|
|
|
|
@ -376,6 +376,106 @@ TEST_F(TlsSecurityConnectorTest, TlsCheckHostNameFail) { |
|
|
|
|
GRPC_ERROR_UNREF(error); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
TEST_F(TlsSecurityConnectorTest, |
|
|
|
|
CompareChannelSecurityConnectorSucceedsOnSameCredentials) { |
|
|
|
|
grpc_core::RefCountedPtr<grpc_tls_certificate_distributor> distributor = |
|
|
|
|
grpc_core::MakeRefCounted<grpc_tls_certificate_distributor>(); |
|
|
|
|
distributor->SetKeyMaterials(kRootCertName, root_cert_0_, absl::nullopt); |
|
|
|
|
grpc_core::RefCountedPtr<::grpc_tls_certificate_provider> provider = |
|
|
|
|
grpc_core::MakeRefCounted<TlsTestCertificateProvider>(distributor); |
|
|
|
|
auto options = grpc_core::MakeRefCounted<grpc_tls_credentials_options>(); |
|
|
|
|
options->set_certificate_provider(provider); |
|
|
|
|
options->set_watch_root_cert(true); |
|
|
|
|
options->set_root_cert_name(kRootCertName); |
|
|
|
|
grpc_core::RefCountedPtr<TlsCredentials> credential = |
|
|
|
|
grpc_core::MakeRefCounted<TlsCredentials>(options); |
|
|
|
|
grpc_core::RefCountedPtr<grpc_channel_security_connector> connector = |
|
|
|
|
credential->create_security_connector(nullptr, kTargetName, nullptr, |
|
|
|
|
nullptr); |
|
|
|
|
grpc_core::RefCountedPtr<grpc_channel_security_connector> other_connector = |
|
|
|
|
credential->create_security_connector(nullptr, kTargetName, nullptr, |
|
|
|
|
nullptr); |
|
|
|
|
// Comparing the equality of security connectors generated from the same
|
|
|
|
|
// channel credentials with same settings should succeed.
|
|
|
|
|
EXPECT_EQ(connector->cmp(other_connector.get()), 0); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
TEST_F(TlsSecurityConnectorTest, |
|
|
|
|
CompareChannelSecurityConnectorFailsOnDifferentChannelCredentials) { |
|
|
|
|
grpc_core::RefCountedPtr<grpc_tls_certificate_distributor> distributor = |
|
|
|
|
grpc_core::MakeRefCounted<grpc_tls_certificate_distributor>(); |
|
|
|
|
distributor->SetKeyMaterials(kRootCertName, root_cert_0_, absl::nullopt); |
|
|
|
|
grpc_core::RefCountedPtr<::grpc_tls_certificate_provider> provider = |
|
|
|
|
grpc_core::MakeRefCounted<TlsTestCertificateProvider>(distributor); |
|
|
|
|
auto options = grpc_core::MakeRefCounted<grpc_tls_credentials_options>(); |
|
|
|
|
options->set_certificate_provider(provider); |
|
|
|
|
options->set_watch_root_cert(true); |
|
|
|
|
options->set_root_cert_name(kRootCertName); |
|
|
|
|
grpc_core::RefCountedPtr<TlsCredentials> credential = |
|
|
|
|
grpc_core::MakeRefCounted<TlsCredentials>(options); |
|
|
|
|
grpc_core::RefCountedPtr<grpc_channel_security_connector> connector = |
|
|
|
|
credential->create_security_connector(nullptr, kTargetName, nullptr, |
|
|
|
|
nullptr); |
|
|
|
|
grpc_core::RefCountedPtr<TlsCredentials> other_credential = |
|
|
|
|
grpc_core::MakeRefCounted<TlsCredentials>(options); |
|
|
|
|
grpc_core::RefCountedPtr<grpc_channel_security_connector> other_connector = |
|
|
|
|
other_credential->create_security_connector(nullptr, kTargetName, nullptr, |
|
|
|
|
nullptr); |
|
|
|
|
// Comparing the equality of security connectors generated from different
|
|
|
|
|
// channel credentials should fail.
|
|
|
|
|
EXPECT_NE(connector->cmp(other_connector.get()), 0); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
TEST_F(TlsSecurityConnectorTest, |
|
|
|
|
CompareChannelSecurityConnectorFailsOnDifferentCallCredentials) { |
|
|
|
|
grpc_core::RefCountedPtr<grpc_tls_certificate_distributor> distributor = |
|
|
|
|
grpc_core::MakeRefCounted<grpc_tls_certificate_distributor>(); |
|
|
|
|
distributor->SetKeyMaterials(kRootCertName, root_cert_0_, absl::nullopt); |
|
|
|
|
grpc_core::RefCountedPtr<::grpc_tls_certificate_provider> provider = |
|
|
|
|
grpc_core::MakeRefCounted<TlsTestCertificateProvider>(distributor); |
|
|
|
|
auto options = grpc_core::MakeRefCounted<grpc_tls_credentials_options>(); |
|
|
|
|
options->set_certificate_provider(provider); |
|
|
|
|
options->set_watch_root_cert(true); |
|
|
|
|
options->set_root_cert_name(kRootCertName); |
|
|
|
|
grpc_core::RefCountedPtr<TlsCredentials> credential = |
|
|
|
|
grpc_core::MakeRefCounted<TlsCredentials>(options); |
|
|
|
|
grpc_core::RefCountedPtr<grpc_channel_security_connector> connector = |
|
|
|
|
credential->create_security_connector(nullptr, kTargetName, nullptr, |
|
|
|
|
nullptr); |
|
|
|
|
grpc_call_credentials* call_creds = |
|
|
|
|
grpc_md_only_test_credentials_create("", "", true); |
|
|
|
|
grpc_core::RefCountedPtr<grpc_channel_security_connector> other_connector = |
|
|
|
|
credential->create_security_connector( |
|
|
|
|
grpc_core::RefCountedPtr<grpc_call_credentials>(call_creds), |
|
|
|
|
kTargetName, nullptr, nullptr); |
|
|
|
|
// Comparing the equality of security connectors generated with different call
|
|
|
|
|
// credentials should fail.
|
|
|
|
|
EXPECT_NE(connector->cmp(other_connector.get()), 0); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
TEST_F(TlsSecurityConnectorTest, |
|
|
|
|
CompareChannelSecurityConnectorFailsOnDifferentTargetNames) { |
|
|
|
|
grpc_core::RefCountedPtr<grpc_tls_certificate_distributor> distributor = |
|
|
|
|
grpc_core::MakeRefCounted<grpc_tls_certificate_distributor>(); |
|
|
|
|
distributor->SetKeyMaterials(kRootCertName, root_cert_0_, absl::nullopt); |
|
|
|
|
grpc_core::RefCountedPtr<::grpc_tls_certificate_provider> provider = |
|
|
|
|
grpc_core::MakeRefCounted<TlsTestCertificateProvider>(distributor); |
|
|
|
|
auto options = grpc_core::MakeRefCounted<grpc_tls_credentials_options>(); |
|
|
|
|
options->set_certificate_provider(provider); |
|
|
|
|
options->set_watch_root_cert(true); |
|
|
|
|
options->set_root_cert_name(kRootCertName); |
|
|
|
|
grpc_core::RefCountedPtr<TlsCredentials> credential = |
|
|
|
|
grpc_core::MakeRefCounted<TlsCredentials>(options); |
|
|
|
|
grpc_core::RefCountedPtr<grpc_channel_security_connector> connector = |
|
|
|
|
credential->create_security_connector(nullptr, kTargetName, nullptr, |
|
|
|
|
nullptr); |
|
|
|
|
grpc_core::RefCountedPtr<grpc_channel_security_connector> other_connector = |
|
|
|
|
credential->create_security_connector(nullptr, "", nullptr, nullptr); |
|
|
|
|
// Comparing the equality of security connectors generated with different
|
|
|
|
|
// target names should fail.
|
|
|
|
|
EXPECT_NE(connector->cmp(other_connector.get()), 0); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
// Tests for ServerSecurityConnector.
|
|
|
|
|
TEST_F(TlsSecurityConnectorTest, |
|
|
|
|
RootAndIdentityCertsObtainedWhenCreateServerSecurityConnector) { |
|
|
|
|
@ -543,6 +643,54 @@ TEST_F(TlsSecurityConnectorTest, CreateServerSecurityConnectorFailNoOptions) { |
|
|
|
|
EXPECT_EQ(connector, nullptr); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
TEST_F(TlsSecurityConnectorTest, |
|
|
|
|
CompareServerSecurityConnectorSucceedsOnSameCredentials) { |
|
|
|
|
grpc_core::RefCountedPtr<grpc_tls_certificate_distributor> distributor = |
|
|
|
|
grpc_core::MakeRefCounted<grpc_tls_certificate_distributor>(); |
|
|
|
|
distributor->SetKeyMaterials(kIdentityCertName, absl::nullopt, |
|
|
|
|
identity_pairs_0_); |
|
|
|
|
grpc_core::RefCountedPtr<::grpc_tls_certificate_provider> provider = |
|
|
|
|
grpc_core::MakeRefCounted<TlsTestCertificateProvider>(distributor); |
|
|
|
|
auto options = grpc_core::MakeRefCounted<grpc_tls_credentials_options>(); |
|
|
|
|
options->set_certificate_provider(provider); |
|
|
|
|
options->set_watch_identity_pair(true); |
|
|
|
|
options->set_identity_cert_name(kIdentityCertName); |
|
|
|
|
grpc_core::RefCountedPtr<TlsServerCredentials> credential = |
|
|
|
|
grpc_core::MakeRefCounted<TlsServerCredentials>(options); |
|
|
|
|
grpc_core::RefCountedPtr<grpc_server_security_connector> connector = |
|
|
|
|
credential->create_security_connector(nullptr); |
|
|
|
|
grpc_core::RefCountedPtr<grpc_server_security_connector> other_connector = |
|
|
|
|
credential->create_security_connector(nullptr); |
|
|
|
|
// Comparing the equality of security connectors generated from the same
|
|
|
|
|
// server credentials with same settings should succeed.
|
|
|
|
|
EXPECT_EQ(connector->cmp(other_connector.get()), 0); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
TEST_F(TlsSecurityConnectorTest, |
|
|
|
|
CompareServerSecurityConnectorFailsOnDifferentServerCredentials) { |
|
|
|
|
grpc_core::RefCountedPtr<grpc_tls_certificate_distributor> distributor = |
|
|
|
|
grpc_core::MakeRefCounted<grpc_tls_certificate_distributor>(); |
|
|
|
|
distributor->SetKeyMaterials(kIdentityCertName, absl::nullopt, |
|
|
|
|
identity_pairs_0_); |
|
|
|
|
grpc_core::RefCountedPtr<::grpc_tls_certificate_provider> provider = |
|
|
|
|
grpc_core::MakeRefCounted<TlsTestCertificateProvider>(distributor); |
|
|
|
|
auto options = grpc_core::MakeRefCounted<grpc_tls_credentials_options>(); |
|
|
|
|
options->set_certificate_provider(provider); |
|
|
|
|
options->set_watch_identity_pair(true); |
|
|
|
|
options->set_identity_cert_name(kIdentityCertName); |
|
|
|
|
grpc_core::RefCountedPtr<TlsServerCredentials> credential = |
|
|
|
|
grpc_core::MakeRefCounted<TlsServerCredentials>(options); |
|
|
|
|
grpc_core::RefCountedPtr<grpc_server_security_connector> connector = |
|
|
|
|
credential->create_security_connector(nullptr); |
|
|
|
|
grpc_core::RefCountedPtr<TlsServerCredentials> other_credential = |
|
|
|
|
grpc_core::MakeRefCounted<TlsServerCredentials>(options); |
|
|
|
|
grpc_core::RefCountedPtr<grpc_server_security_connector> other_connector = |
|
|
|
|
other_credential->create_security_connector(nullptr); |
|
|
|
|
// Comparing the equality of security connectors generated from different
|
|
|
|
|
// server credentials should fail.
|
|
|
|
|
EXPECT_NE(connector->cmp(other_connector.get()), 0); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
} // namespace testing
|
|
|
|
|
} // namespace grpc
|
|
|
|
|
|
|
|
|
|
|
ZhenLian
4 years ago
committed by
GitHub