move ssl session cache stuff to credentials.h

1 year ago · aef7930e33
parent a1145c387a
commit aef7930e33
8 changed files with 43 additions and 37 deletions
--- a/2
+++ b/2
@ -1243,6 +1243,7 @@ grpc_cc_library(
        "gpr",
        "grpc++_base_unsecure",
        "grpc++_codegen_proto",
+        "grpc_core_credentials",
        "grpc_public_hdrs",
        "grpc_security_base",
        "grpc_unsecure",
@ -4145,6 +4146,7 @@ grpc_cc_library(
        "config_vars",
        "gpr",
        "grpc_base",
+        "grpc_core_credentials",
        "grpc_credentials_util",
        "grpc_public_hdrs",
        "grpc_security_base",
--- a/grpc.def
+++ b/grpc.def
@ -70,6 +70,9 @@ EXPORTS
    grpc_tls_credentials_options_set_crl_directory
    grpc_tls_credentials_options_set_verify_server_cert
    grpc_tls_credentials_options_set_send_client_ca_list
+    grpc_ssl_session_cache_create_lru
+    grpc_ssl_session_cache_destroy
+    grpc_ssl_session_cache_create_channel_arg
    grpc_insecure_credentials_create
    grpc_insecure_server_credentials_create
    grpc_xds_credentials_create
@ -169,9 +172,6 @@ EXPORTS
    grpc_auth_context_add_property
    grpc_auth_context_add_cstring_property
    grpc_auth_context_set_peer_identity_property_name
-    grpc_ssl_session_cache_create_lru
-    grpc_ssl_session_cache_destroy
-    grpc_ssl_session_cache_create_channel_arg
    grpc_set_ssl_roots_override_callback
    grpc_max_auth_token_lifetime
    grpc_call_set_credentials
--- a/include/grpc/credentials.h
+++ b/include/grpc/credentials.h
@ -1053,6 +1053,27 @@ GRPCAPI void grpc_tls_credentials_options_set_verify_server_cert(
 GRPCAPI void grpc_tls_credentials_options_set_send_client_ca_list(
    grpc_tls_credentials_options* options, bool send_client_ca_list);

+/** --- SSL Session Cache. ---
+
+    A SSL session cache object represents a way to cache client sessions
+    between connections. Only ticket-based resumption is supported. */
+
+typedef struct grpc_ssl_session_cache grpc_ssl_session_cache;
+
+/** Create LRU cache for client-side SSL sessions with the given capacity.
+    If capacity is < 1, a default capacity is used instead. */
+GRPCAPI grpc_ssl_session_cache* grpc_ssl_session_cache_create_lru(
+    size_t capacity);
+
+/** Destroy SSL session cache. */
+GRPCAPI void grpc_ssl_session_cache_destroy(grpc_ssl_session_cache* cache);
+
+/** Create a channel arg with the given cache object. */
+GRPCAPI grpc_arg
+grpc_ssl_session_cache_create_channel_arg(grpc_ssl_session_cache* cache);
+
+/** --- insecure credentials --- */
+
 /**
 * EXPERIMENTAL API - Subject to change
 *
--- a/include/grpc/grpc_security.h
+++ b/include/grpc/grpc_security.h
@ -104,25 +104,6 @@ GRPCAPI void grpc_auth_context_add_cstring_property(grpc_auth_context* ctx,
 GRPCAPI int grpc_auth_context_set_peer_identity_property_name(
    grpc_auth_context* ctx, const char* name);

-/** --- SSL Session Cache. ---
-
-    A SSL session cache object represents a way to cache client sessions
-    between connections. Only ticket-based resumption is supported. */
-
-typedef struct grpc_ssl_session_cache grpc_ssl_session_cache;
-
-/** Create LRU cache for client-side SSL sessions with the given capacity.
-    If capacity is < 1, a default capacity is used instead. */
-GRPCAPI grpc_ssl_session_cache* grpc_ssl_session_cache_create_lru(
-    size_t capacity);
-
-/** Destroy SSL session cache. */
-GRPCAPI void grpc_ssl_session_cache_destroy(grpc_ssl_session_cache* cache);
-
-/** Create a channel arg with the given cache object. */
-GRPCAPI grpc_arg
-grpc_ssl_session_cache_create_channel_arg(grpc_ssl_session_cache* cache);
-
 /** Callback for getting the SSL roots override from the application.
   In case of success, *pem_roots_certs must be set to a NULL terminated string
   containing the list of PEM encoded root certificates. The ownership is passed
--- a/src/core/lib/security/security_connector/ssl_utils.cc
+++ b/src/core/lib/security/security_connector/ssl_utils.cc
@ -31,6 +31,7 @@
 #include "absl/strings/str_cat.h"
 #include "absl/strings/str_split.h"

+#include <grpc/credentials.h>
 #include <grpc/grpc.h>
 #include <grpc/grpc_crl_provider.h>
 #include <grpc/impl/channel_arg_names.h>
--- a/src/ruby/ext/grpc/rb_grpc_imports.generated.c
+++ b/src/ruby/ext/grpc/rb_grpc_imports.generated.c
@ -93,6 +93,9 @@ grpc_tls_credentials_options_set_cert_request_type_type grpc_tls_credentials_opt
 grpc_tls_credentials_options_set_crl_directory_type grpc_tls_credentials_options_set_crl_directory_import;
 grpc_tls_credentials_options_set_verify_server_cert_type grpc_tls_credentials_options_set_verify_server_cert_import;
 grpc_tls_credentials_options_set_send_client_ca_list_type grpc_tls_credentials_options_set_send_client_ca_list_import;
+grpc_ssl_session_cache_create_lru_type grpc_ssl_session_cache_create_lru_import;
+grpc_ssl_session_cache_destroy_type grpc_ssl_session_cache_destroy_import;
+grpc_ssl_session_cache_create_channel_arg_type grpc_ssl_session_cache_create_channel_arg_import;
 grpc_insecure_credentials_create_type grpc_insecure_credentials_create_import;
 grpc_insecure_server_credentials_create_type grpc_insecure_server_credentials_create_import;
 grpc_xds_credentials_create_type grpc_xds_credentials_create_import;
@ -192,9 +195,6 @@ grpc_auth_context_release_type grpc_auth_context_release_import;
 grpc_auth_context_add_property_type grpc_auth_context_add_property_import;
 grpc_auth_context_add_cstring_property_type grpc_auth_context_add_cstring_property_import;
 grpc_auth_context_set_peer_identity_property_name_type grpc_auth_context_set_peer_identity_property_name_import;
-grpc_ssl_session_cache_create_lru_type grpc_ssl_session_cache_create_lru_import;
-grpc_ssl_session_cache_destroy_type grpc_ssl_session_cache_destroy_import;
-grpc_ssl_session_cache_create_channel_arg_type grpc_ssl_session_cache_create_channel_arg_import;
 grpc_set_ssl_roots_override_callback_type grpc_set_ssl_roots_override_callback_import;
 grpc_max_auth_token_lifetime_type grpc_max_auth_token_lifetime_import;
 grpc_call_set_credentials_type grpc_call_set_credentials_import;
@ -383,6 +383,9 @@ void grpc_rb_load_imports(HMODULE library) {
  grpc_tls_credentials_options_set_crl_directory_import = (grpc_tls_credentials_options_set_crl_directory_type) GetProcAddress(library, "grpc_tls_credentials_options_set_crl_directory");
  grpc_tls_credentials_options_set_verify_server_cert_import = (grpc_tls_credentials_options_set_verify_server_cert_type) GetProcAddress(library, "grpc_tls_credentials_options_set_verify_server_cert");
  grpc_tls_credentials_options_set_send_client_ca_list_import = (grpc_tls_credentials_options_set_send_client_ca_list_type) GetProcAddress(library, "grpc_tls_credentials_options_set_send_client_ca_list");
+  grpc_ssl_session_cache_create_lru_import = (grpc_ssl_session_cache_create_lru_type) GetProcAddress(library, "grpc_ssl_session_cache_create_lru");
+  grpc_ssl_session_cache_destroy_import = (grpc_ssl_session_cache_destroy_type) GetProcAddress(library, "grpc_ssl_session_cache_destroy");
+  grpc_ssl_session_cache_create_channel_arg_import = (grpc_ssl_session_cache_create_channel_arg_type) GetProcAddress(library, "grpc_ssl_session_cache_create_channel_arg");
  grpc_insecure_credentials_create_import = (grpc_insecure_credentials_create_type) GetProcAddress(library, "grpc_insecure_credentials_create");
  grpc_insecure_server_credentials_create_import = (grpc_insecure_server_credentials_create_type) GetProcAddress(library, "grpc_insecure_server_credentials_create");
  grpc_xds_credentials_create_import = (grpc_xds_credentials_create_type) GetProcAddress(library, "grpc_xds_credentials_create");
@ -482,9 +485,6 @@ void grpc_rb_load_imports(HMODULE library) {
  grpc_auth_context_add_property_import = (grpc_auth_context_add_property_type) GetProcAddress(library, "grpc_auth_context_add_property");
  grpc_auth_context_add_cstring_property_import = (grpc_auth_context_add_cstring_property_type) GetProcAddress(library, "grpc_auth_context_add_cstring_property");
  grpc_auth_context_set_peer_identity_property_name_import = (grpc_auth_context_set_peer_identity_property_name_type) GetProcAddress(library, "grpc_auth_context_set_peer_identity_property_name");
-  grpc_ssl_session_cache_create_lru_import = (grpc_ssl_session_cache_create_lru_type) GetProcAddress(library, "grpc_ssl_session_cache_create_lru");
-  grpc_ssl_session_cache_destroy_import = (grpc_ssl_session_cache_destroy_type) GetProcAddress(library, "grpc_ssl_session_cache_destroy");
-  grpc_ssl_session_cache_create_channel_arg_import = (grpc_ssl_session_cache_create_channel_arg_type) GetProcAddress(library, "grpc_ssl_session_cache_create_channel_arg");
  grpc_set_ssl_roots_override_callback_import = (grpc_set_ssl_roots_override_callback_type) GetProcAddress(library, "grpc_set_ssl_roots_override_callback");
  grpc_max_auth_token_lifetime_import = (grpc_max_auth_token_lifetime_type) GetProcAddress(library, "grpc_max_auth_token_lifetime");
  grpc_call_set_credentials_import = (grpc_call_set_credentials_type) GetProcAddress(library, "grpc_call_set_credentials");
--- a/src/ruby/ext/grpc/rb_grpc_imports.generated.h
+++ b/src/ruby/ext/grpc/rb_grpc_imports.generated.h
@ -255,6 +255,15 @@ extern grpc_tls_credentials_options_set_verify_server_cert_type grpc_tls_credent
 typedef void(*grpc_tls_credentials_options_set_send_client_ca_list_type)(grpc_tls_credentials_options* options, bool send_client_ca_list);
 extern grpc_tls_credentials_options_set_send_client_ca_list_type grpc_tls_credentials_options_set_send_client_ca_list_import;
 #define grpc_tls_credentials_options_set_send_client_ca_list grpc_tls_credentials_options_set_send_client_ca_list_import
+typedef grpc_ssl_session_cache*(*grpc_ssl_session_cache_create_lru_type)(size_t capacity);
+extern grpc_ssl_session_cache_create_lru_type grpc_ssl_session_cache_create_lru_import;
+#define grpc_ssl_session_cache_create_lru grpc_ssl_session_cache_create_lru_import
+typedef void(*grpc_ssl_session_cache_destroy_type)(grpc_ssl_session_cache* cache);
+extern grpc_ssl_session_cache_destroy_type grpc_ssl_session_cache_destroy_import;
+#define grpc_ssl_session_cache_destroy grpc_ssl_session_cache_destroy_import
+typedef grpc_arg(*grpc_ssl_session_cache_create_channel_arg_type)(grpc_ssl_session_cache* cache);
+extern grpc_ssl_session_cache_create_channel_arg_type grpc_ssl_session_cache_create_channel_arg_import;
+#define grpc_ssl_session_cache_create_channel_arg grpc_ssl_session_cache_create_channel_arg_import
 typedef grpc_channel_credentials*(*grpc_insecure_credentials_create_type)();
 extern grpc_insecure_credentials_create_type grpc_insecure_credentials_create_import;
 #define grpc_insecure_credentials_create grpc_insecure_credentials_create_import
@ -552,15 +561,6 @@ extern grpc_auth_context_add_cstring_property_type grpc_auth_context_add_cstring
 typedef int(*grpc_auth_context_set_peer_identity_property_name_type)(grpc_auth_context* ctx, const char* name);
 extern grpc_auth_context_set_peer_identity_property_name_type grpc_auth_context_set_peer_identity_property_name_import;
 #define grpc_auth_context_set_peer_identity_property_name grpc_auth_context_set_peer_identity_property_name_import
-typedef grpc_ssl_session_cache*(*grpc_ssl_session_cache_create_lru_type)(size_t capacity);
-extern grpc_ssl_session_cache_create_lru_type grpc_ssl_session_cache_create_lru_import;
-#define grpc_ssl_session_cache_create_lru grpc_ssl_session_cache_create_lru_import
-typedef void(*grpc_ssl_session_cache_destroy_type)(grpc_ssl_session_cache* cache);
-extern grpc_ssl_session_cache_destroy_type grpc_ssl_session_cache_destroy_import;
-#define grpc_ssl_session_cache_destroy grpc_ssl_session_cache_destroy_import
-typedef grpc_arg(*grpc_ssl_session_cache_create_channel_arg_type)(grpc_ssl_session_cache* cache);
-extern grpc_ssl_session_cache_create_channel_arg_type grpc_ssl_session_cache_create_channel_arg_import;
-#define grpc_ssl_session_cache_create_channel_arg grpc_ssl_session_cache_create_channel_arg_import
 typedef void(*grpc_set_ssl_roots_override_callback_type)(grpc_ssl_roots_override_callback cb);
 extern grpc_set_ssl_roots_override_callback_type grpc_set_ssl_roots_override_callback_import;
 #define grpc_set_ssl_roots_override_callback grpc_set_ssl_roots_override_callback_import
--- a/test/cpp/end2end/ssl_credentials_test.cc
+++ b/test/cpp/end2end/ssl_credentials_test.cc
@ -22,6 +22,7 @@

 #include "absl/synchronization/notification.h"

+#include <grpc/credentials.h>
 #include <grpc/grpc_security.h>
 #include <grpcpp/channel.h>
 #include <grpcpp/client_context.h>