Chiebot-Mirror
/
grpc
mirror of https://github.com/grpc/grpc.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #24052 from markdroth/xds_channel_creds

Browse Source 
xds: Don't fall back to creds from parent channel, and add insecure creds
pull/24044/head
Mark D. Roth 4 years ago committed by GitHub
parent 835d6182d8 6d96f442b7
commit cd9b0e3fc7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 16 additions and 22 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 38
      src/core/ext/xds/xds_client.cc

38
src/core/ext/xds/xds_client.cc
Unescape View File

@ -1780,37 +1780,31 @@ grpc_millis GetRequestTimeout(const grpc_channel_args& args) {
grpc_channel* CreateXdsChannel(const XdsBootstrap& bootstrap,
const grpc_channel_args& args,
grpc_error** error) {
grpc_channel_credentials* creds = nullptr;
RefCountedPtr<grpc_channel_credentials> creds_to_unref;
if (!bootstrap.server().channel_creds.empty()) {
for (size_t i = 0; i < bootstrap.server().channel_creds.size(); ++i) {
if (bootstrap.server().channel_creds[i].type == "google_default") {
creds = grpc_google_default_credentials_create(nullptr);
break;
} else if (bootstrap.server().channel_creds[i].type == "fake") {
creds = grpc_fake_transport_security_credentials_create();
break;
}
}
if (creds == nullptr) {
*error = GRPC_ERROR_CREATE_FROM_STATIC_STRING(
"no supported credential types found");
return nullptr;
RefCountedPtr<grpc_channel_credentials> creds;
for (const auto& channel_creds : bootstrap.server().channel_creds) {
if (channel_creds.type == "google_default") {
creds.reset(grpc_google_default_credentials_create(nullptr));
break;
}
creds_to_unref.reset(creds);
} else {
creds = grpc_channel_credentials_find_in_args(&args);
if (creds == nullptr) {
// Built with security but parent channel is insecure.
if (channel_creds.type == "insecure") {
return grpc_insecure_channel_create(bootstrap.server().server_uri.c_str(),
&args, nullptr);
}
if (channel_creds.type == "fake") {
creds.reset(grpc_fake_transport_security_credentials_create());
break;
}
}
if (creds == nullptr) {
*error = GRPC_ERROR_CREATE_FROM_STATIC_STRING(
"no supported credential types found");
return nullptr;
}
const char* arg_to_remove = GRPC_ARG_CHANNEL_CREDENTIALS;
grpc_channel_args* new_args =
grpc_channel_args_copy_and_remove(&args, &arg_to_remove, 1);
grpc_channel* channel = grpc_secure_channel_create(
creds, bootstrap.server().server_uri.c_str(), new_args, nullptr);
creds.get(), bootstrap.server().server_uri.c_str(), new_args, nullptr);
grpc_channel_args_destroy(new_args);
return channel;
}

Write Preview
Loading…
Cancel
Save