From 47c83fdaf71ca5072d0ab37322b37586d23f5ceb Mon Sep 17 00:00:00 2001 From: Craig Tiller Date: Sat, 21 Feb 2015 22:45:35 -0800 Subject: [PATCH 01/34] Credentials prototyping - Remove CredentialsFactory as it's unnecessary - Effectively make Credentials a channel factory, allowing different credential types to create different channel types - this gives us a hook so that InsecureCredentials can at runtime instantiate a different kind of channel as required - giving us a way of generating an openssl free version of grpc++. - Server credentials not touched yet, but they'll need to be updated. --- Makefile | 154 ++++++++++++++++++++++++- build.json | 121 +++++++++++-------- include/grpc++/channel_arguments.h | 6 +- include/grpc++/create_channel.h | 3 - include/grpc++/credentials.h | 95 +++++++-------- src/cpp/client/channel.cc | 40 ++----- src/cpp/client/channel.h | 7 +- src/cpp/client/create_channel.cc | 7 +- src/cpp/client/credentials.cc | 77 +------------ src/cpp/client/insecure_credentials.cc | 60 ++++++++++ src/cpp/client/secure_credentials.cc | 128 ++++++++++++++++++++ test/cpp/client/credentials_test.cc | 3 +- test/cpp/end2end/async_end2end_test.cc | 67 +++++------ test/cpp/end2end/end2end_test.cc | 14 +-- test/cpp/interop/client.cc | 17 +-- test/cpp/interop/server.cc | 7 +- test/cpp/util/create_test_channel.cc | 11 +- 17 files changed, 524 insertions(+), 293 deletions(-) create mode 100644 src/cpp/client/insecure_credentials.cc create mode 100644 src/cpp/client/secure_credentials.cc diff --git a/Makefile b/Makefile index b018febea10..8bb6b7f1ac3 100644 --- a/Makefile +++ b/Makefile @@ -908,13 +908,13 @@ static: static_c static_cxx static_c: $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgrpc_unsecure.a -static_cxx: $(LIBDIR)/$(CONFIG)/libgrpc++.a +static_cxx: $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.a shared: shared_c shared_cxx shared_c: $(LIBDIR)/$(CONFIG)/libgpr.$(SHARED_EXT) $(LIBDIR)/$(CONFIG)/libgrpc.$(SHARED_EXT) $(LIBDIR)/$(CONFIG)/libgrpc_unsecure.$(SHARED_EXT) -shared_cxx: $(LIBDIR)/$(CONFIG)/libgrpc++.$(SHARED_EXT) +shared_cxx: $(LIBDIR)/$(CONFIG)/libgrpc++.$(SHARED_EXT) $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.$(SHARED_EXT) shared_csharp: shared_c $(LIBDIR)/$(CONFIG)/libgrpc_csharp_ext.$(SHARED_EXT) grpc_csharp_ext: shared_csharp @@ -1794,6 +1794,8 @@ strip-static_cxx: static_cxx ifeq ($(CONFIG),opt) $(E) "[STRIP] Stripping libgrpc++.a" $(Q) $(STRIP) $(LIBDIR)/$(CONFIG)/libgrpc++.a + $(E) "[STRIP] Stripping libgrpc++_unsecure.a" + $(Q) $(STRIP) $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.a endif strip-shared_c: shared_c @@ -1810,6 +1812,8 @@ strip-shared_cxx: shared_cxx ifeq ($(CONFIG),opt) $(E) "[STRIP] Stripping libgrpc++.so" $(Q) $(STRIP) $(LIBDIR)/$(CONFIG)/libgrpc++.$(SHARED_EXT) + $(E) "[STRIP] Stripping libgrpc++_unsecure.so" + $(Q) $(STRIP) $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.$(SHARED_EXT) endif strip-shared_csharp: shared_csharp @@ -1969,6 +1973,9 @@ install-static_cxx: static_cxx strip-static_cxx $(E) "[INSTALL] Installing libgrpc++.a" $(Q) $(INSTALL) -d $(prefix)/lib $(Q) $(INSTALL) $(LIBDIR)/$(CONFIG)/libgrpc++.a $(prefix)/lib/libgrpc++.a + $(E) "[INSTALL] Installing libgrpc++_unsecure.a" + $(Q) $(INSTALL) -d $(prefix)/lib + $(Q) $(INSTALL) $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.a $(prefix)/lib/libgrpc++_unsecure.a @@ -2033,6 +2040,19 @@ ifneq ($(SYSTEM),Darwin) $(Q) ln -sf libgrpc++.$(SHARED_EXT) $(prefix)/lib/libgrpc++.so endif endif +ifeq ($(SYSTEM),MINGW32) + $(E) "[INSTALL] Installing grpc++_unsecure.$(SHARED_EXT)" + $(Q) $(INSTALL) -d $(prefix)/lib + $(Q) $(INSTALL) $(LIBDIR)/$(CONFIG)/grpc++_unsecure.$(SHARED_EXT) $(prefix)/lib/grpc++_unsecure.$(SHARED_EXT) + $(Q) $(INSTALL) $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure-imp.a $(prefix)/lib/libgrpc++_unsecure-imp.a +else + $(E) "[INSTALL] Installing libgrpc++_unsecure.$(SHARED_EXT)" + $(Q) $(INSTALL) -d $(prefix)/lib + $(Q) $(INSTALL) $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.$(SHARED_EXT) $(prefix)/lib/libgrpc++_unsecure.$(SHARED_EXT) +ifneq ($(SYSTEM),Darwin) + $(Q) ln -sf libgrpc++_unsecure.$(SHARED_EXT) $(prefix)/lib/libgrpc++_unsecure.so +endif +endif ifneq ($(SYSTEM),MINGW32) ifneq ($(SYSTEM),Darwin) $(Q) ldconfig || true @@ -3004,12 +3024,14 @@ $(OBJDIR)/$(CONFIG)/src/core/transport/transport.o: LIBGRPC++_SRC = \ + src/cpp/client/secure_credentials.cc \ src/cpp/client/channel.cc \ src/cpp/client/channel_arguments.cc \ src/cpp/client/client_context.cc \ src/cpp/client/client_unary_call.cc \ src/cpp/client/create_channel.cc \ src/cpp/client/credentials.cc \ + src/cpp/client/insecure_credentials.cc \ src/cpp/client/internal_stub.cc \ src/cpp/common/call.cc \ src/cpp/common/completion_queue.cc \ @@ -3081,12 +3103,14 @@ ifneq ($(OPENSSL_DEP),) # This is to ensure the embedded OpenSSL is built beforehand, properly # installing headers to their final destination on the drive. We need this # otherwise parallel compilation will fail if a source is compiled first. +src/cpp/client/secure_credentials.cc: $(OPENSSL_DEP) src/cpp/client/channel.cc: $(OPENSSL_DEP) src/cpp/client/channel_arguments.cc: $(OPENSSL_DEP) src/cpp/client/client_context.cc: $(OPENSSL_DEP) src/cpp/client/client_unary_call.cc: $(OPENSSL_DEP) src/cpp/client/create_channel.cc: $(OPENSSL_DEP) src/cpp/client/credentials.cc: $(OPENSSL_DEP) +src/cpp/client/insecure_credentials.cc: $(OPENSSL_DEP) src/cpp/client/internal_stub.cc: $(OPENSSL_DEP) src/cpp/common/call.cc: $(OPENSSL_DEP) src/cpp/common/completion_queue.cc: $(OPENSSL_DEP) @@ -3106,6 +3130,13 @@ $(LIBDIR)/$(CONFIG)/libgrpc++.a: $(ZLIB_DEP) $(OPENSSL_DEP) $(PROTOBUF_DEP) $(LI $(Q) mkdir -p `dirname $@` $(Q) rm -f $(LIBDIR)/$(CONFIG)/libgrpc++.a $(Q) $(AR) rcs $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBGRPC++_OBJS) + $(Q) rm -rf tmp-merge + $(Q) mkdir tmp-merge + $(Q) ( cd tmp-merge ; $(AR) x ../$(LIBDIR)/$(CONFIG)/libgrpc++.a ) + $(Q) for l in $(OPENSSL_MERGE_LIBS) ; do ( cd tmp-merge ; ar x ../$${l} ) ; done + $(Q) rm -f $(LIBDIR)/$(CONFIG)/libgrpc++.a tmp-merge/__.SYMDEF* + $(Q) ar rcs $(LIBDIR)/$(CONFIG)/libgrpc++.a tmp-merge/* + $(Q) rm -rf tmp-merge ifeq ($(SYSTEM),Darwin) $(Q) ranlib $(LIBDIR)/$(CONFIG)/libgrpc++.a endif @@ -3140,12 +3171,14 @@ ifneq ($(NO_DEPS),true) endif endif +$(OBJDIR)/$(CONFIG)/src/cpp/client/secure_credentials.o: $(OBJDIR)/$(CONFIG)/src/cpp/client/channel.o: $(OBJDIR)/$(CONFIG)/src/cpp/client/channel_arguments.o: $(OBJDIR)/$(CONFIG)/src/cpp/client/client_context.o: $(OBJDIR)/$(CONFIG)/src/cpp/client/client_unary_call.o: $(OBJDIR)/$(CONFIG)/src/cpp/client/create_channel.o: $(OBJDIR)/$(CONFIG)/src/cpp/client/credentials.o: +$(OBJDIR)/$(CONFIG)/src/cpp/client/insecure_credentials.o: $(OBJDIR)/$(CONFIG)/src/cpp/client/internal_stub.o: $(OBJDIR)/$(CONFIG)/src/cpp/common/call.o: $(OBJDIR)/$(CONFIG)/src/cpp/common/completion_queue.o: @@ -3225,6 +3258,123 @@ endif $(OBJDIR)/$(CONFIG)/test/cpp/util/create_test_channel.o: $(GENDIR)/test/cpp/util/messages.pb.cc $(GENDIR)/test/cpp/util/echo.pb.cc $(GENDIR)/test/cpp/util/echo_duplicate.pb.cc +LIBGRPC++_UNSECURE_SRC = \ + src/cpp/client/channel.cc \ + src/cpp/client/channel_arguments.cc \ + src/cpp/client/client_context.cc \ + src/cpp/client/client_unary_call.cc \ + src/cpp/client/create_channel.cc \ + src/cpp/client/credentials.cc \ + src/cpp/client/insecure_credentials.cc \ + src/cpp/client/internal_stub.cc \ + src/cpp/common/call.cc \ + src/cpp/common/completion_queue.cc \ + src/cpp/common/rpc_method.cc \ + src/cpp/proto/proto_utils.cc \ + src/cpp/server/server.cc \ + src/cpp/server/server_builder.cc \ + src/cpp/server/server_context.cc \ + src/cpp/server/server_credentials.cc \ + src/cpp/server/thread_pool.cc \ + src/cpp/util/status.cc \ + src/cpp/util/time.cc \ + +PUBLIC_HEADERS_CXX += \ + include/grpc++/async_unary_call.h \ + include/grpc++/channel_arguments.h \ + include/grpc++/channel_interface.h \ + include/grpc++/client_context.h \ + include/grpc++/completion_queue.h \ + include/grpc++/config.h \ + include/grpc++/create_channel.h \ + include/grpc++/credentials.h \ + include/grpc++/impl/call.h \ + include/grpc++/impl/client_unary_call.h \ + include/grpc++/impl/internal_stub.h \ + include/grpc++/impl/rpc_method.h \ + include/grpc++/impl/rpc_service_method.h \ + include/grpc++/impl/service_type.h \ + include/grpc++/server.h \ + include/grpc++/server_builder.h \ + include/grpc++/server_context.h \ + include/grpc++/server_credentials.h \ + include/grpc++/status.h \ + include/grpc++/status_code_enum.h \ + include/grpc++/stream.h \ + include/grpc++/thread_pool_interface.h \ + +LIBGRPC++_UNSECURE_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(LIBGRPC++_UNSECURE_SRC)))) + +ifeq ($(NO_PROTOBUF),true) + +# You can't build a C++ library if you don't have protobuf - a bit overreached, but still okay. + +$(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.a: protobuf_dep_error + +ifeq ($(SYSTEM),MINGW32) +$(LIBDIR)/$(CONFIG)/grpc++_unsecure.$(SHARED_EXT): protobuf_dep_error +else +$(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.$(SHARED_EXT): protobuf_dep_error +endif + +else + +$(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.a: $(ZLIB_DEP) $(PROTOBUF_DEP) $(LIBGRPC++_UNSECURE_OBJS) + $(E) "[AR] Creating $@" + $(Q) mkdir -p `dirname $@` + $(Q) rm -f $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.a + $(Q) $(AR) rcs $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.a $(LIBGRPC++_UNSECURE_OBJS) +ifeq ($(SYSTEM),Darwin) + $(Q) ranlib $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.a +endif + + + +ifeq ($(SYSTEM),MINGW32) +$(LIBDIR)/$(CONFIG)/grpc++_unsecure.$(SHARED_EXT): $(LIBGRPC++_UNSECURE_OBJS) $(ZLIB_DEP)$(LIBDIR)/$(CONFIG)/gpr.$(SHARED_EXT)$(LIBDIR)/$(CONFIG)/grpc_unsecure.$(SHARED_EXT) + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` + $(Q) $(LDXX) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -shared -Wl,--output-def=$(LIBDIR)/$(CONFIG)/grpc++_unsecure.def -Wl,--out-implib=$(LIBDIR)/$(CONFIG)/libgrpc++_unsecure-imp.a -o $(LIBDIR)/$(CONFIG)/grpc++_unsecure.$(SHARED_EXT) $(LIBGRPC++_UNSECURE_OBJS) $(LDLIBS) $(LDLIBSXX) $(LDLIBS_PROTOBUF) -lgpr-imp -lgrpc_unsecure-imp +else +$(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.$(SHARED_EXT): $(LIBGRPC++_UNSECURE_OBJS) $(ZLIB_DEP) $(LIBDIR)/$(CONFIG)/libgpr.$(SHARED_EXT) $(LIBDIR)/$(CONFIG)/libgrpc_unsecure.$(SHARED_EXT) + $(E) "[LD] Linking $@" + $(Q) mkdir -p `dirname $@` +ifeq ($(SYSTEM),Darwin) + $(Q) $(LDXX) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -dynamiclib -o $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.$(SHARED_EXT) $(LIBGRPC++_UNSECURE_OBJS) $(LDLIBS) $(LDLIBSXX) $(LDLIBS_PROTOBUF) -lgpr -lgrpc_unsecure +else + $(Q) $(LDXX) $(LDFLAGS) -L$(LIBDIR)/$(CONFIG) -shared -Wl,-soname,libgrpc++_unsecure.so.0 -o $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.$(SHARED_EXT) $(LIBGRPC++_UNSECURE_OBJS) $(LDLIBS) $(LDLIBSXX) $(LDLIBS_PROTOBUF) -lgpr -lgrpc_unsecure + $(Q) ln -sf libgrpc++_unsecure.$(SHARED_EXT) $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.so.0 + $(Q) ln -sf libgrpc++_unsecure.$(SHARED_EXT) $(LIBDIR)/$(CONFIG)/libgrpc++_unsecure.so +endif +endif + +endif + +ifneq ($(NO_DEPS),true) +-include $(LIBGRPC++_UNSECURE_OBJS:.o=.dep) +endif + +$(OBJDIR)/$(CONFIG)/src/cpp/client/channel.o: +$(OBJDIR)/$(CONFIG)/src/cpp/client/channel_arguments.o: +$(OBJDIR)/$(CONFIG)/src/cpp/client/client_context.o: +$(OBJDIR)/$(CONFIG)/src/cpp/client/client_unary_call.o: +$(OBJDIR)/$(CONFIG)/src/cpp/client/create_channel.o: +$(OBJDIR)/$(CONFIG)/src/cpp/client/credentials.o: +$(OBJDIR)/$(CONFIG)/src/cpp/client/insecure_credentials.o: +$(OBJDIR)/$(CONFIG)/src/cpp/client/internal_stub.o: +$(OBJDIR)/$(CONFIG)/src/cpp/common/call.o: +$(OBJDIR)/$(CONFIG)/src/cpp/common/completion_queue.o: +$(OBJDIR)/$(CONFIG)/src/cpp/common/rpc_method.o: +$(OBJDIR)/$(CONFIG)/src/cpp/proto/proto_utils.o: +$(OBJDIR)/$(CONFIG)/src/cpp/server/server.o: +$(OBJDIR)/$(CONFIG)/src/cpp/server/server_builder.o: +$(OBJDIR)/$(CONFIG)/src/cpp/server/server_context.o: +$(OBJDIR)/$(CONFIG)/src/cpp/server/server_credentials.o: +$(OBJDIR)/$(CONFIG)/src/cpp/server/thread_pool.o: +$(OBJDIR)/$(CONFIG)/src/cpp/util/status.o: +$(OBJDIR)/$(CONFIG)/src/cpp/util/time.o: + + LIBPUBSUB_CLIENT_LIB_SRC = \ $(GENDIR)/examples/pubsub/label.pb.cc \ $(GENDIR)/examples/pubsub/empty.pb.cc \ diff --git a/build.json b/build.json index f6ef33b25fc..9ab59f93795 100644 --- a/build.json +++ b/build.json @@ -9,6 +9,60 @@ } }, "filegroups": [ + { + "name": "grpc++_base", + "public_headers": [ + "include/grpc++/async_unary_call.h", + "include/grpc++/channel_arguments.h", + "include/grpc++/channel_interface.h", + "include/grpc++/client_context.h", + "include/grpc++/completion_queue.h", + "include/grpc++/config.h", + "include/grpc++/create_channel.h", + "include/grpc++/credentials.h", + "include/grpc++/impl/call.h", + "include/grpc++/impl/client_unary_call.h", + "include/grpc++/impl/internal_stub.h", + "include/grpc++/impl/rpc_method.h", + "include/grpc++/impl/rpc_service_method.h", + "include/grpc++/impl/service_type.h", + "include/grpc++/server.h", + "include/grpc++/server_builder.h", + "include/grpc++/server_context.h", + "include/grpc++/server_credentials.h", + "include/grpc++/status.h", + "include/grpc++/status_code_enum.h", + "include/grpc++/stream.h", + "include/grpc++/thread_pool_interface.h" + ], + "headers": [ + "src/cpp/client/channel.h", + "src/cpp/proto/proto_utils.h", + "src/cpp/server/thread_pool.h", + "src/cpp/util/time.h" + ], + "src": [ + "src/cpp/client/channel.cc", + "src/cpp/client/channel_arguments.cc", + "src/cpp/client/client_context.cc", + "src/cpp/client/client_unary_call.cc", + "src/cpp/client/create_channel.cc", + "src/cpp/client/credentials.cc", + "src/cpp/client/insecure_credentials.cc", + "src/cpp/client/internal_stub.cc", + "src/cpp/common/call.cc", + "src/cpp/common/completion_queue.cc", + "src/cpp/common/rpc_method.cc", + "src/cpp/proto/proto_utils.cc", + "src/cpp/server/server.cc", + "src/cpp/server/server_builder.cc", + "src/cpp/server/server_context.cc", + "src/cpp/server/server_credentials.cc", + "src/cpp/server/thread_pool.cc", + "src/cpp/util/status.cc", + "src/cpp/util/time.cc" + ] + }, { "name": "grpc_base", "public_headers": [ @@ -383,60 +437,17 @@ "name": "grpc++", "build": "all", "language": "c++", - "public_headers": [ - "include/grpc++/async_unary_call.h", - "include/grpc++/channel_arguments.h", - "include/grpc++/channel_interface.h", - "include/grpc++/client_context.h", - "include/grpc++/completion_queue.h", - "include/grpc++/config.h", - "include/grpc++/create_channel.h", - "include/grpc++/credentials.h", - "include/grpc++/impl/call.h", - "include/grpc++/impl/client_unary_call.h", - "include/grpc++/impl/internal_stub.h", - "include/grpc++/impl/rpc_method.h", - "include/grpc++/impl/rpc_service_method.h", - "include/grpc++/impl/service_type.h", - "include/grpc++/server.h", - "include/grpc++/server_builder.h", - "include/grpc++/server_context.h", - "include/grpc++/server_credentials.h", - "include/grpc++/status.h", - "include/grpc++/status_code_enum.h", - "include/grpc++/stream.h", - "include/grpc++/thread_pool_interface.h" - ], - "headers": [ - "src/cpp/client/channel.h", - "src/cpp/proto/proto_utils.h", - "src/cpp/server/thread_pool.h", - "src/cpp/util/time.h" - ], "src": [ - "src/cpp/client/channel.cc", - "src/cpp/client/channel_arguments.cc", - "src/cpp/client/client_context.cc", - "src/cpp/client/client_unary_call.cc", - "src/cpp/client/create_channel.cc", - "src/cpp/client/credentials.cc", - "src/cpp/client/internal_stub.cc", - "src/cpp/common/call.cc", - "src/cpp/common/completion_queue.cc", - "src/cpp/common/rpc_method.cc", - "src/cpp/proto/proto_utils.cc", - "src/cpp/server/server.cc", - "src/cpp/server/server_builder.cc", - "src/cpp/server/server_context.cc", - "src/cpp/server/server_credentials.cc", - "src/cpp/server/thread_pool.cc", - "src/cpp/util/status.cc", - "src/cpp/util/time.cc" + "src/cpp/client/secure_credentials.cc" ], "deps": [ "gpr", "grpc" ], + "baselib": true, + "filegroups": [ + "grpc++_base" + ], "secure": true, "vs_project_guid": "{C187A093-A0FE-489D-A40A-6E33DE0F9FEB}" }, @@ -451,6 +462,20 @@ "test/cpp/util/create_test_channel.cc" ] }, + { + "name": "grpc++_unsecure", + "build": "all", + "language": "c++", + "deps": [ + "gpr", + "grpc_unsecure" + ], + "baselib": true, + "filegroups": [ + "grpc++_base" + ], + "secure": false + }, { "name": "pubsub_client_lib", "build": "private", diff --git a/include/grpc++/channel_arguments.h b/include/grpc++/channel_arguments.h index 75c3cf45b49..91f89f313e4 100644 --- a/include/grpc++/channel_arguments.h +++ b/include/grpc++/channel_arguments.h @@ -62,6 +62,9 @@ class ChannelArguments { void SetInt(const grpc::string& key, int value); void SetString(const grpc::string& key, const grpc::string& value); + // Populates given channel_args with args_, does not take ownership. + void SetChannelArgs(grpc_channel_args* channel_args) const; + private: friend class Channel; friend class testing::ChannelArgumentsTest; @@ -73,9 +76,6 @@ class ChannelArguments { // Returns empty string when it is not set. grpc::string GetSslTargetNameOverride() const; - // Populates given channel_args with args_, does not take ownership. - void SetChannelArgs(grpc_channel_args* channel_args) const; - std::vector args_; std::list strings_; }; diff --git a/include/grpc++/create_channel.h b/include/grpc++/create_channel.h index eadabda3596..2c40047e9a1 100644 --- a/include/grpc++/create_channel.h +++ b/include/grpc++/create_channel.h @@ -43,9 +43,6 @@ namespace grpc { class ChannelArguments; class ChannelInterface; -std::shared_ptr CreateChannel(const grpc::string& target, - const ChannelArguments& args); - // If creds does not hold an object or is invalid, a lame channel is returned. std::shared_ptr CreateChannel( const grpc::string& target, const std::unique_ptr& creds, diff --git a/include/grpc++/credentials.h b/include/grpc++/credentials.h index ac6f394847d..b462b450daf 100644 --- a/include/grpc++/credentials.h +++ b/include/grpc++/credentials.h @@ -39,29 +39,21 @@ #include -struct grpc_credentials; - namespace grpc { +class ChannelArguments; +class ChannelInterface; -// grpc_credentials wrapper class. Typical use in C++ applications is limited -// to creating an instance using CredentialsFactory, and passing it down -// during channel construction. - -class Credentials final { +class Credentials { public: - ~Credentials(); - - // TODO(abhikumar): Specify a plugin API here to be implemented by - // credentials that do not have a corresponding implementation in C. + virtual ~Credentials(); private: - explicit Credentials(grpc_credentials*); - grpc_credentials* GetRawCreds(); - - friend class Channel; - friend class CredentialsFactory; + friend std::shared_ptr CreateChannel( + const grpc::string& target, const std::unique_ptr& creds, + const ChannelArguments& args); - grpc_credentials* creds_; + virtual std::shared_ptr CreateChannel( + const grpc::string& target, const ChannelArguments& args) = 0; }; // Options used to build SslCredentials @@ -79,43 +71,44 @@ struct SslCredentialsOptions { grpc::string pem_cert_chain; }; -// Factory for building different types of Credentials -// The methods may return empty unique_ptr when credentials cannot be created. +// Factories for building different types of Credentials +// The functions may return empty unique_ptr when credentials cannot be created. // If a Credentials pointer is returned, it can still be invalid when used to // create a channel. A lame channel will be created then and all rpcs will // fail on it. -class CredentialsFactory { - public: - // Builds credentials with reasonable defaults. - static std::unique_ptr DefaultCredentials(); - - // Builds SSL Credentials given SSL specific options - static std::unique_ptr SslCredentials( - const SslCredentialsOptions& options); - - // Builds credentials for use when running in GCE - static std::unique_ptr ComputeEngineCredentials(); - - // Builds service account credentials. - // json_key is the JSON key string containing the client's private key. - // scope is a space-delimited list of the requested permissions. - // token_lifetime is the lifetime of each token acquired through this service - // account credentials. It should be positive and should not exceed - // grpc_max_auth_token_lifetime or will be cropped to this value. - static std::unique_ptr ServiceAccountCredentials( - const grpc::string& json_key, const grpc::string& scope, - std::chrono::seconds token_lifetime); - - // Builds IAM credentials. - static std::unique_ptr IAMCredentials( - const grpc::string& authorization_token, - const grpc::string& authority_selector); - - // Combines two credentials objects into a composite credentials - static std::unique_ptr ComposeCredentials( - const std::unique_ptr& creds1, - const std::unique_ptr& creds2); -}; + +// Builds credentials with reasonable defaults. +std::unique_ptr DefaultCredentials(); + +// Builds SSL Credentials given SSL specific options +std::unique_ptr SslCredentials( + const SslCredentialsOptions& options); + +// Builds credentials for use when running in GCE +std::unique_ptr ComputeEngineCredentials(); + +// Builds service account credentials. +// json_key is the JSON key string containing the client's private key. +// scope is a space-delimited list of the requested permissions. +// token_lifetime is the lifetime of each token acquired through this service +// account credentials. It should be positive and should not exceed +// grpc_max_auth_token_lifetime or will be cropped to this value. +std::unique_ptr ServiceAccountCredentials( + const grpc::string& json_key, const grpc::string& scope, + std::chrono::seconds token_lifetime); + +// Builds IAM credentials. +std::unique_ptr IAMCredentials( + const grpc::string& authorization_token, + const grpc::string& authority_selector); + +// Combines two credentials objects into a composite credentials +std::unique_ptr ComposeCredentials( + const std::unique_ptr& creds1, + const std::unique_ptr& creds2); + +// Credentials for an unencrypted, unauthenticated channel +std::unique_ptr InsecureCredentials(); } // namespace grpc diff --git a/src/cpp/client/channel.cc b/src/cpp/client/channel.cc index ca69d66cbbf..65bd135d5cb 100644 --- a/src/cpp/client/channel.cc +++ b/src/cpp/client/channel.cc @@ -54,43 +54,23 @@ namespace grpc { -Channel::Channel(const grpc::string &target, const ChannelArguments &args) - : target_(target) { - grpc_channel_args channel_args; - args.SetChannelArgs(&channel_args); - c_channel_ = grpc_channel_create( - target_.c_str(), channel_args.num_args > 0 ? &channel_args : nullptr); -} - -Channel::Channel(const grpc::string &target, - const std::unique_ptr &creds, - const ChannelArguments &args) - : target_(args.GetSslTargetNameOverride().empty() - ? target - : args.GetSslTargetNameOverride()) { - grpc_channel_args channel_args; - args.SetChannelArgs(&channel_args); - grpc_credentials *c_creds = creds ? creds->GetRawCreds() : nullptr; - c_channel_ = grpc_secure_channel_create( - c_creds, target.c_str(), - channel_args.num_args > 0 ? &channel_args : nullptr); -} +Channel::Channel(const grpc::string& target, grpc_channel* channel) + : target_(target), c_channel_(channel) {} Channel::~Channel() { grpc_channel_destroy(c_channel_); } -Call Channel::CreateCall(const RpcMethod &method, ClientContext *context, - CompletionQueue *cq) { - auto c_call = - grpc_channel_create_call( - c_channel_, cq->cq(), method.name(), - context->authority().empty() ? target_.c_str() - : context->authority().c_str(), - context->RawDeadline()); +Call Channel::CreateCall(const RpcMethod& method, ClientContext* context, + CompletionQueue* cq) { + auto c_call = grpc_channel_create_call(c_channel_, cq->cq(), method.name(), + context->authority().empty() + ? target_.c_str() + : context->authority().c_str(), + context->RawDeadline()); context->set_call(c_call); return Call(c_call, this, cq); } -void Channel::PerformOpsOnCall(CallOpBuffer *buf, Call *call) { +void Channel::PerformOpsOnCall(CallOpBuffer* buf, Call* call) { static const size_t MAX_OPS = 8; size_t nops = MAX_OPS; grpc_op ops[MAX_OPS]; diff --git a/src/cpp/client/channel.h b/src/cpp/client/channel.h index 06f5a8ffdfe..f5c9e0f6160 100644 --- a/src/cpp/client/channel.h +++ b/src/cpp/client/channel.h @@ -51,10 +51,7 @@ class StreamContextInterface; class Channel final : public ChannelInterface { public: - Channel(const grpc::string &target, const ChannelArguments &args); - Channel(const grpc::string &target, const std::unique_ptr &creds, - const ChannelArguments &args); - + Channel(const grpc::string &target, grpc_channel *c_channel); ~Channel() override; virtual Call CreateCall(const RpcMethod &method, ClientContext *context, @@ -63,7 +60,7 @@ class Channel final : public ChannelInterface { private: const grpc::string target_; - grpc_channel *c_channel_; // owned + grpc_channel *const c_channel_; // owned }; } // namespace grpc diff --git a/src/cpp/client/create_channel.cc b/src/cpp/client/create_channel.cc index acf51cb90b1..ef2deb35563 100644 --- a/src/cpp/client/create_channel.cc +++ b/src/cpp/client/create_channel.cc @@ -40,14 +40,9 @@ namespace grpc { class ChannelArguments; -std::shared_ptr CreateChannel(const grpc::string &target, - const ChannelArguments &args) { - return std::shared_ptr(new Channel(target, args)); -} - std::shared_ptr CreateChannel( const grpc::string &target, const std::unique_ptr &creds, const ChannelArguments &args) { - return std::shared_ptr(new Channel(target, creds, args)); + return creds->CreateChannel(target, args); } } // namespace grpc diff --git a/src/cpp/client/credentials.cc b/src/cpp/client/credentials.cc index 66571cad73d..e8062849887 100644 --- a/src/cpp/client/credentials.cc +++ b/src/cpp/client/credentials.cc @@ -31,85 +31,10 @@ * */ -#include - -#include -#include - #include namespace grpc { -Credentials::Credentials(grpc_credentials *c_creds) : creds_(c_creds) {} - -Credentials::~Credentials() { grpc_credentials_release(creds_); } -grpc_credentials *Credentials::GetRawCreds() { return creds_; } - -std::unique_ptr CredentialsFactory::DefaultCredentials() { - grpc_credentials *c_creds = grpc_default_credentials_create(); - std::unique_ptr cpp_creds(new Credentials(c_creds)); - return cpp_creds; -} - -// Builds SSL Credentials given SSL specific options -std::unique_ptr CredentialsFactory::SslCredentials( - const SslCredentialsOptions &options) { - grpc_ssl_pem_key_cert_pair pem_key_cert_pair = { - options.pem_private_key.c_str(), options.pem_cert_chain.c_str()}; - - grpc_credentials *c_creds = grpc_ssl_credentials_create( - options.pem_root_certs.empty() ? nullptr : options.pem_root_certs.c_str(), - options.pem_private_key.empty() ? nullptr : &pem_key_cert_pair); - std::unique_ptr cpp_creds( - c_creds == nullptr ? nullptr : new Credentials(c_creds)); - return cpp_creds; -} - -// Builds credentials for use when running in GCE -std::unique_ptr CredentialsFactory::ComputeEngineCredentials() { - grpc_credentials *c_creds = grpc_compute_engine_credentials_create(); - std::unique_ptr cpp_creds( - c_creds == nullptr ? nullptr : new Credentials(c_creds)); - return cpp_creds; -} - -// Builds service account credentials. -std::unique_ptr CredentialsFactory::ServiceAccountCredentials( - const grpc::string &json_key, const grpc::string &scope, - std::chrono::seconds token_lifetime) { - gpr_timespec lifetime = gpr_time_from_seconds( - token_lifetime.count() > 0 ? token_lifetime.count() : 0); - grpc_credentials *c_creds = grpc_service_account_credentials_create( - json_key.c_str(), scope.c_str(), lifetime); - std::unique_ptr cpp_creds( - c_creds == nullptr ? nullptr : new Credentials(c_creds)); - return cpp_creds; -} - -// Builds IAM credentials. -std::unique_ptr CredentialsFactory::IAMCredentials( - const grpc::string &authorization_token, - const grpc::string &authority_selector) { - grpc_credentials *c_creds = grpc_iam_credentials_create( - authorization_token.c_str(), authority_selector.c_str()); - std::unique_ptr cpp_creds( - c_creds == nullptr ? nullptr : new Credentials(c_creds)); - return cpp_creds; -} - -// Combines two credentials objects into a composite credentials. -std::unique_ptr CredentialsFactory::ComposeCredentials( - const std::unique_ptr &creds1, - const std::unique_ptr &creds2) { - // Note that we are not saving unique_ptrs to the two credentials - // passed in here. This is OK because the underlying C objects (i.e., - // creds1 and creds2) into grpc_composite_credentials_create will see their - // refcounts incremented. - grpc_credentials *c_creds = grpc_composite_credentials_create( - creds1->GetRawCreds(), creds2->GetRawCreds()); - std::unique_ptr cpp_creds( - c_creds == nullptr ? nullptr : new Credentials(c_creds)); - return cpp_creds; -} +Credentials::~Credentials() {} } // namespace grpc diff --git a/src/cpp/client/insecure_credentials.cc b/src/cpp/client/insecure_credentials.cc new file mode 100644 index 00000000000..4f3bba5c8e5 --- /dev/null +++ b/src/cpp/client/insecure_credentials.cc @@ -0,0 +1,60 @@ +/* + * + * Copyright 2015, Google Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following disclaimer + * in the documentation and/or other materials provided with the + * distribution. + * * Neither the name of Google Inc. nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include + +#include +#include + +#include +#include +#include "src/cpp/client/channel.h" + +namespace grpc { + +namespace { +class InsecureCredentialsImpl final : public Credentials { + public: + std::shared_ptr CreateChannel(const string& target, const grpc::ChannelArguments& args) override { + grpc_channel_args channel_args; + args.SetChannelArgs(&channel_args); + return std::shared_ptr(new Channel(target, grpc_channel_create(target.c_str(), &channel_args))); + } +}; +} // namespace + +std::unique_ptr InsecureCredentials() { + return std::unique_ptr(new InsecureCredentialsImpl()); +} + +} // namespace grpc diff --git a/src/cpp/client/secure_credentials.cc b/src/cpp/client/secure_credentials.cc new file mode 100644 index 00000000000..367dfe3447b --- /dev/null +++ b/src/cpp/client/secure_credentials.cc @@ -0,0 +1,128 @@ +/* + * + * Copyright 2015, Google Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following disclaimer + * in the documentation and/or other materials provided with the + * distribution. + * * Neither the name of Google Inc. nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include + +#include +#include + +#include +#include +#include "src/cpp/client/channel.h" + +namespace grpc { + +namespace { +class SecureCredentials final : public Credentials { + public: + explicit SecureCredentials(grpc_credentials* c_creds) : c_creds_(c_creds) {} + ~SecureCredentials() override { grpc_credentials_release(c_creds_); } + grpc_credentials* GetRawCreds() { return c_creds_; } + + std::shared_ptr CreateChannel( + const string& target, const grpc::ChannelArguments& args) override { + grpc_channel_args channel_args; + args.SetChannelArgs(&channel_args); + return std::shared_ptr(new Channel( + target, + grpc_secure_channel_create(c_creds_, target.c_str(), &channel_args))); + } + + private: + grpc_credentials* const c_creds_; +}; + +std::unique_ptr WrapCredentials(grpc_credentials* creds) { + return creds == nullptr + ? nullptr + : std::unique_ptr(new SecureCredentials(creds)); +} +} // namespace + +std::unique_ptr DefaultCredentials() { + return WrapCredentials(grpc_default_credentials_create()); +} + +// Builds SSL Credentials given SSL specific options +std::unique_ptr SslCredentials( + const SslCredentialsOptions& options) { + grpc_ssl_pem_key_cert_pair pem_key_cert_pair = { + options.pem_private_key.c_str(), options.pem_cert_chain.c_str()}; + + grpc_credentials* c_creds = grpc_ssl_credentials_create( + options.pem_root_certs.empty() ? nullptr : options.pem_root_certs.c_str(), + options.pem_private_key.empty() ? nullptr : &pem_key_cert_pair); + return WrapCredentials(c_creds); +} + +// Builds credentials for use when running in GCE +std::unique_ptr ComputeEngineCredentials() { + return WrapCredentials(grpc_compute_engine_credentials_create()); +} + +// Builds service account credentials. +std::unique_ptr ServiceAccountCredentials( + const grpc::string& json_key, const grpc::string& scope, + std::chrono::seconds token_lifetime) { + gpr_timespec lifetime = gpr_time_from_seconds( + token_lifetime.count() > 0 ? token_lifetime.count() : 0); + return WrapCredentials(grpc_service_account_credentials_create( + json_key.c_str(), scope.c_str(), lifetime)); +} + +// Builds IAM credentials. +std::unique_ptr IAMCredentials( + const grpc::string& authorization_token, + const grpc::string& authority_selector) { + return WrapCredentials(grpc_iam_credentials_create( + authorization_token.c_str(), authority_selector.c_str())); +} + +// Combines two credentials objects into a composite credentials. +std::unique_ptr ComposeCredentials( + const std::unique_ptr& creds1, + const std::unique_ptr& creds2) { + // Note that we are not saving unique_ptrs to the two credentials + // passed in here. This is OK because the underlying C objects (i.e., + // creds1 and creds2) into grpc_composite_credentials_create will see their + // refcounts incremented. + SecureCredentials* s1 = dynamic_cast(creds1.get()); + SecureCredentials* s2 = dynamic_cast(creds2.get()); + if (s1 && s2) { + return WrapCredentials(grpc_composite_credentials_create( + s1->GetRawCreds(), s2->GetRawCreds())); + } + return nullptr; +} + +} // namespace grpc diff --git a/test/cpp/client/credentials_test.cc b/test/cpp/client/credentials_test.cc index dc8d76d7eff..59ca33cc297 100644 --- a/test/cpp/client/credentials_test.cc +++ b/test/cpp/client/credentials_test.cc @@ -47,8 +47,7 @@ class CredentialsTest : public ::testing::Test { TEST_F(CredentialsTest, InvalidServiceAccountCreds) { std::unique_ptr bad1 = - CredentialsFactory::ServiceAccountCredentials("", "", - std::chrono::seconds(1)); + ServiceAccountCredentials("", "", std::chrono::seconds(1)); EXPECT_EQ(nullptr, bad1.get()); } diff --git a/test/cpp/end2end/async_end2end_test.cc b/test/cpp/end2end/async_end2end_test.cc index 248e054e49a..85b4ff8120c 100644 --- a/test/cpp/end2end/async_end2end_test.cc +++ b/test/cpp/end2end/async_end2end_test.cc @@ -65,9 +65,7 @@ namespace testing { namespace { -void* tag(int i) { - return (void*)(gpr_intptr)i; -} +void* tag(int i) { return (void*)(gpr_intptr) i; } void verify_ok(CompletionQueue* cq, int i, bool expect_ok) { bool ok; @@ -104,23 +102,15 @@ class AsyncEnd2endTest : public ::testing::Test { } void ResetStub() { - std::shared_ptr channel = - CreateChannel(server_address_.str(), ChannelArguments()); + std::shared_ptr channel = CreateChannel( + server_address_.str(), InsecureCredentials(), ChannelArguments()); stub_.reset(grpc::cpp::test::util::TestService::NewStub(channel)); } - void server_ok(int i) { - verify_ok(&srv_cq_, i, true); - } - void client_ok(int i) { - verify_ok(&cli_cq_, i , true); - } - void server_fail(int i) { - verify_ok(&srv_cq_, i, false); - } - void client_fail(int i) { - verify_ok(&cli_cq_, i, false); - } + void server_ok(int i) { verify_ok(&srv_cq_, i, true); } + void client_ok(int i) { verify_ok(&cli_cq_, i, true); } + void server_fail(int i) { verify_ok(&srv_cq_, i, false); } + void client_fail(int i) { verify_ok(&cli_cq_, i, false); } void SendRpc(int num_rpcs) { for (int i = 0; i < num_rpcs; i++) { @@ -135,12 +125,11 @@ class AsyncEnd2endTest : public ::testing::Test { grpc::ServerAsyncResponseWriter response_writer(&srv_ctx); send_request.set_message("Hello"); - std::unique_ptr > - response_reader(stub_->Echo( - &cli_ctx, send_request, &cli_cq_, tag(1))); + std::unique_ptr > response_reader( + stub_->Echo(&cli_ctx, send_request, &cli_cq_, tag(1))); - service_.RequestEcho( - &srv_ctx, &recv_request, &response_writer, &srv_cq_, tag(2)); + service_.RequestEcho(&srv_ctx, &recv_request, &response_writer, &srv_cq_, + tag(2)); server_ok(2); EXPECT_EQ(send_request.message(), recv_request.message()); @@ -193,8 +182,7 @@ TEST_F(AsyncEnd2endTest, SimpleClientStreaming) { std::unique_ptr > cli_stream( stub_->RequestStream(&cli_ctx, &recv_response, &cli_cq_, tag(1))); - service_.RequestRequestStream( - &srv_ctx, &srv_stream, &srv_cq_, tag(2)); + service_.RequestRequestStream(&srv_ctx, &srv_stream, &srv_cq_, tag(2)); server_ok(2); client_ok(1); @@ -247,8 +235,8 @@ TEST_F(AsyncEnd2endTest, SimpleServerStreaming) { std::unique_ptr > cli_stream( stub_->ResponseStream(&cli_ctx, send_request, &cli_cq_, tag(1))); - service_.RequestResponseStream( - &srv_ctx, &recv_request, &srv_stream, &srv_cq_, tag(2)); + service_.RequestResponseStream(&srv_ctx, &recv_request, &srv_stream, &srv_cq_, + tag(2)); server_ok(2); client_ok(1); @@ -298,8 +286,7 @@ TEST_F(AsyncEnd2endTest, SimpleBidiStreaming) { std::unique_ptr > cli_stream(stub_->BidiStream(&cli_ctx, &cli_cq_, tag(1))); - service_.RequestBidiStream( - &srv_ctx, &srv_stream, &srv_cq_, tag(2)); + service_.RequestBidiStream(&srv_ctx, &srv_stream, &srv_cq_, tag(2)); server_ok(2); client_ok(1); @@ -357,8 +344,8 @@ TEST_F(AsyncEnd2endTest, ClientInitialMetadataRpc) { std::unique_ptr > response_reader( stub_->Echo(&cli_ctx, send_request, &cli_cq_, tag(1))); - service_.RequestEcho( - &srv_ctx, &recv_request, &response_writer, &srv_cq_, tag(2)); + service_.RequestEcho(&srv_ctx, &recv_request, &response_writer, &srv_cq_, + tag(2)); server_ok(2); EXPECT_EQ(send_request.message(), recv_request.message()); auto client_initial_metadata = srv_ctx.client_metadata(); @@ -399,8 +386,8 @@ TEST_F(AsyncEnd2endTest, ServerInitialMetadataRpc) { std::unique_ptr > response_reader( stub_->Echo(&cli_ctx, send_request, &cli_cq_, tag(1))); - service_.RequestEcho( - &srv_ctx, &recv_request, &response_writer, &srv_cq_, tag(2)); + service_.RequestEcho(&srv_ctx, &recv_request, &response_writer, &srv_cq_, + tag(2)); server_ok(2); EXPECT_EQ(send_request.message(), recv_request.message()); srv_ctx.AddInitialMetadata(meta1.first, meta1.second); @@ -447,8 +434,8 @@ TEST_F(AsyncEnd2endTest, ServerTrailingMetadataRpc) { std::unique_ptr > response_reader( stub_->Echo(&cli_ctx, send_request, &cli_cq_, tag(1))); - service_.RequestEcho( - &srv_ctx, &recv_request, &response_writer, &srv_cq_, tag(2)); + service_.RequestEcho(&srv_ctx, &recv_request, &response_writer, &srv_cq_, + tag(2)); server_ok(2); EXPECT_EQ(send_request.message(), recv_request.message()); response_writer.SendInitialMetadata(tag(3)); @@ -462,7 +449,6 @@ TEST_F(AsyncEnd2endTest, ServerTrailingMetadataRpc) { server_ok(4); - response_reader->Finish(&recv_response, &recv_status, tag(5)); client_ok(5); EXPECT_EQ(send_response.message(), recv_response.message()); @@ -491,10 +477,12 @@ TEST_F(AsyncEnd2endTest, MetadataRpc) { std::pair meta2( "key2-bin", {"\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7\xc8\xc9\xca\xcb\xcc", 13}); std::pair meta3("key3", "val3"); - std::pair meta6("key4-bin", + std::pair meta6( + "key4-bin", {"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d", 14}); std::pair meta5("key5", "val5"); - std::pair meta4("key6-bin", + std::pair meta4( + "key6-bin", {"\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7\xe8\xe9\xea\xeb\xec\xed\xee", 15}); cli_ctx.AddMetadata(meta1.first, meta1.second); @@ -503,8 +491,8 @@ TEST_F(AsyncEnd2endTest, MetadataRpc) { std::unique_ptr > response_reader( stub_->Echo(&cli_ctx, send_request, &cli_cq_, tag(1))); - service_.RequestEcho( - &srv_ctx, &recv_request, &response_writer, &srv_cq_, tag(2)); + service_.RequestEcho(&srv_ctx, &recv_request, &response_writer, &srv_cq_, + tag(2)); server_ok(2); EXPECT_EQ(send_request.message(), recv_request.message()); auto client_initial_metadata = srv_ctx.client_metadata(); @@ -531,7 +519,6 @@ TEST_F(AsyncEnd2endTest, MetadataRpc) { server_ok(5); - response_reader->Finish(&recv_response, &recv_status, tag(6)); client_ok(6); EXPECT_EQ(send_response.message(), recv_response.message()); diff --git a/test/cpp/end2end/end2end_test.cc b/test/cpp/end2end/end2end_test.cc index d4ca3ef49e4..f5ecd1a20c1 100644 --- a/test/cpp/end2end/end2end_test.cc +++ b/test/cpp/end2end/end2end_test.cc @@ -160,8 +160,8 @@ class End2endTest : public ::testing::Test { void TearDown() override { server_->Shutdown(); } void ResetStub() { - std::shared_ptr channel = - CreateChannel(server_address_.str(), ChannelArguments()); + std::shared_ptr channel = CreateChannel( + server_address_.str(), InsecureCredentials(), ChannelArguments()); stub_.reset(grpc::cpp::test::util::TestService::NewStub(channel)); } @@ -328,8 +328,7 @@ TEST_F(End2endTest, ResponseStream) { ClientContext context; request.set_message("hello"); - ClientReader* stream = - stub_->ResponseStream(&context, request); + ClientReader* stream = stub_->ResponseStream(&context, request); EXPECT_TRUE(stream->Read(&response)); EXPECT_EQ(response.message(), request.message() + "0"); EXPECT_TRUE(stream->Read(&response)); @@ -381,8 +380,8 @@ TEST_F(End2endTest, BidiStream) { // Talk to the two services with the same name but different package names. // The two stubs are created on the same channel. TEST_F(End2endTest, DiffPackageServices) { - std::shared_ptr channel = - CreateChannel(server_address_.str(), ChannelArguments()); + std::shared_ptr channel = CreateChannel( + server_address_.str(), InsecureCredentials(), ChannelArguments()); EchoRequest request; EchoResponse response; @@ -407,8 +406,7 @@ TEST_F(End2endTest, DiffPackageServices) { // rpc and stream should fail on bad credentials. TEST_F(End2endTest, BadCredentials) { std::unique_ptr bad_creds = - CredentialsFactory::ServiceAccountCredentials("", "", - std::chrono::seconds(1)); + ServiceAccountCredentials("", "", std::chrono::seconds(1)); EXPECT_EQ(nullptr, bad_creds.get()); std::shared_ptr channel = CreateChannel(server_address_.str(), bad_creds, ChannelArguments()); diff --git a/test/cpp/interop/client.cc b/test/cpp/interop/client.cc index 78f2063c45b..abe0aaccd5a 100644 --- a/test/cpp/interop/client.cc +++ b/test/cpp/interop/client.cc @@ -80,9 +80,10 @@ DEFINE_string(oauth_scope, "", "Scope for OAuth tokens."); using grpc::ChannelInterface; using grpc::ClientContext; +using grpc::ComputeEngineCredentials; using grpc::CreateTestChannel; using grpc::Credentials; -using grpc::CredentialsFactory; +using grpc::ServiceAccountCredentials; using grpc::testing::ResponseParameters; using grpc::testing::SimpleRequest; using grpc::testing::SimpleResponse; @@ -94,8 +95,8 @@ using grpc::testing::TestService; // In some distros, gflags is in the namespace google, and in some others, // in gflags. This hack is enabling us to find both. -namespace google { } -namespace gflags { } +namespace google {} +namespace gflags {} using namespace google; using namespace gflags; @@ -133,14 +134,14 @@ std::shared_ptr CreateChannelForTestCase( std::unique_ptr creds; GPR_ASSERT(FLAGS_enable_ssl); grpc::string json_key = GetServiceAccountJsonKey(); - creds = CredentialsFactory::ServiceAccountCredentials( - json_key, FLAGS_oauth_scope, std::chrono::hours(1)); + creds = ServiceAccountCredentials(json_key, FLAGS_oauth_scope, + std::chrono::hours(1)); return CreateTestChannel(host_port, FLAGS_server_host_override, FLAGS_enable_ssl, FLAGS_use_prod_roots, creds); } else if (test_case == "compute_engine_creds") { std::unique_ptr creds; GPR_ASSERT(FLAGS_enable_ssl); - creds = CredentialsFactory::ComputeEngineCredentials(); + creds = ComputeEngineCredentials(); return CreateTestChannel(host_port, FLAGS_server_host_override, FLAGS_enable_ssl, FLAGS_use_prod_roots, creds); } else { @@ -200,7 +201,7 @@ void DoComputeEngineCreds() { GPR_ASSERT(!response.username().empty()); GPR_ASSERT(response.username().c_str() == FLAGS_default_service_account); GPR_ASSERT(!response.oauth_scope().empty()); - const char *oauth_scope_str = response.oauth_scope().c_str(); + const char* oauth_scope_str = response.oauth_scope().c_str(); GPR_ASSERT(FLAGS_oauth_scope.find(oauth_scope_str) != grpc::string::npos); gpr_log(GPR_INFO, "Large unary with compute engine creds done."); } @@ -219,7 +220,7 @@ void DoServiceAccountCreds() { GPR_ASSERT(!response.oauth_scope().empty()); grpc::string json_key = GetServiceAccountJsonKey(); GPR_ASSERT(json_key.find(response.username()) != grpc::string::npos); - const char *oauth_scope_str = response.oauth_scope().c_str(); + const char* oauth_scope_str = response.oauth_scope().c_str(); GPR_ASSERT(FLAGS_oauth_scope.find(oauth_scope_str) != grpc::string::npos); gpr_log(GPR_INFO, "Large unary with service account creds done."); } diff --git a/test/cpp/interop/server.cc b/test/cpp/interop/server.cc index 263bd8e3042..7a7287438f2 100644 --- a/test/cpp/interop/server.cc +++ b/test/cpp/interop/server.cc @@ -77,8 +77,8 @@ using grpc::Status; // In some distros, gflags is in the namespace google, and in some others, // in gflags. This hack is enabling us to find both. -namespace google { } -namespace gflags { } +namespace google {} +namespace gflags {} using namespace google; using namespace gflags; @@ -215,8 +215,7 @@ void RunServer() { if (FLAGS_enable_ssl) { SslServerCredentialsOptions ssl_opts = { "", {{test_server1_key, test_server1_cert}}}; - std::shared_ptr creds = - ServerCredentialsFactory::SslCredentials(ssl_opts); + std::shared_ptr creds = ServerSslCredentials(ssl_opts); builder.SetCredentials(creds); } std::unique_ptr server(builder.BuildAndStart()); diff --git a/test/cpp/util/create_test_channel.cc b/test/cpp/util/create_test_channel.cc index b0472d32a99..278172f6ff6 100644 --- a/test/cpp/util/create_test_channel.cc +++ b/test/cpp/util/create_test_channel.cc @@ -61,12 +61,10 @@ std::shared_ptr CreateTestChannel( const std::unique_ptr& creds) { ChannelArguments channel_args; if (enable_ssl) { - const char* roots_certs = - use_prod_roots ? "" : test_root_cert; + const char* roots_certs = use_prod_roots ? "" : test_root_cert; SslCredentialsOptions ssl_opts = {roots_certs, "", ""}; - std::unique_ptr channel_creds = - CredentialsFactory::SslCredentials(ssl_opts); + std::unique_ptr channel_creds = SslCredentials(ssl_opts); if (!server.empty() && !override_hostname.empty()) { channel_args.SetSslTargetNameOverride(override_hostname); @@ -74,12 +72,11 @@ std::shared_ptr CreateTestChannel( const grpc::string& connect_to = server.empty() ? override_hostname : server; if (creds.get()) { - channel_creds = - CredentialsFactory::ComposeCredentials(creds, channel_creds); + channel_creds = ComposeCredentials(creds, channel_creds); } return CreateChannel(connect_to, channel_creds, channel_args); } else { - return CreateChannel(server, channel_args); + return CreateChannel(server, InsecureCredentials(), channel_args); } } From 759026cbf0419dae4edddd9e75fa338e1028a3d8 Mon Sep 17 00:00:00 2001 From: Craig Tiller Date: Sun, 22 Feb 2015 23:09:45 -0800 Subject: [PATCH 02/34] Server API simplification Remove 'secure_serer_create', and instead attach credentials to ports, meaning different ports can serve different credentials. --- Makefile | 3 - build.json | 1 - include/grpc/grpc_security.h | 9 +-- src/core/security/factories.c | 28 -------- src/core/security/server_secure_chttp2.c | 70 +++++++++++++++---- src/core/surface/secure_server_create.c | 57 --------------- test/core/echo/server.c | 4 +- .../end2end/fixtures/chttp2_fake_security.c | 4 +- .../fixtures/chttp2_simple_ssl_fullstack.c | 4 +- .../chttp2_simple_ssl_with_oauth2_fullstack.c | 4 +- test/core/fling/server.c | 4 +- vsprojects/vs2013/grpc.vcxproj | 2 - vsprojects/vs2013/grpc.vcxproj.filters | 3 - vsprojects/vs2013/grpc_shared.vcxproj | 2 - vsprojects/vs2013/grpc_shared.vcxproj.filters | 3 - 15 files changed, 67 insertions(+), 131 deletions(-) delete mode 100644 src/core/surface/secure_server_create.c diff --git a/Makefile b/Makefile index 8bb6b7f1ac3..df6d01c5932 100644 --- a/Makefile +++ b/Makefile @@ -2315,7 +2315,6 @@ LIBGRPC_SRC = \ src/core/security/security_context.c \ src/core/security/server_secure_chttp2.c \ src/core/surface/secure_channel_create.c \ - src/core/surface/secure_server_create.c \ src/core/tsi/fake_transport_security.c \ src/core/tsi/ssl_transport_security.c \ src/core/tsi/transport_security.c \ @@ -2456,7 +2455,6 @@ src/core/security/secure_transport_setup.c: $(OPENSSL_DEP) src/core/security/security_context.c: $(OPENSSL_DEP) src/core/security/server_secure_chttp2.c: $(OPENSSL_DEP) src/core/surface/secure_channel_create.c: $(OPENSSL_DEP) -src/core/surface/secure_server_create.c: $(OPENSSL_DEP) src/core/tsi/fake_transport_security.c: $(OPENSSL_DEP) src/core/tsi/ssl_transport_security.c: $(OPENSSL_DEP) src/core/tsi/transport_security.c: $(OPENSSL_DEP) @@ -2614,7 +2612,6 @@ $(OBJDIR)/$(CONFIG)/src/core/security/secure_transport_setup.o: $(OBJDIR)/$(CONFIG)/src/core/security/security_context.o: $(OBJDIR)/$(CONFIG)/src/core/security/server_secure_chttp2.o: $(OBJDIR)/$(CONFIG)/src/core/surface/secure_channel_create.o: -$(OBJDIR)/$(CONFIG)/src/core/surface/secure_server_create.o: $(OBJDIR)/$(CONFIG)/src/core/tsi/fake_transport_security.o: $(OBJDIR)/$(CONFIG)/src/core/tsi/ssl_transport_security.o: $(OBJDIR)/$(CONFIG)/src/core/tsi/transport_security.o: diff --git a/build.json b/build.json index 9ab59f93795..1e9b4d72a35 100644 --- a/build.json +++ b/build.json @@ -381,7 +381,6 @@ "src/core/security/security_context.c", "src/core/security/server_secure_chttp2.c", "src/core/surface/secure_channel_create.c", - "src/core/surface/secure_server_create.c", "src/core/tsi/fake_transport_security.c", "src/core/tsi/ssl_transport_security.c", "src/core/tsi/transport_security.c" diff --git a/include/grpc/grpc_security.h b/include/grpc/grpc_security.h index 0eae444a9b7..196bb3c0e64 100644 --- a/include/grpc/grpc_security.h +++ b/include/grpc/grpc_security.h @@ -168,17 +168,12 @@ grpc_server_credentials *grpc_fake_transport_security_server_credentials_create( /* --- Secure server creation. --- */ -/* Creates a secure server using the passed-in server credentials. */ -grpc_server *grpc_secure_server_create(grpc_server_credentials *creds, - grpc_completion_queue *cq, - const grpc_channel_args *args); - /* Add a HTTP2 over an encrypted link over tcp listener. Server must have been created with grpc_secure_server_create. Returns bound port number on success, 0 on failure. REQUIRES: server not started */ -int grpc_server_add_secure_http2_port(grpc_server *server, const char *addr); - +int grpc_server_add_secure_http2_port(grpc_server *server, const char *addr, + grpc_server_credentials *creds); #ifdef __cplusplus } diff --git a/src/core/security/factories.c b/src/core/security/factories.c index c9701b9080d..372ee256f2a 100644 --- a/src/core/security/factories.c +++ b/src/core/security/factories.c @@ -50,31 +50,3 @@ grpc_channel *grpc_secure_channel_create(grpc_credentials *creds, return grpc_secure_channel_create_with_factories( factories, GPR_ARRAY_SIZE(factories), creds, target, args); } - -grpc_server *grpc_secure_server_create(grpc_server_credentials *creds, - grpc_completion_queue *cq, - const grpc_channel_args *args) { - grpc_security_status status = GRPC_SECURITY_ERROR; - grpc_security_context *ctx = NULL; - grpc_server *server = NULL; - if (creds == NULL) return NULL; /* TODO(ctiller): Return lame server. */ - - if (!strcmp(creds->type, GRPC_CREDENTIALS_TYPE_SSL)) { - status = grpc_ssl_server_security_context_create( - grpc_ssl_server_credentials_get_config(creds), &ctx); - } else if (!strcmp(creds->type, - GRPC_CREDENTIALS_TYPE_FAKE_TRANSPORT_SECURITY)) { - ctx = grpc_fake_server_security_context_create(); - status = GRPC_SECURITY_OK; - } - - if (status != GRPC_SECURITY_OK) { - gpr_log(GPR_ERROR, - "Unable to create secure server with credentials of type %s.", - creds->type); - return NULL; /* TODO(ctiller): Return lame server. */ - } - server = grpc_secure_server_create_internal(cq, args, ctx); - grpc_security_context_unref(ctx); - return server; -} diff --git a/src/core/security/server_secure_chttp2.c b/src/core/security/server_secure_chttp2.c index c88f0726bb7..4dcd4b55244 100644 --- a/src/core/security/server_secure_chttp2.c +++ b/src/core/security/server_secure_chttp2.c @@ -33,6 +33,8 @@ #include +#include + #include "src/core/channel/http_filter.h" #include "src/core/channel/http_server_filter.h" #include "src/core/iomgr/resolve_address.h" @@ -66,37 +68,64 @@ static void on_secure_transport_setup_done(void *server, } } -static void on_accept(void *server, grpc_endpoint *tcp) { - const grpc_channel_args *args = grpc_server_get_channel_args(server); - grpc_security_context *ctx = grpc_find_security_context_in_args(args); - GPR_ASSERT(ctx); - grpc_setup_secure_transport(ctx, tcp, on_secure_transport_setup_done, server); -} +typedef struct { + grpc_tcp_server *tcp; + grpc_security_context *ctx; + grpc_server *server; +} secured_port; -/* Note: the following code is the same with server_chttp2.c */ +static void on_accept(void *spp, grpc_endpoint *tcp) { + secured_port *sp = spp; + grpc_setup_secure_transport(sp->ctx, tcp, on_secure_transport_setup_done, sp->server); +} /* Server callback: start listening on our ports */ -static void start(grpc_server *server, void *tcpp, grpc_pollset **pollsets, +static void start(grpc_server *server, void *spp, grpc_pollset **pollsets, size_t pollset_count) { - grpc_tcp_server *tcp = tcpp; - grpc_tcp_server_start(tcp, pollsets, pollset_count, on_accept, server); + secured_port *sp = spp; + grpc_tcp_server_start(sp->tcp, pollsets, pollset_count, on_accept, sp); } /* Server callback: destroy the tcp listener (so we don't generate further callbacks) */ -static void destroy(grpc_server *server, void *tcpp) { - grpc_tcp_server *tcp = tcpp; - grpc_tcp_server_destroy(tcp); +static void destroy(grpc_server *server, void *spp) { + secured_port *sp = spp; + grpc_tcp_server_destroy(sp->tcp); + grpc_security_context_unref(sp->ctx); + gpr_free(sp); } -int grpc_server_add_secure_http2_port(grpc_server *server, const char *addr) { +int grpc_server_add_secure_http2_port(grpc_server *server, const char *addr, grpc_server_credentials *creds) { grpc_resolved_addresses *resolved = NULL; grpc_tcp_server *tcp = NULL; size_t i; unsigned count = 0; int port_num = -1; int port_temp; + grpc_security_status status = GRPC_SECURITY_ERROR; + grpc_security_context *ctx = NULL; + secured_port *sp = NULL; + + /* create security context */ + if (creds == NULL) goto error; + + if (!strcmp(creds->type, GRPC_CREDENTIALS_TYPE_SSL)) { + status = grpc_ssl_server_security_context_create( + grpc_ssl_server_credentials_get_config(creds), &ctx); + } else if (!strcmp(creds->type, + GRPC_CREDENTIALS_TYPE_FAKE_TRANSPORT_SECURITY)) { + ctx = grpc_fake_server_security_context_create(); + status = GRPC_SECURITY_OK; + } + if (status != GRPC_SECURITY_OK) { + gpr_log(GPR_ERROR, + "Unable to create secure server with credentials of type %s.", + creds->type); + goto error; + } + + /* resolve address */ resolved = grpc_blocking_resolve_address(addr, "https"); if (!resolved) { goto error; @@ -132,18 +161,29 @@ int grpc_server_add_secure_http2_port(grpc_server *server, const char *addr) { } grpc_resolved_addresses_destroy(resolved); + sp = gpr_malloc(sizeof(secured_port)); + sp->tcp = tcp; + sp->ctx = ctx; + sp->server = server; + /* Register with the server only upon success */ - grpc_server_add_listener(server, tcp, start, destroy); + grpc_server_add_listener(server, sp, start, destroy); return port_num; /* Error path: cleanup and return */ error: + if (ctx) { + grpc_security_context_unref(ctx); + } if (resolved) { grpc_resolved_addresses_destroy(resolved); } if (tcp) { grpc_tcp_server_destroy(tcp); } + if (sp) { + gpr_free(sp); + } return 0; } diff --git a/src/core/surface/secure_server_create.c b/src/core/surface/secure_server_create.c deleted file mode 100644 index 1d5b9279977..00000000000 --- a/src/core/surface/secure_server_create.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * - * Copyright 2015, Google Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are - * met: - * - * * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following disclaimer - * in the documentation and/or other materials provided with the - * distribution. - * * Neither the name of Google Inc. nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT - * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT - * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#include - -#include "src/core/channel/channel_args.h" -#include "src/core/security/security_context.h" -#include "src/core/surface/completion_queue.h" -#include "src/core/surface/server.h" -#include - -grpc_server *grpc_secure_server_create_internal( - grpc_completion_queue *cq, const grpc_channel_args *args, - grpc_security_context *context) { - grpc_arg context_arg; - grpc_channel_args *args_copy; - grpc_server *server; - if (grpc_find_security_context_in_args(args) != NULL) { - gpr_log(GPR_ERROR, "Cannot set security context in channel args."); - } - - context_arg = grpc_security_context_to_arg(context); - args_copy = grpc_channel_args_copy_and_add(args, &context_arg); - server = grpc_server_create_from_filters(cq, NULL, 0, args_copy); - grpc_channel_args_destroy(args_copy); - return server; -} diff --git a/test/core/echo/server.c b/test/core/echo/server.c index 83da8b644d6..8c9175e3cf9 100644 --- a/test/core/echo/server.c +++ b/test/core/echo/server.c @@ -143,8 +143,8 @@ int main(int argc, char **argv) { test_server1_cert}; grpc_server_credentials *ssl_creds = grpc_ssl_server_credentials_create(NULL, &pem_key_cert_pair, 1); - server = grpc_secure_server_create(ssl_creds, cq, &args); - GPR_ASSERT(grpc_server_add_secure_http2_port(server, addr)); + server = grpc_server_create(cq, &args); + GPR_ASSERT(grpc_server_add_secure_http2_port(server, addr, ssl_creds)); grpc_server_credentials_release(ssl_creds); } else { server = grpc_server_create(cq, &args); diff --git a/test/core/end2end/fixtures/chttp2_fake_security.c b/test/core/end2end/fixtures/chttp2_fake_security.c index 039909f76cb..6079b550d83 100644 --- a/test/core/end2end/fixtures/chttp2_fake_security.c +++ b/test/core/end2end/fixtures/chttp2_fake_security.c @@ -84,9 +84,9 @@ static void chttp2_init_server_secure_fullstack( grpc_server_destroy(f->server); } f->server = - grpc_secure_server_create(server_creds, f->server_cq, server_args); + grpc_server_create(f->server_cq, server_args); + GPR_ASSERT(grpc_server_add_secure_http2_port(f->server, ffd->localaddr, server_creds)); grpc_server_credentials_release(server_creds); - GPR_ASSERT(grpc_server_add_secure_http2_port(f->server, ffd->localaddr)); grpc_server_start(f->server); } diff --git a/test/core/end2end/fixtures/chttp2_simple_ssl_fullstack.c b/test/core/end2end/fixtures/chttp2_simple_ssl_fullstack.c index 1db9e727b86..9af2f46410c 100644 --- a/test/core/end2end/fixtures/chttp2_simple_ssl_fullstack.c +++ b/test/core/end2end/fixtures/chttp2_simple_ssl_fullstack.c @@ -87,9 +87,9 @@ static void chttp2_init_server_secure_fullstack( grpc_server_destroy(f->server); } f->server = - grpc_secure_server_create(server_creds, f->server_cq, server_args); + grpc_server_create(f->server_cq, server_args); + GPR_ASSERT(grpc_server_add_secure_http2_port(f->server, ffd->localaddr, server_creds)); grpc_server_credentials_release(server_creds); - GPR_ASSERT(grpc_server_add_secure_http2_port(f->server, ffd->localaddr)); grpc_server_start(f->server); } diff --git a/test/core/end2end/fixtures/chttp2_simple_ssl_with_oauth2_fullstack.c b/test/core/end2end/fixtures/chttp2_simple_ssl_with_oauth2_fullstack.c index 35e022c4947..0be0a2302a0 100644 --- a/test/core/end2end/fixtures/chttp2_simple_ssl_with_oauth2_fullstack.c +++ b/test/core/end2end/fixtures/chttp2_simple_ssl_with_oauth2_fullstack.c @@ -85,9 +85,9 @@ static void chttp2_init_server_secure_fullstack( grpc_server_destroy(f->server); } f->server = - grpc_secure_server_create(server_creds, f->server_cq, server_args); + grpc_server_create(f->server_cq, server_args); + GPR_ASSERT(grpc_server_add_secure_http2_port(f->server, ffd->localaddr, server_creds)); grpc_server_credentials_release(server_creds); - GPR_ASSERT(grpc_server_add_secure_http2_port(f->server, ffd->localaddr)); grpc_server_start(f->server); } diff --git a/test/core/fling/server.c b/test/core/fling/server.c index 59c303015a3..4f29c3b5cfa 100644 --- a/test/core/fling/server.c +++ b/test/core/fling/server.c @@ -205,8 +205,8 @@ int main(int argc, char **argv) { test_server1_cert}; grpc_server_credentials *ssl_creds = grpc_ssl_server_credentials_create(NULL, &pem_key_cert_pair, 1); - server = grpc_secure_server_create(ssl_creds, cq, NULL); - GPR_ASSERT(grpc_server_add_secure_http2_port(server, addr)); + server = grpc_server_create(cq, NULL); + GPR_ASSERT(grpc_server_add_secure_http2_port(server, addr, ssl_creds)); grpc_server_credentials_release(ssl_creds); } else { server = grpc_server_create(cq, NULL); diff --git a/vsprojects/vs2013/grpc.vcxproj b/vsprojects/vs2013/grpc.vcxproj index 89c0de333c9..1b4005e0363 100644 --- a/vsprojects/vs2013/grpc.vcxproj +++ b/vsprojects/vs2013/grpc.vcxproj @@ -215,8 +215,6 @@ - - diff --git a/vsprojects/vs2013/grpc.vcxproj.filters b/vsprojects/vs2013/grpc.vcxproj.filters index a2d9f30eda7..949be751807 100644 --- a/vsprojects/vs2013/grpc.vcxproj.filters +++ b/vsprojects/vs2013/grpc.vcxproj.filters @@ -43,9 +43,6 @@ src\core\surface - - src\core\surface - src\core\tsi diff --git a/vsprojects/vs2013/grpc_shared.vcxproj b/vsprojects/vs2013/grpc_shared.vcxproj index 81a280d912a..6bbe656a809 100644 --- a/vsprojects/vs2013/grpc_shared.vcxproj +++ b/vsprojects/vs2013/grpc_shared.vcxproj @@ -219,8 +219,6 @@ - - diff --git a/vsprojects/vs2013/grpc_shared.vcxproj.filters b/vsprojects/vs2013/grpc_shared.vcxproj.filters index a2d9f30eda7..949be751807 100644 --- a/vsprojects/vs2013/grpc_shared.vcxproj.filters +++ b/vsprojects/vs2013/grpc_shared.vcxproj.filters @@ -43,9 +43,6 @@ src\core\surface - - src\core\surface - src\core\tsi From 42bc87c0979f7a9f3084366fd466d382cf86ec17 Mon Sep 17 00:00:00 2001 From: Craig Tiller Date: Mon, 23 Feb 2015 08:50:19 -0800 Subject: [PATCH 03/34] Update C++ server with new core API And reflects the C++ API in ServerBuilder. --- Makefile | 8 +++ build.json | 5 +- examples/pubsub/main.cc | 4 +- examples/pubsub/publisher_test.cc | 5 +- examples/pubsub/subscriber_test.cc | 5 +- include/grpc++/server.h | 11 ++- include/grpc++/server_builder.h | 16 +++-- include/grpc++/server_credentials.h | 29 ++++---- include/grpc/grpc.h | 3 + src/core/security/factories.c | 2 +- src/core/security/security_context.c | 1 - src/core/surface/lame_client.c | 2 +- src/cpp/client/create_channel.cc | 3 +- .../server/insecure_server_credentials.cc} | 22 ++++-- src/cpp/server/secure_server_credentials.cc | 70 +++++++++++++++++++ src/cpp/server/server.cc | 27 ++----- src/cpp/server/server_builder.cc | 23 +++--- src/cpp/server/server_credentials.cc | 22 +----- test/core/surface/lame_client_test.c | 2 +- test/cpp/end2end/async_end2end_test.cc | 3 +- test/cpp/end2end/end2end_test.cc | 3 +- test/cpp/interop/server.cc | 7 +- test/cpp/qps/server.cc | 3 +- tools/run_tests/run_tests.py | 2 +- vsprojects/vs2013/grpc.vcxproj | 1 - vsprojects/vs2013/grpc.vcxproj.filters | 3 - vsprojects/vs2013/grpc_shared.vcxproj | 1 - vsprojects/vs2013/grpc_shared.vcxproj.filters | 3 - vsprojects/vs2013/grpc_unsecure.vcxproj | 1 - .../vs2013/grpc_unsecure.vcxproj.filters | 3 - 30 files changed, 165 insertions(+), 125 deletions(-) rename src/{core/surface/lame_client.h => cpp/server/insecure_server_credentials.cc} (75%) create mode 100644 src/cpp/server/secure_server_credentials.cc diff --git a/Makefile b/Makefile index df6d01c5932..36a4df4fea7 100644 --- a/Makefile +++ b/Makefile @@ -3022,6 +3022,7 @@ $(OBJDIR)/$(CONFIG)/src/core/transport/transport.o: LIBGRPC++_SRC = \ src/cpp/client/secure_credentials.cc \ + src/cpp/server/secure_server_credentials.cc \ src/cpp/client/channel.cc \ src/cpp/client/channel_arguments.cc \ src/cpp/client/client_context.cc \ @@ -3034,6 +3035,7 @@ LIBGRPC++_SRC = \ src/cpp/common/completion_queue.cc \ src/cpp/common/rpc_method.cc \ src/cpp/proto/proto_utils.cc \ + src/cpp/server/insecure_server_credentials.cc \ src/cpp/server/server.cc \ src/cpp/server/server_builder.cc \ src/cpp/server/server_context.cc \ @@ -3101,6 +3103,7 @@ ifneq ($(OPENSSL_DEP),) # installing headers to their final destination on the drive. We need this # otherwise parallel compilation will fail if a source is compiled first. src/cpp/client/secure_credentials.cc: $(OPENSSL_DEP) +src/cpp/server/secure_server_credentials.cc: $(OPENSSL_DEP) src/cpp/client/channel.cc: $(OPENSSL_DEP) src/cpp/client/channel_arguments.cc: $(OPENSSL_DEP) src/cpp/client/client_context.cc: $(OPENSSL_DEP) @@ -3113,6 +3116,7 @@ src/cpp/common/call.cc: $(OPENSSL_DEP) src/cpp/common/completion_queue.cc: $(OPENSSL_DEP) src/cpp/common/rpc_method.cc: $(OPENSSL_DEP) src/cpp/proto/proto_utils.cc: $(OPENSSL_DEP) +src/cpp/server/insecure_server_credentials.cc: $(OPENSSL_DEP) src/cpp/server/server.cc: $(OPENSSL_DEP) src/cpp/server/server_builder.cc: $(OPENSSL_DEP) src/cpp/server/server_context.cc: $(OPENSSL_DEP) @@ -3169,6 +3173,7 @@ endif endif $(OBJDIR)/$(CONFIG)/src/cpp/client/secure_credentials.o: +$(OBJDIR)/$(CONFIG)/src/cpp/server/secure_server_credentials.o: $(OBJDIR)/$(CONFIG)/src/cpp/client/channel.o: $(OBJDIR)/$(CONFIG)/src/cpp/client/channel_arguments.o: $(OBJDIR)/$(CONFIG)/src/cpp/client/client_context.o: @@ -3181,6 +3186,7 @@ $(OBJDIR)/$(CONFIG)/src/cpp/common/call.o: $(OBJDIR)/$(CONFIG)/src/cpp/common/completion_queue.o: $(OBJDIR)/$(CONFIG)/src/cpp/common/rpc_method.o: $(OBJDIR)/$(CONFIG)/src/cpp/proto/proto_utils.o: +$(OBJDIR)/$(CONFIG)/src/cpp/server/insecure_server_credentials.o: $(OBJDIR)/$(CONFIG)/src/cpp/server/server.o: $(OBJDIR)/$(CONFIG)/src/cpp/server/server_builder.o: $(OBJDIR)/$(CONFIG)/src/cpp/server/server_context.o: @@ -3268,6 +3274,7 @@ LIBGRPC++_UNSECURE_SRC = \ src/cpp/common/completion_queue.cc \ src/cpp/common/rpc_method.cc \ src/cpp/proto/proto_utils.cc \ + src/cpp/server/insecure_server_credentials.cc \ src/cpp/server/server.cc \ src/cpp/server/server_builder.cc \ src/cpp/server/server_context.cc \ @@ -3363,6 +3370,7 @@ $(OBJDIR)/$(CONFIG)/src/cpp/common/call.o: $(OBJDIR)/$(CONFIG)/src/cpp/common/completion_queue.o: $(OBJDIR)/$(CONFIG)/src/cpp/common/rpc_method.o: $(OBJDIR)/$(CONFIG)/src/cpp/proto/proto_utils.o: +$(OBJDIR)/$(CONFIG)/src/cpp/server/insecure_server_credentials.o: $(OBJDIR)/$(CONFIG)/src/cpp/server/server.o: $(OBJDIR)/$(CONFIG)/src/cpp/server/server_builder.o: $(OBJDIR)/$(CONFIG)/src/cpp/server/server_context.o: diff --git a/build.json b/build.json index 1e9b4d72a35..007b4913fb4 100644 --- a/build.json +++ b/build.json @@ -54,6 +54,7 @@ "src/cpp/common/completion_queue.cc", "src/cpp/common/rpc_method.cc", "src/cpp/proto/proto_utils.cc", + "src/cpp/server/insecure_server_credentials.cc", "src/cpp/server/server.cc", "src/cpp/server/server_builder.cc", "src/cpp/server/server_context.cc", @@ -133,7 +134,6 @@ "src/core/surface/client.h", "src/core/surface/completion_queue.h", "src/core/surface/event_string.h", - "src/core/surface/lame_client.h", "src/core/surface/server.h", "src/core/surface/surface_trace.h", "src/core/transport/chttp2/bin_encoder.h", @@ -437,7 +437,8 @@ "build": "all", "language": "c++", "src": [ - "src/cpp/client/secure_credentials.cc" + "src/cpp/client/secure_credentials.cc", + "src/cpp/server/secure_server_credentials.cc" ], "deps": [ "gpr", diff --git a/examples/pubsub/main.cc b/examples/pubsub/main.cc index 39fb8aea15c..066cfa1e017 100644 --- a/examples/pubsub/main.cc +++ b/examples/pubsub/main.cc @@ -96,10 +96,10 @@ int main(int argc, char** argv) { std::unique_ptr creds; if (FLAGS_service_account_key_file != "") { grpc::string json_key = GetServiceAccountJsonKey(); - creds = grpc::CredentialsFactory::ServiceAccountCredentials( + creds = grpc::ServiceAccountCredentials( json_key, FLAGS_oauth_scope, std::chrono::hours(1)); } else { - creds = grpc::CredentialsFactory::ComputeEngineCredentials(); + creds = grpc::ComputeEngineCredentials(); } ss << FLAGS_server_host << ":" << FLAGS_server_port; diff --git a/examples/pubsub/publisher_test.cc b/examples/pubsub/publisher_test.cc index b7bea5b1bd2..0bb4b842176 100644 --- a/examples/pubsub/publisher_test.cc +++ b/examples/pubsub/publisher_test.cc @@ -40,6 +40,7 @@ #include #include #include +#include #include #include @@ -106,11 +107,11 @@ class PublisherTest : public ::testing::Test { int port = grpc_pick_unused_port_or_die(); server_address_ << "localhost:" << port; ServerBuilder builder; - builder.AddPort(server_address_.str()); + builder.AddPort(server_address_.str(), grpc::InsecureServerCredentials()); builder.RegisterService(&service_); server_ = builder.BuildAndStart(); - channel_ = CreateChannel(server_address_.str(), ChannelArguments()); + channel_ = CreateChannel(server_address_.str(), grpc::InsecureCredentials(), ChannelArguments()); publisher_.reset(new grpc::examples::pubsub::Publisher(channel_)); } diff --git a/examples/pubsub/subscriber_test.cc b/examples/pubsub/subscriber_test.cc index 1fdcc8f755f..49738fcda62 100644 --- a/examples/pubsub/subscriber_test.cc +++ b/examples/pubsub/subscriber_test.cc @@ -40,6 +40,7 @@ #include #include #include +#include #include #include @@ -105,11 +106,11 @@ class SubscriberTest : public ::testing::Test { int port = grpc_pick_unused_port_or_die(); server_address_ << "localhost:" << port; ServerBuilder builder; - builder.AddPort(server_address_.str()); + builder.AddPort(server_address_.str(), grpc::InsecureServerCredentials()); builder.RegisterService(&service_); server_ = builder.BuildAndStart(); - channel_ = CreateChannel(server_address_.str(), ChannelArguments()); + channel_ = CreateChannel(server_address_.str(), grpc::InsecureCredentials(), ChannelArguments()); subscriber_.reset(new grpc::examples::pubsub::Subscriber(channel_)); } diff --git a/include/grpc++/server.h b/include/grpc++/server.h index 26d18d1bbe4..eeee6502ab7 100644 --- a/include/grpc++/server.h +++ b/include/grpc++/server.h @@ -76,15 +76,14 @@ class Server final : private CallHook, class AsyncRequest; // ServerBuilder use only - Server(ThreadPoolInterface* thread_pool, bool thread_pool_owned, - ServerCredentials* creds); - Server(); + Server(ThreadPoolInterface* thread_pool, bool thread_pool_owned); + Server() = delete; // Register a service. This call does not take ownership of the service. // The service must exist for the lifetime of the Server instance. bool RegisterService(RpcService* service); bool RegisterAsyncService(AsynchronousService* service); // Add a listening port. Can be called multiple times. - int AddPort(const grpc::string& addr); + int AddPort(const grpc::string& addr, ServerCredentials* creds); // Start the server. bool Start(); @@ -114,13 +113,11 @@ class Server final : private CallHook, std::list sync_methods_; // Pointer to the c grpc server. - grpc_server* server_; + grpc_server* const server_; ThreadPoolInterface* thread_pool_; // Whether the thread pool is created and owned by the server. bool thread_pool_owned_; - // Whether the server is created with credentials. - bool secure_; }; } // namespace grpc diff --git a/include/grpc++/server_builder.h b/include/grpc++/server_builder.h index 4545c413d25..578e102d6de 100644 --- a/include/grpc++/server_builder.h +++ b/include/grpc++/server_builder.h @@ -65,11 +65,9 @@ class ServerBuilder { void RegisterAsyncService(AsynchronousService* service); // Add a listening port. Can be called multiple times. - void AddPort(const grpc::string& addr); - - // Set a ServerCredentials. Can only be called once. - // TODO(yangg) move this to be part of AddPort - void SetCredentials(const std::shared_ptr& creds); + void AddPort(const grpc::string& addr, + std::shared_ptr creds, + int* selected_port = nullptr); // Set the thread pool used for running appliation rpc handlers. // Does not take ownership. @@ -79,9 +77,15 @@ class ServerBuilder { std::unique_ptr BuildAndStart(); private: + struct Port { + grpc::string addr; + std::shared_ptr creds; + int* selected_port; + }; + std::vector services_; std::vector async_services_; - std::vector ports_; + std::vector ports_; std::shared_ptr creds_; ThreadPoolInterface* thread_pool_ = nullptr; }; diff --git a/include/grpc++/server_credentials.h b/include/grpc++/server_credentials.h index 5c6787a0770..fd4d71db9ff 100644 --- a/include/grpc++/server_credentials.h +++ b/include/grpc++/server_credentials.h @@ -39,24 +39,21 @@ #include -struct grpc_server_credentials; +struct grpc_server; namespace grpc { +class Server; // grpc_server_credentials wrapper class. -class ServerCredentials final { +class ServerCredentials { public: - ~ServerCredentials(); + virtual ~ServerCredentials(); private: - explicit ServerCredentials(grpc_server_credentials* c_creds); + friend class ::grpc::Server; - grpc_server_credentials* GetRawCreds(); - - friend class ServerCredentialsFactory; - friend class Server; - - grpc_server_credentials* creds_; + virtual int AddPortToServer(const grpc::string& addr, + grpc_server* server) = 0; }; // Options to create ServerCredentials with SSL @@ -69,13 +66,11 @@ struct SslServerCredentialsOptions { std::vector pem_key_cert_pairs; }; -// Factory for building different types of ServerCredentials -class ServerCredentialsFactory { - public: - // Builds SSL ServerCredentials given SSL specific options - static std::shared_ptr SslCredentials( - const SslServerCredentialsOptions& options); -}; +// Builds SSL ServerCredentials given SSL specific options +std::shared_ptr SslServerCredentials( + const SslServerCredentialsOptions& options); + +std::shared_ptr InsecureServerCredentials(); } // namespace grpc diff --git a/include/grpc/grpc.h b/include/grpc/grpc.h index 4a720d11f85..2df80b1e310 100644 --- a/include/grpc/grpc.h +++ b/include/grpc/grpc.h @@ -436,6 +436,9 @@ grpc_call_error grpc_call_start_batch(grpc_call *call, const grpc_op *ops, grpc_channel *grpc_channel_create(const char *target, const grpc_channel_args *args); +/* Create a lame client: this client fails every operation attempted on it. */ +grpc_channel *grpc_lame_client_channel_create(void); + /* Close and destroy a grpc channel */ void grpc_channel_destroy(grpc_channel *channel); diff --git a/src/core/security/factories.c b/src/core/security/factories.c index 372ee256f2a..02267d55457 100644 --- a/src/core/security/factories.c +++ b/src/core/security/factories.c @@ -33,9 +33,9 @@ #include +#include #include "src/core/security/credentials.h" #include "src/core/security/security_context.h" -#include "src/core/surface/lame_client.h" #include #include #include diff --git a/src/core/security/security_context.c b/src/core/security/security_context.c index fd8baff539d..4888043e6b1 100644 --- a/src/core/security/security_context.c +++ b/src/core/security/security_context.c @@ -42,7 +42,6 @@ #include "src/core/support/env.h" #include "src/core/support/file.h" #include "src/core/support/string.h" -#include "src/core/surface/lame_client.h" #include "src/core/transport/chttp2/alpn.h" #include #include diff --git a/src/core/surface/lame_client.c b/src/core/surface/lame_client.c index 57f6ddf0f7f..b40c48381f4 100644 --- a/src/core/surface/lame_client.c +++ b/src/core/surface/lame_client.c @@ -31,7 +31,7 @@ * */ -#include "src/core/surface/lame_client.h" +#include #include diff --git a/src/cpp/client/create_channel.cc b/src/cpp/client/create_channel.cc index ef2deb35563..57d215d0f33 100644 --- a/src/cpp/client/create_channel.cc +++ b/src/cpp/client/create_channel.cc @@ -43,6 +43,7 @@ class ChannelArguments; std::shared_ptr CreateChannel( const grpc::string &target, const std::unique_ptr &creds, const ChannelArguments &args) { - return creds->CreateChannel(target, args); + return creds ? creds->CreateChannel(target, args) : + std::shared_ptr(new Channel(target, grpc_lame_client_channel_create())); } } // namespace grpc diff --git a/src/core/surface/lame_client.h b/src/cpp/server/insecure_server_credentials.cc similarity index 75% rename from src/core/surface/lame_client.h rename to src/cpp/server/insecure_server_credentials.cc index 2bd97b95eb1..a99e1104cb0 100644 --- a/src/core/surface/lame_client.h +++ b/src/cpp/server/insecure_server_credentials.cc @@ -31,12 +31,22 @@ * */ -#ifndef __GRPC_INTERNAL_SURFACE_LAME_CLIENT_H_ -#define __GRPC_INTERNAL_SURFACE_LAME_CLIENT_H_ +#include -#include +#include -/* Create a lame client: this client fails every operation attempted on it. */ -grpc_channel *grpc_lame_client_channel_create(void); +namespace grpc { +namespace { +class InsecureServerCredentialsImpl final : public ServerCredentials { + public: + int AddPortToServer(const grpc::string& addr, grpc_server* server) { + return grpc_server_add_http2_port(server, addr.c_str()); + } +}; +} // namespace -#endif /* __GRPC_INTERNAL_SURFACE_LAME_CLIENT_H_ */ +std::shared_ptr InsecureServerCredentials() { + return std::shared_ptr(new InsecureServerCredentialsImpl()); +} + +} // namespace grpc diff --git a/src/cpp/server/secure_server_credentials.cc b/src/cpp/server/secure_server_credentials.cc new file mode 100644 index 00000000000..f90838b086d --- /dev/null +++ b/src/cpp/server/secure_server_credentials.cc @@ -0,0 +1,70 @@ +/* + * + * Copyright 2015, Google Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following disclaimer + * in the documentation and/or other materials provided with the + * distribution. + * * Neither the name of Google Inc. nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include + +#include + +namespace grpc { + +namespace { +class SecureServerCredentials final : public ServerCredentials { + public: + explicit SecureServerCredentials(grpc_server_credentials* creds) : creds_(creds) {} + ~SecureServerCredentials() override { + grpc_server_credentials_release(creds_); + } + + int AddPortToServer(const grpc::string& addr, grpc_server* server) override { + return grpc_server_add_secure_http2_port(server, addr.c_str(), creds_); + } + + private: + grpc_server_credentials* const creds_; +}; +} // namespace + +std::shared_ptr SslServerCredentials( + const SslServerCredentialsOptions &options) { + std::vector pem_key_cert_pairs; + for (const auto &key_cert_pair : options.pem_key_cert_pairs) { + pem_key_cert_pairs.push_back( + {key_cert_pair.private_key.c_str(), key_cert_pair.cert_chain.c_str()}); + } + grpc_server_credentials *c_creds = grpc_ssl_server_credentials_create( + options.pem_root_certs.empty() ? nullptr : options.pem_root_certs.c_str(), + &pem_key_cert_pairs[0], pem_key_cert_pairs.size()); + return std::shared_ptr(new SecureServerCredentials(c_creds)); +} + +} // namespace grpc diff --git a/src/cpp/server/server.cc b/src/cpp/server/server.cc index f565d3aa5d5..0d81f0b126e 100644 --- a/src/cpp/server/server.cc +++ b/src/cpp/server/server.cc @@ -169,26 +169,13 @@ class Server::SyncRequest final : public CompletionQueueTag { grpc_completion_queue* cq_; }; -Server::Server(ThreadPoolInterface* thread_pool, bool thread_pool_owned, - ServerCredentials* creds) +Server::Server(ThreadPoolInterface* thread_pool, bool thread_pool_owned) : started_(false), shutdown_(false), num_running_cb_(0), + server_(grpc_server_create(cq_.cq(), nullptr)), thread_pool_(thread_pool), - thread_pool_owned_(thread_pool_owned), - secure_(creds != nullptr) { - if (creds) { - server_ = - grpc_secure_server_create(creds->GetRawCreds(), cq_.cq(), nullptr); - } else { - server_ = grpc_server_create(cq_.cq(), nullptr); - } -} - -Server::Server() { - // Should not be called. - GPR_ASSERT(false); -} + thread_pool_owned_(thread_pool_owned) {} Server::~Server() { std::unique_lock lock(mu_); @@ -238,13 +225,9 @@ bool Server::RegisterAsyncService(AsynchronousService* service) { return true; } -int Server::AddPort(const grpc::string& addr) { +int Server::AddPort(const grpc::string& addr, ServerCredentials* creds) { GPR_ASSERT(!started_); - if (secure_) { - return grpc_server_add_secure_http2_port(server_, addr.c_str()); - } else { - return grpc_server_add_http2_port(server_, addr.c_str()); - } + return creds->AddPortToServer(addr, server_); } bool Server::Start() { diff --git a/src/cpp/server/server_builder.cc b/src/cpp/server/server_builder.cc index 3c2093c3638..d8b3f74939f 100644 --- a/src/cpp/server/server_builder.cc +++ b/src/cpp/server/server_builder.cc @@ -51,14 +51,10 @@ void ServerBuilder::RegisterAsyncService(AsynchronousService* service) { async_services_.push_back(service); } -void ServerBuilder::AddPort(const grpc::string& addr) { - ports_.push_back(addr); -} - -void ServerBuilder::SetCredentials( - const std::shared_ptr& creds) { - GPR_ASSERT(!creds_); - creds_ = creds; +void ServerBuilder::AddPort(const grpc::string& addr, + std::shared_ptr creds, + int* selected_port) { + ports_.push_back(Port{addr, creds, selected_port}); } void ServerBuilder::SetThreadPool(ThreadPoolInterface* thread_pool) { @@ -71,14 +67,13 @@ std::unique_ptr ServerBuilder::BuildAndStart() { gpr_log(GPR_ERROR, "Mixing async and sync services is unsupported for now"); return nullptr; } - if (!thread_pool_ && services_.size()) { + if (!thread_pool_ && !services_.empty()) { int cores = gpr_cpu_num_cores(); if (!cores) cores = 4; thread_pool_ = new ThreadPool(cores); thread_pool_owned = true; } - std::unique_ptr server( - new Server(thread_pool_, thread_pool_owned, creds_.get())); + std::unique_ptr server(new Server(thread_pool_, thread_pool_owned)); for (auto* service : services_) { if (!server->RegisterService(service)) { return nullptr; @@ -90,8 +85,10 @@ std::unique_ptr ServerBuilder::BuildAndStart() { } } for (auto& port : ports_) { - if (!server->AddPort(port)) { - return nullptr; + int r = server->AddPort(port.addr, port.creds.get()); + if (!r) return nullptr; + if (port.selected_port != nullptr) { + *port.selected_port = r; } } if (!server->Start()) { diff --git a/src/cpp/server/server_credentials.cc b/src/cpp/server/server_credentials.cc index 69ad000ccc6..6bdb465baaa 100644 --- a/src/cpp/server/server_credentials.cc +++ b/src/cpp/server/server_credentials.cc @@ -37,26 +37,6 @@ namespace grpc { -ServerCredentials::ServerCredentials(grpc_server_credentials *c_creds) - : creds_(c_creds) {} - -ServerCredentials::~ServerCredentials() { - grpc_server_credentials_release(creds_); -} - -grpc_server_credentials *ServerCredentials::GetRawCreds() { return creds_; } - -std::shared_ptr ServerCredentialsFactory::SslCredentials( - const SslServerCredentialsOptions &options) { - std::vector pem_key_cert_pairs; - for (const auto &key_cert_pair : options.pem_key_cert_pairs) { - pem_key_cert_pairs.push_back( - {key_cert_pair.private_key.c_str(), key_cert_pair.cert_chain.c_str()}); - } - grpc_server_credentials *c_creds = grpc_ssl_server_credentials_create( - options.pem_root_certs.empty() ? nullptr : options.pem_root_certs.c_str(), - &pem_key_cert_pairs[0], pem_key_cert_pairs.size()); - return std::shared_ptr(new ServerCredentials(c_creds)); -} +ServerCredentials::~ServerCredentials() {} } // namespace grpc diff --git a/test/core/surface/lame_client_test.c b/test/core/surface/lame_client_test.c index 0142768261d..cae49271ee1 100644 --- a/test/core/surface/lame_client_test.c +++ b/test/core/surface/lame_client_test.c @@ -31,7 +31,7 @@ * */ -#include "src/core/surface/lame_client.h" +#include #include "test/core/end2end/cq_verifier.h" #include "test/core/util/test_config.h" diff --git a/test/cpp/end2end/async_end2end_test.cc b/test/cpp/end2end/async_end2end_test.cc index 85b4ff8120c..01134a3dc33 100644 --- a/test/cpp/end2end/async_end2end_test.cc +++ b/test/cpp/end2end/async_end2end_test.cc @@ -47,6 +47,7 @@ #include #include #include +#include #include #include #include "test/core/util/port.h" @@ -84,7 +85,7 @@ class AsyncEnd2endTest : public ::testing::Test { server_address_ << "localhost:" << port; // Setup server ServerBuilder builder; - builder.AddPort(server_address_.str()); + builder.AddPort(server_address_.str(), grpc::InsecureServerCredentials()); builder.RegisterAsyncService(&service_); server_ = builder.BuildAndStart(); } diff --git a/test/cpp/end2end/end2end_test.cc b/test/cpp/end2end/end2end_test.cc index f5ecd1a20c1..e9f0ce90977 100644 --- a/test/cpp/end2end/end2end_test.cc +++ b/test/cpp/end2end/end2end_test.cc @@ -47,6 +47,7 @@ #include #include #include +#include #include #include #include "test/core/util/port.h" @@ -150,7 +151,7 @@ class End2endTest : public ::testing::Test { server_address_ << "localhost:" << port; // Setup server ServerBuilder builder; - builder.AddPort(server_address_.str()); + builder.AddPort(server_address_.str(), InsecureServerCredentials()); builder.RegisterService(&service_); builder.RegisterService(&dup_pkg_service_); builder.SetThreadPool(&thread_pool_); diff --git a/test/cpp/interop/server.cc b/test/cpp/interop/server.cc index 7a7287438f2..1ec51004fac 100644 --- a/test/cpp/interop/server.cc +++ b/test/cpp/interop/server.cc @@ -59,7 +59,6 @@ using grpc::Server; using grpc::ServerBuilder; using grpc::ServerContext; using grpc::ServerCredentials; -using grpc::ServerCredentialsFactory; using grpc::ServerReader; using grpc::ServerReaderWriter; using grpc::ServerWriter; @@ -210,14 +209,14 @@ void RunServer() { SimpleResponse response; ServerBuilder builder; - builder.AddPort(server_address.str()); builder.RegisterService(&service); + std::shared_ptr creds = grpc::InsecureServerCredentials(); if (FLAGS_enable_ssl) { SslServerCredentialsOptions ssl_opts = { "", {{test_server1_key, test_server1_cert}}}; - std::shared_ptr creds = ServerSslCredentials(ssl_opts); - builder.SetCredentials(creds); + creds = grpc::SslServerCredentials(ssl_opts); } + builder.AddPort(server_address.str(), creds); std::unique_ptr server(builder.BuildAndStart()); gpr_log(GPR_INFO, "Server listening on %s", server_address.str().c_str()); while (!got_sigint) { diff --git a/test/cpp/qps/server.cc b/test/cpp/qps/server.cc index 8e136349a15..b54f14d7983 100644 --- a/test/cpp/qps/server.cc +++ b/test/cpp/qps/server.cc @@ -43,6 +43,7 @@ #include #include #include +#include #include #include "src/cpp/server/thread_pool.h" #include "test/core/util/grpc_profiler.h" @@ -134,7 +135,7 @@ static void RunServer() { SimpleResponse response; ServerBuilder builder; - builder.AddPort(server_address); + builder.AddPort(server_address, grpc::InsecureServerCredentials()); builder.RegisterService(&service); std::unique_ptr pool(new ThreadPool(FLAGS_server_threads)); diff --git a/tools/run_tests/run_tests.py b/tools/run_tests/run_tests.py index 64478b37532..649cf9f35c9 100755 --- a/tools/run_tests/run_tests.py +++ b/tools/run_tests/run_tests.py @@ -271,7 +271,7 @@ test_cache.maybe_load() if forever: success = True while True: - dw = watch_dirs.DirWatcher(['src', 'include', 'test']) + dw = watch_dirs.DirWatcher(['src', 'include', 'test', 'examples']) initial_time = dw.most_recent_change() have_files_changed = lambda: dw.most_recent_change() != initial_time previous_success = success diff --git a/vsprojects/vs2013/grpc.vcxproj b/vsprojects/vs2013/grpc.vcxproj index 1b4005e0363..02c16b59671 100644 --- a/vsprojects/vs2013/grpc.vcxproj +++ b/vsprojects/vs2013/grpc.vcxproj @@ -160,7 +160,6 @@ - diff --git a/vsprojects/vs2013/grpc.vcxproj.filters b/vsprojects/vs2013/grpc.vcxproj.filters index 949be751807..bd757887613 100644 --- a/vsprojects/vs2013/grpc.vcxproj.filters +++ b/vsprojects/vs2013/grpc.vcxproj.filters @@ -578,9 +578,6 @@ src\core\surface - - src\core\surface - src\core\surface diff --git a/vsprojects/vs2013/grpc_shared.vcxproj b/vsprojects/vs2013/grpc_shared.vcxproj index 6bbe656a809..0a0ce887cac 100644 --- a/vsprojects/vs2013/grpc_shared.vcxproj +++ b/vsprojects/vs2013/grpc_shared.vcxproj @@ -164,7 +164,6 @@ - diff --git a/vsprojects/vs2013/grpc_shared.vcxproj.filters b/vsprojects/vs2013/grpc_shared.vcxproj.filters index 949be751807..bd757887613 100644 --- a/vsprojects/vs2013/grpc_shared.vcxproj.filters +++ b/vsprojects/vs2013/grpc_shared.vcxproj.filters @@ -578,9 +578,6 @@ src\core\surface - - src\core\surface - src\core\surface diff --git a/vsprojects/vs2013/grpc_unsecure.vcxproj b/vsprojects/vs2013/grpc_unsecure.vcxproj index 0c81ec4768b..7421524f1ee 100644 --- a/vsprojects/vs2013/grpc_unsecure.vcxproj +++ b/vsprojects/vs2013/grpc_unsecure.vcxproj @@ -145,7 +145,6 @@ - diff --git a/vsprojects/vs2013/grpc_unsecure.vcxproj.filters b/vsprojects/vs2013/grpc_unsecure.vcxproj.filters index 4b5370a5735..90d44175450 100644 --- a/vsprojects/vs2013/grpc_unsecure.vcxproj.filters +++ b/vsprojects/vs2013/grpc_unsecure.vcxproj.filters @@ -482,9 +482,6 @@ src\core\surface - - src\core\surface - src\core\surface From ad9d0c472d158d7b4df3250793d475724ac3516a Mon Sep 17 00:00:00 2001 From: Craig Tiller Date: Mon, 23 Feb 2015 10:53:01 -0800 Subject: [PATCH 04/34] Remove dynamic_cast --- include/grpc++/credentials.h | 8 ++++++++ src/cpp/client/insecure_credentials.cc | 2 ++ src/cpp/client/secure_credentials.cc | 10 +++++++--- 3 files changed, 17 insertions(+), 3 deletions(-) diff --git a/include/grpc++/credentials.h b/include/grpc++/credentials.h index b462b450daf..26e9b556fe4 100644 --- a/include/grpc++/credentials.h +++ b/include/grpc++/credentials.h @@ -42,11 +42,19 @@ namespace grpc { class ChannelArguments; class ChannelInterface; +class SecureCredentials; class Credentials { public: virtual ~Credentials(); + protected: + friend std::unique_ptr ComposeCredentials( + const std::unique_ptr& creds1, + const std::unique_ptr& creds2); + + virtual SecureCredentials* AsSecureCredentials() = 0; + private: friend std::shared_ptr CreateChannel( const grpc::string& target, const std::unique_ptr& creds, diff --git a/src/cpp/client/insecure_credentials.cc b/src/cpp/client/insecure_credentials.cc index 4f3bba5c8e5..8180d1e60ed 100644 --- a/src/cpp/client/insecure_credentials.cc +++ b/src/cpp/client/insecure_credentials.cc @@ -50,6 +50,8 @@ class InsecureCredentialsImpl final : public Credentials { args.SetChannelArgs(&channel_args); return std::shared_ptr(new Channel(target, grpc_channel_create(target.c_str(), &channel_args))); } + + SecureCredentials* AsSecureCredentials() { return nullptr; } }; } // namespace diff --git a/src/cpp/client/secure_credentials.cc b/src/cpp/client/secure_credentials.cc index 367dfe3447b..f8643801054 100644 --- a/src/cpp/client/secure_credentials.cc +++ b/src/cpp/client/secure_credentials.cc @@ -42,7 +42,6 @@ namespace grpc { -namespace { class SecureCredentials final : public Credentials { public: explicit SecureCredentials(grpc_credentials* c_creds) : c_creds_(c_creds) {} @@ -58,10 +57,15 @@ class SecureCredentials final : public Credentials { grpc_secure_channel_create(c_creds_, target.c_str(), &channel_args))); } + SecureCredentials* AsSecureCredentials() { + return this; + } + private: grpc_credentials* const c_creds_; }; +namespace { std::unique_ptr WrapCredentials(grpc_credentials* creds) { return creds == nullptr ? nullptr @@ -116,8 +120,8 @@ std::unique_ptr ComposeCredentials( // passed in here. This is OK because the underlying C objects (i.e., // creds1 and creds2) into grpc_composite_credentials_create will see their // refcounts incremented. - SecureCredentials* s1 = dynamic_cast(creds1.get()); - SecureCredentials* s2 = dynamic_cast(creds2.get()); + SecureCredentials* s1 = creds1->AsSecureCredentials(); + SecureCredentials* s2 = creds2->AsSecureCredentials(); if (s1 && s2) { return WrapCredentials(grpc_composite_credentials_create( s1->GetRawCreds(), s2->GetRawCreds())); From 7ab4fee9e7fc0bd01ecfda06f9e70e3974f288a8 Mon Sep 17 00:00:00 2001 From: Craig Tiller Date: Tue, 24 Feb 2015 08:15:53 -0800 Subject: [PATCH 05/34] Allow multiple tmp-merge directories at once make -jN was failing because libgrpc and libgrpc++ wanted to link at the same time. --- Makefile | 28 ++++++++++++++-------------- templates/Makefile.template | 14 +++++++------- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/Makefile b/Makefile index d55d2056a77..1d4708b3a22 100644 --- a/Makefile +++ b/Makefile @@ -2566,13 +2566,13 @@ $(LIBDIR)/$(CONFIG)/libgrpc.a: $(ZLIB_DEP) $(OPENSSL_DEP) $(LIBGRPC_OBJS) $(Q) mkdir -p `dirname $@` $(Q) rm -f $(LIBDIR)/$(CONFIG)/libgrpc.a $(Q) $(AR) rcs $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBGRPC_OBJS) - $(Q) rm -rf tmp-merge - $(Q) mkdir tmp-merge - $(Q) ( cd tmp-merge ; $(AR) x ../$(LIBDIR)/$(CONFIG)/libgrpc.a ) - $(Q) for l in $(OPENSSL_MERGE_LIBS) ; do ( cd tmp-merge ; ar x ../$${l} ) ; done - $(Q) rm -f $(LIBDIR)/$(CONFIG)/libgrpc.a tmp-merge/__.SYMDEF* - $(Q) ar rcs $(LIBDIR)/$(CONFIG)/libgrpc.a tmp-merge/* - $(Q) rm -rf tmp-merge + $(Q) rm -rf tmp-merge-grpc + $(Q) mkdir tmp-merge-grpc + $(Q) ( cd tmp-merge-grpc ; $(AR) x ../$(LIBDIR)/$(CONFIG)/libgrpc.a ) + $(Q) for l in $(OPENSSL_MERGE_LIBS) ; do ( cd tmp-merge-grpc ; ar x ../$${l} ) ; done + $(Q) rm -f $(LIBDIR)/$(CONFIG)/libgrpc.a tmp-merge-grpc/__.SYMDEF* + $(Q) ar rcs $(LIBDIR)/$(CONFIG)/libgrpc.a tmp-merge-grpc/* + $(Q) rm -rf tmp-merge-grpc ifeq ($(SYSTEM),Darwin) $(Q) ranlib $(LIBDIR)/$(CONFIG)/libgrpc.a endif @@ -3141,13 +3141,13 @@ $(LIBDIR)/$(CONFIG)/libgrpc++.a: $(ZLIB_DEP) $(OPENSSL_DEP) $(PROTOBUF_DEP) $(LI $(Q) mkdir -p `dirname $@` $(Q) rm -f $(LIBDIR)/$(CONFIG)/libgrpc++.a $(Q) $(AR) rcs $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBGRPC++_OBJS) - $(Q) rm -rf tmp-merge - $(Q) mkdir tmp-merge - $(Q) ( cd tmp-merge ; $(AR) x ../$(LIBDIR)/$(CONFIG)/libgrpc++.a ) - $(Q) for l in $(OPENSSL_MERGE_LIBS) ; do ( cd tmp-merge ; ar x ../$${l} ) ; done - $(Q) rm -f $(LIBDIR)/$(CONFIG)/libgrpc++.a tmp-merge/__.SYMDEF* - $(Q) ar rcs $(LIBDIR)/$(CONFIG)/libgrpc++.a tmp-merge/* - $(Q) rm -rf tmp-merge + $(Q) rm -rf tmp-merge-grpc++ + $(Q) mkdir tmp-merge-grpc++ + $(Q) ( cd tmp-merge-grpc++ ; $(AR) x ../$(LIBDIR)/$(CONFIG)/libgrpc++.a ) + $(Q) for l in $(OPENSSL_MERGE_LIBS) ; do ( cd tmp-merge-grpc++ ; ar x ../$${l} ) ; done + $(Q) rm -f $(LIBDIR)/$(CONFIG)/libgrpc++.a tmp-merge-grpc++/__.SYMDEF* + $(Q) ar rcs $(LIBDIR)/$(CONFIG)/libgrpc++.a tmp-merge-grpc++/* + $(Q) rm -rf tmp-merge-grpc++ ifeq ($(SYSTEM),Darwin) $(Q) ranlib $(LIBDIR)/$(CONFIG)/libgrpc++.a endif diff --git a/templates/Makefile.template b/templates/Makefile.template index cd7eb238454..d8649930e45 100644 --- a/templates/Makefile.template +++ b/templates/Makefile.template @@ -968,13 +968,13 @@ $(LIBDIR)/$(CONFIG)/lib${lib.name}.a: $(ZLIB_DEP)\ $(Q) $(AR) rcs $(LIBDIR)/$(CONFIG)/lib${lib.name}.a $(LIB${lib.name.upper()}_OBJS) % if lib.get('baselib', False): % if lib.get('secure', True): - $(Q) rm -rf tmp-merge - $(Q) mkdir tmp-merge - $(Q) ( cd tmp-merge ; $(AR) x ../$(LIBDIR)/$(CONFIG)/lib${lib.name}.a ) - $(Q) for l in $(OPENSSL_MERGE_LIBS) ; do ( cd tmp-merge ; <%text>ar x ../$${l} ) ; done - $(Q) rm -f $(LIBDIR)/$(CONFIG)/lib${lib.name}.a tmp-merge/__.SYMDEF* - $(Q) ar rcs $(LIBDIR)/$(CONFIG)/lib${lib.name}.a tmp-merge/* - $(Q) rm -rf tmp-merge + $(Q) rm -rf tmp-merge-${lib.name} + $(Q) mkdir tmp-merge-${lib.name} + $(Q) ( cd tmp-merge-${lib.name} ; $(AR) x ../$(LIBDIR)/$(CONFIG)/lib${lib.name}.a ) + $(Q) for l in $(OPENSSL_MERGE_LIBS) ; do ( cd tmp-merge-${lib.name} ; <%text>ar x ../$${l} ) ; done + $(Q) rm -f $(LIBDIR)/$(CONFIG)/lib${lib.name}.a tmp-merge-${lib.name}/__.SYMDEF* + $(Q) ar rcs $(LIBDIR)/$(CONFIG)/lib${lib.name}.a tmp-merge-${lib.name}/* + $(Q) rm -rf tmp-merge-${lib.name} % endif % endif ifeq ($(SYSTEM),Darwin) From 1a43f87134c1978bc4f1fbf64fa1b60e13552d64 Mon Sep 17 00:00:00 2001 From: Craig Tiller Date: Mon, 2 Mar 2015 09:08:05 -0800 Subject: [PATCH 06/34] De-C++11-ification --- src/cpp/client/insecure_credentials.cc | 9 ++++++--- src/cpp/client/secure_credentials.cc | 11 +++++------ 2 files changed, 11 insertions(+), 9 deletions(-) diff --git a/src/cpp/client/insecure_credentials.cc b/src/cpp/client/insecure_credentials.cc index 8180d1e60ed..2dcfe69591a 100644 --- a/src/cpp/client/insecure_credentials.cc +++ b/src/cpp/client/insecure_credentials.cc @@ -37,18 +37,21 @@ #include #include +#include #include #include "src/cpp/client/channel.h" namespace grpc { namespace { -class InsecureCredentialsImpl final : public Credentials { +class InsecureCredentialsImpl GRPC_FINAL : public Credentials { public: - std::shared_ptr CreateChannel(const string& target, const grpc::ChannelArguments& args) override { + std::shared_ptr CreateChannel( + const string& target, const grpc::ChannelArguments& args) GRPC_OVERRIDE { grpc_channel_args channel_args; args.SetChannelArgs(&channel_args); - return std::shared_ptr(new Channel(target, grpc_channel_create(target.c_str(), &channel_args))); + return std::shared_ptr(new Channel( + target, grpc_channel_create(target.c_str(), &channel_args))); } SecureCredentials* AsSecureCredentials() { return nullptr; } diff --git a/src/cpp/client/secure_credentials.cc b/src/cpp/client/secure_credentials.cc index 175f88f6a94..5eb5c547942 100644 --- a/src/cpp/client/secure_credentials.cc +++ b/src/cpp/client/secure_credentials.cc @@ -37,19 +37,20 @@ #include #include +#include #include #include "src/cpp/client/channel.h" namespace grpc { -class SecureCredentials final : public Credentials { +class SecureCredentials GRPC_FINAL : public Credentials { public: explicit SecureCredentials(grpc_credentials* c_creds) : c_creds_(c_creds) {} - ~SecureCredentials() override { grpc_credentials_release(c_creds_); } + ~SecureCredentials() GRPC_OVERRIDE { grpc_credentials_release(c_creds_); } grpc_credentials* GetRawCreds() { return c_creds_; } std::shared_ptr CreateChannel( - const string& target, const grpc::ChannelArguments& args) override { + const string& target, const grpc::ChannelArguments& args) GRPC_OVERRIDE { grpc_channel_args channel_args; args.SetChannelArgs(&channel_args); return std::shared_ptr(new Channel( @@ -57,9 +58,7 @@ class SecureCredentials final : public Credentials { grpc_secure_channel_create(c_creds_, target.c_str(), &channel_args))); } - SecureCredentials* AsSecureCredentials() { - return this; - } + SecureCredentials* AsSecureCredentials() { return this; } private: grpc_credentials* const c_creds_; From 22176cbbf89aeef3128d4e01bc51014e11e3e28a Mon Sep 17 00:00:00 2001 From: Craig Tiller Date: Mon, 2 Mar 2015 09:09:38 -0800 Subject: [PATCH 07/34] De-C++11-ification --- src/cpp/server/insecure_server_credentials.cc | 5 +++-- src/cpp/server/secure_server_credentials.cc | 7 ++++--- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/src/cpp/server/insecure_server_credentials.cc b/src/cpp/server/insecure_server_credentials.cc index 2b0ee775240..f5e4732f730 100644 --- a/src/cpp/server/insecure_server_credentials.cc +++ b/src/cpp/server/insecure_server_credentials.cc @@ -36,9 +36,10 @@ namespace grpc { namespace { -class InsecureServerCredentialsImpl final : public ServerCredentials { +class InsecureServerCredentialsImpl GRPC_FINAL : public ServerCredentials { public: - int AddPortToServer(const grpc::string& addr, grpc_server* server) { + int AddPortToServer(const grpc::string& addr, + grpc_server* server) GRPC_OVERRIDE { return grpc_server_add_http2_port(server, addr.c_str()); } }; diff --git a/src/cpp/server/secure_server_credentials.cc b/src/cpp/server/secure_server_credentials.cc index f90838b086d..ff356385034 100644 --- a/src/cpp/server/secure_server_credentials.cc +++ b/src/cpp/server/secure_server_credentials.cc @@ -38,14 +38,15 @@ namespace grpc { namespace { -class SecureServerCredentials final : public ServerCredentials { +class SecureServerCredentials GRPC_FINAL : public ServerCredentials { public: explicit SecureServerCredentials(grpc_server_credentials* creds) : creds_(creds) {} - ~SecureServerCredentials() override { + ~SecureServerCredentials() GRPC_OVERRIDE { grpc_server_credentials_release(creds_); } - int AddPortToServer(const grpc::string& addr, grpc_server* server) override { + int AddPortToServer(const grpc::string& addr, + grpc_server* server) GRPC_OVERRIDE { return grpc_server_add_secure_http2_port(server, addr.c_str(), creds_); } From da02a67e0551228e5ecd2055c116310edd0aa202 Mon Sep 17 00:00:00 2001 From: murgatroid99 Date: Mon, 2 Mar 2015 17:28:02 -0800 Subject: [PATCH 08/34] Updated Node library to new secure server API --- src/node/ext/server.cc | 32 +++++++++++------------------- src/node/interop/interop_server.js | 10 +++++----- src/node/src/server.js | 19 +++++++++--------- 3 files changed, 27 insertions(+), 34 deletions(-) diff --git a/src/node/ext/server.cc b/src/node/ext/server.cc index ab45da8d199..a87f9194e92 100644 --- a/src/node/ext/server.cc +++ b/src/node/ext/server.cc @@ -164,19 +164,7 @@ NAN_METHOD(Server::New) { if (args[0]->IsUndefined()) { wrapped_server = grpc_server_create(queue, NULL); } else if (args[0]->IsObject()) { - grpc_server_credentials *creds = NULL; - Handle args_hash(args[0]->ToObject()->Clone()); - if (args_hash->HasOwnProperty(NanNew("credentials"))) { - Handle creds_value = args_hash->Get(NanNew("credentials")); - if (!ServerCredentials::HasInstance(creds_value)) { - return NanThrowTypeError( - "credentials arg must be a ServerCredentials object"); - } - ServerCredentials *creds_object = - ObjectWrap::Unwrap(creds_value->ToObject()); - creds = creds_object->GetWrappedServerCredentials(); - args_hash->Delete(NanNew("credentials")); - } + Handle args_hash(args[0]->ToObject()); Handle keys(args_hash->GetOwnPropertyNames()); grpc_channel_args channel_args; channel_args.num_args = keys->Length(); @@ -203,11 +191,7 @@ NAN_METHOD(Server::New) { return NanThrowTypeError("Arg values must be strings"); } } - if (creds == NULL) { - wrapped_server = grpc_server_create(queue, &channel_args); - } else { - wrapped_server = grpc_secure_server_create(creds, queue, &channel_args); - } + wrapped_server = grpc_server_create(queue, &channel_args); free(channel_args.args); } else { return NanThrowTypeError("Server expects an object"); @@ -258,11 +242,19 @@ NAN_METHOD(Server::AddSecureHttp2Port) { "addSecureHttp2Port can only be called on a Server"); } if (!args[0]->IsString()) { - return NanThrowTypeError("addSecureHttp2Port's argument must be a String"); + return NanThrowTypeError( + "addSecureHttp2Port's first argument must be a String"); + } + if (!ServerCredentials::HasInstance(args[1])) { + return NanThrowTypeError( + "addSecureHttp2Port's second argument must be ServerCredentials"); } Server *server = ObjectWrap::Unwrap(args.This()); + ServerCredentials *creds = ObjectWrap::Unwrap( + args[1]->ToObject()); NanReturnValue(NanNew(grpc_server_add_secure_http2_port( - server->wrapped_server, *NanUtf8String(args[0])))); + server->wrapped_server, *NanUtf8String(args[0]), + creds->GetWrappedServerCredentials()))); } NAN_METHOD(Server::Start) { diff --git a/src/node/interop/interop_server.js b/src/node/interop/interop_server.js index 125ede17464..8e5c03666fa 100644 --- a/src/node/interop/interop_server.js +++ b/src/node/interop/interop_server.js @@ -165,16 +165,16 @@ function handleHalfDuplex(call) { function getServer(port, tls) { // TODO(mlumish): enable TLS functionality var options = {}; + var server_creds = null; if (tls) { var key_path = path.join(__dirname, '../test/data/server1.key'); var pem_path = path.join(__dirname, '../test/data/server1.pem'); var key_data = fs.readFileSync(key_path); var pem_data = fs.readFileSync(pem_path); - var server_creds = grpc.ServerCredentials.createSsl(null, - key_data, - pem_data); - options.credentials = server_creds; + server_creds = grpc.ServerCredentials.createSsl(null, + key_data, + pem_data); } var server = new Server({ 'grpc.testing.TestService' : { @@ -186,7 +186,7 @@ function getServer(port, tls) { halfDuplexCall: handleHalfDuplex } }, null, options); - var port_num = server.bind('0.0.0.0:' + port, tls); + var port_num = server.bind('0.0.0.0:' + port, server_creds); return {server: server, port: port_num}; } diff --git a/src/node/src/server.js b/src/node/src/server.js index 91dde022518..b72d110666e 100644 --- a/src/node/src/server.js +++ b/src/node/src/server.js @@ -517,14 +517,15 @@ Server.prototype.register = function(name, handler, serialize, deserialize, }; /** - * Binds the server to the given port, with SSL enabled if secure is specified + * Binds the server to the given port, with SSL enabled if creds is given * @param {string} port The port that the server should bind on, in the format * "address:port" - * @param {boolean=} secure Whether the server should open a secure port + * @param {boolean=} creds Server credential object to be used for SSL. Pass + * nothing for an insecure port */ -Server.prototype.bind = function(port, secure) { - if (secure) { - return this._server.addSecureHttp2Port(port); +Server.prototype.bind = function(port, creds) { + if (creds) { + return this._server.addSecureHttp2Port(port, creds); } else { return this._server.addHttp2Port(port); } @@ -604,14 +605,14 @@ function makeServerConstructor(services) { } /** - * Binds the server to the given port, with SSL enabled if secure is specified + * Binds the server to the given port, with SSL enabled if creds is supplied * @param {string} port The port that the server should bind on, in the format * "address:port" - * @param {boolean=} secure Whether the server should open a secure port + * @param {boolean=} creds Credentials to use for SSL * @return {SurfaceServer} this */ - SurfaceServer.prototype.bind = function(port, secure) { - return this.inner_server.bind(port, secure); + SurfaceServer.prototype.bind = function(port, creds) { + return this.inner_server.bind(port, creds); }; /** From 5589c35fedb441492c63a13ffc56297368ec1e21 Mon Sep 17 00:00:00 2001 From: Craig Tiller Date: Tue, 3 Mar 2015 10:04:51 -0800 Subject: [PATCH 09/34] Compile fix --- examples/pubsub/main.cc | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/examples/pubsub/main.cc b/examples/pubsub/main.cc index ce22cfa1560..6f7737e2476 100644 --- a/examples/pubsub/main.cc +++ b/examples/pubsub/main.cc @@ -79,8 +79,7 @@ int main(int argc, char** argv) { ss << FLAGS_server_host << ":" << FLAGS_server_port; - std::unique_ptr creds = - grpc::CredentialsFactory::GoogleDefaultCredentials(); + std::unique_ptr creds = grpc::GoogleDefaultCredentials(); std::shared_ptr channel = grpc::CreateChannel(ss.str(), creds, grpc::ChannelArguments()); From a55c0949ee3f603887f7703b4280f4283f9c4d5e Mon Sep 17 00:00:00 2001 From: Nathaniel Manista Date: Wed, 4 Mar 2015 00:25:01 +0000 Subject: [PATCH 10/34] Python secure server API changes --- src/python/src/grpc/_adapter/_c_test.py | 6 ++-- src/python/src/grpc/_adapter/_low_test.py | 4 +-- src/python/src/grpc/_adapter/_server.c | 43 ++++++++++------------- src/python/src/grpc/_adapter/fore.py | 7 ++-- 4 files changed, 27 insertions(+), 33 deletions(-) diff --git a/src/python/src/grpc/_adapter/_c_test.py b/src/python/src/grpc/_adapter/_c_test.py index d81c63e3469..7492df12918 100644 --- a/src/python/src/grpc/_adapter/_c_test.py +++ b/src/python/src/grpc/_adapter/_c_test.py @@ -92,7 +92,7 @@ class _CTest(unittest.TestCase): _c.init() completion_queue = _c.CompletionQueue() - server = _c.Server(completion_queue, None) + server = _c.Server(completion_queue) server.add_http2_addr('[::]:0') server.start() server.stop() @@ -102,7 +102,7 @@ class _CTest(unittest.TestCase): service_tag = object() completion_queue = _c.CompletionQueue() - server = _c.Server(completion_queue, None) + server = _c.Server(completion_queue) server.add_http2_addr('[::]:0') server.start() server.service(service_tag) @@ -119,7 +119,7 @@ class _CTest(unittest.TestCase): del completion_queue completion_queue = _c.CompletionQueue() - server = _c.Server(completion_queue, None) + server = _c.Server(completion_queue) server.add_http2_addr('[::]:0') server.start() thread = threading.Thread(target=completion_queue.get, args=(_FUTURE,)) diff --git a/src/python/src/grpc/_adapter/_low_test.py b/src/python/src/grpc/_adapter/_low_test.py index 03e3f473a3e..b04ac1c9509 100644 --- a/src/python/src/grpc/_adapter/_low_test.py +++ b/src/python/src/grpc/_adapter/_low_test.py @@ -82,7 +82,7 @@ class EchoTest(unittest.TestCase): self.host = 'localhost' self.server_completion_queue = _low.CompletionQueue() - self.server = _low.Server(self.server_completion_queue, None) + self.server = _low.Server(self.server_completion_queue) port = self.server.add_http2_addr('[::]:0') self.server.start() @@ -260,7 +260,7 @@ class CancellationTest(unittest.TestCase): self.host = 'localhost' self.server_completion_queue = _low.CompletionQueue() - self.server = _low.Server(self.server_completion_queue, None) + self.server = _low.Server(self.server_completion_queue) port = self.server.add_http2_addr('[::]:0') self.server.start() diff --git a/src/python/src/grpc/_adapter/_server.c b/src/python/src/grpc/_adapter/_server.c index ae7ae5b5d23..181b6c21fcf 100644 --- a/src/python/src/grpc/_adapter/_server.c +++ b/src/python/src/grpc/_adapter/_server.c @@ -42,30 +42,16 @@ static int pygrpc_server_init(Server *self, PyObject *args, PyObject *kwds) { const PyObject *completion_queue; - PyObject *server_credentials; - static char *kwlist[] = {"completion_queue", "server_credentials", NULL}; + static char *kwlist[] = {"completion_queue", NULL}; - if (!PyArg_ParseTupleAndKeywords(args, kwds, "O!O:Server", kwlist, + if (!PyArg_ParseTupleAndKeywords(args, kwds, "O!:Server", kwlist, &pygrpc_CompletionQueueType, - &completion_queue, &server_credentials)) { - return -1; - } - if (server_credentials == Py_None) { - self->c_server = grpc_server_create( - ((CompletionQueue *)completion_queue)->c_completion_queue, NULL); - return 0; - } else if (PyObject_TypeCheck(server_credentials, - &pygrpc_ServerCredentialsType)) { - self->c_server = grpc_secure_server_create( - ((ServerCredentials *)server_credentials)->c_server_credentials, - ((CompletionQueue *)completion_queue)->c_completion_queue, NULL); - return 0; - } else { - PyErr_Format(PyExc_TypeError, - "server_credentials must be _grpc.ServerCredentials, not %s", - Py_TYPE(server_credentials)->tp_name); + &completion_queue)) { return -1; } + self->c_server = grpc_server_create( + ((CompletionQueue *)completion_queue)->c_completion_queue, NULL); + return 0; } static void pygrpc_server_dealloc(Server *self) { @@ -92,13 +78,21 @@ static PyObject *pygrpc_server_add_http2_addr(Server *self, PyObject *args) { } static PyObject *pygrpc_server_add_secure_http2_addr(Server *self, - PyObject *args) { + PyObject *args, + PyObject *kwargs) { const char *addr; + PyObject *server_credentials; + static char *kwlist[] = {"addr", "server_credentials", NULL}; int port; - if (!PyArg_ParseTuple(args, "s:add_secure_http2_addr", &addr)) { + + if (!PyArg_ParseTupleAndKeywords(args, kwargs, "sO!:add_secure_http2_addr", + kwlist, &addr, &pygrpc_ServerCredentialsType, + &server_credentials)) { return NULL; } - port = grpc_server_add_secure_http2_port(self->c_server, addr); + port = grpc_server_add_secure_http2_port( + self->c_server, addr, + ((ServerCredentials *)server_credentials)->c_server_credentials); if (port == 0) { PyErr_SetString(PyExc_RuntimeError, "Couldn't add port to server!"); return NULL; @@ -138,8 +132,7 @@ static PyMethodDef methods[] = { METH_VARARGS, "Add a secure HTTP2 address."}, {"start", (PyCFunction)pygrpc_server_start, METH_NOARGS, "Starts the server."}, - {"service", (PyCFunction)pygrpc_server_service, METH_O, - "Services a call."}, + {"service", (PyCFunction)pygrpc_server_service, METH_O, "Services a call."}, {"stop", (PyCFunction)pygrpc_server_stop, METH_NOARGS, "Stops the server."}, {NULL}}; diff --git a/src/python/src/grpc/_adapter/fore.py b/src/python/src/grpc/_adapter/fore.py index b08b9f48bc6..6ef9e600062 100644 --- a/src/python/src/grpc/_adapter/fore.py +++ b/src/python/src/grpc/_adapter/fore.py @@ -280,13 +280,14 @@ class ForeLink(ticket_interfaces.ForeLink, activated.Activated): 0 if self._requested_port is None else self._requested_port) self._completion_queue = _low.CompletionQueue() if self._root_certificates is None and not self._key_chain_pairs: - self._server = _low.Server(self._completion_queue, None) + self._server = _low.Server(self._completion_queue) self._port = self._server.add_http2_addr(address) else: server_credentials = _low.ServerCredentials( self._root_certificates, self._key_chain_pairs) - self._server = _low.Server(self._completion_queue, server_credentials) - self._port = self._server.add_secure_http2_addr(address) + self._server = _low.Server(self._completion_queue) + self._port = self._server.add_secure_http2_addr( + address, server_credentials) self._server.start() self._server.service(None) From 8b87e84b999450432b791c84be9d7b3932b9b51d Mon Sep 17 00:00:00 2001 From: murgatroid99 Date: Wed, 4 Mar 2015 12:14:53 -0800 Subject: [PATCH 11/34] Switched to new secure server API --- src/php/ext/grpc/server.c | 42 ++++++------------- .../tests/unit_tests/SecureEndToEndTest.php | 6 +-- 2 files changed, 16 insertions(+), 32 deletions(-) diff --git a/src/php/ext/grpc/server.c b/src/php/ext/grpc/server.c index 32cc19775c0..00d08c6ecf0 100644 --- a/src/php/ext/grpc/server.c +++ b/src/php/ext/grpc/server.c @@ -96,9 +96,6 @@ PHP_METHOD(Server, __construct) { zval *queue_obj; zval *args_array = NULL; grpc_channel_args args; - HashTable *array_hash; - zval **creds_obj = NULL; - wrapped_grpc_server_credentials *creds = NULL; /* "O|a" == 1 Object, 1 optional array */ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "O|a", &queue_obj, grpc_ce_completion_queue, &args_array) == FAILURE) { @@ -114,28 +111,8 @@ PHP_METHOD(Server, __construct) { if (args_array == NULL) { server->wrapped = grpc_server_create(queue->wrapped, NULL); } else { - array_hash = Z_ARRVAL_P(args_array); - if (zend_hash_find(array_hash, "credentials", sizeof("credentials"), - (void **)&creds_obj) == SUCCESS) { - if (zend_get_class_entry(*creds_obj TSRMLS_CC) != - grpc_ce_server_credentials) { - zend_throw_exception(spl_ce_InvalidArgumentException, - "credentials must be a ServerCredentials object", - 1 TSRMLS_CC); - return; - } - creds = (wrapped_grpc_server_credentials *)zend_object_store_get_object( - *creds_obj TSRMLS_CC); - zend_hash_del(array_hash, "credentials", sizeof("credentials")); - } php_grpc_read_args_array(args_array, &args); - if (creds == NULL) { - server->wrapped = grpc_server_create(queue->wrapped, &args); - } else { - gpr_log(GPR_DEBUG, "Initialized secure server"); - server->wrapped = - grpc_secure_server_create(creds->wrapped, queue->wrapped, &args); - } + server->wrapped = grpc_server_create(queue->wrapped, &args); efree(args.args); } } @@ -187,14 +164,21 @@ PHP_METHOD(Server, add_secure_http2_port) { (wrapped_grpc_server *)zend_object_store_get_object(getThis() TSRMLS_CC); const char *addr; int addr_len; - /* "s" == 1 string */ - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &addr, &addr_len) == + zval *creds_obj; + /* "sO" == 1 string, 1 object */ + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &addr, &addr_len, + &creds_obj, grpc_ce_server_credentials) == FAILURE) { - zend_throw_exception(spl_ce_InvalidArgumentException, - "add_http2_port expects a string", 1 TSRMLS_CC); + zend_throw_exception( + spl_ce_InvalidArgumentException, + "add_http2_port expects a string and a ServerCredentials", 1 TSRMLS_CC); return; } - RETURN_LONG(grpc_server_add_secure_http2_port(server->wrapped, addr)); + wrapped_grpc_server_credentials *creds = + (wrapped_grpc_server_credentials *)zend_object_store_get_object( + creds_obj TSRMLS_CC); + RETURN_LONG(grpc_server_add_secure_http2_port(server->wrapped, addr, + creds->wrapped)); } /** diff --git a/src/php/tests/unit_tests/SecureEndToEndTest.php b/src/php/tests/unit_tests/SecureEndToEndTest.php index c23dd791acf..896afeac49a 100755 --- a/src/php/tests/unit_tests/SecureEndToEndTest.php +++ b/src/php/tests/unit_tests/SecureEndToEndTest.php @@ -41,9 +41,9 @@ class SecureEndToEndTest extends PHPUnit_Framework_TestCase{ null, file_get_contents(dirname(__FILE__) . '/../data/server1.key'), file_get_contents(dirname(__FILE__) . '/../data/server1.pem')); - $this->server = new Grpc\Server($this->server_queue, - ['credentials' => $server_credentials]); - $port = $this->server->add_secure_http2_port('0.0.0.0:0'); + $this->server = new Grpc\Server($this->server_queue); + $port = $this->server->add_secure_http2_port('0.0.0.0:0', + $server_credentials); $this->channel = new Grpc\Channel( 'localhost:' . $port, [ From 3a0d9768d3f167c9d54110ca08882d6c556658ca Mon Sep 17 00:00:00 2001 From: Tim Emiola Date: Thu, 5 Mar 2015 12:43:24 -0800 Subject: [PATCH 12/34] Updates the ruby C extension to match the new secure C server API --- src/ruby/ext/grpc/rb_server.c | 41 ++++++++++++----------------------- 1 file changed, 14 insertions(+), 27 deletions(-) diff --git a/src/ruby/ext/grpc/rb_server.c b/src/ruby/ext/grpc/rb_server.c index 5954e27d024..c54f02e87af 100644 --- a/src/ruby/ext/grpc/rb_server.c +++ b/src/ruby/ext/grpc/rb_server.c @@ -97,35 +97,19 @@ static VALUE grpc_rb_server_alloc(VALUE cls) { /* call-seq: cq = CompletionQueue.new - insecure_server = Server.new(cq, {'arg1': 'value1'}) - server_creds = ... - secure_server = Server.new(cq, {'arg1': 'value1'}, server_creds) + server = Server.new(cq, {'arg1': 'value1'}) Initializes server instances. */ -static VALUE grpc_rb_server_init(int argc, VALUE *argv, VALUE self) { - VALUE cqueue = Qnil; - VALUE credentials = Qnil; - VALUE channel_args = Qnil; +static VALUE grpc_rb_server_init(VALUE self, VALUE cqueue, VALUE channel_args) { grpc_completion_queue *cq = NULL; - grpc_server_credentials *creds = NULL; grpc_rb_server *wrapper = NULL; grpc_server *srv = NULL; grpc_channel_args args; MEMZERO(&args, grpc_channel_args, 1); - - /* "21" == 2 mandatory args, 1 (credentials) is optional */ - rb_scan_args(argc, argv, "21", &cqueue, &channel_args, &credentials); cq = grpc_rb_get_wrapped_completion_queue(cqueue); - Data_Get_Struct(self, grpc_rb_server, wrapper); grpc_rb_hash_convert_to_channel_args(channel_args, &args); srv = grpc_server_create(cq, &args); - if (credentials == Qnil) { - srv = grpc_server_create(cq, &args); - } else { - creds = grpc_rb_get_wrapped_server_credentials(credentials); - srv = grpc_secure_server_create(creds, cq, &args); - } if (args.args != NULL) { xfree(args.args); /* Allocated by grpc_rb_hash_convert_to_channel_args */ @@ -215,33 +199,36 @@ static VALUE grpc_rb_server_destroy(VALUE self) { // secure port server_creds = ... - secure_server = Server.new(cq, {'arg1': 'value1'}, creds) - secure_server.add_http_port('mydomain:7575', True) + secure_server = Server.new(cq, {'arg1': 'value1'}) + secure_server.add_http_port('mydomain:7575', server_creds) Adds a http2 port to server */ static VALUE grpc_rb_server_add_http2_port(int argc, VALUE *argv, VALUE self) { VALUE port = Qnil; - VALUE is_secure = Qnil; + VALUE rb_creds = Qnil; grpc_rb_server *s = NULL; + grpc_server_credentials *creds = NULL; int recvd_port = 0; - /* "11" == 1 mandatory args, 1 (is_secure) is optional */ - rb_scan_args(argc, argv, "11", &port, &is_secure); + /* "11" == 1 mandatory args, 1 (rb_creds) is optional */ + rb_scan_args(argc, argv, "11", &port, &rb_creds); Data_Get_Struct(self, grpc_rb_server, s); if (s->wrapped == NULL) { rb_raise(rb_eRuntimeError, "closed!"); return Qnil; - } else if (is_secure == Qnil || TYPE(is_secure) != T_TRUE) { + } else if (rb_creds == Qnil) { recvd_port = grpc_server_add_http2_port(s->wrapped, StringValueCStr(port)); if (recvd_port == 0) { rb_raise(rb_eRuntimeError, "could not add port %s to server, not sure why", StringValueCStr(port)); } - } else if (TYPE(is_secure) != T_FALSE) { + } else { + creds = grpc_rb_get_wrapped_server_credentials(rb_creds); recvd_port = - grpc_server_add_secure_http2_port(s->wrapped, StringValueCStr(port)); + grpc_server_add_secure_http2_port(s->wrapped, StringValueCStr(port), + creds); if (recvd_port == 0) { rb_raise(rb_eRuntimeError, "could not add secure port %s to server, not sure why", @@ -258,7 +245,7 @@ void Init_grpc_server() { rb_define_alloc_func(rb_cServer, grpc_rb_server_alloc); /* Provides a ruby constructor and support for dup/clone. */ - rb_define_method(rb_cServer, "initialize", grpc_rb_server_init, -1); + rb_define_method(rb_cServer, "initialize", grpc_rb_server_init, 2); rb_define_method(rb_cServer, "initialize_copy", grpc_rb_server_init_copy, 1); /* Add the server methods. */ From 0ce8edc49ef4390deac36594bcc6f83b716466be Mon Sep 17 00:00:00 2001 From: Tim Emiola Date: Thu, 5 Mar 2015 15:17:30 -0800 Subject: [PATCH 13/34] Updates ruby code affected by the secure server API change --- src/ruby/bin/interop/interop_server.rb | 5 ++--- src/ruby/bin/math_server.rb | 5 ++--- src/ruby/bin/noproto_server.rb | 5 ++--- src/ruby/lib/grpc/generic/rpc_server.rb | 9 +-------- src/ruby/spec/client_server_spec.rb | 18 ++++++++---------- src/ruby/spec/generic/rpc_server_spec.rb | 13 ------------- src/ruby/spec/server_spec.rb | 15 ++++----------- 7 files changed, 19 insertions(+), 51 deletions(-) diff --git a/src/ruby/bin/interop/interop_server.rb b/src/ruby/bin/interop/interop_server.rb index b3b7d0c5a3a..0819ba9bbcc 100755 --- a/src/ruby/bin/interop/interop_server.rb +++ b/src/ruby/bin/interop/interop_server.rb @@ -176,12 +176,11 @@ end def main opts = parse_options host = "0.0.0.0:#{opts['port']}" + s = GRPC::RpcServer.new if opts['secure'] - s = GRPC::RpcServer.new(creds: test_server_creds) - s.add_http2_port(host, true) + s.add_http2_port(host, test_server_creds) logger.info("... running securely on #{host}") else - s = GRPC::RpcServer.new s.add_http2_port(host) logger.info("... running insecurely on #{host}") end diff --git a/src/ruby/bin/math_server.rb b/src/ruby/bin/math_server.rb index 93277e39320..5cc76134893 100755 --- a/src/ruby/bin/math_server.rb +++ b/src/ruby/bin/math_server.rb @@ -173,12 +173,11 @@ def main end end.parse! + s = GRPC::RpcServer.new if options['secure'] - s = GRPC::RpcServer.new(creds: test_server_creds) - s.add_http2_port(options['host'], true) + s.add_http2_port(options['host'], test_server_creds) logger.info("... running securely on #{options['host']}") else - s = GRPC::RpcServer.new s.add_http2_port(options['host']) logger.info("... running insecurely on #{options['host']}") end diff --git a/src/ruby/bin/noproto_server.rb b/src/ruby/bin/noproto_server.rb index 435f8f4ebf4..9979cb7ebbd 100755 --- a/src/ruby/bin/noproto_server.rb +++ b/src/ruby/bin/noproto_server.rb @@ -95,12 +95,11 @@ def main end end.parse! + s = GRPC::RpcServer.new if options['secure'] - s = GRPC::RpcServer.new(creds: test_server_creds) - s.add_http2_port(options['host'], true) + s.add_http2_port(options['host'], test_server_creds) logger.info("... running securely on #{options['host']}") else - s = GRPC::RpcServer.new s.add_http2_port(options['host']) logger.info("... running insecurely on #{options['host']}") end diff --git a/src/ruby/lib/grpc/generic/rpc_server.rb b/src/ruby/lib/grpc/generic/rpc_server.rb index 6938f718922..35e84023be9 100644 --- a/src/ruby/lib/grpc/generic/rpc_server.rb +++ b/src/ruby/lib/grpc/generic/rpc_server.rb @@ -81,7 +81,6 @@ module GRPC max_waiting_requests:DEFAULT_MAX_WAITING_REQUESTS, poll_period:INFINITE_FUTURE, completion_queue_override:nil, - creds:nil, server_override:nil, **kw) if completion_queue_override.nil? @@ -95,13 +94,7 @@ module GRPC @cq = cq if server_override.nil? - if creds.nil? - srv = Core::Server.new(@cq, kw) - elsif !creds.is_a? Core::ServerCredentials - fail(ArgumentError, 'not a ServerCredentials') - else - srv = Core::Server.new(@cq, kw, creds) - end + srv = Core::Server.new(@cq, kw) else srv = server_override fail(ArgumentError, 'not a Server') unless srv.is_a? Core::Server diff --git a/src/ruby/spec/client_server_spec.rb b/src/ruby/spec/client_server_spec.rb index 030ff328f21..49a2d3bb4df 100644 --- a/src/ruby/spec/client_server_spec.rb +++ b/src/ruby/spec/client_server_spec.rb @@ -95,7 +95,7 @@ shared_context 'setup: tags' do end def new_client_call - @ch.create_call('/method', 'localhost', deadline) + @ch.create_call('/method', 'foo.test.google.fr', deadline) end end @@ -346,12 +346,12 @@ end describe 'the secure http client/server' do before(:example) do certs = load_test_certs - server_host = 'localhost:0' + server_host = '0.0.0.0:0' @client_queue = GRPC::Core::CompletionQueue.new @server_queue = GRPC::Core::CompletionQueue.new server_creds = GRPC::Core::ServerCredentials.new(nil, certs[1], certs[2]) - @server = GRPC::Core::Server.new(@server_queue, nil, server_creds) - server_port = @server.add_http2_port(server_host, true) + @server = GRPC::Core::Server.new(@server_queue, nil) + server_port = @server.add_http2_port(server_host, server_creds) @server.start args = { Channel::SSL_TARGET => 'foo.test.google.fr' } @ch = Channel.new("0.0.0.0:#{server_port}", args, @@ -362,11 +362,9 @@ describe 'the secure http client/server' do @server.close end - # TODO: uncomment after updating the to the new c api - # it_behaves_like 'basic GRPC message delivery is OK' do - # end + it_behaves_like 'basic GRPC message delivery is OK' do + end - # TODO: uncomment after updating the to the new c api - # it_behaves_like 'GRPC metadata delivery works OK' do - # end + it_behaves_like 'GRPC metadata delivery works OK' do + end end diff --git a/src/ruby/spec/generic/rpc_server_spec.rb b/src/ruby/spec/generic/rpc_server_spec.rb index e8c70604461..d5421d400c9 100644 --- a/src/ruby/spec/generic/rpc_server_spec.rb +++ b/src/ruby/spec/generic/rpc_server_spec.rb @@ -164,19 +164,6 @@ describe GRPC::RpcServer do expect(&blk).to raise_error end - it 'can be created with the creds as valid ServerCedentials' do - certs = load_test_certs - server_creds = GRPC::Core::ServerCredentials.new(nil, certs[1], certs[2]) - blk = proc do - opts = { - a_channel_arg: 'an_arg', - creds: server_creds - } - RpcServer.new(**opts) - end - expect(&blk).to_not raise_error - end - it 'can be created with a server override' do opts = { a_channel_arg: 'an_arg', server_override: @server } blk = proc do diff --git a/src/ruby/spec/server_spec.rb b/src/ruby/spec/server_spec.rb index 5b81f195371..a47e484f971 100644 --- a/src/ruby/spec/server_spec.rb +++ b/src/ruby/spec/server_spec.rb @@ -118,10 +118,11 @@ describe Server do end describe 'for secure servers' do + let(:cert) { create_test_cert } it 'runs without failing' do blk = proc do s = Server.new(@cq, nil) - s.add_http2_port('localhost:0', true) + s.add_http2_port('localhost:0', cert) s.close end expect(&blk).to_not raise_error @@ -130,7 +131,7 @@ describe Server do it 'fails if the server is closed' do s = Server.new(@cq, nil) s.close - blk = proc { s.add_http2_port('localhost:0', true) } + blk = proc { s.add_http2_port('localhost:0', cert) } expect(&blk).to raise_error(RuntimeError) end end @@ -138,7 +139,7 @@ describe Server do shared_examples '#new' do it 'takes a completion queue with nil channel args' do - expect { Server.new(@cq, nil, create_test_cert) }.to_not raise_error + expect { Server.new(@cq, nil) }.to_not raise_error end it 'does not take a hash with bad keys as channel args' do @@ -195,14 +196,6 @@ describe Server do it_behaves_like '#new' end - describe '#new with a secure channel' do - def construct_with_args(a) - proc { Server.new(@cq, a, create_test_cert) } - end - - it_behaves_like '#new' - end - def start_a_server s = Server.new(@cq, nil) s.add_http2_port('0.0.0.0:0') From a29d0f3fbcfbffb04cff4bf1e34429307b58ae09 Mon Sep 17 00:00:00 2001 From: Jan Tattermusch Date: Wed, 4 Mar 2015 17:54:56 -0800 Subject: [PATCH 14/34] Split async call into server and client classes sharing the same base. --- src/csharp/Grpc.Core/Grpc.Core.csproj | 7 +- src/csharp/Grpc.Core/Internal/AsyncCall.cs | 577 ++++-------------- .../Grpc.Core/Internal/AsyncCallBase.cs | 407 ++++++++++++ .../Grpc.Core/Internal/AsyncCallServer.cs | 125 ++++ .../Grpc.Core/Internal/AsyncCompletion.cs | 95 +++ .../Grpc.Core/Internal/CallSafeHandle.cs | 1 - .../Internal/ClientStreamingInputObserver.cs | 9 +- .../Internal/ServerStreamingOutputObserver.cs | 16 +- .../Grpc.Core/OperationFailedException.cs | 48 ++ src/csharp/Grpc.Core/ServerCallHandler.cs | 34 +- src/csharp/Grpc.Core/Status.cs | 6 + src/csharp/Grpc.Core/Utils/Preconditions.cs | 113 ++++ 12 files changed, 949 insertions(+), 489 deletions(-) create mode 100644 src/csharp/Grpc.Core/Internal/AsyncCallBase.cs create mode 100644 src/csharp/Grpc.Core/Internal/AsyncCallServer.cs create mode 100644 src/csharp/Grpc.Core/Internal/AsyncCompletion.cs create mode 100644 src/csharp/Grpc.Core/OperationFailedException.cs create mode 100644 src/csharp/Grpc.Core/Utils/Preconditions.cs diff --git a/src/csharp/Grpc.Core/Grpc.Core.csproj b/src/csharp/Grpc.Core/Grpc.Core.csproj index 93d5430591b..78b6cdde59b 100644 --- a/src/csharp/Grpc.Core/Grpc.Core.csproj +++ b/src/csharp/Grpc.Core/Grpc.Core.csproj @@ -51,7 +51,6 @@ - @@ -69,6 +68,12 @@ + + + + + +