diff --git a/include/grpc/grpc_security.h b/include/grpc/grpc_security.h index 4c1a2a02cbe..57d780dfa87 100644 --- a/include/grpc/grpc_security.h +++ b/include/grpc/grpc_security.h @@ -826,8 +826,8 @@ struct grpc_tls_credential_reload_arg { grpc_tls_key_materials_config* key_materials_config; grpc_ssl_certificate_config_reload_status status; const char* error_details; - grpc_tls_credential_reload_config* config; - void* context; + grpc_tls_credential_reload_config* config = nullptr; + void* context = nullptr; }; /** Create a grpc_tls_credential_reload_config instance. @@ -899,8 +899,8 @@ struct grpc_tls_server_authorization_check_arg { const char* peer_cert; grpc_status_code status; const char* error_details; - grpc_tls_server_authorization_check_config* config; - void* context; + grpc_tls_server_authorization_check_config* config = nullptr; + void* context = nullptr; }; /** Create a grpc_tls_server_authorization_check_config instance. diff --git a/include/grpcpp/security/tls_credentials_options.h b/include/grpcpp/security/tls_credentials_options.h index 83535bc5701..107d00fbbe4 100644 --- a/include/grpcpp/security/tls_credentials_options.h +++ b/include/grpcpp/security/tls_credentials_options.h @@ -102,7 +102,8 @@ class TlsCredentialReloadArg { * **/ void set_cb_user_data(void* cb_user_data); void set_pem_root_certs(grpc::string pem_root_certs); - void add_pem_key_cert_pair(TlsKeyMaterialsConfig::PemKeyCertPair pem_key_cert_pair); + void add_pem_key_cert_pair( + TlsKeyMaterialsConfig::PemKeyCertPair pem_key_cert_pair); void set_key_materials_config( const std::shared_ptr& key_materials_config); void set_status(grpc_ssl_certificate_config_reload_status status); diff --git a/src/cpp/common/tls_credentials_options.cc b/src/cpp/common/tls_credentials_options.cc index aa052fa5027..198f4ce7375 100644 --- a/src/cpp/common/tls_credentials_options.cc +++ b/src/cpp/common/tls_credentials_options.cc @@ -29,7 +29,8 @@ void TlsKeyMaterialsConfig::set_pem_root_certs(grpc::string pem_root_certs) { pem_root_certs_ = std::move(pem_root_certs); } -void TlsKeyMaterialsConfig::add_pem_key_cert_pair(PemKeyCertPair pem_key_cert_pair) { +void TlsKeyMaterialsConfig::add_pem_key_cert_pair( + PemKeyCertPair pem_key_cert_pair) { pem_key_cert_pair_list_.push_back(pem_key_cert_pair); } @@ -74,16 +75,20 @@ void TlsCredentialReloadArg::set_cb_user_data(void* cb_user_data) { } void TlsCredentialReloadArg::set_pem_root_certs(grpc::string pem_root_certs) { - ::grpc_core::UniquePtr c_pem_root_certs(gpr_strdup(pem_root_certs.c_str())); + ::grpc_core::UniquePtr c_pem_root_certs( + gpr_strdup(pem_root_certs.c_str())); c_arg_->key_materials_config->set_pem_root_certs(std::move(c_pem_root_certs)); } -void TlsCredentialReloadArg::add_pem_key_cert_pair(TlsKeyMaterialsConfig::PemKeyCertPair pem_key_cert_pair) { - grpc_ssl_pem_key_cert_pair* ssl_pair = (grpc_ssl_pem_key_cert_pair*)gpr_malloc(sizeof(grpc_ssl_pem_key_cert_pair)); +void TlsCredentialReloadArg::add_pem_key_cert_pair( + TlsKeyMaterialsConfig::PemKeyCertPair pem_key_cert_pair) { + grpc_ssl_pem_key_cert_pair* ssl_pair = + (grpc_ssl_pem_key_cert_pair*)gpr_malloc( + sizeof(grpc_ssl_pem_key_cert_pair)); ssl_pair->private_key = gpr_strdup(pem_key_cert_pair.private_key.c_str()); ssl_pair->cert_chain = gpr_strdup(pem_key_cert_pair.cert_chain.c_str()); ::grpc_core::PemKeyCertPair c_pem_key_cert_pair = - ::grpc_core::PemKeyCertPair(ssl_pair); + ::grpc_core::PemKeyCertPair(ssl_pair); c_arg_->key_materials_config->add_pem_key_cert_pair(c_pem_key_cert_pair); } @@ -221,8 +226,7 @@ TlsCredentialsOptions::TlsCredentialsOptions( : cert_request_type_(cert_request_type), key_materials_config_(key_materials_config), credential_reload_config_(credential_reload_config), - server_authorization_check_config_( - server_authorization_check_config) { + server_authorization_check_config_(server_authorization_check_config) { c_credentials_options_ = grpc_tls_credentials_options_create(); grpc_tls_credentials_options_set_cert_request_type(c_credentials_options_, cert_request_type_); diff --git a/test/cpp/client/credentials_test.cc b/test/cpp/client/credentials_test.cc index 979bc63fdd0..cba4e874442 100644 --- a/test/cpp/client/credentials_test.cc +++ b/test/cpp/client/credentials_test.cc @@ -55,16 +55,6 @@ class TestTlsCredentialReload : public TlsCredentialReloadInterface { GPR_ASSERT(arg != nullptr); struct TlsKeyMaterialsConfig::PemKeyCertPair pair3 = {"private_key3", "cert_chain3"}; - //std::shared_ptr key_materials_config = - // arg->key_materials_config(); - //GPR_ASSERT(key_materials_config != nullptr); - //std::vector pair_list = - // key_materials_config->pem_key_cert_pair_list(); - pair_list.push_back(pair3); - //pair_list[0].private_key = "private_key01"; - //pair_list[0].cert_chain = "cert_chain01"; - //key_materials_config->set_key_materials("new_pem_root_certs", pair_list); - //arg->set_key_materials_config(key_materials_config); arg->set_pem_root_certs("new_pem_root_certs"); arg->add_pem_key_cert_pair(pair3); arg->set_status(GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_NEW); @@ -304,35 +294,6 @@ TEST_F(CredentialsTest, TlsKeyMaterialsConfigCppToC) { gpr_free(c_config); } -/** -TEST_F(CredentialsTest, TlsKeyMaterialsCtoCpp) { - grpc_tls_key_materials_config c_config; - grpc::string test_private_key = "private_key"; - grpc::string test_cert_chain = "cert_chain"; - grpc_ssl_pem_key_cert_pair* ssl_pair = - (grpc_ssl_pem_key_cert_pair*)gpr_malloc( - sizeof(grpc_ssl_pem_key_cert_pair)); - ssl_pair->private_key = gpr_strdup(test_private_key.c_str()); - ssl_pair->cert_chain = gpr_strdup(test_cert_chain.c_str()); - ::grpc_core::PemKeyCertPair pem_key_cert_pair = - ::grpc_core::PemKeyCertPair(ssl_pair); - ::grpc_core::InlinedVector<::grpc_core::PemKeyCertPair, 1> - pem_key_cert_pair_list; - pem_key_cert_pair_list.push_back(pem_key_cert_pair); - c_config.set_key_materials( - ::grpc_core::UniquePtr(gpr_strdup("pem_root_certs")), - pem_key_cert_pair_list); - std::shared_ptr cpp_config = - ::grpc_impl::experimental::ConvertToCppKeyMaterialsConfig(&c_config); - EXPECT_STREQ("pem_root_certs", cpp_config->pem_root_certs().c_str()); - std::vector cpp_pair_list = - cpp_config->pem_key_cert_pair_list(); - EXPECT_EQ(1, static_cast(cpp_pair_list.size())); - EXPECT_STREQ("private_key", cpp_pair_list[0].private_key.c_str()); - EXPECT_STREQ("cert_chain", cpp_pair_list[0].cert_chain.c_str()); -} -**/ - typedef class ::grpc_impl::experimental::TlsCredentialReloadArg TlsCredentialReloadArg; typedef class ::grpc_impl::experimental::TlsCredentialReloadConfig @@ -350,7 +311,7 @@ TEST_F(CredentialsTest, TlsCredentialReloadArgCallback) { TEST_F(CredentialsTest, TlsCredentialReloadConfigSchedule) { std::shared_ptr test_credential_reload( new TestTlsCredentialReload()); - TlsCredentialReloadConfig config(std::move(test_credential_reload)); + TlsCredentialReloadConfig config(test_credential_reload); grpc_tls_credential_reload_arg c_arg; TlsCredentialReloadArg arg(&c_arg); arg.set_cb_user_data(static_cast(nullptr)); @@ -372,22 +333,22 @@ TEST_F(CredentialsTest, TlsCredentialReloadConfigSchedule) { int schedule_output = config.Schedule(&arg); EXPECT_EQ(schedule_output, 0); EXPECT_EQ(arg.cb_user_data(), nullptr); - EXPECT_STREQ(c_arg.key_materials_config->pem_root_certs().get(), + EXPECT_STREQ(c_arg.key_materials_config->pem_root_certs(), "new_pem_root_certs"); - pair_list = c_arg.key_materials_config->pem_key_cert_pair_list(); - EXPECT_EQ(static_cast(pair_list.size()), 3); - EXPECT_STREQ(pair_list[0].private_key.c_str(), "private_key01"); - EXPECT_STREQ(pair_list[0].cert_chain.c_str(), "cert_chain01"); - EXPECT_STREQ(pair_list[1].private_key.c_str(), "private_key2"); - EXPECT_STREQ(pair_list[1].cert_chain.c_str(), "cert_chain2"); - EXPECT_STREQ(pair_list[2].private_key.c_str(), "private_key3"); - EXPECT_STREQ(pair_list[2].cert_chain.c_str(), "cert_chain3"); + grpc_tls_key_materials_config::PemKeyCertPairList c_pair_list = + c_arg.key_materials_config->pem_key_cert_pair_list(); + EXPECT_EQ(static_cast(c_pair_list.size()), 3); + EXPECT_STREQ(c_pair_list[0].private_key(), "private_key1"); + EXPECT_STREQ(c_pair_list[0].cert_chain(), "cert_chain1"); + EXPECT_STREQ(c_pair_list[1].private_key(), "private_key2"); + EXPECT_STREQ(c_pair_list[1].cert_chain(), "cert_chain2"); + EXPECT_STREQ(c_pair_list[2].private_key(), "private_key3"); + EXPECT_STREQ(c_pair_list[2].cert_chain(), "cert_chain3"); EXPECT_EQ(arg.status(), GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_NEW); EXPECT_STREQ(arg.error_details().c_str(), "error_details"); // Cleanup. gpr_free(const_cast(error_details_before_schedule)); - ::grpc_core::Delete(key_materials_config_before_schedule); ::grpc_core::Delete(c_arg.key_materials_config); ::grpc_core::Delete(config.c_config()); } @@ -395,7 +356,7 @@ TEST_F(CredentialsTest, TlsCredentialReloadConfigSchedule) { TEST_F(CredentialsTest, TlsCredentialReloadConfigCppToC) { std::shared_ptr test_credential_reload( new TestTlsCredentialReload()); - TlsCredentialReloadConfig config(std::move(test_credential_reload)); + TlsCredentialReloadConfig config(test_credential_reload); grpc_tls_credential_reload_arg c_arg; c_arg.cb_user_data = static_cast(nullptr); grpc_tls_key_materials_config c_key_materials; @@ -430,8 +391,8 @@ TEST_F(CredentialsTest, TlsCredentialReloadConfigCppToC) { ::grpc_core::InlinedVector<::grpc_core::PemKeyCertPair, 1> pair_list = c_arg.key_materials_config->pem_key_cert_pair_list(); EXPECT_EQ(static_cast(pair_list.size()), 2); - EXPECT_STREQ(pair_list[0].private_key(), "private_key01"); - EXPECT_STREQ(pair_list[0].cert_chain(), "cert_chain01"); + EXPECT_STREQ(pair_list[0].private_key(), "private_key"); + EXPECT_STREQ(pair_list[0].cert_chain(), "cert_chain"); EXPECT_STREQ(pair_list[1].private_key(), "private_key3"); EXPECT_STREQ(pair_list[1].cert_chain(), "cert_chain3"); EXPECT_EQ(c_arg.status, GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_NEW); @@ -440,7 +401,6 @@ TEST_F(CredentialsTest, TlsCredentialReloadConfigCppToC) { c_arg.key_materials_config; // Cleanup. - ::grpc_core::Delete(key_materials_config_after_schedule); ::grpc_core::Delete(config.c_config()); } @@ -484,8 +444,7 @@ TEST_F(CredentialsTest, TlsServerAuthorizationCheckArgCallback) { TEST_F(CredentialsTest, TlsServerAuthorizationCheckConfigSchedule) { std::shared_ptr test_server_authorization_check(new TestTlsServerAuthorizationCheck()); - TlsServerAuthorizationCheckConfig config( - std::move(test_server_authorization_check)); + TlsServerAuthorizationCheckConfig config(test_server_authorization_check); grpc_tls_server_authorization_check_arg c_arg; TlsServerAuthorizationCheckArg arg(&c_arg); arg.set_cb_user_data(nullptr); @@ -521,8 +480,7 @@ TEST_F(CredentialsTest, TlsServerAuthorizationCheckConfigSchedule) { TEST_F(CredentialsTest, TlsServerAuthorizationCheckConfigCppToC) { std::shared_ptr test_server_authorization_check(new TestTlsServerAuthorizationCheck()); - TlsServerAuthorizationCheckConfig config( - std::move(test_server_authorization_check)); + TlsServerAuthorizationCheckConfig config(test_server_authorization_check); grpc_tls_server_authorization_check_arg c_arg; c_arg.cb = tls_server_authorization_check_callback; c_arg.cb_user_data = nullptr; @@ -566,13 +524,13 @@ TEST_F(CredentialsTest, TlsCredentialsOptionsCppToC) { std::shared_ptr test_credential_reload( new TestTlsCredentialReload()); std::shared_ptr credential_reload_config( - new TlsCredentialReloadConfig(std::move(test_credential_reload))); + new TlsCredentialReloadConfig(test_credential_reload)); std::shared_ptr test_server_authorization_check(new TestTlsServerAuthorizationCheck()); std::shared_ptr server_authorization_check_config(new TlsServerAuthorizationCheckConfig( - std::move(test_server_authorization_check))); + test_server_authorization_check)); TlsCredentialsOptions options = TlsCredentialsOptions( GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY, key_materials_config, @@ -622,8 +580,8 @@ TEST_F(CredentialsTest, TlsCredentialsOptionsCppToC) { ::grpc_core::InlinedVector<::grpc_core::PemKeyCertPair, 1> c_pair_list = c_credential_reload_arg.key_materials_config->pem_key_cert_pair_list(); EXPECT_EQ(static_cast(c_pair_list.size()), 2); - EXPECT_STREQ(c_pair_list[0].private_key(), "private_key01"); - EXPECT_STREQ(c_pair_list[0].cert_chain(), "cert_chain01"); + EXPECT_STREQ(c_pair_list[0].private_key(), "private_key"); + EXPECT_STREQ(c_pair_list[0].cert_chain(), "cert_chain"); EXPECT_STREQ(c_pair_list[1].private_key(), "private_key3"); EXPECT_STREQ(c_pair_list[1].cert_chain(), "cert_chain3"); EXPECT_EQ(c_credential_reload_arg.status, @@ -647,7 +605,6 @@ TEST_F(CredentialsTest, TlsCredentialsOptionsCppToC) { "sync_error_details"); // Cleanup. - ::grpc_core::Delete(c_key_materials_config); ::grpc_core::Delete(c_credential_reload_arg.key_materials_config); gpr_free(c_server_authorization_check_arg.cb_user_data); gpr_free(const_cast(c_server_authorization_check_arg.target_name)); @@ -663,13 +620,13 @@ TEST_F(CredentialsTest, LoadSpiffeChannelCredentials) { std::shared_ptr test_credential_reload( new TestTlsCredentialReload()); std::shared_ptr credential_reload_config( - new TlsCredentialReloadConfig(std::move(test_credential_reload))); + new TlsCredentialReloadConfig(test_credential_reload)); std::shared_ptr test_server_authorization_check(new TestTlsServerAuthorizationCheck()); std::shared_ptr server_authorization_check_config(new TlsServerAuthorizationCheckConfig( - std::move(test_server_authorization_check))); + test_server_authorization_check)); TlsCredentialsOptions options = TlsCredentialsOptions( GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY, nullptr,