_server_authorization_check));
@ -559,12 +563,12 @@ TEST_F(CredentialsTest, TlsCredentialsOptionsCppToC) {
  std::vector<TlsKeyMaterialsConfig::PemKeyCertPair> pair_list = {pair};
  key_materials_config->set_key_materials("pem_root_certs", pair_list);

-  std::unique_ptr<TestTlsCredentialReload> test_credential_reload(
+  std::shared_ptr<TestTlsCredentialReload> test_credential_reload(
      new TestTlsCredentialReload());
  std::shared_ptr<TlsCredentialReloadConfig> credential_reload_config(
      new TlsCredentialReloadConfig(std::move(test_credential_reload)));

-  std::unique_ptr<TestTlsServerAuthorizationCheck>
+  std::shared_ptr<TestTlsServerAuthorizationCheck>
      test_server_authorization_check(new TestTlsServerAuthorizationCheck());
  std::shared_ptr<TlsServerAuthorizationCheckConfig>
      server_authorization_check_config(new TlsServerAuthorizationCheckConfig(
@ -656,12 +660,12 @@ TEST_F(CredentialsTest, TlsCredentialsOptionsCppToC) {

 // This test demonstrates how the SPIFFE credentials will be used.
 TEST_F(CredentialsTest, LoadSpiffeChannelCredentials) {
-  std::unique_ptr<TestTlsCredentialReload> test_credential_reload(
+  std::shared_ptr<TestTlsCredentialReload> test_credential_reload(
      new TestTlsCredentialReload());
  std::shared_ptr<TlsCredentialReloadConfig> credential_reload_config(
      new TlsCredentialReloadConfig(std::move(test_credential_reload)));

-  std::unique_ptr<TestTlsServerAuthorizationCheck>
+  std::shared_ptr<TestTlsServerAuthorizationCheck>
      test_server_authorization_check(new TestTlsServerAuthorizationCheck());
  std::shared_ptr<TlsServerAuthorizationCheckConfig>
      server_authorization_check_config(new TlsServerAuthorizationCheckConfig(