Merge github.com:grpc/grpc into expandification

pull/6173/head
Craig Tiller 9 years ago
commit fe7eddb222
  1. 8
      BUILD
  2. 159
      Makefile
  3. 4
      binding.gyp
  4. 23
      build.yaml
  5. 4
      config.m4
  6. 4
      gRPC.podspec
  7. 3
      grpc.def
  8. 9
      grpc.gemspec
  9. 15
      include/grpc++/security/server_credentials.h
  10. 38
      include/grpc/grpc_security.h
  11. 114
      include/grpc/grpc_security_constants.h
  12. 7
      include/grpc/impl/codegen/log.h
  13. 2
      include/grpc/support/string_util.h
  14. 8
      package.xml
  15. 510
      src/boringssl/err_data.c
  16. 137
      src/core/ext/client_config/parse_address.c
  17. 56
      src/core/ext/client_config/parse_address.h
  18. 2
      src/core/ext/lb_policy/pick_first/pick_first.c
  19. 98
      src/core/ext/resolver/sockaddr/sockaddr_resolver.c
  20. 12
      src/core/ext/transport/chttp2/transport/hpack_parser.c
  21. 2
      src/core/lib/iomgr/tcp_server_posix.c
  22. 2
      src/core/lib/iomgr/tcp_server_windows.c
  23. 2
      src/core/lib/iomgr/udp_server.c
  24. 1
      src/core/lib/profiling/basic_timers.c
  25. 27
      src/core/lib/security/credentials.c
  26. 34
      src/core/lib/security/security_connector.c
  27. 2
      src/core/lib/security/security_connector.h
  28. 2
      src/core/lib/support/alloc.c
  29. 33
      src/core/lib/support/log.c
  30. 1
      src/core/lib/support/log_linux.c
  31. 1
      src/core/lib/support/thd_posix.c
  32. 6
      src/core/lib/surface/byte_buffer.c
  33. 2
      src/core/lib/surface/init.c
  34. 22
      src/core/lib/tsi/fake_transport_security.c
  35. 123
      src/core/lib/tsi/ssl_transport_security.c
  36. 17
      src/core/lib/tsi/ssl_transport_security.h
  37. 38
      src/core/lib/tsi/transport_security.c
  38. 9
      src/core/lib/tsi/transport_security_interface.h
  39. 8
      src/cpp/server/secure_server_credentials.cc
  40. 1
      src/csharp/Grpc.IntegrationTesting/ClientRunners.cs
  41. 3236
      src/csharp/Grpc.IntegrationTesting/Control.cs
  42. 121
      src/csharp/Grpc.IntegrationTesting/Messages.cs
  43. 8
      src/csharp/Grpc.IntegrationTesting/Test.cs
  44. 25
      src/csharp/Grpc.IntegrationTesting/TestGrpc.cs
  45. 9
      src/csharp/ext/grpc_csharp_ext.c
  46. 13
      src/node/ext/server_credentials.cc
  47. 2
      src/node/performance/worker.js
  48. 3
      src/node/performance/worker_service_impl.js
  49. 9
      src/php/ext/grpc/server_credentials.c
  50. 2
      src/php/tests/bootstrap.php
  51. 3
      src/php/tests/generated_code/GeneratedCodeWithCallbackTest.php
  52. 4
      src/php/tests/generated_code/math_client.php
  53. 1
      src/php/tests/unit_tests/CallCredentials3Test.php
  54. 3
      src/php/tests/unit_tests/CallTest.php
  55. 2
      src/php/tests/unit_tests/ChannelCredentialsTest.php
  56. 3
      src/php/tests/unit_tests/ChannelTest.php
  57. 8
      src/php/tests/unit_tests/EndToEndTest.php
  58. 3
      src/php/tests/unit_tests/ServerTest.php
  59. 15
      src/php/tests/unit_tests/TimevalTest.php
  60. 2
      src/proto/grpc/binary_log/v1alpha/log.proto
  61. 56
      src/proto/grpc/testing/control.proto
  62. 4
      src/python/grpcio/grpc/_cython/_cygrpc/credentials.pyx.pxi
  63. 7
      src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxi
  64. 6
      src/python/grpcio/grpc/_cython/imports.generated.c
  65. 9
      src/python/grpcio/grpc/_cython/imports.generated.h
  66. 4
      src/python/grpcio/grpc_core_dependencies.py
  67. 6
      src/ruby/ext/grpc/rb_grpc_imports.generated.c
  68. 9
      src/ruby/ext/grpc/rb_grpc_imports.generated.h
  69. 24
      src/ruby/ext/grpc/rb_server_credentials.c
  70. 11
      src/ruby/lib/grpc/generic/client_stub.rb
  71. 3
      src/ruby/qps/server.rb
  72. 55
      src/ruby/qps/src/proto/grpc/testing/control.rb
  73. 4
      src/ruby/qps/src/proto/grpc/testing/messages.rb
  74. 4
      src/ruby/qps/worker.rb
  75. 1
      templates/grpc.gemspec.template
  76. 2
      templates/tools/dockerfile/go_path.include
  77. 17
      templates/tools/dockerfile/java_deps.include
  78. 37
      templates/tools/dockerfile/stress_test/grpc_interop_stress_go/Dockerfile.template
  79. 40
      templates/tools/dockerfile/stress_test/grpc_interop_stress_java/Dockerfile.template
  80. 6
      templates/tools/fuzzer/runners.template
  81. 343
      test/core/end2end/data/client_certs.c
  82. 4
      test/core/end2end/data/ssl_test_data.h
  83. 376
      test/core/end2end/fixtures/h2_ssl_cert.c
  84. 6
      test/core/end2end/fuzzers/client_fuzzer.c
  85. BIN
      test/core/end2end/fuzzers/client_fuzzer_corpus/025215e11687c7d2e0055e5b2b902d08e0436f78
  86. BIN
      test/core/end2end/fuzzers/client_fuzzer_corpus/02ba99615d1d69eb328adce99670f659959c1bc1
  87. BIN
      test/core/end2end/fuzzers/client_fuzzer_corpus/07048654244e377ddf246e8cc18f71443035cd2b
  88. BIN
      test/core/end2end/fuzzers/client_fuzzer_corpus/0c30868720d5e1a19ff23c53740749c37a43540d
  89. BIN
      test/core/end2end/fuzzers/client_fuzzer_corpus/0d8c547f1d261ba07c2648bae009636c17709600
  90. BIN
      test/core/end2end/fuzzers/client_fuzzer_corpus/0f98d7d56e9a99b97e5dc7eb122ef22e9684077b
  91. BIN
      test/core/end2end/fuzzers/client_fuzzer_corpus/0fd8859246740606c498755ab00d6147abcfec00
  92. BIN
      test/core/end2end/fuzzers/client_fuzzer_corpus/101305ccd08c7a8bd0c2913c37d3dd0d39d4bb64
  93. BIN
      test/core/end2end/fuzzers/client_fuzzer_corpus/1160214cdb23e8fc187078a8d6796656c1ade925
  94. BIN
      test/core/end2end/fuzzers/client_fuzzer_corpus/118ffddb43ccf9dae8bdb4702232d1dc39b021f7
  95. BIN
      test/core/end2end/fuzzers/client_fuzzer_corpus/1306c4c6ea714d4db0e4d814c944d8d40335e0fa
  96. BIN
      test/core/end2end/fuzzers/client_fuzzer_corpus/143e0d4f546bbb984a7c3ac1c60a37dcf85ea58d
  97. BIN
      test/core/end2end/fuzzers/client_fuzzer_corpus/17b1758fc7cd69a00d140f113b1ac894023ff20b
  98. BIN
      test/core/end2end/fuzzers/client_fuzzer_corpus/1875a4acdcffe505ca92ea8af8d9d6b174736e80
  99. BIN
      test/core/end2end/fuzzers/client_fuzzer_corpus/1aee32faadffa3c2ec508e8fd30006423665488f
  100. 1
      test/core/end2end/fuzzers/client_fuzzer_corpus/1ca51ab2fefef4f549c4a8e7f4910c6b5a4b4b1d
  101. Some files were not shown because too many files have changed in this diff Show More

@ -275,6 +275,7 @@ cc_library(
"src/core/ext/client_config/lb_policy.h",
"src/core/ext/client_config/lb_policy_factory.h",
"src/core/ext/client_config/lb_policy_registry.h",
"src/core/ext/client_config/parse_address.h",
"src/core/ext/client_config/resolver.h",
"src/core/ext/client_config/resolver_factory.h",
"src/core/ext/client_config/resolver_registry.h",
@ -426,6 +427,7 @@ cc_library(
"src/core/ext/client_config/lb_policy.c",
"src/core/ext/client_config/lb_policy_factory.c",
"src/core/ext/client_config/lb_policy_registry.c",
"src/core/ext/client_config/parse_address.c",
"src/core/ext/client_config/resolver.c",
"src/core/ext/client_config/resolver_factory.c",
"src/core/ext/client_config/resolver_registry.c",
@ -479,6 +481,7 @@ cc_library(
"include/grpc/impl/codegen/sync_win32.h",
"include/grpc/impl/codegen/time.h",
"include/grpc/grpc_security.h",
"include/grpc/grpc_security_constants.h",
"include/grpc/census.h",
],
includes = [
@ -603,6 +606,7 @@ cc_library(
"src/core/ext/client_config/lb_policy.h",
"src/core/ext/client_config/lb_policy_factory.h",
"src/core/ext/client_config/lb_policy_registry.h",
"src/core/ext/client_config/parse_address.h",
"src/core/ext/client_config/resolver.h",
"src/core/ext/client_config/resolver_factory.h",
"src/core/ext/client_config/resolver_registry.h",
@ -736,6 +740,7 @@ cc_library(
"src/core/ext/client_config/lb_policy.c",
"src/core/ext/client_config/lb_policy_factory.c",
"src/core/ext/client_config/lb_policy_registry.c",
"src/core/ext/client_config/parse_address.c",
"src/core/ext/client_config/resolver.c",
"src/core/ext/client_config/resolver_factory.c",
"src/core/ext/client_config/resolver_registry.c",
@ -1434,6 +1439,7 @@ objc_library(
"src/core/ext/client_config/lb_policy.c",
"src/core/ext/client_config/lb_policy_factory.c",
"src/core/ext/client_config/lb_policy_registry.c",
"src/core/ext/client_config/parse_address.c",
"src/core/ext/client_config/resolver.c",
"src/core/ext/client_config/resolver_factory.c",
"src/core/ext/client_config/resolver_registry.c",
@ -1487,6 +1493,7 @@ objc_library(
"include/grpc/impl/codegen/sync_win32.h",
"include/grpc/impl/codegen/time.h",
"include/grpc/grpc_security.h",
"include/grpc/grpc_security_constants.h",
"include/grpc/census.h",
"src/core/lib/channel/channel_args.h",
"src/core/lib/channel/channel_stack.h",
@ -1604,6 +1611,7 @@ objc_library(
"src/core/ext/client_config/lb_policy.h",
"src/core/ext/client_config/lb_policy_factory.h",
"src/core/ext/client_config/lb_policy_registry.h",
"src/core/ext/client_config/parse_address.h",
"src/core/ext/client_config/resolver.h",
"src/core/ext/client_config/resolver_factory.h",
"src/core/ext/client_config/resolver_registry.h",

@ -1023,7 +1023,6 @@ interop_test: $(BINDIR)/$(CONFIG)/interop_test
json_run_localhost: $(BINDIR)/$(CONFIG)/json_run_localhost
metrics_client: $(BINDIR)/$(CONFIG)/metrics_client
mock_test: $(BINDIR)/$(CONFIG)/mock_test
qps_driver: $(BINDIR)/$(CONFIG)/qps_driver
qps_interarrival_test: $(BINDIR)/$(CONFIG)/qps_interarrival_test
qps_json_driver: $(BINDIR)/$(CONFIG)/qps_json_driver
qps_openloop_test: $(BINDIR)/$(CONFIG)/qps_openloop_test
@ -1077,6 +1076,7 @@ boringssl_refcount_test: $(BINDIR)/$(CONFIG)/boringssl_refcount_test
boringssl_rsa_test: $(BINDIR)/$(CONFIG)/boringssl_rsa_test
boringssl_thread_test: $(BINDIR)/$(CONFIG)/boringssl_thread_test
boringssl_pkcs7_test: $(BINDIR)/$(CONFIG)/boringssl_pkcs7_test
boringssl_x509_test: $(BINDIR)/$(CONFIG)/boringssl_x509_test
boringssl_tab_test: $(BINDIR)/$(CONFIG)/boringssl_tab_test
boringssl_v3name_test: $(BINDIR)/$(CONFIG)/boringssl_v3name_test
boringssl_pqueue_test: $(BINDIR)/$(CONFIG)/boringssl_pqueue_test
@ -1106,6 +1106,7 @@ h2_sockpair_test: $(BINDIR)/$(CONFIG)/h2_sockpair_test
h2_sockpair+trace_test: $(BINDIR)/$(CONFIG)/h2_sockpair+trace_test
h2_sockpair_1byte_test: $(BINDIR)/$(CONFIG)/h2_sockpair_1byte_test
h2_ssl_test: $(BINDIR)/$(CONFIG)/h2_ssl_test
h2_ssl_cert_test: $(BINDIR)/$(CONFIG)/h2_ssl_cert_test
h2_ssl_proxy_test: $(BINDIR)/$(CONFIG)/h2_ssl_proxy_test
h2_uds_test: $(BINDIR)/$(CONFIG)/h2_uds_test
h2_census_nosec_test: $(BINDIR)/$(CONFIG)/h2_census_nosec_test
@ -1197,7 +1198,7 @@ pc_cxx: $(LIBDIR)/$(CONFIG)/pkgconfig/grpc++.pc
pc_cxx_unsecure: $(LIBDIR)/$(CONFIG)/pkgconfig/grpc++_unsecure.pc
privatelibs_cxx: $(LIBDIR)/$(CONFIG)/libgrpc++_test_config.a $(LIBDIR)/$(CONFIG)/libgrpc++_test_util.a $(LIBDIR)/$(CONFIG)/libinterop_client_helper.a $(LIBDIR)/$(CONFIG)/libinterop_client_main.a $(LIBDIR)/$(CONFIG)/libinterop_server_helper.a $(LIBDIR)/$(CONFIG)/libinterop_server_main.a $(LIBDIR)/$(CONFIG)/libqps.a $(LIBDIR)/$(CONFIG)/libboringssl_test_util.a $(LIBDIR)/$(CONFIG)/libboringssl_aes_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_asn1_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_base64_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_bio_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_bn_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_bytestring_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_aead_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_cipher_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_cmac_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_ed25519_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_x25519_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_dh_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_digest_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_ec_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_ecdsa_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_err_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_evp_extra_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_evp_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_pbkdf_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_hmac_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_pkcs12_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_pkcs8_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_poly1305_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_rsa_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_ssl_test_lib.a
privatelibs_cxx: $(LIBDIR)/$(CONFIG)/libgrpc++_test_config.a $(LIBDIR)/$(CONFIG)/libgrpc++_test_util.a $(LIBDIR)/$(CONFIG)/libinterop_client_helper.a $(LIBDIR)/$(CONFIG)/libinterop_client_main.a $(LIBDIR)/$(CONFIG)/libinterop_server_helper.a $(LIBDIR)/$(CONFIG)/libinterop_server_main.a $(LIBDIR)/$(CONFIG)/libqps.a $(LIBDIR)/$(CONFIG)/libboringssl_test_util.a $(LIBDIR)/$(CONFIG)/libboringssl_aes_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_asn1_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_base64_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_bio_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_bn_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_bytestring_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_aead_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_cipher_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_cmac_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_ed25519_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_x25519_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_dh_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_digest_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_ec_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_ecdsa_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_err_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_evp_extra_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_evp_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_pbkdf_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_hmac_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_pkcs12_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_pkcs8_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_poly1305_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_rsa_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_x509_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_ssl_test_lib.a
ifeq ($(HAS_ZOOKEEPER),true)
privatelibs_zookeeper:
@ -1333,6 +1334,7 @@ buildtests_c: privatelibs_c \
$(BINDIR)/$(CONFIG)/h2_sockpair+trace_test \
$(BINDIR)/$(CONFIG)/h2_sockpair_1byte_test \
$(BINDIR)/$(CONFIG)/h2_ssl_test \
$(BINDIR)/$(CONFIG)/h2_ssl_cert_test \
$(BINDIR)/$(CONFIG)/h2_ssl_proxy_test \
$(BINDIR)/$(CONFIG)/h2_uds_test \
$(BINDIR)/$(CONFIG)/h2_census_nosec_test \
@ -1435,6 +1437,7 @@ buildtests_cxx: buildtests_zookeeper privatelibs_cxx \
$(BINDIR)/$(CONFIG)/boringssl_rsa_test \
$(BINDIR)/$(CONFIG)/boringssl_thread_test \
$(BINDIR)/$(CONFIG)/boringssl_pkcs7_test \
$(BINDIR)/$(CONFIG)/boringssl_x509_test \
$(BINDIR)/$(CONFIG)/boringssl_tab_test \
$(BINDIR)/$(CONFIG)/boringssl_v3name_test \
$(BINDIR)/$(CONFIG)/boringssl_pqueue_test \
@ -1764,7 +1767,7 @@ tools_c: privatelibs_c $(BINDIR)/$(CONFIG)/gen_hpack_tables $(BINDIR)/$(CONFIG)/
tools_cxx: privatelibs_cxx
buildbenchmarks: privatelibs $(BINDIR)/$(CONFIG)/low_level_ping_pong_benchmark $(BINDIR)/$(CONFIG)/qps_driver
buildbenchmarks: privatelibs $(BINDIR)/$(CONFIG)/low_level_ping_pong_benchmark
benchmarks: buildbenchmarks
@ -2583,6 +2586,7 @@ LIBGRPC_SRC = \
src/core/ext/client_config/lb_policy.c \
src/core/ext/client_config/lb_policy_factory.c \
src/core/ext/client_config/lb_policy_registry.c \
src/core/ext/client_config/parse_address.c \
src/core/ext/client_config/resolver.c \
src/core/ext/client_config/resolver_factory.c \
src/core/ext/client_config/resolver_registry.c \
@ -2639,6 +2643,7 @@ PUBLIC_HEADERS_C += \
include/grpc/impl/codegen/sync_win32.h \
include/grpc/impl/codegen/time.h \
include/grpc/grpc_security.h \
include/grpc/grpc_security_constants.h \
include/grpc/census.h \
LIBGRPC_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(LIBGRPC_SRC))))
@ -2694,6 +2699,7 @@ endif
LIBGRPC_TEST_UTIL_SRC = \
test/core/end2end/data/client_certs.c \
test/core/end2end/data/server1_cert.c \
test/core/end2end/data/server1_key.c \
test/core/end2end/data/test_root_cert.c \
@ -2702,6 +2708,7 @@ LIBGRPC_TEST_UTIL_SRC = \
test/core/end2end/fixtures/proxy.c \
test/core/iomgr/endpoint_tests.c \
test/core/util/grpc_profiler.c \
test/core/util/memory_counters.c \
test/core/util/mock_endpoint.c \
test/core/util/parse_hexstring.c \
test/core/util/port_posix.c \
@ -2750,6 +2757,7 @@ LIBGRPC_TEST_UTIL_UNSECURE_SRC = \
test/core/end2end/fixtures/proxy.c \
test/core/iomgr/endpoint_tests.c \
test/core/util/grpc_profiler.c \
test/core/util/memory_counters.c \
test/core/util/mock_endpoint.c \
test/core/util/parse_hexstring.c \
test/core/util/port_posix.c \
@ -2898,6 +2906,7 @@ LIBGRPC_UNSECURE_SRC = \
src/core/ext/client_config/lb_policy.c \
src/core/ext/client_config/lb_policy_factory.c \
src/core/ext/client_config/lb_policy_registry.c \
src/core/ext/client_config/parse_address.c \
src/core/ext/client_config/resolver.c \
src/core/ext/client_config/resolver_factory.c \
src/core/ext/client_config/resolver_registry.c \
@ -4075,6 +4084,7 @@ LIBBORINGSSL_SRC = \
third_party/boringssl/crypto/bn/shift.c \
third_party/boringssl/crypto/bn/sqrt.c \
third_party/boringssl/crypto/buf/buf.c \
third_party/boringssl/crypto/bytestring/asn1_compat.c \
third_party/boringssl/crypto/bytestring/ber.c \
third_party/boringssl/crypto/bytestring/cbb.c \
third_party/boringssl/crypto/bytestring/cbs.c \
@ -4098,6 +4108,7 @@ LIBBORINGSSL_SRC = \
third_party/boringssl/crypto/cpu-intel.c \
third_party/boringssl/crypto/crypto.c \
third_party/boringssl/crypto/curve25519/curve25519.c \
third_party/boringssl/crypto/curve25519/x25519-x86_64.c \
third_party/boringssl/crypto/des/des.c \
third_party/boringssl/crypto/dh/check.c \
third_party/boringssl/crypto/dh/dh.c \
@ -4289,6 +4300,7 @@ LIBBORINGSSL_SRC = \
third_party/boringssl/ssl/ssl_buffer.c \
third_party/boringssl/ssl/ssl_cert.c \
third_party/boringssl/ssl/ssl_cipher.c \
third_party/boringssl/ssl/ssl_ecdh.c \
third_party/boringssl/ssl/ssl_file.c \
third_party/boringssl/ssl/ssl_lib.c \
third_party/boringssl/ssl/ssl_rsa.c \
@ -5517,6 +5529,44 @@ ifneq ($(NO_DEPS),true)
endif
LIBBORINGSSL_X509_TEST_LIB_SRC = \
third_party/boringssl/crypto/x509/x509_test.cc \
PUBLIC_HEADERS_CXX += \
LIBBORINGSSL_X509_TEST_LIB_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(LIBBORINGSSL_X509_TEST_LIB_SRC))))
$(LIBBORINGSSL_X509_TEST_LIB_OBJS): CPPFLAGS += -Ithird_party/boringssl/include -fvisibility=hidden -DOPENSSL_NO_ASM -D_GNU_SOURCE -DWIN32_LEAN_AND_MEAN -D_HAS_EXCEPTIONS=0 -DNOMINMAX
$(LIBBORINGSSL_X509_TEST_LIB_OBJS): CFLAGS += -Wno-sign-conversion -Wno-conversion -Wno-unused-value -Wno-unknown-pragmas -Wno-implicit-function-declaration -Wno-unused-variable -Wno-sign-compare
ifeq ($(NO_PROTOBUF),true)
# You can't build a C++ library if you don't have protobuf - a bit overreached, but still okay.
$(LIBDIR)/$(CONFIG)/libboringssl_x509_test_lib.a: protobuf_dep_error
else
$(LIBDIR)/$(CONFIG)/libboringssl_x509_test_lib.a: $(ZLIB_DEP) $(PROTOBUF_DEP) $(LIBBORINGSSL_X509_TEST_LIB_OBJS)
$(E) "[AR] Creating $@"
$(Q) mkdir -p `dirname $@`
$(Q) rm -f $(LIBDIR)/$(CONFIG)/libboringssl_x509_test_lib.a
$(Q) $(AR) $(LIBDIR)/$(CONFIG)/libboringssl_x509_test_lib.a $(LIBBORINGSSL_X509_TEST_LIB_OBJS)
ifeq ($(SYSTEM),Darwin)
$(Q) ranlib -no_warning_for_no_symbols $(LIBDIR)/$(CONFIG)/libboringssl_x509_test_lib.a
endif
endif
ifneq ($(NO_DEPS),true)
-include $(LIBBORINGSSL_X509_TEST_LIB_OBJS:.o=.dep)
endif
LIBBORINGSSL_TAB_TEST_LIB_SRC = \
third_party/boringssl/crypto/x509v3/tab_test.c \
@ -10902,49 +10952,6 @@ endif
endif
QPS_DRIVER_SRC = \
test/cpp/qps/qps_driver.cc \
QPS_DRIVER_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(QPS_DRIVER_SRC))))
ifeq ($(NO_SECURE),true)
# You can't build secure targets if you don't have OpenSSL.
$(BINDIR)/$(CONFIG)/qps_driver: openssl_dep_error
else
ifeq ($(NO_PROTOBUF),true)
# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+.
$(BINDIR)/$(CONFIG)/qps_driver: protobuf_dep_error
else
$(BINDIR)/$(CONFIG)/qps_driver: $(PROTOBUF_DEP) $(QPS_DRIVER_OBJS) $(LIBDIR)/$(CONFIG)/libqps.a $(LIBDIR)/$(CONFIG)/libgrpc++_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc++_test_config.a
$(E) "[LD] Linking $@"
$(Q) mkdir -p `dirname $@`
$(Q) $(LDXX) $(LDFLAGS) $(QPS_DRIVER_OBJS) $(LIBDIR)/$(CONFIG)/libqps.a $(LIBDIR)/$(CONFIG)/libgrpc++_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc++_test_config.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/qps_driver
endif
endif
$(OBJDIR)/$(CONFIG)/test/cpp/qps/qps_driver.o: $(LIBDIR)/$(CONFIG)/libqps.a $(LIBDIR)/$(CONFIG)/libgrpc++_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libgrpc++_test_config.a
deps_qps_driver: $(QPS_DRIVER_OBJS:.o=.dep)
ifneq ($(NO_SECURE),true)
ifneq ($(NO_DEPS),true)
-include $(QPS_DRIVER_OBJS:.o=.dep)
endif
endif
QPS_INTERARRIVAL_TEST_SRC = \
test/cpp/qps/qps_interarrival_test.cc \
@ -12739,6 +12746,33 @@ endif
# boringssl needs an override to ensure that it does not include
# system openssl headers regardless of other configuration
# we do so here with a target specific variable assignment
$(BORINGSSL_X509_TEST_OBJS): CFLAGS := -Ithird_party/boringssl/include $(CFLAGS) -Wno-sign-conversion -Wno-conversion -Wno-unused-value
$(BORINGSSL_X509_TEST_OBJS): CXXFLAGS := -Ithird_party/boringssl/include $(CXXFLAGS)
$(BORINGSSL_X509_TEST_OBJS): CPPFLAGS += -DOPENSSL_NO_ASM -D_GNU_SOURCE
ifeq ($(NO_PROTOBUF),true)
# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.0.0+.
$(BINDIR)/$(CONFIG)/boringssl_x509_test: protobuf_dep_error
else
$(BINDIR)/$(CONFIG)/boringssl_x509_test: $(LIBDIR)/$(CONFIG)/libboringssl_x509_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_test_util.a $(LIBDIR)/$(CONFIG)/libboringssl.a
$(E) "[LD] Linking $@"
$(Q) mkdir -p `dirname $@`
$(Q) $(LDXX) $(LDFLAGS) $(LIBDIR)/$(CONFIG)/libboringssl_x509_test_lib.a $(LIBDIR)/$(CONFIG)/libboringssl_test_util.a $(LIBDIR)/$(CONFIG)/libboringssl.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/boringssl_x509_test
endif
# boringssl needs an override to ensure that it does not include
# system openssl headers regardless of other configuration
# we do so here with a target specific variable assignment
@ -13538,6 +13572,38 @@ endif
endif
H2_SSL_CERT_TEST_SRC = \
test/core/end2end/fixtures/h2_ssl_cert.c \
H2_SSL_CERT_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(H2_SSL_CERT_TEST_SRC))))
ifeq ($(NO_SECURE),true)
# You can't build secure targets if you don't have OpenSSL.
$(BINDIR)/$(CONFIG)/h2_ssl_cert_test: openssl_dep_error
else
$(BINDIR)/$(CONFIG)/h2_ssl_cert_test: $(H2_SSL_CERT_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libend2end_tests.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a
$(E) "[LD] Linking $@"
$(Q) mkdir -p `dirname $@`
$(Q) $(LD) $(LDFLAGS) $(H2_SSL_CERT_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libend2end_tests.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LDLIBS) $(LDLIBS_SECURE) -o $(BINDIR)/$(CONFIG)/h2_ssl_cert_test
endif
$(OBJDIR)/$(CONFIG)/test/core/end2end/fixtures/h2_ssl_cert.o: $(LIBDIR)/$(CONFIG)/libend2end_tests.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a
deps_h2_ssl_cert_test: $(H2_SSL_CERT_TEST_OBJS:.o=.dep)
ifneq ($(NO_SECURE),true)
ifneq ($(NO_DEPS),true)
-include $(H2_SSL_CERT_TEST_OBJS:.o=.dep)
endif
endif
H2_SSL_PROXY_TEST_SRC = \
test/core/end2end/fixtures/h2_ssl_proxy.c \
@ -14097,6 +14163,7 @@ src/cpp/server/secure_server_credentials.cc: $(OPENSSL_DEP)
src/csharp/ext/grpc_csharp_ext.c: $(OPENSSL_DEP)
test/core/bad_client/bad_client.c: $(OPENSSL_DEP)
test/core/bad_ssl/server_common.c: $(OPENSSL_DEP)
test/core/end2end/data/client_certs.c: $(OPENSSL_DEP)
test/core/end2end/data/server1_cert.c: $(OPENSSL_DEP)
test/core/end2end/data/server1_key.c: $(OPENSSL_DEP)
test/core/end2end/data/test_root_cert.c: $(OPENSSL_DEP)

@ -223,6 +223,7 @@
'third_party/boringssl/crypto/bn/shift.c',
'third_party/boringssl/crypto/bn/sqrt.c',
'third_party/boringssl/crypto/buf/buf.c',
'third_party/boringssl/crypto/bytestring/asn1_compat.c',
'third_party/boringssl/crypto/bytestring/ber.c',
'third_party/boringssl/crypto/bytestring/cbb.c',
'third_party/boringssl/crypto/bytestring/cbs.c',
@ -246,6 +247,7 @@
'third_party/boringssl/crypto/cpu-intel.c',
'third_party/boringssl/crypto/crypto.c',
'third_party/boringssl/crypto/curve25519/curve25519.c',
'third_party/boringssl/crypto/curve25519/x25519-x86_64.c',
'third_party/boringssl/crypto/des/des.c',
'third_party/boringssl/crypto/dh/check.c',
'third_party/boringssl/crypto/dh/dh.c',
@ -437,6 +439,7 @@
'third_party/boringssl/ssl/ssl_buffer.c',
'third_party/boringssl/ssl/ssl_cert.c',
'third_party/boringssl/ssl/ssl_cipher.c',
'third_party/boringssl/ssl/ssl_ecdh.c',
'third_party/boringssl/ssl/ssl_file.c',
'third_party/boringssl/ssl/ssl_lib.c',
'third_party/boringssl/ssl/ssl_rsa.c',
@ -694,6 +697,7 @@
'src/core/ext/client_config/lb_policy.c',
'src/core/ext/client_config/lb_policy_factory.c',
'src/core/ext/client_config/lb_policy_registry.c',
'src/core/ext/client_config/parse_address.c',
'src/core/ext/client_config/resolver.c',
'src/core/ext/client_config/resolver_factory.c',
'src/core/ext/client_config/resolver_registry.c',

@ -442,6 +442,7 @@ filegroups:
- src/core/ext/client_config/lb_policy.h
- src/core/ext/client_config/lb_policy_factory.h
- src/core/ext/client_config/lb_policy_registry.h
- src/core/ext/client_config/parse_address.h
- src/core/ext/client_config/resolver.h
- src/core/ext/client_config/resolver_factory.h
- src/core/ext/client_config/resolver_registry.h
@ -461,6 +462,7 @@ filegroups:
- src/core/ext/client_config/lb_policy.c
- src/core/ext/client_config/lb_policy_factory.c
- src/core/ext/client_config/lb_policy_registry.c
- src/core/ext/client_config/parse_address.c
- src/core/ext/client_config/resolver.c
- src/core/ext/client_config/resolver_factory.c
- src/core/ext/client_config/resolver_registry.c
@ -523,6 +525,7 @@ filegroups:
- name: grpc_secure
public_headers:
- include/grpc/grpc_security.h
- include/grpc/grpc_security_constants.h
headers:
- src/core/lib/security/auth_filters.h
- src/core/lib/security/b64.h
@ -567,6 +570,7 @@ filegroups:
- test/core/end2end/fixtures/proxy.h
- test/core/iomgr/endpoint_tests.h
- test/core/util/grpc_profiler.h
- test/core/util/memory_counters.h
- test/core/util/mock_endpoint.h
- test/core/util/parse_hexstring.h
- test/core/util/port.h
@ -577,6 +581,7 @@ filegroups:
- test/core/end2end/fixtures/proxy.c
- test/core/iomgr/endpoint_tests.c
- test/core/util/grpc_profiler.c
- test/core/util/memory_counters.c
- test/core/util/mock_endpoint.c
- test/core/util/parse_hexstring.c
- test/core/util/port_posix.c
@ -751,6 +756,7 @@ libs:
- test/core/end2end/data/ssl_test_data.h
- test/core/security/oauth2_utils.h
src:
- test/core/end2end/data/client_certs.c
- test/core/end2end/data/server1_cert.c
- test/core/end2end/data/server1_key.c
- test/core/end2end/data/test_root_cert.c
@ -1183,6 +1189,7 @@ targets:
- gpr
corpus_dirs:
- test/core/end2end/fuzzers/client_fuzzer_corpus
dict: test/core/end2end/fuzzers/hpack.dictionary
maxlen: 2048
- name: compression_test
build: test
@ -1672,6 +1679,7 @@ targets:
- gpr
corpus_dirs:
- test/core/transport/chttp2/hpack_parser_corpus
dict: test/core/end2end/fuzzers/hpack.dictionary
maxlen: 512
- name: hpack_parser_test
build: test
@ -2023,6 +2031,7 @@ targets:
- gpr
corpus_dirs:
- test/core/end2end/fuzzers/server_fuzzer_corpus
dict: test/core/end2end/fuzzers/hpack.dictionary
maxlen: 2048
- name: server_test
build: test
@ -2699,20 +2708,6 @@ targets:
- grpc
- gpr_test_util
- gpr
- name: qps_driver
build: benchmark
language: c++
src:
- test/cpp/qps/qps_driver.cc
deps:
- qps
- grpc++_test_util
- grpc_test_util
- grpc++
- grpc
- gpr_test_util
- gpr
- grpc++_test_config
- name: qps_interarrival_test
build: test
run: false

@ -216,6 +216,7 @@ if test "$PHP_GRPC" != "no"; then
src/core/ext/client_config/lb_policy.c \
src/core/ext/client_config/lb_policy_factory.c \
src/core/ext/client_config/lb_policy_registry.c \
src/core/ext/client_config/parse_address.c \
src/core/ext/client_config/resolver.c \
src/core/ext/client_config/resolver_factory.c \
src/core/ext/client_config/resolver_registry.c \
@ -316,6 +317,7 @@ if test "$PHP_GRPC" != "no"; then
third_party/boringssl/crypto/bn/shift.c \
third_party/boringssl/crypto/bn/sqrt.c \
third_party/boringssl/crypto/buf/buf.c \
third_party/boringssl/crypto/bytestring/asn1_compat.c \
third_party/boringssl/crypto/bytestring/ber.c \
third_party/boringssl/crypto/bytestring/cbb.c \
third_party/boringssl/crypto/bytestring/cbs.c \
@ -339,6 +341,7 @@ if test "$PHP_GRPC" != "no"; then
third_party/boringssl/crypto/cpu-intel.c \
third_party/boringssl/crypto/crypto.c \
third_party/boringssl/crypto/curve25519/curve25519.c \
third_party/boringssl/crypto/curve25519/x25519-x86_64.c \
third_party/boringssl/crypto/des/des.c \
third_party/boringssl/crypto/dh/check.c \
third_party/boringssl/crypto/dh/dh.c \
@ -530,6 +533,7 @@ if test "$PHP_GRPC" != "no"; then
third_party/boringssl/ssl/ssl_buffer.c \
third_party/boringssl/ssl/ssl_cert.c \
third_party/boringssl/ssl/ssl_cipher.c \
third_party/boringssl/ssl/ssl_ecdh.c \
third_party/boringssl/ssl/ssl_file.c \
third_party/boringssl/ssl/ssl_lib.c \
third_party/boringssl/ssl/ssl_rsa.c \

@ -277,6 +277,7 @@ Pod::Spec.new do |s|
'src/core/ext/client_config/lb_policy.h',
'src/core/ext/client_config/lb_policy_factory.h',
'src/core/ext/client_config/lb_policy_registry.h',
'src/core/ext/client_config/parse_address.h',
'src/core/ext/client_config/resolver.h',
'src/core/ext/client_config/resolver_factory.h',
'src/core/ext/client_config/resolver_registry.h',
@ -322,6 +323,7 @@ Pod::Spec.new do |s|
'include/grpc/impl/codegen/sync_win32.h',
'include/grpc/impl/codegen/time.h',
'include/grpc/grpc_security.h',
'include/grpc/grpc_security_constants.h',
'include/grpc/census.h',
'src/core/lib/channel/channel_args.c',
'src/core/lib/channel/channel_stack.c',
@ -459,6 +461,7 @@ Pod::Spec.new do |s|
'src/core/ext/client_config/lb_policy.c',
'src/core/ext/client_config/lb_policy_factory.c',
'src/core/ext/client_config/lb_policy_registry.c',
'src/core/ext/client_config/parse_address.c',
'src/core/ext/client_config/resolver.c',
'src/core/ext/client_config/resolver_factory.c',
'src/core/ext/client_config/resolver_registry.c',
@ -616,6 +619,7 @@ Pod::Spec.new do |s|
'src/core/ext/client_config/lb_policy.h',
'src/core/ext/client_config/lb_policy_factory.h',
'src/core/ext/client_config/lb_policy_registry.h',
'src/core/ext/client_config/parse_address.h',
'src/core/ext/client_config/resolver.h',
'src/core/ext/client_config/resolver_factory.h',
'src/core/ext/client_config/resolver_registry.h',

@ -114,6 +114,7 @@ EXPORTS
grpc_secure_channel_create
grpc_server_credentials_release
grpc_ssl_server_credentials_create
grpc_ssl_server_credentials_create_ex
grpc_server_add_secure_http2_port
grpc_call_set_credentials
grpc_server_credentials_set_auth_metadata_processor
@ -136,6 +137,8 @@ EXPORTS
grpc_raw_byte_buffer_from_reader
gpr_log
gpr_log_message
gpr_set_log_verbosity
gpr_log_verbosity_init
gpr_set_log_function
gpr_slice_ref
gpr_slice_unref

@ -35,6 +35,7 @@ Gem::Specification.new do |s|
s.add_dependency 'googleauth', '~> 0.5.1'
s.add_development_dependency 'bundler', '~> 1.9'
s.add_development_dependency 'facter', '~> 2.4'
s.add_development_dependency 'logging', '~> 2.0'
s.add_development_dependency 'simplecov', '~> 0.9'
s.add_development_dependency 'rake', '~> 10.4'
@ -170,6 +171,7 @@ Gem::Specification.new do |s|
s.files += %w( include/grpc/impl/codegen/sync_win32.h )
s.files += %w( include/grpc/impl/codegen/time.h )
s.files += %w( include/grpc/grpc_security.h )
s.files += %w( include/grpc/grpc_security_constants.h )
s.files += %w( include/grpc/census.h )
s.files += %w( src/core/lib/channel/channel_args.h )
s.files += %w( src/core/lib/channel/channel_stack.h )
@ -287,6 +289,7 @@ Gem::Specification.new do |s|
s.files += %w( src/core/ext/client_config/lb_policy.h )
s.files += %w( src/core/ext/client_config/lb_policy_factory.h )
s.files += %w( src/core/ext/client_config/lb_policy_registry.h )
s.files += %w( src/core/ext/client_config/parse_address.h )
s.files += %w( src/core/ext/client_config/resolver.h )
s.files += %w( src/core/ext/client_config/resolver_factory.h )
s.files += %w( src/core/ext/client_config/resolver_registry.h )
@ -442,6 +445,7 @@ Gem::Specification.new do |s|
s.files += %w( src/core/ext/client_config/lb_policy.c )
s.files += %w( src/core/ext/client_config/lb_policy_factory.c )
s.files += %w( src/core/ext/client_config/lb_policy_registry.c )
s.files += %w( src/core/ext/client_config/parse_address.c )
s.files += %w( src/core/ext/client_config/resolver.c )
s.files += %w( src/core/ext/client_config/resolver_factory.c )
s.files += %w( src/core/ext/client_config/resolver_registry.c )
@ -479,12 +483,12 @@ Gem::Specification.new do |s|
s.files += %w( third_party/boringssl/crypto/cipher/internal.h )
s.files += %w( third_party/boringssl/crypto/conf/conf_def.h )
s.files += %w( third_party/boringssl/crypto/conf/internal.h )
s.files += %w( third_party/boringssl/crypto/curve25519/internal.h )
s.files += %w( third_party/boringssl/crypto/des/internal.h )
s.files += %w( third_party/boringssl/crypto/dh/internal.h )
s.files += %w( third_party/boringssl/crypto/digest/internal.h )
s.files += %w( third_party/boringssl/crypto/digest/md32_common.h )
s.files += %w( third_party/boringssl/crypto/directory.h )
s.files += %w( third_party/boringssl/crypto/dsa/internal.h )
s.files += %w( third_party/boringssl/crypto/ec/internal.h )
s.files += %w( third_party/boringssl/crypto/ec/p256-x86_64-table.h )
s.files += %w( third_party/boringssl/crypto/evp/internal.h )
@ -649,6 +653,7 @@ Gem::Specification.new do |s|
s.files += %w( third_party/boringssl/crypto/bn/shift.c )
s.files += %w( third_party/boringssl/crypto/bn/sqrt.c )
s.files += %w( third_party/boringssl/crypto/buf/buf.c )
s.files += %w( third_party/boringssl/crypto/bytestring/asn1_compat.c )
s.files += %w( third_party/boringssl/crypto/bytestring/ber.c )
s.files += %w( third_party/boringssl/crypto/bytestring/cbb.c )
s.files += %w( third_party/boringssl/crypto/bytestring/cbs.c )
@ -672,6 +677,7 @@ Gem::Specification.new do |s|
s.files += %w( third_party/boringssl/crypto/cpu-intel.c )
s.files += %w( third_party/boringssl/crypto/crypto.c )
s.files += %w( third_party/boringssl/crypto/curve25519/curve25519.c )
s.files += %w( third_party/boringssl/crypto/curve25519/x25519-x86_64.c )
s.files += %w( third_party/boringssl/crypto/des/des.c )
s.files += %w( third_party/boringssl/crypto/dh/check.c )
s.files += %w( third_party/boringssl/crypto/dh/dh.c )
@ -863,6 +869,7 @@ Gem::Specification.new do |s|
s.files += %w( third_party/boringssl/ssl/ssl_buffer.c )
s.files += %w( third_party/boringssl/ssl/ssl_cert.c )
s.files += %w( third_party/boringssl/ssl/ssl_cipher.c )
s.files += %w( third_party/boringssl/ssl/ssl_ecdh.c )
s.files += %w( third_party/boringssl/ssl/ssl_file.c )
s.files += %w( third_party/boringssl/ssl/ssl_lib.c )
s.files += %w( third_party/boringssl/ssl/ssl_rsa.c )

@ -39,6 +39,7 @@
#include <grpc++/security/auth_metadata_processor.h>
#include <grpc++/support/config.h>
#include <grpc/grpc_security_constants.h>
struct grpc_server;
@ -69,7 +70,13 @@ class ServerCredentials {
/// Options to create ServerCredentials with SSL
struct SslServerCredentialsOptions {
SslServerCredentialsOptions() : force_client_auth(false) {}
// Deprecated
SslServerCredentialsOptions()
: force_client_auth(false),
client_certificate_request(GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE) {}
SslServerCredentialsOptions(
grpc_ssl_client_certificate_request_type request_type)
: force_client_auth(false), client_certificate_request(request_type) {}
struct PemKeyCertPair {
grpc::string private_key;
@ -77,7 +84,13 @@ struct SslServerCredentialsOptions {
};
grpc::string pem_root_certs;
std::vector<PemKeyCertPair> pem_key_cert_pairs;
// Deprecated
bool force_client_auth;
// If both force_client_auth and client_certificate_request fields are set,
// force_client_auth takes effect i.e
// REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY will be enforced.
grpc_ssl_client_certificate_request_type client_certificate_request;
};
/// Builds SSL ServerCredentials given SSL specific options

@ -35,6 +35,7 @@
#define GRPC_GRPC_SECURITY_H
#include <grpc/grpc.h>
#include <grpc/grpc_security_constants.h>
#include <grpc/status.h>
#ifdef __cplusplus
@ -43,13 +44,6 @@ extern "C" {
/* --- Authentication Context. --- */
#define GRPC_TRANSPORT_SECURITY_TYPE_PROPERTY_NAME "transport_security_type"
#define GRPC_SSL_TRANSPORT_SECURITY_TYPE "ssl"
#define GRPC_X509_CN_PROPERTY_NAME "x509_common_name"
#define GRPC_X509_SAN_PROPERTY_NAME "x509_subject_alternative_name"
#define GRPC_X509_PEM_CERT_PROPERTY_NAME "x509_pem_cert"
typedef struct grpc_auth_context grpc_auth_context;
typedef struct grpc_auth_property_iterator {
@ -130,29 +124,11 @@ typedef struct grpc_channel_credentials grpc_channel_credentials;
The creator of the credentials object is responsible for its release. */
GRPCAPI void grpc_channel_credentials_release(grpc_channel_credentials *creds);
/* Environment variable that points to the google default application
credentials json key or refresh token. Used in the
grpc_google_default_credentials_create function. */
#define GRPC_GOOGLE_CREDENTIALS_ENV_VAR "GOOGLE_APPLICATION_CREDENTIALS"
/* Creates default credentials to connect to a google gRPC service.
WARNING: Do NOT use this credentials to connect to a non-google service as
this could result in an oauth2 token leak. */
GRPCAPI grpc_channel_credentials *grpc_google_default_credentials_create(void);
/* Environment variable that points to the default SSL roots file. This file
must be a PEM encoded file with all the roots such as the one that can be
downloaded from https://pki.google.com/roots.pem. */
#define GRPC_DEFAULT_SSL_ROOTS_FILE_PATH_ENV_VAR \
"GRPC_DEFAULT_SSL_ROOTS_FILE_PATH"
/* Results for the SSL roots override callback. */
typedef enum {
GRPC_SSL_ROOTS_OVERRIDE_OK,
GRPC_SSL_ROOTS_OVERRIDE_FAIL_PERMANENTLY, /* Do not try fallback options. */
GRPC_SSL_ROOTS_OVERRIDE_FAIL
} grpc_ssl_roots_override_result;
/* Callback for getting the SSL roots override from the application.
In case of success, *pem_roots_certs must be set to a NULL terminated string
containing the list of PEM encoded root certificates. The ownership is passed
@ -334,7 +310,8 @@ typedef struct grpc_server_credentials grpc_server_credentials;
*/
GRPCAPI void grpc_server_credentials_release(grpc_server_credentials *creds);
/* Creates an SSL server_credentials object.
/* Deprecated in favor of grpc_ssl_server_credentials_create_ex.
Creates an SSL server_credentials object.
- pem_roots_cert is the NULL-terminated string containing the PEM encoding of
the client root certificates. This parameter may be NULL if the server does
not want the client to be authenticated with SSL.
@ -349,6 +326,15 @@ GRPCAPI grpc_server_credentials *grpc_ssl_server_credentials_create(
const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs,
size_t num_key_cert_pairs, int force_client_auth, void *reserved);
/* Same as grpc_ssl_server_credentials_create method except uses
grpc_ssl_client_certificate_request_type enum to support more ways to
authenticate client cerificates.*/
GRPCAPI grpc_server_credentials *grpc_ssl_server_credentials_create_ex(
const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs,
size_t num_key_cert_pairs,
grpc_ssl_client_certificate_request_type client_certificate_request,
void *reserved);
/* --- Server-side secure ports. --- */
/* Add a HTTP2 over an encrypted link over tcp listener.

@ -0,0 +1,114 @@
/*
*
* Copyright 2016, Google Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are
* met:
*
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following disclaimer
* in the documentation and/or other materials provided with the
* distribution.
* * Neither the name of Google Inc. nor the names of its
* contributors may be used to endorse or promote products derived from
* this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef GRPC_GRPC_SECURITY_CONSTANTS_H
#define GRPC_GRPC_SECURITY_CONSTANTS_H
#ifdef __cplusplus
extern "C" {
#endif
#define GRPC_TRANSPORT_SECURITY_TYPE_PROPERTY_NAME "transport_security_type"
#define GRPC_SSL_TRANSPORT_SECURITY_TYPE "ssl"
#define GRPC_X509_CN_PROPERTY_NAME "x509_common_name"
#define GRPC_X509_SAN_PROPERTY_NAME "x509_subject_alternative_name"
#define GRPC_X509_PEM_CERT_PROPERTY_NAME "x509_pem_cert"
/* Environment variable that points to the default SSL roots file. This file
must be a PEM encoded file with all the roots such as the one that can be
downloaded from https://pki.google.com/roots.pem. */
#define GRPC_DEFAULT_SSL_ROOTS_FILE_PATH_ENV_VAR \
"GRPC_DEFAULT_SSL_ROOTS_FILE_PATH"
/* Environment variable that points to the google default application
credentials json key or refresh token. Used in the
grpc_google_default_credentials_create function. */
#define GRPC_GOOGLE_CREDENTIALS_ENV_VAR "GOOGLE_APPLICATION_CREDENTIALS"
/* Results for the SSL roots override callback. */
typedef enum {
GRPC_SSL_ROOTS_OVERRIDE_OK,
GRPC_SSL_ROOTS_OVERRIDE_FAIL_PERMANENTLY, /* Do not try fallback options. */
GRPC_SSL_ROOTS_OVERRIDE_FAIL
} grpc_ssl_roots_override_result;
typedef enum {
/* Server does not request client certificate. A client can present a self
signed or signed certificates if it wishes to do so and they would be
accepted. */
GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE,
/* Server requests client certificate but does not enforce that the client
presents a certificate.
If the client presents a certificate, the client authentication is left to
the application based on the metadata like certificate etc.
The key cert pair should still be valid for the SSL connection to be
established. */
GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY,
/* Server requests client certificate but does not enforce that the client
presents a certificate.
If the client presents a certificate, the client authentication is done by
grpc framework (The client needs to either present a signed cert or skip no
certificate for a successful connection).
The key cert pair should still be valid for the SSL connection to be
established. */
GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY,
/* Server requests client certificate but enforces that the client presents a
certificate.
If the client presents a certificate, the client authentication is left to
the application based on the metadata like certificate etc.
The key cert pair should still be valid for the SSL connection to be
established. */
GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY,
/* Server requests client certificate but enforces that the client presents a
certificate.
The cerificate presented by the client is verified by grpc framework (The
client needs to present signed certs for a successful connection).
The key cert pair should still be valid for the SSL connection to be
established. */
GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY
} grpc_ssl_client_certificate_request_type;
#ifdef __cplusplus
}
#endif
#endif /* GRPC_GRPC_SECURITY_CONSTANTS_H */

@ -61,6 +61,8 @@ typedef enum gpr_log_severity {
GPR_LOG_SEVERITY_ERROR
} gpr_log_severity;
#define GPR_LOG_VERBOSITY_UNSET -1
/* Returns a string representation of the log severity */
const char *gpr_log_severity_string(gpr_log_severity severity);
@ -77,6 +79,11 @@ GPRAPI void gpr_log(const char *file, int line, gpr_log_severity severity,
GPRAPI void gpr_log_message(const char *file, int line,
gpr_log_severity severity, const char *message);
/* Set global log verbosity */
GPRAPI void gpr_set_log_verbosity(gpr_log_severity min_severity_to_print);
GPRAPI void gpr_log_verbosity_init();
/* Log overrides: applications can use this API to intercept logging calls
and use their own implementations */

@ -34,6 +34,8 @@
#ifndef GRPC_SUPPORT_STRING_UTIL_H
#define GRPC_SUPPORT_STRING_UTIL_H
#include <grpc/support/port_platform.h>
#ifdef __cplusplus
extern "C" {
#endif

@ -174,6 +174,7 @@
<file baseinstalldir="/" name="include/grpc/impl/codegen/sync_win32.h" role="src" />
<file baseinstalldir="/" name="include/grpc/impl/codegen/time.h" role="src" />
<file baseinstalldir="/" name="include/grpc/grpc_security.h" role="src" />
<file baseinstalldir="/" name="include/grpc/grpc_security_constants.h" role="src" />
<file baseinstalldir="/" name="include/grpc/census.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/channel/channel_args.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/channel/channel_stack.h" role="src" />
@ -291,6 +292,7 @@
<file baseinstalldir="/" name="src/core/ext/client_config/lb_policy.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/client_config/lb_policy_factory.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/client_config/lb_policy_registry.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/client_config/parse_address.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/client_config/resolver.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/client_config/resolver_factory.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/client_config/resolver_registry.h" role="src" />
@ -446,6 +448,7 @@
<file baseinstalldir="/" name="src/core/ext/client_config/lb_policy.c" role="src" />
<file baseinstalldir="/" name="src/core/ext/client_config/lb_policy_factory.c" role="src" />
<file baseinstalldir="/" name="src/core/ext/client_config/lb_policy_registry.c" role="src" />
<file baseinstalldir="/" name="src/core/ext/client_config/parse_address.c" role="src" />
<file baseinstalldir="/" name="src/core/ext/client_config/resolver.c" role="src" />
<file baseinstalldir="/" name="src/core/ext/client_config/resolver_factory.c" role="src" />
<file baseinstalldir="/" name="src/core/ext/client_config/resolver_registry.c" role="src" />
@ -483,12 +486,12 @@
<file baseinstalldir="/" name="third_party/boringssl/crypto/cipher/internal.h" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/conf/conf_def.h" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/conf/internal.h" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/curve25519/internal.h" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/des/internal.h" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/dh/internal.h" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/digest/internal.h" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/digest/md32_common.h" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/directory.h" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/dsa/internal.h" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/ec/internal.h" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/ec/p256-x86_64-table.h" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/evp/internal.h" role="src" />
@ -653,6 +656,7 @@
<file baseinstalldir="/" name="third_party/boringssl/crypto/bn/shift.c" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/bn/sqrt.c" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/buf/buf.c" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/bytestring/asn1_compat.c" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/bytestring/ber.c" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/bytestring/cbb.c" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/bytestring/cbs.c" role="src" />
@ -676,6 +680,7 @@
<file baseinstalldir="/" name="third_party/boringssl/crypto/cpu-intel.c" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/crypto.c" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/curve25519/curve25519.c" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/curve25519/x25519-x86_64.c" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/des/des.c" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/dh/check.c" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/crypto/dh/dh.c" role="src" />
@ -867,6 +872,7 @@
<file baseinstalldir="/" name="third_party/boringssl/ssl/ssl_buffer.c" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/ssl/ssl_cert.c" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/ssl/ssl_cipher.c" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/ssl/ssl_ecdh.c" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/ssl/ssl_file.c" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/ssl/ssl_lib.c" role="src" />
<file baseinstalldir="/" name="third_party/boringssl/ssl/ssl_rsa.c" role="src" />

@ -54,30 +54,30 @@ OPENSSL_COMPILE_ASSERT(ERR_LIB_USER == 32, library_values_changed_32);
OPENSSL_COMPILE_ASSERT(ERR_NUM_LIBS == 33, library_values_changed_num);
const uint32_t kOpenSSLReasonValues[] = {
0xc3207ba,
0xc3287d4,
0xc3307e3,
0xc3387f3,
0xc340802,
0xc34881b,
0xc350827,
0xc358844,
0xc360856,
0xc368864,
0xc370874,
0xc378881,
0xc380891,
0xc38889c,
0xc3908b2,
0xc3988c1,
0xc3a08d5,
0xc3a87c7,
0xc3207ab,
0xc3287c5,
0xc3307d4,
0xc3387e4,
0xc3407f3,
0xc34880c,
0xc350818,
0xc358835,
0xc360847,
0xc368855,
0xc370865,
0xc378872,
0xc380882,
0xc38888d,
0xc3908a3,
0xc3988b2,
0xc3a08c6,
0xc3a87b8,
0xc3b00b0,
0x10321478,
0x10329484,
0x1033149d,
0x103394b0,
0x10340de1,
0x10321484,
0x10329490,
0x103314a9,
0x103394bc,
0x10340ded,
0x103494cf,
0x103514e4,
0x10359516,
@ -97,7 +97,7 @@ const uint32_t kOpenSSLReasonValues[] = {
0x103c9658,
0x103d166f,
0x103d9682,
0x103e0b6c,
0x103e0b5d,
0x103e96b3,
0x103f16c6,
0x103f96e0,
@ -108,87 +108,91 @@ const uint32_t kOpenSSLReasonValues[] = {
0x10421747,
0x1042975b,
0x1043176d,
0x104385d0,
0x104408c1,
0x104385c1,
0x104408b2,
0x10449782,
0x10451799,
0x104597ae,
0x104617bc,
0x10469695,
0x104714f7,
0x104787c7,
0x104787b8,
0x104800b0,
0x104894c3,
0x14320b4f,
0x14328b5d,
0x14330b6c,
0x14338b7e,
0x10488b8c,
0x14320b40,
0x14328b4e,
0x14330b5d,
0x14338b6f,
0x18320083,
0x18328e47,
0x18340e75,
0x18348e89,
0x18358ec0,
0x18368eed,
0x18370f00,
0x18378f14,
0x18380f38,
0x18388f46,
0x18390f5c,
0x18398f70,
0x183a0f80,
0x183b0f90,
0x183b8fa5,
0x183c8fd0,
0x183d0fe4,
0x183d8ff4,
0x183e0b9b,
0x183e9001,
0x183f1013,
0x183f901e,
0x1840102e,
0x1840903f,
0x18411050,
0x18419062,
0x1842108b,
0x184290bd,
0x184310cc,
0x18451135,
0x1845914b,
0x18461166,
0x18468ed8,
0x184709d9,
0x18328e53,
0x18340e81,
0x18348e95,
0x18358ecc,
0x18368ef9,
0x18370f0c,
0x18378f20,
0x18380f44,
0x18388f52,
0x18390f68,
0x18398f7c,
0x183a0f8c,
0x183b0f9c,
0x183b8fb1,
0x183c8fdc,
0x183d0ff0,
0x183d9000,
0x183e0b98,
0x183e900d,
0x183f101f,
0x183f902a,
0x1840103a,
0x1840904b,
0x1841105c,
0x1841906e,
0x18421097,
0x184290c9,
0x184310d8,
0x18451141,
0x18459157,
0x18461172,
0x18468ee4,
0x184709ca,
0x18478094,
0x18480fbc,
0x18489101,
0x18490e5d,
0x18498e9e,
0x184a119c,
0x184a9119,
0x184b10e0,
0x184b8e37,
0x184c10a4,
0x184c866b,
0x184d1181,
0x203211c3,
0x243211cf,
0x24328907,
0x243311e1,
0x243391ee,
0x243411fb,
0x2434920d,
0x2435121c,
0x24359239,
0x24361246,
0x24369254,
0x24371262,
0x24379270,
0x24381279,
0x24389286,
0x24391299,
0x28320b8f,
0x28328b9b,
0x28330b6c,
0x28338bae,
0x18480fc8,
0x1848910d,
0x18490e69,
0x18498eaa,
0x184a11a8,
0x184a9125,
0x184b10ec,
0x184b8e43,
0x184c10b0,
0x184c865c,
0x184d118d,
0x184d80b0,
0x203211cf,
0x243211db,
0x243288f8,
0x243311ed,
0x243391fa,
0x24341207,
0x24349219,
0x24351228,
0x24359245,
0x24361252,
0x24369260,
0x2437126e,
0x2437927c,
0x24381285,
0x24389292,
0x243912a5,
0x28320b80,
0x28328b98,
0x28330b5d,
0x28338bab,
0x28340b8c,
0x28348094,
0x283500b0,
0x2c32281d,
0x2c32a82b,
0x2c33283d,
@ -207,7 +211,7 @@ const uint32_t kOpenSSLReasonValues[] = {
0x2c39a917,
0x2c3a292b,
0x2c3aa93c,
0x2c3b1359,
0x2c3b1365,
0x2c3ba94d,
0x2c3c2961,
0x2c3ca977,
@ -219,12 +223,12 @@ const uint32_t kOpenSSLReasonValues[] = {
0x2c3faa09,
0x2c402a2c,
0x2c40aa4b,
0x2c4111c3,
0x2c4111cf,
0x2c41aa5c,
0x2c422a6f,
0x2c429135,
0x2c429141,
0x2c432a80,
0x2c4386a2,
0x2c438693,
0x2c4429ad,
0x30320000,
0x30328015,
@ -277,77 +281,79 @@ const uint32_t kOpenSSLReasonValues[] = {
0x304a03b4,
0x304a83c7,
0x304b03d2,
0x304b83e1,
0x304c03f2,
0x304c83fe,
0x304d0414,
0x304d8422,
0x304e0438,
0x304e844a,
0x304f045c,
0x304f846f,
0x30500482,
0x30508493,
0x305104a3,
0x305184bb,
0x305204d0,
0x305284e8,
0x305304fc,
0x30538514,
0x3054052d,
0x30548546,
0x30550563,
0x3055856e,
0x30560586,
0x30568596,
0x305705a7,
0x305785ba,
0x305805d0,
0x305885d9,
0x305905ee,
0x304b83e3,
0x304c03ef,
0x304c8405,
0x304d0413,
0x304d8429,
0x304e043b,
0x304e844d,
0x304f0460,
0x304f8473,
0x30500484,
0x30508494,
0x305104ac,
0x305184c1,
0x305204d9,
0x305284ed,
0x30530505,
0x3053851e,
0x30540537,
0x30548554,
0x3055055f,
0x30558577,
0x30560587,
0x30568598,
0x305705ab,
0x305785c1,
0x305805ca,
0x305885df,
0x305905f2,
0x30598601,
0x305a0610,
0x305a0621,
0x305a8630,
0x305b063f,
0x305b864b,
0x305c066b,
0x305c8687,
0x305d0698,
0x305d86a2,
0x34320ac9,
0x34328add,
0x34330afa,
0x34338b0d,
0x34340b1c,
0x34348b39,
0x305b063c,
0x305b865c,
0x305c0678,
0x305c8689,
0x305d0693,
0x34320aba,
0x34328ace,
0x34330aeb,
0x34338afe,
0x34340b0d,
0x34348b2a,
0x3c320083,
0x3c328bd8,
0x3c330bf1,
0x3c338c0c,
0x3c340c29,
0x3c348c44,
0x3c350c5f,
0x3c358c74,
0x3c360c8d,
0x3c368ca5,
0x3c370cb6,
0x3c378cc4,
0x3c380cd1,
0x3c388ce5,
0x3c390b9b,
0x3c398cf9,
0x3c3a0d0d,
0x3c3a8881,
0x3c3b0d1d,
0x3c3b8d38,
0x3c3c0d4a,
0x3c3c8d60,
0x3c3d0d6a,
0x3c3d8d7e,
0x3c3e0d8c,
0x3c3e8db1,
0x3c3f0bc4,
0x3c3f8d9a,
0x3c328bd5,
0x3c330bee,
0x3c338c09,
0x3c340c26,
0x3c348c50,
0x3c350c6b,
0x3c358c80,
0x3c360c99,
0x3c368cb1,
0x3c370cc2,
0x3c378cd0,
0x3c380cdd,
0x3c388cf1,
0x3c390b98,
0x3c398d05,
0x3c3a0d19,
0x3c3a8872,
0x3c3b0d29,
0x3c3b8d44,
0x3c3c0d56,
0x3c3c8d6c,
0x3c3d0d76,
0x3c3d8d8a,
0x3c3e0d98,
0x3c3e8dbd,
0x3c3f0bc1,
0x3c3f8da6,
0x3c400094,
0x3c4080b0,
0x3c410c41,
0x403217d3,
0x403297e9,
0x40331817,
@ -362,7 +368,7 @@ const uint32_t kOpenSSLReasonValues[] = {
0x403798b8,
0x403818c3,
0x403898d5,
0x40390de1,
0x40390ded,
0x403998e5,
0x403a18f8,
0x403a9919,
@ -437,7 +443,7 @@ const uint32_t kOpenSSLReasonValues[] = {
0x405d1e9e,
0x405d9eb5,
0x405e1ed5,
0x405e8a17,
0x405e8a08,
0x405f1ef6,
0x405f9f03,
0x40601f11,
@ -474,18 +480,18 @@ const uint32_t kOpenSSLReasonValues[] = {
0x406fa60d,
0x40702620,
0x4070a63d,
0x40710782,
0x40710773,
0x4071a64f,
0x40722662,
0x4072a67b,
0x40732693,
0x407390bd,
0x407390c9,
0x407426a7,
0x4074a6c1,
0x407526d2,
0x4075a6e6,
0x407626f4,
0x40769286,
0x40769292,
0x40772719,
0x4077a73b,
0x40782756,
@ -528,48 +534,48 @@ const uint32_t kOpenSSLReasonValues[] = {
0x422c251d,
0x422ca4d8,
0x422d24b7,
0x443206ad,
0x443286bc,
0x443306c8,
0x443386d6,
0x443406e9,
0x443486fa,
0x44350701,
0x4435870b,
0x4436071e,
0x44368734,
0x44370746,
0x44378753,
0x44380762,
0x4438876a,
0x44390782,
0x44398790,
0x443a07a3,
0x4c3212b0,
0x4c3292c0,
0x4c3312d3,
0x4c3392f3,
0x4432069e,
0x443286ad,
0x443306b9,
0x443386c7,
0x443406da,
0x443486eb,
0x443506f2,
0x443586fc,
0x4436070f,
0x44368725,
0x44370737,
0x44378744,
0x44380753,
0x4438875b,
0x44390773,
0x44398781,
0x443a0794,
0x4c3212bc,
0x4c3292cc,
0x4c3312df,
0x4c3392ff,
0x4c340094,
0x4c3480b0,
0x4c3512ff,
0x4c35930d,
0x4c361329,
0x4c36933c,
0x4c37134b,
0x4c379359,
0x4c38136e,
0x4c38937a,
0x4c39139a,
0x4c3993c4,
0x4c3a13dd,
0x4c3a93f6,
0x4c3b05d0,
0x4c3b940f,
0x4c3c1421,
0x4c3c9430,
0x4c3d10bd,
0x4c3d9449,
0x4c3e1456,
0x4c35130b,
0x4c359319,
0x4c361335,
0x4c369348,
0x4c371357,
0x4c379365,
0x4c38137a,
0x4c389386,
0x4c3913a6,
0x4c3993d0,
0x4c3a13e9,
0x4c3a9402,
0x4c3b05c1,
0x4c3b941b,
0x4c3c142d,
0x4c3c943c,
0x4c3d10c9,
0x4c3d9455,
0x4c3e1462,
0x50322a92,
0x5032aaa1,
0x50332aac,
@ -607,7 +613,7 @@ const uint32_t kOpenSSLReasonValues[] = {
0x50432d43,
0x5043ad53,
0x50442d62,
0x50448414,
0x50448405,
0x50452d76,
0x5045ad94,
0x50462da7,
@ -631,45 +637,45 @@ const uint32_t kOpenSSLReasonValues[] = {
0x504f2f62,
0x504faf79,
0x50502f88,
0x50508687,
0x50508678,
0x50512f9b,
0x58320e1f,
0x68320de1,
0x68328b9b,
0x68330bae,
0x68338def,
0x68340dff,
0x58320e2b,
0x68320ded,
0x68328b98,
0x68330bab,
0x68338dfb,
0x68340e0b,
0x683480b0,
0x6c320dbd,
0x6c328b7e,
0x6c330dc8,
0x7432098d,
0x783208f2,
0x78328907,
0x78330913,
0x6c320dc9,
0x6c328b6f,
0x6c330dd4,
0x7432097e,
0x783208e3,
0x783288f8,
0x78330904,
0x78338083,
0x78340922,
0x78348937,
0x78350956,
0x78358978,
0x7836098d,
0x783689a3,
0x783709b3,
0x783789c6,
0x783809d9,
0x783889eb,
0x783909f8,
0x78398a17,
0x783a0a2c,
0x783a8a3a,
0x783b0a44,
0x783b8a58,
0x783c0a6f,
0x783c8a84,
0x783d0a9b,
0x783d8ab0,
0x783e0a06,
0x7c3211b2,
0x78340913,
0x78348928,
0x78350947,
0x78358969,
0x7836097e,
0x78368994,
0x783709a4,
0x783789b7,
0x783809ca,
0x783889dc,
0x783909e9,
0x78398a08,
0x783a0a1d,
0x783a8a2b,
0x783b0a35,
0x783b8a49,
0x783c0a60,
0x783c8a75,
0x783d0a8c,
0x783d8aa1,
0x783e09f7,
0x7c3211be,
};
const size_t kOpenSSLReasonValuesLen = sizeof(kOpenSSLReasonValues) / sizeof(kOpenSSLReasonValues[0]);
@ -725,7 +731,6 @@ const char kOpenSSLReasonStringData[] =
"INVALID_UNIVERSALSTRING_LENGTH\0"
"INVALID_UTF8STRING\0"
"LIST_ERROR\0"
"MALLOC_FAILURE\0"
"MISSING_ASN1_EOS\0"
"MISSING_EOC\0"
"MISSING_SECOND_NUMBER\0"
@ -833,6 +838,7 @@ const char kOpenSSLReasonStringData[] =
"MODULUS_TOO_LARGE\0"
"NO_PRIVATE_VALUE\0"
"BAD_Q_VALUE\0"
"BAD_VERSION\0"
"MISSING_PARAMETERS\0"
"NEED_NEW_SETUP_VALUES\0"
"BIGNUM_OUT_OF_RANGE\0"
@ -840,6 +846,7 @@ const char kOpenSSLReasonStringData[] =
"D2I_ECPKPARAMETERS_FAILURE\0"
"EC_GROUP_NEW_BY_NAME_FAILURE\0"
"GROUP2PKPARAMETERS_FAILURE\0"
"GROUP_MISMATCH\0"
"I2D_ECPKPARAMETERS_FAILURE\0"
"INCOMPATIBLE_OBJECTS\0"
"INVALID_COMPRESSED_POINT\0"
@ -948,7 +955,6 @@ const char kOpenSSLReasonStringData[] =
"BAD_FIXED_HEADER_DECRYPT\0"
"BAD_PAD_BYTE_COUNT\0"
"BAD_RSA_PARAMETERS\0"
"BAD_VERSION\0"
"BLOCK_TYPE_IS_NOT_01\0"
"BN_NOT_INITIALIZED\0"
"CANNOT_RECOVER_MULTI_PRIME_KEY\0"

@ -0,0 +1,137 @@
/*
*
* Copyright 2016, Google Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are
* met:
*
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following disclaimer
* in the documentation and/or other materials provided with the
* distribution.
* * Neither the name of Google Inc. nor the names of its
* contributors may be used to endorse or promote products derived from
* this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#include "src/core/ext/client_config/parse_address.h"
#include <stdio.h>
#include <string.h>
#ifdef GPR_HAVE_UNIX_SOCKET
#include <sys/un.h>
#endif
#include <grpc/support/alloc.h>
#include <grpc/support/host_port.h>
#include <grpc/support/log.h>
#include <grpc/support/string_util.h>
#ifdef GPR_HAVE_UNIX_SOCKET
int parse_unix(grpc_uri *uri, struct sockaddr_storage *addr, size_t *len) {
struct sockaddr_un *un = (struct sockaddr_un *)addr;
un->sun_family = AF_UNIX;
strcpy(un->sun_path, uri->path);
*len = strlen(un->sun_path) + sizeof(un->sun_family) + 1;
return 1;
}
#endif
int parse_ipv4(grpc_uri *uri, struct sockaddr_storage *addr, size_t *len) {
const char *host_port = uri->path;
char *host;
char *port;
int port_num;
int result = 0;
struct sockaddr_in *in = (struct sockaddr_in *)addr;
if (*host_port == '/') ++host_port;
if (!gpr_split_host_port(host_port, &host, &port)) {
return 0;
}
memset(in, 0, sizeof(*in));
*len = sizeof(*in);
in->sin_family = AF_INET;
if (inet_pton(AF_INET, host, &in->sin_addr) == 0) {
gpr_log(GPR_ERROR, "invalid ipv4 address: '%s'", host);
goto done;
}
if (port != NULL) {
if (sscanf(port, "%d", &port_num) != 1 || port_num < 0 ||
port_num > 65535) {
gpr_log(GPR_ERROR, "invalid ipv4 port: '%s'", port);
goto done;
}
in->sin_port = htons((uint16_t)port_num);
} else {
gpr_log(GPR_ERROR, "no port given for ipv4 scheme");
goto done;
}
result = 1;
done:
gpr_free(host);
gpr_free(port);
return result;
}
int parse_ipv6(grpc_uri *uri, struct sockaddr_storage *addr, size_t *len) {
const char *host_port = uri->path;
char *host;
char *port;
int port_num;
int result = 0;
struct sockaddr_in6 *in6 = (struct sockaddr_in6 *)addr;
if (*host_port == '/') ++host_port;
if (!gpr_split_host_port(host_port, &host, &port)) {
return 0;
}
memset(in6, 0, sizeof(*in6));
*len = sizeof(*in6);
in6->sin6_family = AF_INET6;
if (inet_pton(AF_INET6, host, &in6->sin6_addr) == 0) {
gpr_log(GPR_ERROR, "invalid ipv6 address: '%s'", host);
goto done;
}
if (port != NULL) {
if (sscanf(port, "%d", &port_num) != 1 || port_num < 0 ||
port_num > 65535) {
gpr_log(GPR_ERROR, "invalid ipv6 port: '%s'", port);
goto done;
}
in6->sin6_port = htons((uint16_t)port_num);
} else {
gpr_log(GPR_ERROR, "no port given for ipv6 scheme");
goto done;
}
result = 1;
done:
gpr_free(host);
gpr_free(port);
return result;
}

@ -0,0 +1,56 @@
/*
*
* Copyright 2015, Google Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are
* met:
*
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following disclaimer
* in the documentation and/or other materials provided with the
* distribution.
* * Neither the name of Google Inc. nor the names of its
* contributors may be used to endorse or promote products derived from
* this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef GRPC_CORE_EXT_CLIENT_CONFIG_PARSE_ADDRESS_H
#define GRPC_CORE_EXT_CLIENT_CONFIG_PARSE_ADDRESS_H
#include <stddef.h>
#include "src/core/ext/client_config/uri_parser.h"
#include "src/core/lib/iomgr/sockaddr.h"
#ifdef GPR_HAVE_UNIX_SOCKET
/** Populate \a addr and \a len from \a uri, whose path is expected to contain a
* unix socket path. Returns true upon success. */
int parse_unix(grpc_uri *uri, struct sockaddr_storage *addr, size_t *len);
#endif
/** Populate /a addr and \a len from \a uri, whose path is expected to contain a
* host:port pair. Returns true upon success. */
int parse_ipv4(grpc_uri *uri, struct sockaddr_storage *addr, size_t *len);
/** Populate /a addr and \a len from \a uri, whose path is expected to contain a
* host:port pair. Returns true upon success. */
int parse_ipv6(grpc_uri *uri, struct sockaddr_storage *addr, size_t *len);
#endif /* GRPC_CORE_EXT_CLIENT_CONFIG_PARSE_ADDRESS_H */

@ -109,7 +109,7 @@ static void pf_shutdown(grpc_exec_ctx *exec_ctx, grpc_lb_policy *pol) {
if (selected != NULL) {
grpc_connected_subchannel_notify_on_state_change(
exec_ctx, selected, NULL, NULL, &p->connectivity_changed);
} else {
} else if (p->num_subchannels > 0) {
grpc_subchannel_notify_on_state_change(
exec_ctx, p->subchannels[p->checking_subchannel], NULL, NULL,
&p->connectivity_changed);

@ -40,11 +40,8 @@
#include <grpc/support/port_platform.h>
#include <grpc/support/string_util.h>
#ifdef GPR_HAVE_UNIX_SOCKET
#include <sys/un.h>
#endif
#include "src/core/ext/client_config/lb_policy_registry.h"
#include "src/core/ext/client_config/parse_address.h"
#include "src/core/ext/client_config/resolver_registry.h"
#include "src/core/lib/iomgr/resolve_address.h"
#include "src/core/lib/iomgr/unix_sockets_posix.h"
@ -167,105 +164,12 @@ static char *ipv6_get_default_authority(grpc_resolver_factory *factory,
}
#ifdef GPR_HAVE_UNIX_SOCKET
static int parse_unix(grpc_uri *uri, struct sockaddr_storage *addr,
size_t *len) {
struct sockaddr_un *un = (struct sockaddr_un *)addr;
un->sun_family = AF_UNIX;
strcpy(un->sun_path, uri->path);
*len = strlen(un->sun_path) + sizeof(un->sun_family) + 1;
return 1;
}
char *unix_get_default_authority(grpc_resolver_factory *factory,
grpc_uri *uri) {
return gpr_strdup("localhost");
}
#endif
static int parse_ipv4(grpc_uri *uri, struct sockaddr_storage *addr,
size_t *len) {
const char *host_port = uri->path;
char *host;
char *port;
int port_num;
int result = 0;
struct sockaddr_in *in = (struct sockaddr_in *)addr;
if (*host_port == '/') ++host_port;
if (!gpr_split_host_port(host_port, &host, &port)) {
return 0;
}
memset(in, 0, sizeof(*in));
*len = sizeof(*in);
in->sin_family = AF_INET;
if (inet_pton(AF_INET, host, &in->sin_addr) == 0) {
gpr_log(GPR_ERROR, "invalid ipv4 address: '%s'", host);
goto done;
}
if (port != NULL) {
if (sscanf(port, "%d", &port_num) != 1 || port_num < 0 ||
port_num > 65535) {
gpr_log(GPR_ERROR, "invalid ipv4 port: '%s'", port);
goto done;
}
in->sin_port = htons((uint16_t)port_num);
} else {
gpr_log(GPR_ERROR, "no port given for ipv4 scheme");
goto done;
}
result = 1;
done:
gpr_free(host);
gpr_free(port);
return result;
}
static int parse_ipv6(grpc_uri *uri, struct sockaddr_storage *addr,
size_t *len) {
const char *host_port = uri->path;
char *host;
char *port;
int port_num;
int result = 0;
struct sockaddr_in6 *in6 = (struct sockaddr_in6 *)addr;
if (*host_port == '/') ++host_port;
if (!gpr_split_host_port(host_port, &host, &port)) {
return 0;
}
memset(in6, 0, sizeof(*in6));
*len = sizeof(*in6);
in6->sin6_family = AF_INET6;
if (inet_pton(AF_INET6, host, &in6->sin6_addr) == 0) {
gpr_log(GPR_ERROR, "invalid ipv6 address: '%s'", host);
goto done;
}
if (port != NULL) {
if (sscanf(port, "%d", &port_num) != 1 || port_num < 0 ||
port_num > 65535) {
gpr_log(GPR_ERROR, "invalid ipv6 port: '%s'", port);
goto done;
}
in6->sin6_port = htons((uint16_t)port_num);
} else {
gpr_log(GPR_ERROR, "no port given for ipv6 scheme");
goto done;
}
result = 1;
done:
gpr_free(host);
gpr_free(port);
return result;
}
static void do_nothing(void *ignored) {}
static grpc_resolver *sockaddr_create(

@ -638,6 +638,10 @@ static int on_hdr(grpc_chttp2_hpack_parser *p, grpc_mdelem *md,
return 0;
}
}
if (p->on_header == NULL) {
grpc_mdelem_unref(md);
return 0;
}
p->on_header(p->on_header_user_data, md);
return 1;
}
@ -1382,12 +1386,8 @@ static int parse_value_string_with_literal_key(grpc_chttp2_hpack_parser *p,
/* PUBLIC INTERFACE */
static void on_header_not_set(void *user_data, grpc_mdelem *md) {
GPR_UNREACHABLE_CODE(return );
}
void grpc_chttp2_hpack_parser_init(grpc_chttp2_hpack_parser *p) {
p->on_header = on_header_not_set;
p->on_header = NULL;
p->on_header_user_data = NULL;
p->state = parse_begin;
p->key.str = NULL;
@ -1455,7 +1455,7 @@ grpc_chttp2_parse_error grpc_chttp2_header_parser_parse(
stream_parsing->received_close = 1;
}
}
parser->on_header = on_header_not_set;
parser->on_header = NULL;
parser->on_header_user_data = NULL;
parser->is_boundary = 0xde;
parser->is_eof = 0xde;

@ -450,7 +450,7 @@ int grpc_tcp_server_add_port(grpc_tcp_server *s, const void *addr,
&sockname_len)) {
port = grpc_sockaddr_get_port((struct sockaddr *)&sockname_temp);
if (port > 0) {
allocated_addr = malloc(addr_len);
allocated_addr = gpr_malloc(addr_len);
memcpy(allocated_addr, addr, addr_len);
grpc_sockaddr_set_port(allocated_addr, port);
addr = allocated_addr;

@ -467,7 +467,7 @@ int grpc_tcp_server_add_port(grpc_tcp_server *s, const void *addr,
(struct sockaddr *)&sockname_temp, &sockname_len)) {
port = grpc_sockaddr_get_port((struct sockaddr *)&sockname_temp);
if (port > 0) {
allocated_addr = malloc(addr_len);
allocated_addr = gpr_malloc(addr_len);
memcpy(allocated_addr, addr, addr_len);
grpc_sockaddr_set_port(allocated_addr, port);
addr = allocated_addr;

@ -328,7 +328,7 @@ int grpc_udp_server_add_port(grpc_udp_server *s, const void *addr,
&sockname_len)) {
port = grpc_sockaddr_get_port((struct sockaddr *)&sockname_temp);
if (port > 0) {
allocated_addr = malloc(addr_len);
allocated_addr = gpr_malloc(addr_len);
memcpy(allocated_addr, addr, addr_len);
grpc_sockaddr_set_port(allocated_addr, port);
addr = allocated_addr;

@ -208,6 +208,7 @@ static void init_output() {
}
static void rotate_log() {
/* Using malloc here, as this code could end up being called by gpr_malloc */
gpr_timer_log *new = malloc(sizeof(*new));
gpr_once_init(&g_once_init, init_output);
new->num_entries = 0;

@ -338,10 +338,11 @@ static void ssl_build_config(const char *pem_root_certs,
static void ssl_build_server_config(
const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs,
size_t num_key_cert_pairs, int force_client_auth,
size_t num_key_cert_pairs,
grpc_ssl_client_certificate_request_type client_certificate_request,
grpc_ssl_server_config *config) {
size_t i;
config->force_client_auth = force_client_auth;
config->client_certificate_request = client_certificate_request;
if (pem_root_certs != NULL) {
ssl_copy_key_material(pem_root_certs, &config->pem_root_certs,
&config->pem_root_certs_size);
@ -391,21 +392,35 @@ grpc_channel_credentials *grpc_ssl_credentials_create(
grpc_server_credentials *grpc_ssl_server_credentials_create(
const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs,
size_t num_key_cert_pairs, int force_client_auth, void *reserved) {
return grpc_ssl_server_credentials_create_ex(
pem_root_certs, pem_key_cert_pairs, num_key_cert_pairs,
force_client_auth
? GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY
: GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE,
reserved);
}
grpc_server_credentials *grpc_ssl_server_credentials_create_ex(
const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs,
size_t num_key_cert_pairs,
grpc_ssl_client_certificate_request_type client_certificate_request,
void *reserved) {
grpc_ssl_server_credentials *c =
gpr_malloc(sizeof(grpc_ssl_server_credentials));
GRPC_API_TRACE(
"grpc_ssl_server_credentials_create("
"grpc_ssl_server_credentials_create_ex("
"pem_root_certs=%s, pem_key_cert_pairs=%p, num_key_cert_pairs=%lu, "
"force_client_auth=%d, reserved=%p)",
"client_certificate_request=%d, reserved=%p)",
5, (pem_root_certs, pem_key_cert_pairs, (unsigned long)num_key_cert_pairs,
force_client_auth, reserved));
client_certificate_request, reserved));
GPR_ASSERT(reserved == NULL);
memset(c, 0, sizeof(grpc_ssl_server_credentials));
c->base.type = GRPC_CHANNEL_CREDENTIALS_TYPE_SSL;
gpr_ref_init(&c->base.refcount, 1);
c->base.vtable = &ssl_server_vtable;
ssl_build_server_config(pem_root_certs, pem_key_cert_pairs,
num_key_cert_pairs, force_client_auth, &c->config);
num_key_cert_pairs, client_certificate_request,
&c->config);
return &c->base;
}

@ -668,6 +668,31 @@ gpr_slice grpc_get_default_ssl_roots_for_testing(void) {
return compute_default_pem_root_certs_once();
}
static tsi_client_certificate_request_type
get_tsi_client_certificate_request_type(
grpc_ssl_client_certificate_request_type grpc_request_type) {
switch (grpc_request_type) {
case GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE:
return TSI_DONT_REQUEST_CLIENT_CERTIFICATE;
case GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY:
return TSI_REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY;
case GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY:
return TSI_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY;
case GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY:
return TSI_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY;
case GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY:
return TSI_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY;
default:
// Is this a sane default
return TSI_DONT_REQUEST_CLIENT_CERTIFICATE;
}
}
size_t grpc_get_default_ssl_roots(const unsigned char **pem_root_certs) {
/* TODO(jboeuf@google.com): Maybe revisit the approach which consists in
loading all the roots once for the lifetime of the process. */
@ -782,15 +807,16 @@ grpc_security_status grpc_ssl_server_security_connector_create(
gpr_ref_init(&c->base.base.refcount, 1);
c->base.base.url_scheme = GRPC_SSL_URL_SCHEME;
c->base.base.vtable = &ssl_server_vtable;
result = tsi_create_ssl_server_handshaker_factory(
result = tsi_create_ssl_server_handshaker_factory_ex(
(const unsigned char **)config->pem_private_keys,
config->pem_private_keys_sizes,
(const unsigned char **)config->pem_cert_chains,
config->pem_cert_chains_sizes, config->num_key_cert_pairs,
config->pem_root_certs, config->pem_root_certs_size,
config->force_client_auth, ssl_cipher_suites(), alpn_protocol_strings,
alpn_protocol_string_lengths, (uint16_t)num_alpn_protocols,
&c->handshaker_factory);
get_tsi_client_certificate_request_type(
config->client_certificate_request),
ssl_cipher_suites(), alpn_protocol_strings, alpn_protocol_string_lengths,
(uint16_t)num_alpn_protocols, &c->handshaker_factory);
if (result != TSI_OK) {
gpr_log(GPR_ERROR, "Handshaker factory creation failed with %s.",
tsi_result_to_string(result));

@ -241,7 +241,7 @@ typedef struct {
size_t num_key_cert_pairs;
unsigned char *pem_root_certs;
size_t pem_root_certs_size;
int force_client_auth;
grpc_ssl_client_certificate_request_type client_certificate_request;
} grpc_ssl_server_config;
/* Creates an SSL server_security_connector.

@ -53,6 +53,7 @@ void gpr_set_allocation_functions(gpr_allocation_functions functions) {
void *gpr_malloc(size_t size) {
void *p;
if (size == 0) return NULL;
GPR_TIMER_BEGIN("gpr_malloc", 0);
p = g_alloc_functions.malloc_fn(size);
if (!p) {
@ -69,6 +70,7 @@ void gpr_free(void *p) {
}
void *gpr_realloc(void *p, size_t size) {
if ((size == 0) && (p == NULL)) return NULL;
GPR_TIMER_BEGIN("gpr_realloc", 0);
p = g_alloc_functions.realloc_fn(p, size);
if (!p) {

@ -31,14 +31,20 @@
*
*/
#include <grpc/support/alloc.h>
#include <grpc/support/atm.h>
#include <grpc/support/log.h>
#include <grpc/support/port_platform.h>
#include "src/core/lib/support/env.h"
#include "src/core/lib/support/string.h"
#include <stdio.h>
#include <string.h>
extern void gpr_default_log(gpr_log_func_args *args);
static gpr_log_func g_log_func = gpr_default_log;
static gpr_atm g_min_severity_to_print = GPR_LOG_VERBOSITY_UNSET;
const char *gpr_log_severity_string(gpr_log_severity severity) {
switch (severity) {
@ -54,6 +60,9 @@ const char *gpr_log_severity_string(gpr_log_severity severity) {
void gpr_log_message(const char *file, int line, gpr_log_severity severity,
const char *message) {
if ((gpr_atm)severity < gpr_atm_no_barrier_load(&g_min_severity_to_print))
return;
gpr_log_func_args lfargs;
memset(&lfargs, 0, sizeof(lfargs));
lfargs.file = file;
@ -63,4 +72,28 @@ void gpr_log_message(const char *file, int line, gpr_log_severity severity,
g_log_func(&lfargs);
}
void gpr_set_log_verbosity(gpr_log_severity min_severity_to_print) {
gpr_atm_no_barrier_store(&g_min_severity_to_print,
(gpr_atm)min_severity_to_print);
}
void gpr_log_verbosity_init() {
char *verbosity = gpr_getenv("GRPC_VERBOSITY");
if (verbosity == NULL) return;
gpr_atm min_severity_to_print = GPR_LOG_VERBOSITY_UNSET;
if (strcmp(verbosity, "DEBUG") == 0) {
min_severity_to_print = (gpr_atm)GPR_LOG_SEVERITY_DEBUG;
} else if (strcmp(verbosity, "INFO") == 0) {
min_severity_to_print = (gpr_atm)GPR_LOG_SEVERITY_INFO;
} else if (strcmp(verbosity, "ERROR") == 0) {
min_severity_to_print = (gpr_atm)GPR_LOG_SEVERITY_ERROR;
}
gpr_free(verbosity);
if ((gpr_atm_no_barrier_load(&g_min_severity_to_print)) ==
GPR_LOG_VERBOSITY_UNSET) {
gpr_atm_no_barrier_store(&g_min_severity_to_print, min_severity_to_print);
}
}
void gpr_set_log_function(gpr_log_func f) { g_log_func = f; }

@ -68,6 +68,7 @@ void gpr_log(const char *file, int line, gpr_log_severity severity,
}
va_end(args);
gpr_log_message(file, line, severity, message);
/* message has been allocated by vasprintf above, and needs free */
free(message);
}

@ -81,6 +81,7 @@ int gpr_thd_new(gpr_thd_id *t, void (*thd_body)(void *arg), void *arg,
thread_started = (pthread_create(&p, &attr, &thread_body, a) == 0);
GPR_ASSERT(pthread_attr_destroy(&attr) == 0);
if (!thread_started) {
/* don't use gpr_free, as this was allocated using malloc (see above) */
free(a);
}
*t = (gpr_thd_id)p;

@ -44,7 +44,7 @@ grpc_byte_buffer *grpc_raw_byte_buffer_create(gpr_slice *slices,
grpc_byte_buffer *grpc_raw_compressed_byte_buffer_create(
gpr_slice *slices, size_t nslices, grpc_compression_algorithm compression) {
size_t i;
grpc_byte_buffer *bb = malloc(sizeof(grpc_byte_buffer));
grpc_byte_buffer *bb = gpr_malloc(sizeof(grpc_byte_buffer));
bb->type = GRPC_BB_RAW;
bb->data.raw.compression = compression;
gpr_slice_buffer_init(&bb->data.raw.slice_buffer);
@ -57,7 +57,7 @@ grpc_byte_buffer *grpc_raw_compressed_byte_buffer_create(
grpc_byte_buffer *grpc_raw_byte_buffer_from_reader(
grpc_byte_buffer_reader *reader) {
grpc_byte_buffer *bb = malloc(sizeof(grpc_byte_buffer));
grpc_byte_buffer *bb = gpr_malloc(sizeof(grpc_byte_buffer));
gpr_slice slice;
bb->type = GRPC_BB_RAW;
bb->data.raw.compression = GRPC_COMPRESS_NONE;
@ -85,7 +85,7 @@ void grpc_byte_buffer_destroy(grpc_byte_buffer *bb) {
gpr_slice_buffer_destroy(&bb->data.raw.slice_buffer);
break;
}
free(bb);
gpr_free(bb);
}
size_t grpc_byte_buffer_length(grpc_byte_buffer *bb) {

@ -38,6 +38,7 @@
#include <grpc/grpc.h>
#include <grpc/support/alloc.h>
#include <grpc/support/log.h>
#include <grpc/support/time.h>
#include "src/core/lib/channel/channel_stack.h"
#include "src/core/lib/channel/compress_filter.h"
@ -69,6 +70,7 @@ static gpr_mu g_init_mu;
static int g_initializations;
static void do_basic_init(void) {
gpr_log_verbosity_init();
gpr_mu_init(&g_init_mu);
grpc_register_built_in_plugins();
g_initializations = 0;

@ -36,6 +36,7 @@
#include <stdlib.h>
#include <string.h>
#include <grpc/support/alloc.h>
#include <grpc/support/log.h>
#include <grpc/support/port_platform.h>
#include <grpc/support/useful.h>
@ -134,12 +135,12 @@ static void tsi_fake_frame_reset(tsi_fake_frame *frame, int needs_draining) {
static int tsi_fake_frame_ensure_size(tsi_fake_frame *frame) {
if (frame->data == NULL) {
frame->allocated_size = frame->size;
frame->data = malloc(frame->allocated_size);
frame->data = gpr_malloc(frame->allocated_size);
if (frame->data == NULL) return 0;
} else if (frame->size > frame->allocated_size) {
unsigned char *new_data = realloc(frame->data, frame->size);
unsigned char *new_data = gpr_realloc(frame->data, frame->size);
if (new_data == NULL) {
free(frame->data);
gpr_free(frame->data);
frame->data = NULL;
return 0;
}
@ -160,7 +161,7 @@ static tsi_result fill_frame_from_bytes(const unsigned char *incoming_bytes,
if (frame->needs_draining) return TSI_INTERNAL_ERROR;
if (frame->data == NULL) {
frame->allocated_size = TSI_FAKE_FRAME_INITIAL_ALLOCATED_SIZE;
frame->data = malloc(frame->allocated_size);
frame->data = gpr_malloc(frame->allocated_size);
if (frame->data == NULL) return TSI_OUT_OF_RESOURCES;
}
@ -226,7 +227,7 @@ static tsi_result bytes_to_frame(unsigned char *bytes, size_t bytes_size,
}
static void tsi_fake_frame_destruct(tsi_fake_frame *frame) {
if (frame->data != NULL) free(frame->data);
if (frame->data != NULL) gpr_free(frame->data);
}
/* --- tsi_frame_protector methods implementation. ---*/
@ -366,7 +367,7 @@ static void fake_protector_destroy(tsi_frame_protector *self) {
tsi_fake_frame_protector *impl = (tsi_fake_frame_protector *)self;
tsi_fake_frame_destruct(&impl->protect_frame);
tsi_fake_frame_destruct(&impl->unprotect_frame);
free(self);
gpr_free(self);
}
static const tsi_frame_protector_vtable frame_protector_vtable = {
@ -488,7 +489,7 @@ static void fake_handshaker_destroy(tsi_handshaker *self) {
tsi_fake_handshaker *impl = (tsi_fake_handshaker *)self;
tsi_fake_frame_destruct(&impl->incoming);
tsi_fake_frame_destruct(&impl->outgoing);
free(self);
gpr_free(self);
}
static const tsi_handshaker_vtable handshaker_vtable = {
@ -501,7 +502,8 @@ static const tsi_handshaker_vtable handshaker_vtable = {
};
tsi_handshaker *tsi_create_fake_handshaker(int is_client) {
tsi_fake_handshaker *impl = calloc(1, sizeof(tsi_fake_handshaker));
tsi_fake_handshaker *impl = gpr_malloc(sizeof(*impl));
memset(impl, 0, sizeof(*impl));
impl->base.vtable = &handshaker_vtable;
impl->is_client = is_client;
impl->result = TSI_HANDSHAKE_IN_PROGRESS;
@ -517,8 +519,8 @@ tsi_handshaker *tsi_create_fake_handshaker(int is_client) {
tsi_frame_protector *tsi_create_fake_protector(
size_t *max_protected_frame_size) {
tsi_fake_frame_protector *impl = calloc(1, sizeof(tsi_fake_frame_protector));
if (impl == NULL) return NULL;
tsi_fake_frame_protector *impl = gpr_malloc(sizeof(*impl));
memset(impl, 0, sizeof(*impl));
impl->max_frame_size = (max_protected_frame_size == NULL)
? TSI_FAKE_DEFAULT_FRAME_SIZE
: *max_protected_frame_size;

@ -45,6 +45,7 @@
#include <arpa/inet.h>
#endif
#include <grpc/support/alloc.h>
#include <grpc/support/log.h>
#include <grpc/support/sync.h>
#include <grpc/support/thd.h>
@ -148,8 +149,7 @@ static void init_openssl(void) {
OpenSSL_add_all_algorithms();
num_locks = CRYPTO_num_locks();
GPR_ASSERT(num_locks > 0);
openssl_mutexes = malloc((size_t)num_locks * sizeof(gpr_mu));
GPR_ASSERT(openssl_mutexes != NULL);
openssl_mutexes = gpr_malloc((size_t)num_locks * sizeof(gpr_mu));
for (i = 0; i < CRYPTO_num_locks(); i++) {
gpr_mu_init(&openssl_mutexes[i]);
}
@ -701,7 +701,7 @@ static tsi_result build_alpn_protocol_name_list(
}
*protocol_name_list_length += (size_t)alpn_protocols_lengths[i] + 1;
}
*protocol_name_list = malloc(*protocol_name_list_length);
*protocol_name_list = gpr_malloc(*protocol_name_list_length);
if (*protocol_name_list == NULL) return TSI_OUT_OF_RESOURCES;
current = *protocol_name_list;
for (i = 0; i < num_alpn_protocols; i++) {
@ -718,6 +718,14 @@ static tsi_result build_alpn_protocol_name_list(
return TSI_OK;
}
// The verification callback is used for clients that don't really care about
// the server's certificate, but we need to pull it anyway, in case a higher
// layer wants to look at it. In this case the verification may fail, but
// we don't really care.
static int NullVerifyCallback(int preverify_ok, X509_STORE_CTX *ctx) {
return 1;
}
/* --- tsi_frame_protector methods implementation. ---*/
static tsi_result ssl_protector_protect(tsi_frame_protector *self,
@ -852,9 +860,9 @@ static tsi_result ssl_protector_unprotect(
static void ssl_protector_destroy(tsi_frame_protector *self) {
tsi_ssl_frame_protector *impl = (tsi_ssl_frame_protector *)self;
if (impl->buffer != NULL) free(impl->buffer);
if (impl->buffer != NULL) gpr_free(impl->buffer);
if (impl->ssl != NULL) SSL_free(impl->ssl);
free(self);
gpr_free(self);
}
static const tsi_frame_protector_vtable frame_protector_vtable = {
@ -966,8 +974,9 @@ static tsi_result ssl_handshaker_extract_peer(tsi_handshaker *self,
if (alpn_selected != NULL) {
size_t i;
tsi_peer_property *new_properties =
calloc(1, sizeof(tsi_peer_property) * (peer->property_count + 1));
if (new_properties == NULL) return TSI_OUT_OF_RESOURCES;
gpr_malloc(sizeof(*new_properties) * (peer->property_count + 1));
memset(new_properties, 0,
sizeof(*new_properties) * (peer->property_count + 1));
for (i = 0; i < peer->property_count; i++) {
new_properties[i] = peer->properties[i];
}
@ -975,10 +984,10 @@ static tsi_result ssl_handshaker_extract_peer(tsi_handshaker *self,
TSI_SSL_ALPN_SELECTED_PROTOCOL, (const char *)alpn_selected,
alpn_selected_len, &new_properties[peer->property_count]);
if (result != TSI_OK) {
free(new_properties);
gpr_free(new_properties);
return result;
}
if (peer->properties != NULL) free(peer->properties);
if (peer->properties != NULL) gpr_free(peer->properties);
peer->property_count++;
peer->properties = new_properties;
}
@ -991,11 +1000,8 @@ static tsi_result ssl_handshaker_create_frame_protector(
size_t actual_max_output_protected_frame_size =
TSI_SSL_MAX_PROTECTED_FRAME_SIZE_UPPER_BOUND;
tsi_ssl_handshaker *impl = (tsi_ssl_handshaker *)self;
tsi_ssl_frame_protector *protector_impl =
calloc(1, sizeof(tsi_ssl_frame_protector));
if (protector_impl == NULL) {
return TSI_OUT_OF_RESOURCES;
}
tsi_ssl_frame_protector *protector_impl = gpr_malloc(sizeof(*protector_impl));
memset(protector_impl, 0, sizeof(*protector_impl));
if (max_output_protected_frame_size != NULL) {
if (*max_output_protected_frame_size >
@ -1011,11 +1017,11 @@ static tsi_result ssl_handshaker_create_frame_protector(
}
protector_impl->buffer_size =
actual_max_output_protected_frame_size - TSI_SSL_MAX_PROTECTION_OVERHEAD;
protector_impl->buffer = malloc(protector_impl->buffer_size);
protector_impl->buffer = gpr_malloc(protector_impl->buffer_size);
if (protector_impl->buffer == NULL) {
gpr_log(GPR_ERROR,
"Could not allocated buffer for tsi_ssl_frame_protector.");
free(protector_impl);
gpr_free(protector_impl);
return TSI_INTERNAL_ERROR;
}
@ -1034,7 +1040,7 @@ static tsi_result ssl_handshaker_create_frame_protector(
static void ssl_handshaker_destroy(tsi_handshaker *self) {
tsi_ssl_handshaker *impl = (tsi_ssl_handshaker *)self;
SSL_free(impl->ssl); /* The BIO objects are owned by ssl */
free(impl);
gpr_free(impl);
}
static const tsi_handshaker_vtable handshaker_vtable = {
@ -1111,11 +1117,8 @@ static tsi_result create_tsi_ssl_handshaker(SSL_CTX *ctx, int is_client,
SSL_set_accept_state(ssl);
}
impl = calloc(1, sizeof(tsi_ssl_handshaker));
if (impl == NULL) {
SSL_free(ssl);
return TSI_OUT_OF_RESOURCES;
}
impl = gpr_malloc(sizeof(*impl));
memset(impl, 0, sizeof(*impl));
impl->ssl = ssl;
impl->into_ssl = into_ssl;
impl->from_ssl = from_ssl;
@ -1167,8 +1170,8 @@ static void ssl_client_handshaker_factory_destroy(
tsi_ssl_client_handshaker_factory *impl =
(tsi_ssl_client_handshaker_factory *)self;
if (impl->ssl_context != NULL) SSL_CTX_free(impl->ssl_context);
if (impl->alpn_protocol_list != NULL) free(impl->alpn_protocol_list);
free(impl);
if (impl->alpn_protocol_list != NULL) gpr_free(impl->alpn_protocol_list);
gpr_free(impl);
}
static int client_handshaker_factory_npn_callback(SSL *ssl, unsigned char **out,
@ -1209,12 +1212,12 @@ static void ssl_server_handshaker_factory_destroy(
tsi_peer_destruct(&impl->ssl_context_x509_subject_names[i]);
}
}
if (impl->ssl_contexts != NULL) free(impl->ssl_contexts);
if (impl->ssl_contexts != NULL) gpr_free(impl->ssl_contexts);
if (impl->ssl_context_x509_subject_names != NULL) {
free(impl->ssl_context_x509_subject_names);
gpr_free(impl->ssl_context_x509_subject_names);
}
if (impl->alpn_protocol_list != NULL) free(impl->alpn_protocol_list);
free(impl);
if (impl->alpn_protocol_list != NULL) gpr_free(impl->alpn_protocol_list);
gpr_free(impl);
}
static int does_entry_match_name(const char *entry, size_t entry_length,
@ -1333,11 +1336,8 @@ tsi_result tsi_create_ssl_client_handshaker_factory(
return TSI_INVALID_ARGUMENT;
}
impl = calloc(1, sizeof(tsi_ssl_client_handshaker_factory));
if (impl == NULL) {
SSL_CTX_free(ssl_context);
return TSI_OUT_OF_RESOURCES;
}
impl = gpr_malloc(sizeof(*impl));
memset(impl, 0, sizeof(*impl));
impl->ssl_context = ssl_context;
do {
@ -1398,6 +1398,26 @@ tsi_result tsi_create_ssl_server_handshaker_factory(
const char *cipher_list, const unsigned char **alpn_protocols,
const unsigned char *alpn_protocols_lengths, uint16_t num_alpn_protocols,
tsi_ssl_handshaker_factory **factory) {
return tsi_create_ssl_server_handshaker_factory_ex(
pem_private_keys, pem_private_keys_sizes, pem_cert_chains,
pem_cert_chains_sizes, key_cert_pair_count, pem_client_root_certs,
pem_client_root_certs_size,
force_client_auth ? TSI_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY
: TSI_DONT_REQUEST_CLIENT_CERTIFICATE,
cipher_list, alpn_protocols, alpn_protocols_lengths, num_alpn_protocols,
factory);
}
tsi_result tsi_create_ssl_server_handshaker_factory_ex(
const unsigned char **pem_private_keys,
const size_t *pem_private_keys_sizes, const unsigned char **pem_cert_chains,
const size_t *pem_cert_chains_sizes, size_t key_cert_pair_count,
const unsigned char *pem_client_root_certs,
size_t pem_client_root_certs_size,
tsi_client_certificate_request_type client_certificate_request,
const char *cipher_list, const unsigned char **alpn_protocols,
const unsigned char *alpn_protocols_lengths, uint16_t num_alpn_protocols,
tsi_ssl_handshaker_factory **factory) {
tsi_ssl_server_handshaker_factory *impl = NULL;
tsi_result result = TSI_OK;
size_t i = 0;
@ -1411,14 +1431,17 @@ tsi_result tsi_create_ssl_server_handshaker_factory(
return TSI_INVALID_ARGUMENT;
}
impl = calloc(1, sizeof(tsi_ssl_server_handshaker_factory));
if (impl == NULL) return TSI_OUT_OF_RESOURCES;
impl = gpr_malloc(sizeof(*impl));
memset(impl, 0, sizeof(*impl));
impl->base.create_handshaker =
ssl_server_handshaker_factory_create_handshaker;
impl->base.destroy = ssl_server_handshaker_factory_destroy;
impl->ssl_contexts = calloc(key_cert_pair_count, sizeof(SSL_CTX *));
impl->ssl_contexts = gpr_malloc(key_cert_pair_count * sizeof(SSL_CTX *));
memset(impl->ssl_contexts, 0, key_cert_pair_count * sizeof(SSL_CTX *));
impl->ssl_context_x509_subject_names =
calloc(key_cert_pair_count, sizeof(tsi_peer));
gpr_malloc(key_cert_pair_count * sizeof(tsi_peer));
memset(impl->ssl_context_x509_subject_names, 0,
key_cert_pair_count * sizeof(tsi_peer));
if (impl->ssl_contexts == NULL ||
impl->ssl_context_x509_subject_names == NULL) {
tsi_ssl_handshaker_factory_destroy(&impl->base);
@ -1450,7 +1473,6 @@ tsi_result tsi_create_ssl_server_handshaker_factory(
if (result != TSI_OK) break;
if (pem_client_root_certs != NULL) {
int flags = SSL_VERIFY_PEER;
STACK_OF(X509_NAME) *root_names = NULL;
result = ssl_ctx_load_verification_certs(
impl->ssl_contexts[i], pem_client_root_certs,
@ -1460,8 +1482,29 @@ tsi_result tsi_create_ssl_server_handshaker_factory(
break;
}
SSL_CTX_set_client_CA_list(impl->ssl_contexts[i], root_names);
if (force_client_auth) flags |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
SSL_CTX_set_verify(impl->ssl_contexts[i], flags, NULL);
switch (client_certificate_request) {
case TSI_DONT_REQUEST_CLIENT_CERTIFICATE:
SSL_CTX_set_verify(impl->ssl_contexts[i], SSL_VERIFY_NONE, NULL);
break;
case TSI_REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY:
SSL_CTX_set_verify(impl->ssl_contexts[i], SSL_VERIFY_PEER,
NullVerifyCallback);
break;
case TSI_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY:
SSL_CTX_set_verify(impl->ssl_contexts[i], SSL_VERIFY_PEER, NULL);
break;
case TSI_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY:
SSL_CTX_set_verify(
impl->ssl_contexts[i],
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
NullVerifyCallback);
break;
case TSI_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY:
SSL_CTX_set_verify(
impl->ssl_contexts[i],
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL);
break;
}
/* TODO(jboeuf): Add revocation verification. */
}

@ -142,6 +142,23 @@ tsi_result tsi_create_ssl_server_handshaker_factory(
const unsigned char *alpn_protocols_lengths, uint16_t num_alpn_protocols,
tsi_ssl_handshaker_factory **factory);
/* Same as tsi_create_ssl_server_handshaker_factory method except uses
tsi_client_certificate_request_type to support more ways to handle client
certificate authentication.
- client_certificate_request, if set to non-zero will force the client to
authenticate with an SSL cert. Note that this option is ignored if
pem_client_root_certs is NULL or pem_client_roots_certs_size is 0 */
tsi_result tsi_create_ssl_server_handshaker_factory_ex(
const unsigned char **pem_private_keys,
const size_t *pem_private_keys_sizes, const unsigned char **pem_cert_chains,
const size_t *pem_cert_chains_sizes, size_t key_cert_pair_count,
const unsigned char *pem_client_root_certs,
size_t pem_client_root_certs_size,
tsi_client_certificate_request_type client_certificate_request,
const char *cipher_suites, const unsigned char **alpn_protocols,
const unsigned char *alpn_protocols_lengths, uint16_t num_alpn_protocols,
tsi_ssl_handshaker_factory **factory);
/* Creates a handshaker.
- self is the factory from which the handshaker will be created.
- server_name_indication indicates the name of the server the client is

@ -33,6 +33,9 @@
#include "src/core/lib/tsi/transport_security.h"
#include <grpc/support/alloc.h>
#include <grpc/support/string_util.h>
#include <stdlib.h>
#include <string.h>
@ -40,19 +43,6 @@
int tsi_tracing_enabled = 0;
/* --- Utils. --- */
char *tsi_strdup(const char *src) {
char *dst;
size_t len;
if (!src) return NULL;
len = strlen(src) + 1;
dst = malloc(len);
if (!dst) return NULL;
memcpy(dst, src, len);
return dst;
}
/* --- tsi_result common implementation. --- */
const char *tsi_result_to_string(tsi_result result) {
@ -214,15 +204,15 @@ static void tsi_peer_destroy_list_property(tsi_peer_property *children,
for (i = 0; i < child_count; i++) {
tsi_peer_property_destruct(&children[i]);
}
free(children);
gpr_free(children);
}
void tsi_peer_property_destruct(tsi_peer_property *property) {
if (property->name != NULL) {
free(property->name);
gpr_free(property->name);
}
if (property->value.data != NULL) {
free(property->value.data);
gpr_free(property->value.data);
}
*property = tsi_init_peer_property(); /* Reset everything to 0. */
}
@ -239,16 +229,10 @@ void tsi_peer_destruct(tsi_peer *self) {
tsi_result tsi_construct_allocated_string_peer_property(
const char *name, size_t value_length, tsi_peer_property *property) {
*property = tsi_init_peer_property();
if (name != NULL) {
property->name = tsi_strdup(name);
if (property->name == NULL) return TSI_OUT_OF_RESOURCES;
}
if (name != NULL) property->name = gpr_strdup(name);
if (value_length > 0) {
property->value.data = calloc(1, value_length);
if (property->value.data == NULL) {
tsi_peer_property_destruct(property);
return TSI_OUT_OF_RESOURCES;
}
property->value.data = gpr_malloc(value_length);
memset(property->value.data, 0, value_length);
property->value.length = value_length;
}
return TSI_OK;
@ -276,8 +260,8 @@ tsi_result tsi_construct_string_peer_property(const char *name,
tsi_result tsi_construct_peer(size_t property_count, tsi_peer *peer) {
memset(peer, 0, sizeof(tsi_peer));
if (property_count > 0) {
peer->properties = calloc(property_count, sizeof(tsi_peer_property));
if (peer->properties == NULL) return TSI_OUT_OF_RESOURCES;
peer->properties = gpr_malloc(property_count * sizeof(tsi_peer_property));
memset(peer->properties, 0, property_count * sizeof(tsi_peer_property));
peer->property_count = property_count;
}
return TSI_OK;

@ -59,6 +59,15 @@ typedef enum {
TSI_OUT_OF_RESOURCES = 12
} tsi_result;
typedef enum {
// Default option
TSI_DONT_REQUEST_CLIENT_CERTIFICATE,
TSI_REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY,
TSI_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY,
TSI_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY,
TSI_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY,
} tsi_client_certificate_request_type;
const char *tsi_result_to_string(tsi_result result);
/* --- tsi tracing --- */

@ -130,10 +130,14 @@ std::shared_ptr<ServerCredentials> SslServerCredentials(
key_cert_pair->cert_chain.c_str()};
pem_key_cert_pairs.push_back(p);
}
grpc_server_credentials* c_creds = grpc_ssl_server_credentials_create(
grpc_server_credentials* c_creds = grpc_ssl_server_credentials_create_ex(
options.pem_root_certs.empty() ? nullptr : options.pem_root_certs.c_str(),
pem_key_cert_pairs.empty() ? nullptr : &pem_key_cert_pairs[0],
pem_key_cert_pairs.size(), options.force_client_auth, nullptr);
pem_key_cert_pairs.size(),
options.force_client_auth
? GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY
: options.client_certificate_request,
nullptr);
return std::shared_ptr<ServerCredentials>(
new SecureServerCredentials(c_creds));
}

@ -129,6 +129,7 @@ namespace Grpc.IntegrationTesting
public ClientRunnerImpl(List<Channel> channels, ClientType clientType, RpcType rpcType, int outstandingRpcsPerChannel, LoadParams loadParams, PayloadConfig payloadConfig, HistogramParams histogramParams)
{
GrpcPreconditions.CheckArgument(outstandingRpcsPerChannel > 0, "outstandingRpcsPerChannel");
GrpcPreconditions.CheckNotNull(histogramParams, "histogramParams");
this.channels = new List<Channel>(channels);
this.clientType = clientType;
this.rpcType = rpcType;

File diff suppressed because it is too large Load Diff

@ -47,11 +47,12 @@ namespace Grpc.Testing {
"c3Npb24YBiABKA4yHS5ncnBjLnRlc3RpbmcuQ29tcHJlc3Npb25UeXBlEjEK",
"D3Jlc3BvbnNlX3N0YXR1cxgHIAEoCzIYLmdycGMudGVzdGluZy5FY2hvU3Rh",
"dHVzIkUKG1N0cmVhbWluZ091dHB1dENhbGxSZXNwb25zZRImCgdwYXlsb2Fk",
"GAEgASgLMhUuZ3JwYy50ZXN0aW5nLlBheWxvYWQiMwoNUmVjb25uZWN0SW5m",
"bxIOCgZwYXNzZWQYASABKAgSEgoKYmFja29mZl9tcxgCIAMoBSo/CgtQYXls",
"b2FkVHlwZRIQCgxDT01QUkVTU0FCTEUQABISCg5VTkNPTVBSRVNTQUJMRRAB",
"EgoKBlJBTkRPTRACKjIKD0NvbXByZXNzaW9uVHlwZRIICgROT05FEAASCAoE",
"R1pJUBABEgsKB0RFRkxBVEUQAmIGcHJvdG8z"));
"GAEgASgLMhUuZ3JwYy50ZXN0aW5nLlBheWxvYWQiMwoPUmVjb25uZWN0UGFy",
"YW1zEiAKGG1heF9yZWNvbm5lY3RfYmFja29mZl9tcxgBIAEoBSIzCg1SZWNv",
"bm5lY3RJbmZvEg4KBnBhc3NlZBgBIAEoCBISCgpiYWNrb2ZmX21zGAIgAygF",
"Kj8KC1BheWxvYWRUeXBlEhAKDENPTVBSRVNTQUJMRRAAEhIKDlVOQ09NUFJF",
"U1NBQkxFEAESCgoGUkFORE9NEAIqMgoPQ29tcHJlc3Npb25UeXBlEggKBE5P",
"TkUQABIICgRHWklQEAESCwoHREVGTEFURRACYgZwcm90bzM="));
descriptor = pbr::FileDescriptor.FromGeneratedCode(descriptorData,
new pbr::FileDescriptor[] { },
new pbr::GeneratedCodeInfo(new[] {typeof(global::Grpc.Testing.PayloadType), typeof(global::Grpc.Testing.CompressionType), }, new pbr::GeneratedCodeInfo[] {
@ -64,6 +65,7 @@ namespace Grpc.Testing {
new pbr::GeneratedCodeInfo(typeof(global::Grpc.Testing.ResponseParameters), global::Grpc.Testing.ResponseParameters.Parser, new[]{ "Size", "IntervalUs" }, null, null, null),
new pbr::GeneratedCodeInfo(typeof(global::Grpc.Testing.StreamingOutputCallRequest), global::Grpc.Testing.StreamingOutputCallRequest.Parser, new[]{ "ResponseType", "ResponseParameters", "Payload", "ResponseCompression", "ResponseStatus" }, null, null, null),
new pbr::GeneratedCodeInfo(typeof(global::Grpc.Testing.StreamingOutputCallResponse), global::Grpc.Testing.StreamingOutputCallResponse.Parser, new[]{ "Payload" }, null, null, null),
new pbr::GeneratedCodeInfo(typeof(global::Grpc.Testing.ReconnectParams), global::Grpc.Testing.ReconnectParams.Parser, new[]{ "MaxReconnectBackoffMs" }, null, null, null),
new pbr::GeneratedCodeInfo(typeof(global::Grpc.Testing.ReconnectInfo), global::Grpc.Testing.ReconnectInfo.Parser, new[]{ "Passed", "BackoffMs" }, null, null, null)
}));
}
@ -1572,6 +1574,113 @@ namespace Grpc.Testing {
}
/// <summary>
/// For reconnect interop test only.
/// Client tells server what reconnection parameters it used.
/// </summary>
[global::System.Diagnostics.DebuggerNonUserCodeAttribute()]
public sealed partial class ReconnectParams : pb::IMessage<ReconnectParams> {
private static readonly pb::MessageParser<ReconnectParams> _parser = new pb::MessageParser<ReconnectParams>(() => new ReconnectParams());
public static pb::MessageParser<ReconnectParams> Parser { get { return _parser; } }
public static pbr::MessageDescriptor Descriptor {
get { return global::Grpc.Testing.MessagesReflection.Descriptor.MessageTypes[9]; }
}
pbr::MessageDescriptor pb::IMessage.Descriptor {
get { return Descriptor; }
}
public ReconnectParams() {
OnConstruction();
}
partial void OnConstruction();
public ReconnectParams(ReconnectParams other) : this() {
maxReconnectBackoffMs_ = other.maxReconnectBackoffMs_;
}
public ReconnectParams Clone() {
return new ReconnectParams(this);
}
/// <summary>Field number for the "max_reconnect_backoff_ms" field.</summary>
public const int MaxReconnectBackoffMsFieldNumber = 1;
private int maxReconnectBackoffMs_;
public int MaxReconnectBackoffMs {
get { return maxReconnectBackoffMs_; }
set {
maxReconnectBackoffMs_ = value;
}
}
public override bool Equals(object other) {
return Equals(other as ReconnectParams);
}
public bool Equals(ReconnectParams other) {
if (ReferenceEquals(other, null)) {
return false;
}
if (ReferenceEquals(other, this)) {
return true;
}
if (MaxReconnectBackoffMs != other.MaxReconnectBackoffMs) return false;
return true;
}
public override int GetHashCode() {
int hash = 1;
if (MaxReconnectBackoffMs != 0) hash ^= MaxReconnectBackoffMs.GetHashCode();
return hash;
}
public override string ToString() {
return pb::JsonFormatter.ToDiagnosticString(this);
}
public void WriteTo(pb::CodedOutputStream output) {
if (MaxReconnectBackoffMs != 0) {
output.WriteRawTag(8);
output.WriteInt32(MaxReconnectBackoffMs);
}
}
public int CalculateSize() {
int size = 0;
if (MaxReconnectBackoffMs != 0) {
size += 1 + pb::CodedOutputStream.ComputeInt32Size(MaxReconnectBackoffMs);
}
return size;
}
public void MergeFrom(ReconnectParams other) {
if (other == null) {
return;
}
if (other.MaxReconnectBackoffMs != 0) {
MaxReconnectBackoffMs = other.MaxReconnectBackoffMs;
}
}
public void MergeFrom(pb::CodedInputStream input) {
uint tag;
while ((tag = input.ReadTag()) != 0) {
switch(tag) {
default:
input.SkipLastField();
break;
case 8: {
MaxReconnectBackoffMs = input.ReadInt32();
break;
}
}
}
}
}
/// <summary>
/// For reconnect interop test only.
/// Server tells client whether its reconnects are following the spec and the
@ -1583,7 +1692,7 @@ namespace Grpc.Testing {
public static pb::MessageParser<ReconnectInfo> Parser { get { return _parser; } }
public static pbr::MessageDescriptor Descriptor {
get { return global::Grpc.Testing.MessagesReflection.Descriptor.MessageTypes[9]; }
get { return global::Grpc.Testing.MessagesReflection.Descriptor.MessageTypes[10]; }
}
pbr::MessageDescriptor pb::IMessage.Descriptor {

@ -40,10 +40,10 @@ namespace Grpc.Testing {
"bWluZ091dHB1dENhbGxSZXF1ZXN0GikuZ3JwYy50ZXN0aW5nLlN0cmVhbWlu",
"Z091dHB1dENhbGxSZXNwb25zZSgBMAEyVQoUVW5pbXBsZW1lbnRlZFNlcnZp",
"Y2USPQoRVW5pbXBsZW1lbnRlZENhbGwSEy5ncnBjLnRlc3RpbmcuRW1wdHka",
"Ey5ncnBjLnRlc3RpbmcuRW1wdHkyfwoQUmVjb25uZWN0U2VydmljZRIxCgVT",
"dGFydBITLmdycGMudGVzdGluZy5FbXB0eRoTLmdycGMudGVzdGluZy5FbXB0",
"eRI4CgRTdG9wEhMuZ3JwYy50ZXN0aW5nLkVtcHR5GhsuZ3JwYy50ZXN0aW5n",
"LlJlY29ubmVjdEluZm9iBnByb3RvMw=="));
"Ey5ncnBjLnRlc3RpbmcuRW1wdHkyiQEKEFJlY29ubmVjdFNlcnZpY2USOwoF",
"U3RhcnQSHS5ncnBjLnRlc3RpbmcuUmVjb25uZWN0UGFyYW1zGhMuZ3JwYy50",
"ZXN0aW5nLkVtcHR5EjgKBFN0b3ASEy5ncnBjLnRlc3RpbmcuRW1wdHkaGy5n",
"cnBjLnRlc3RpbmcuUmVjb25uZWN0SW5mb2IGcHJvdG8z"));
descriptor = pbr::FileDescriptor.FromGeneratedCode(descriptorData,
new pbr::FileDescriptor[] { global::Grpc.Testing.EmptyReflection.Descriptor, global::Grpc.Testing.MessagesReflection.Descriptor, },
new pbr::GeneratedCodeInfo(null, null));

@ -367,14 +367,15 @@ namespace Grpc.Testing {
{
static readonly string __ServiceName = "grpc.testing.ReconnectService";
static readonly Marshaller<global::Grpc.Testing.ReconnectParams> __Marshaller_ReconnectParams = Marshallers.Create((arg) => global::Google.Protobuf.MessageExtensions.ToByteArray(arg), global::Grpc.Testing.ReconnectParams.Parser.ParseFrom);
static readonly Marshaller<global::Grpc.Testing.Empty> __Marshaller_Empty = Marshallers.Create((arg) => global::Google.Protobuf.MessageExtensions.ToByteArray(arg), global::Grpc.Testing.Empty.Parser.ParseFrom);
static readonly Marshaller<global::Grpc.Testing.ReconnectInfo> __Marshaller_ReconnectInfo = Marshallers.Create((arg) => global::Google.Protobuf.MessageExtensions.ToByteArray(arg), global::Grpc.Testing.ReconnectInfo.Parser.ParseFrom);
static readonly Method<global::Grpc.Testing.Empty, global::Grpc.Testing.Empty> __Method_Start = new Method<global::Grpc.Testing.Empty, global::Grpc.Testing.Empty>(
static readonly Method<global::Grpc.Testing.ReconnectParams, global::Grpc.Testing.Empty> __Method_Start = new Method<global::Grpc.Testing.ReconnectParams, global::Grpc.Testing.Empty>(
MethodType.Unary,
__ServiceName,
"Start",
__Marshaller_Empty,
__Marshaller_ReconnectParams,
__Marshaller_Empty);
static readonly Method<global::Grpc.Testing.Empty, global::Grpc.Testing.ReconnectInfo> __Method_Stop = new Method<global::Grpc.Testing.Empty, global::Grpc.Testing.ReconnectInfo>(
@ -394,10 +395,10 @@ namespace Grpc.Testing {
[System.Obsolete("Client side interfaced will be removed in the next release. Use client class directly.")]
public interface IReconnectServiceClient
{
global::Grpc.Testing.Empty Start(global::Grpc.Testing.Empty request, Metadata headers = null, DateTime? deadline = null, CancellationToken cancellationToken = default(CancellationToken));
global::Grpc.Testing.Empty Start(global::Grpc.Testing.Empty request, CallOptions options);
AsyncUnaryCall<global::Grpc.Testing.Empty> StartAsync(global::Grpc.Testing.Empty request, Metadata headers = null, DateTime? deadline = null, CancellationToken cancellationToken = default(CancellationToken));
AsyncUnaryCall<global::Grpc.Testing.Empty> StartAsync(global::Grpc.Testing.Empty request, CallOptions options);
global::Grpc.Testing.Empty Start(global::Grpc.Testing.ReconnectParams request, Metadata headers = null, DateTime? deadline = null, CancellationToken cancellationToken = default(CancellationToken));
global::Grpc.Testing.Empty Start(global::Grpc.Testing.ReconnectParams request, CallOptions options);
AsyncUnaryCall<global::Grpc.Testing.Empty> StartAsync(global::Grpc.Testing.ReconnectParams request, Metadata headers = null, DateTime? deadline = null, CancellationToken cancellationToken = default(CancellationToken));
AsyncUnaryCall<global::Grpc.Testing.Empty> StartAsync(global::Grpc.Testing.ReconnectParams request, CallOptions options);
global::Grpc.Testing.ReconnectInfo Stop(global::Grpc.Testing.Empty request, Metadata headers = null, DateTime? deadline = null, CancellationToken cancellationToken = default(CancellationToken));
global::Grpc.Testing.ReconnectInfo Stop(global::Grpc.Testing.Empty request, CallOptions options);
AsyncUnaryCall<global::Grpc.Testing.ReconnectInfo> StopAsync(global::Grpc.Testing.Empty request, Metadata headers = null, DateTime? deadline = null, CancellationToken cancellationToken = default(CancellationToken));
@ -408,14 +409,14 @@ namespace Grpc.Testing {
[System.Obsolete("Service implementations should inherit from the generated abstract base class instead.")]
public interface IReconnectService
{
Task<global::Grpc.Testing.Empty> Start(global::Grpc.Testing.Empty request, ServerCallContext context);
Task<global::Grpc.Testing.Empty> Start(global::Grpc.Testing.ReconnectParams request, ServerCallContext context);
Task<global::Grpc.Testing.ReconnectInfo> Stop(global::Grpc.Testing.Empty request, ServerCallContext context);
}
// server-side abstract class
public abstract class ReconnectServiceBase
{
public virtual Task<global::Grpc.Testing.Empty> Start(global::Grpc.Testing.Empty request, ServerCallContext context)
public virtual Task<global::Grpc.Testing.Empty> Start(global::Grpc.Testing.ReconnectParams request, ServerCallContext context)
{
throw new RpcException(new Status(StatusCode.Unimplemented, ""));
}
@ -445,19 +446,19 @@ namespace Grpc.Testing {
{
}
public virtual global::Grpc.Testing.Empty Start(global::Grpc.Testing.Empty request, Metadata headers = null, DateTime? deadline = null, CancellationToken cancellationToken = default(CancellationToken))
public virtual global::Grpc.Testing.Empty Start(global::Grpc.Testing.ReconnectParams request, Metadata headers = null, DateTime? deadline = null, CancellationToken cancellationToken = default(CancellationToken))
{
return Start(request, new CallOptions(headers, deadline, cancellationToken));
}
public virtual global::Grpc.Testing.Empty Start(global::Grpc.Testing.Empty request, CallOptions options)
public virtual global::Grpc.Testing.Empty Start(global::Grpc.Testing.ReconnectParams request, CallOptions options)
{
return CallInvoker.BlockingUnaryCall(__Method_Start, null, options, request);
}
public virtual AsyncUnaryCall<global::Grpc.Testing.Empty> StartAsync(global::Grpc.Testing.Empty request, Metadata headers = null, DateTime? deadline = null, CancellationToken cancellationToken = default(CancellationToken))
public virtual AsyncUnaryCall<global::Grpc.Testing.Empty> StartAsync(global::Grpc.Testing.ReconnectParams request, Metadata headers = null, DateTime? deadline = null, CancellationToken cancellationToken = default(CancellationToken))
{
return StartAsync(request, new CallOptions(headers, deadline, cancellationToken));
}
public virtual AsyncUnaryCall<global::Grpc.Testing.Empty> StartAsync(global::Grpc.Testing.Empty request, CallOptions options)
public virtual AsyncUnaryCall<global::Grpc.Testing.Empty> StartAsync(global::Grpc.Testing.ReconnectParams request, CallOptions options)
{
return CallInvoker.AsyncUnaryCall(__Method_Start, null, options, request);
}

@ -911,9 +911,12 @@ grpcsharp_ssl_server_credentials_create(
key_cert_pairs[i].private_key = key_cert_pair_private_key_array[i];
}
}
creds = grpc_ssl_server_credentials_create(pem_root_certs, key_cert_pairs,
num_key_cert_pairs,
force_client_auth, NULL);
creds = grpc_ssl_server_credentials_create_ex(
pem_root_certs, key_cert_pairs, num_key_cert_pairs,
force_client_auth
? GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY
: GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE,
NULL);
gpr_free(key_cert_pairs);
return creds;
}

@ -145,9 +145,13 @@ NAN_METHOD(ServerCredentials::CreateSsl) {
return Nan::ThrowTypeError(
"createSsl's second argument must be a list of objects");
}
int force_client_auth = 0;
grpc_ssl_client_certificate_request_type client_certificate_request;
if (info[2]->IsBoolean()) {
force_client_auth = (int)Nan::To<bool>(info[2]).FromJust();
client_certificate_request =
Nan::To<bool>(info[2]).FromJust()
? GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY
: GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE;
} else if (!(info[2]->IsUndefined() || info[2]->IsNull())) {
return Nan::ThrowTypeError(
"createSsl's third argument must be a boolean if provided");
@ -180,8 +184,9 @@ NAN_METHOD(ServerCredentials::CreateSsl) {
key_cert_pairs[i].private_key = ::node::Buffer::Data(maybe_key);
key_cert_pairs[i].cert_chain = ::node::Buffer::Data(maybe_cert);
}
grpc_server_credentials *creds = grpc_ssl_server_credentials_create(
root_certs, key_cert_pairs, key_cert_pair_count, force_client_auth, NULL);
grpc_server_credentials *creds = grpc_ssl_server_credentials_create_ex(
root_certs, key_cert_pairs, key_cert_pair_count,
client_certificate_request, NULL);
delete key_cert_pairs;
if (creds == NULL) {
info.GetReturnValue().SetNull();

@ -33,6 +33,7 @@
'use strict';
var console = require('console');
var worker_service_impl = require('./worker_service_impl');
var grpc = require('../../../');
@ -48,6 +49,7 @@ function runServer(port) {
var address = '0.0.0.0:' + port;
server.bind(address, server_creds);
server.start();
console.log('running QPS worker on %s', address);
return server;
}

@ -34,6 +34,7 @@
'use strict';
var os = require('os');
var console = require('console');
var BenchmarkClient = require('./benchmark_client');
var BenchmarkServer = require('./benchmark_server');
@ -49,6 +50,7 @@ exports.runClient = function runClient(call) {
switch (request.argtype) {
case 'setup':
var setup = request.setup;
console.log('ClientConfig %j', setup);
client = new BenchmarkClient(setup.server_targets,
setup.client_channels,
setup.histogram_params,
@ -118,6 +120,7 @@ exports.runServer = function runServer(call) {
var stats;
switch (request.argtype) {
case 'setup':
console.log('ServerConfig %j', request.setup);
server = new BenchmarkServer('[::]', request.setup.port,
request.setup.security_params);
server.start();

@ -115,10 +115,11 @@ PHP_METHOD(ServerCredentials, createSsl) {
"createSsl expects 3 strings", 1 TSRMLS_CC);
return;
}
/* TODO: add a force_client_auth field in ServerCredentials and pass it as
* the last parameter. */
grpc_server_credentials *creds = grpc_ssl_server_credentials_create(
pem_root_certs, &pem_key_cert_pair, 1, 0, NULL);
/* TODO: add a client_certificate_request field in ServerCredentials and pass
* it as the last parameter. */
grpc_server_credentials *creds = grpc_ssl_server_credentials_create_ex(
pem_root_certs, &pem_key_cert_pair, 1,
GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE, NULL);
zval *creds_object = grpc_php_wrap_server_credentials(creds);
RETURN_DESTROY_ZVAL(creds_object);
}

@ -17,5 +17,5 @@
*/
error_reporting(E_ALL | E_STRICT);
require dirname(__DIR__) . '/vendor/autoload.php';
require dirname(__DIR__).'/vendor/autoload.php';
date_default_timezone_set('UTC');

@ -46,7 +46,8 @@ class GeneratedCodeWithCallbackTest extends AbstractGeneratedCodeTest
$a_copy['foo'] = ['bar'];
return $a_copy;
}]);
},
]);
}
public function tearDown()

@ -38,13 +38,13 @@ include 'tests/generated_code/math.php';
function p($line)
{
print("$line<br/>\n");
echo "$line<br/>\n";
}
$host = 'localhost:50051';
p("Connecting to host: $host");
$client = new math\MathClient($host, [
'credentials' => Grpc\ChannelCredentials::createInsecure()
'credentials' => Grpc\ChannelCredentials::createInsecure(),
]);
p('Client class: '.get_class($client));
p('');

@ -132,5 +132,4 @@ class CallCredentials3Test extends PHPUnit_Framework_TestCase
unset($call);
unset($server_call);
}
}

@ -94,7 +94,7 @@ class CallTest extends PHPUnit_Framework_TestCase
public function testCancel()
{
$this->assertNull($this->call->cancel());
$this->assertNull($this->call->cancel());
}
/**
@ -118,5 +118,4 @@ class CallTest extends PHPUnit_Framework_TestCase
];
$result = $this->call->startBatch($batch);
}
}

@ -70,4 +70,4 @@ class ChanellCredentialsTest extends PHPUnit_Framework_TestCase
$channel_credentials = Grpc\ChannelCredentials::createInsecure();
$this->assertNull($channel_credentials);
}
}
}

@ -78,5 +78,4 @@ class ChannelTest extends PHPUnit_Framework_TestCase
]
);
}
}
}

@ -261,7 +261,8 @@ class EndToEndTest extends PHPUnit_Framework_TestCase
Grpc\OP_SEND_INITIAL_METADATA => [],
Grpc\OP_SEND_CLOSE_FROM_CLIENT => true,
Grpc\OP_SEND_MESSAGE => ['message' => 'abc',
'flags' => 'invalid'],
'flags' => 'invalid',
],
]);
}
@ -574,7 +575,7 @@ class EndToEndTest extends PHPUnit_Framework_TestCase
public function testGetConnectivityStateInvalidParam()
{
$this->assertTrue($this->channel->getConnectivityState(
new Grpc\Timeval));
new Grpc\Timeval()));
}
/**
@ -591,12 +592,11 @@ class EndToEndTest extends PHPUnit_Framework_TestCase
*/
public function testChannelConstructorInvalidParam()
{
$this->channel = new Grpc\Channel('localhost:'.$this->port, NULL);
$this->channel = new Grpc\Channel('localhost:'.$this->port, null);
}
public function testClose()
{
$this->assertNull($this->channel->close());
}
}

@ -67,5 +67,4 @@ class ServerTest extends PHPUnit_Framework_TestCase
$this->server = new Grpc\Server([]);
$this->port = $this->server->addSecureHttp2Port(['0.0.0.0:0']);
}
}
}

@ -94,13 +94,13 @@ class TimevalTest extends PHPUnit_Framework_TestCase
public function testSimilar()
{
$a = Grpc\Timeval::now();
$delta = new Grpc\Timeval(1000);
$b = $a->add($delta);
$thresh = new Grpc\Timeval(1100);
$this->assertTrue(Grpc\Timeval::similar($a, $b, $thresh));
$thresh = new Grpc\Timeval(900);
$this->assertFalse(Grpc\Timeval::similar($a, $b, $thresh));
$a = Grpc\Timeval::now();
$delta = new Grpc\Timeval(1000);
$b = $a->add($delta);
$thresh = new Grpc\Timeval(1100);
$this->assertTrue(Grpc\Timeval::similar($a, $b, $thresh));
$thresh = new Grpc\Timeval(900);
$this->assertFalse(Grpc\Timeval::similar($a, $b, $thresh));
}
public function testSleepUntil()
@ -155,5 +155,4 @@ class TimevalTest extends PHPUnit_Framework_TestCase
{
$a = Grpc\Timeval::similar(1000, 1100, 1200);
}
}

@ -105,4 +105,4 @@ message Message {
// The contents of the message. May be a prefix instead of the complete
// message.
bytes data = 5;
}
}

@ -57,18 +57,6 @@ message PoissonParams {
double offered_load = 1;
}
message UniformParams {
double interarrival_lo = 1;
double interarrival_hi = 2;
}
message DeterministicParams { double offered_load = 1; }
message ParetoParams {
double interarrival_base = 1;
double alpha = 2;
}
// Once an RPC finishes, immediately start a new one.
// No configuration parameters needed.
message ClosedLoopParams {}
@ -77,9 +65,6 @@ message LoadParams {
oneof load {
ClosedLoopParams closed_loop = 1;
PoissonParams poisson = 2;
UniformParams uniform = 3;
DeterministicParams determ = 4;
ParetoParams pareto = 5;
};
}
@ -194,3 +179,44 @@ message Scenario {
message Scenarios {
repeated Scenario scenarios = 1;
}
// Basic summary that can be computed from ClientStats and ServerStats
// once the scenario has finished.
message ScenarioResultSummary
{
// Total number of operations per second over all clients.
double qps = 1;
// QPS per one server core.
double qps_per_server_core = 2;
// server load based on system_time (0.85 => 85%)
double server_system_time = 3;
// server load based on user_time (0.85 => 85%)
double server_user_time = 4;
// client load based on system_time (0.85 => 85%)
double client_system_time = 5;
// client load based on user_time (0.85 => 85%)
double client_user_time = 6;
// X% latency percentiles (in nanoseconds)
double latency_50 = 7;
double latency_90 = 8;
double latency_95 = 9;
double latency_99 = 10;
double latency_999 = 11;
}
// Results of a single benchmark scenario.
message ScenarioResult {
// Inputs used to run the scenario.
Scenario scenario = 1;
// Histograms from all clients merged into one histogram.
HistogramData latencies = 2;
// Client stats for each client
repeated ClientStats client_stats = 3;
// Server stats for each server
repeated ServerStats server_stats = 4;
// Number of cores available to each server
repeated int32 server_cores = 5;
// An after-the-fact computed summary
ScenarioResultSummary summary = 6;
}

@ -302,6 +302,8 @@ def server_credentials_ssl(pem_root_certs, pem_key_cert_pairs,
(<SslPemKeyCertPair>pem_key_cert_pairs[i]).c_pair)
credentials.c_credentials = grpc_ssl_server_credentials_create(
c_pem_root_certs, credentials.c_ssl_pem_key_cert_pairs,
credentials.c_ssl_pem_key_cert_pairs_count, force_client_auth, NULL)
credentials.c_ssl_pem_key_cert_pairs_count,
GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY if force_client_auth else GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE,
NULL)
return credentials

@ -105,6 +105,13 @@ cdef extern from "grpc/_cython/loader.h":
GRPC_SSL_ROOTS_OVERRIDE_FAILED_PERMANENTLY
GRPC_SSL_ROOTS_OVERRIDE_FAILED
ctypedef enum grpc_ssl_client_certificate_request_type:
GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE,
GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY
GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY
GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY
GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY
struct grpc_byte_buffer_reader:
# We don't care about the internals
pass

@ -152,6 +152,7 @@ grpc_metadata_credentials_create_from_plugin_type grpc_metadata_credentials_crea
grpc_secure_channel_create_type grpc_secure_channel_create_import;
grpc_server_credentials_release_type grpc_server_credentials_release_import;
grpc_ssl_server_credentials_create_type grpc_ssl_server_credentials_create_import;
grpc_ssl_server_credentials_create_ex_type grpc_ssl_server_credentials_create_ex_import;
grpc_server_add_secure_http2_port_type grpc_server_add_secure_http2_port_import;
grpc_call_set_credentials_type grpc_call_set_credentials_import;
grpc_server_credentials_set_auth_metadata_processor_type grpc_server_credentials_set_auth_metadata_processor_import;
@ -174,6 +175,8 @@ grpc_byte_buffer_reader_readall_type grpc_byte_buffer_reader_readall_import;
grpc_raw_byte_buffer_from_reader_type grpc_raw_byte_buffer_from_reader_import;
gpr_log_type gpr_log_import;
gpr_log_message_type gpr_log_message_import;
gpr_set_log_verbosity_type gpr_set_log_verbosity_import;
gpr_log_verbosity_init_type gpr_log_verbosity_init_import;
gpr_set_log_function_type gpr_set_log_function_import;
gpr_slice_ref_type gpr_slice_ref_import;
gpr_slice_unref_type gpr_slice_unref_import;
@ -418,6 +421,7 @@ void pygrpc_load_imports(HMODULE library) {
grpc_secure_channel_create_import = (grpc_secure_channel_create_type) GetProcAddress(library, "grpc_secure_channel_create");
grpc_server_credentials_release_import = (grpc_server_credentials_release_type) GetProcAddress(library, "grpc_server_credentials_release");
grpc_ssl_server_credentials_create_import = (grpc_ssl_server_credentials_create_type) GetProcAddress(library, "grpc_ssl_server_credentials_create");
grpc_ssl_server_credentials_create_ex_import = (grpc_ssl_server_credentials_create_ex_type) GetProcAddress(library, "grpc_ssl_server_credentials_create_ex");
grpc_server_add_secure_http2_port_import = (grpc_server_add_secure_http2_port_type) GetProcAddress(library, "grpc_server_add_secure_http2_port");
grpc_call_set_credentials_import = (grpc_call_set_credentials_type) GetProcAddress(library, "grpc_call_set_credentials");
grpc_server_credentials_set_auth_metadata_processor_import = (grpc_server_credentials_set_auth_metadata_processor_type) GetProcAddress(library, "grpc_server_credentials_set_auth_metadata_processor");
@ -440,6 +444,8 @@ void pygrpc_load_imports(HMODULE library) {
grpc_raw_byte_buffer_from_reader_import = (grpc_raw_byte_buffer_from_reader_type) GetProcAddress(library, "grpc_raw_byte_buffer_from_reader");
gpr_log_import = (gpr_log_type) GetProcAddress(library, "gpr_log");
gpr_log_message_import = (gpr_log_message_type) GetProcAddress(library, "gpr_log_message");
gpr_set_log_verbosity_import = (gpr_set_log_verbosity_type) GetProcAddress(library, "gpr_set_log_verbosity");
gpr_log_verbosity_init_import = (gpr_log_verbosity_init_type) GetProcAddress(library, "gpr_log_verbosity_init");
gpr_set_log_function_import = (gpr_set_log_function_type) GetProcAddress(library, "gpr_set_log_function");
gpr_slice_ref_import = (gpr_slice_ref_type) GetProcAddress(library, "gpr_slice_ref");
gpr_slice_unref_import = (gpr_slice_unref_type) GetProcAddress(library, "gpr_slice_unref");

@ -406,6 +406,9 @@ extern grpc_server_credentials_release_type grpc_server_credentials_release_impo
typedef grpc_server_credentials *(*grpc_ssl_server_credentials_create_type)(const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs, size_t num_key_cert_pairs, int force_client_auth, void *reserved);
extern grpc_ssl_server_credentials_create_type grpc_ssl_server_credentials_create_import;
#define grpc_ssl_server_credentials_create grpc_ssl_server_credentials_create_import
typedef grpc_server_credentials *(*grpc_ssl_server_credentials_create_ex_type)(const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs, size_t num_key_cert_pairs, grpc_ssl_client_certificate_request_type client_certificate_request, void *reserved);
extern grpc_ssl_server_credentials_create_ex_type grpc_ssl_server_credentials_create_ex_import;
#define grpc_ssl_server_credentials_create_ex grpc_ssl_server_credentials_create_ex_import
typedef int(*grpc_server_add_secure_http2_port_type)(grpc_server *server, const char *addr, grpc_server_credentials *creds);
extern grpc_server_add_secure_http2_port_type grpc_server_add_secure_http2_port_import;
#define grpc_server_add_secure_http2_port grpc_server_add_secure_http2_port_import
@ -472,6 +475,12 @@ extern gpr_log_type gpr_log_import;
typedef void(*gpr_log_message_type)(const char *file, int line, gpr_log_severity severity, const char *message);
extern gpr_log_message_type gpr_log_message_import;
#define gpr_log_message gpr_log_message_import
typedef void(*gpr_set_log_verbosity_type)(gpr_log_severity min_severity_to_print);
extern gpr_set_log_verbosity_type gpr_set_log_verbosity_import;
#define gpr_set_log_verbosity gpr_set_log_verbosity_import
typedef void(*gpr_log_verbosity_init_type)();
extern gpr_log_verbosity_init_type gpr_log_verbosity_init_import;
#define gpr_log_verbosity_init gpr_log_verbosity_init_import
typedef void(*gpr_set_log_function_type)(gpr_log_func func);
extern gpr_set_log_function_type gpr_set_log_function_import;
#define gpr_set_log_function gpr_set_log_function_import

@ -210,6 +210,7 @@ CORE_SOURCE_FILES = [
'src/core/ext/client_config/lb_policy.c',
'src/core/ext/client_config/lb_policy_factory.c',
'src/core/ext/client_config/lb_policy_registry.c',
'src/core/ext/client_config/parse_address.c',
'src/core/ext/client_config/resolver.c',
'src/core/ext/client_config/resolver_factory.c',
'src/core/ext/client_config/resolver_registry.c',
@ -310,6 +311,7 @@ CORE_SOURCE_FILES = [
'third_party/boringssl/crypto/bn/shift.c',
'third_party/boringssl/crypto/bn/sqrt.c',
'third_party/boringssl/crypto/buf/buf.c',
'third_party/boringssl/crypto/bytestring/asn1_compat.c',
'third_party/boringssl/crypto/bytestring/ber.c',
'third_party/boringssl/crypto/bytestring/cbb.c',
'third_party/boringssl/crypto/bytestring/cbs.c',
@ -333,6 +335,7 @@ CORE_SOURCE_FILES = [
'third_party/boringssl/crypto/cpu-intel.c',
'third_party/boringssl/crypto/crypto.c',
'third_party/boringssl/crypto/curve25519/curve25519.c',
'third_party/boringssl/crypto/curve25519/x25519-x86_64.c',
'third_party/boringssl/crypto/des/des.c',
'third_party/boringssl/crypto/dh/check.c',
'third_party/boringssl/crypto/dh/dh.c',
@ -524,6 +527,7 @@ CORE_SOURCE_FILES = [
'third_party/boringssl/ssl/ssl_buffer.c',
'third_party/boringssl/ssl/ssl_cert.c',
'third_party/boringssl/ssl/ssl_cipher.c',
'third_party/boringssl/ssl/ssl_ecdh.c',
'third_party/boringssl/ssl/ssl_file.c',
'third_party/boringssl/ssl/ssl_lib.c',
'third_party/boringssl/ssl/ssl_rsa.c',

@ -152,6 +152,7 @@ grpc_metadata_credentials_create_from_plugin_type grpc_metadata_credentials_crea
grpc_secure_channel_create_type grpc_secure_channel_create_import;
grpc_server_credentials_release_type grpc_server_credentials_release_import;
grpc_ssl_server_credentials_create_type grpc_ssl_server_credentials_create_import;
grpc_ssl_server_credentials_create_ex_type grpc_ssl_server_credentials_create_ex_import;
grpc_server_add_secure_http2_port_type grpc_server_add_secure_http2_port_import;
grpc_call_set_credentials_type grpc_call_set_credentials_import;
grpc_server_credentials_set_auth_metadata_processor_type grpc_server_credentials_set_auth_metadata_processor_import;
@ -174,6 +175,8 @@ grpc_byte_buffer_reader_readall_type grpc_byte_buffer_reader_readall_import;
grpc_raw_byte_buffer_from_reader_type grpc_raw_byte_buffer_from_reader_import;
gpr_log_type gpr_log_import;
gpr_log_message_type gpr_log_message_import;
gpr_set_log_verbosity_type gpr_set_log_verbosity_import;
gpr_log_verbosity_init_type gpr_log_verbosity_init_import;
gpr_set_log_function_type gpr_set_log_function_import;
gpr_slice_ref_type gpr_slice_ref_import;
gpr_slice_unref_type gpr_slice_unref_import;
@ -414,6 +417,7 @@ void grpc_rb_load_imports(HMODULE library) {
grpc_secure_channel_create_import = (grpc_secure_channel_create_type) GetProcAddress(library, "grpc_secure_channel_create");
grpc_server_credentials_release_import = (grpc_server_credentials_release_type) GetProcAddress(library, "grpc_server_credentials_release");
grpc_ssl_server_credentials_create_import = (grpc_ssl_server_credentials_create_type) GetProcAddress(library, "grpc_ssl_server_credentials_create");
grpc_ssl_server_credentials_create_ex_import = (grpc_ssl_server_credentials_create_ex_type) GetProcAddress(library, "grpc_ssl_server_credentials_create_ex");
grpc_server_add_secure_http2_port_import = (grpc_server_add_secure_http2_port_type) GetProcAddress(library, "grpc_server_add_secure_http2_port");
grpc_call_set_credentials_import = (grpc_call_set_credentials_type) GetProcAddress(library, "grpc_call_set_credentials");
grpc_server_credentials_set_auth_metadata_processor_import = (grpc_server_credentials_set_auth_metadata_processor_type) GetProcAddress(library, "grpc_server_credentials_set_auth_metadata_processor");
@ -436,6 +440,8 @@ void grpc_rb_load_imports(HMODULE library) {
grpc_raw_byte_buffer_from_reader_import = (grpc_raw_byte_buffer_from_reader_type) GetProcAddress(library, "grpc_raw_byte_buffer_from_reader");
gpr_log_import = (gpr_log_type) GetProcAddress(library, "gpr_log");
gpr_log_message_import = (gpr_log_message_type) GetProcAddress(library, "gpr_log_message");
gpr_set_log_verbosity_import = (gpr_set_log_verbosity_type) GetProcAddress(library, "gpr_set_log_verbosity");
gpr_log_verbosity_init_import = (gpr_log_verbosity_init_type) GetProcAddress(library, "gpr_log_verbosity_init");
gpr_set_log_function_import = (gpr_set_log_function_type) GetProcAddress(library, "gpr_set_log_function");
gpr_slice_ref_import = (gpr_slice_ref_type) GetProcAddress(library, "gpr_slice_ref");
gpr_slice_unref_import = (gpr_slice_unref_type) GetProcAddress(library, "gpr_slice_unref");

@ -406,6 +406,9 @@ extern grpc_server_credentials_release_type grpc_server_credentials_release_impo
typedef grpc_server_credentials *(*grpc_ssl_server_credentials_create_type)(const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs, size_t num_key_cert_pairs, int force_client_auth, void *reserved);
extern grpc_ssl_server_credentials_create_type grpc_ssl_server_credentials_create_import;
#define grpc_ssl_server_credentials_create grpc_ssl_server_credentials_create_import
typedef grpc_server_credentials *(*grpc_ssl_server_credentials_create_ex_type)(const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs, size_t num_key_cert_pairs, grpc_ssl_client_certificate_request_type client_certificate_request, void *reserved);
extern grpc_ssl_server_credentials_create_ex_type grpc_ssl_server_credentials_create_ex_import;
#define grpc_ssl_server_credentials_create_ex grpc_ssl_server_credentials_create_ex_import
typedef int(*grpc_server_add_secure_http2_port_type)(grpc_server *server, const char *addr, grpc_server_credentials *creds);
extern grpc_server_add_secure_http2_port_type grpc_server_add_secure_http2_port_import;
#define grpc_server_add_secure_http2_port grpc_server_add_secure_http2_port_import
@ -472,6 +475,12 @@ extern gpr_log_type gpr_log_import;
typedef void(*gpr_log_message_type)(const char *file, int line, gpr_log_severity severity, const char *message);
extern gpr_log_message_type gpr_log_message_import;
#define gpr_log_message gpr_log_message_import
typedef void(*gpr_set_log_verbosity_type)(gpr_log_severity min_severity_to_print);
extern gpr_set_log_verbosity_type gpr_set_log_verbosity_import;
#define gpr_set_log_verbosity gpr_set_log_verbosity_import
typedef void(*gpr_log_verbosity_init_type)();
extern gpr_log_verbosity_init_type gpr_log_verbosity_init_import;
#define gpr_log_verbosity_init gpr_log_verbosity_init_import
typedef void(*gpr_set_log_function_type)(gpr_log_func func);
extern gpr_set_log_function_type gpr_set_log_function_import;
#define gpr_set_log_function gpr_set_log_function_import

@ -90,9 +90,12 @@ static void grpc_rb_server_credentials_mark(void *p) {
static const rb_data_type_t grpc_rb_server_credentials_data_type = {
"grpc_server_credentials",
{grpc_rb_server_credentials_mark, grpc_rb_server_credentials_free,
GRPC_RB_MEMSIZE_UNAVAILABLE, {NULL, NULL}},
NULL, NULL,
{grpc_rb_server_credentials_mark,
grpc_rb_server_credentials_free,
GRPC_RB_MEMSIZE_UNAVAILABLE,
{NULL, NULL}},
NULL,
NULL,
#ifdef RUBY_TYPED_FREE_IMMEDIATELY
RUBY_TYPED_FREE_IMMEDIATELY
#endif
@ -219,7 +222,9 @@ static VALUE grpc_rb_server_credentials_init(VALUE self, VALUE pem_root_certs,
}
}
auth_client = TYPE(force_client_auth) == T_TRUE;
auth_client = TYPE(force_client_auth) == T_TRUE
? GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY
: GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE;
key_cert_pairs = ALLOC_N(grpc_ssl_pem_key_cert_pair, num_key_certs);
for (i = 0; i < num_key_certs; i++) {
key_cert = rb_ary_entry(pem_key_certs, i);
@ -233,13 +238,12 @@ static VALUE grpc_rb_server_credentials_init(VALUE self, VALUE pem_root_certs,
&grpc_rb_server_credentials_data_type, wrapper);
if (pem_root_certs == Qnil) {
creds = grpc_ssl_server_credentials_create(NULL, key_cert_pairs,
num_key_certs,
auth_client, NULL);
creds = grpc_ssl_server_credentials_create_ex(
NULL, key_cert_pairs, num_key_certs, auth_client, NULL);
} else {
creds = grpc_ssl_server_credentials_create(RSTRING_PTR(pem_root_certs),
key_cert_pairs, num_key_certs,
auth_client, NULL);
creds = grpc_ssl_server_credentials_create_ex(RSTRING_PTR(pem_root_certs),
key_cert_pairs, num_key_certs,
auth_client, NULL);
}
xfree(key_cert_pairs);
if (creds == NULL) {

@ -85,7 +85,8 @@ module GRPC
# when present, this is the default timeout used for calls
#
# @param host [String] the host the stub connects to
# @param q [Core::CompletionQueue] used to wait for events
# @param q [Core::CompletionQueue] used to wait for events - now deprecated
# since each new active call gets its own separately
# @param creds [Core::ChannelCredentials|Symbol] the channel credentials, or
# :this_channel_is_insecure
# @param channel_override [Core::Channel] a pre-created channel
@ -97,7 +98,6 @@ module GRPC
propagate_mask: nil,
**kw)
fail(TypeError, '!CompletionQueue') unless q.is_a?(Core::CompletionQueue)
@queue = q
@ch = ClientStub.setup_channel(channel_override, host, creds, **kw)
alt_host = kw[Core::Channel::SSL_TARGET]
@host = alt_host.nil? ? host : alt_host
@ -458,14 +458,17 @@ module GRPC
if deadline.nil?
deadline = from_relative_time(timeout.nil? ? @timeout : timeout)
end
call = @ch.create_call(@queue,
# Provide each new client call with its own completion queue
call_queue = Core::CompletionQueue.new
call = @ch.create_call(call_queue,
parent, # parent call
@propagate_mask, # propagation options
method,
nil, # host use nil,
deadline)
call.set_credentials! credentials unless credentials.nil?
ActiveCall.new(call, @queue, marshal, unmarshal, deadline, started: false)
ActiveCall.new(call, call_queue, marshal, unmarshal, deadline,
started: false)
end
end
end

@ -88,4 +88,7 @@ class BenchmarkServer
def get_port
@port
end
def stop
@server.stop
end
end

@ -9,26 +9,12 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
add_message "grpc.testing.PoissonParams" do
optional :offered_load, :double, 1
end
add_message "grpc.testing.UniformParams" do
optional :interarrival_lo, :double, 1
optional :interarrival_hi, :double, 2
end
add_message "grpc.testing.DeterministicParams" do
optional :offered_load, :double, 1
end
add_message "grpc.testing.ParetoParams" do
optional :interarrival_base, :double, 1
optional :alpha, :double, 2
end
add_message "grpc.testing.ClosedLoopParams" do
end
add_message "grpc.testing.LoadParams" do
oneof :load do
optional :closed_loop, :message, 1, "grpc.testing.ClosedLoopParams"
optional :poisson, :message, 2, "grpc.testing.PoissonParams"
optional :uniform, :message, 3, "grpc.testing.UniformParams"
optional :determ, :message, 4, "grpc.testing.DeterministicParams"
optional :pareto, :message, 5, "grpc.testing.ParetoParams"
end
end
add_message "grpc.testing.SecurityParams" do
@ -88,6 +74,40 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
end
add_message "grpc.testing.Void" do
end
add_message "grpc.testing.Scenario" do
optional :name, :string, 1
optional :client_config, :message, 2, "grpc.testing.ClientConfig"
optional :num_clients, :int32, 3
optional :server_config, :message, 4, "grpc.testing.ServerConfig"
optional :num_servers, :int32, 5
optional :warmup_seconds, :int32, 6
optional :benchmark_seconds, :int32, 7
optional :spawn_local_worker_count, :int32, 8
end
add_message "grpc.testing.Scenarios" do
repeated :scenarios, :message, 1, "grpc.testing.Scenario"
end
add_message "grpc.testing.ScenarioResultSummary" do
optional :qps, :double, 1
optional :qps_per_server_core, :double, 2
optional :server_system_time, :double, 3
optional :server_user_time, :double, 4
optional :client_system_time, :double, 5
optional :client_user_time, :double, 6
optional :latency_50, :double, 7
optional :latency_90, :double, 8
optional :latency_95, :double, 9
optional :latency_99, :double, 10
optional :latency_999, :double, 11
end
add_message "grpc.testing.ScenarioResult" do
optional :scenario, :message, 1, "grpc.testing.Scenario"
optional :latencies, :message, 2, "grpc.testing.HistogramData"
repeated :client_stats, :message, 3, "grpc.testing.ClientStats"
repeated :server_stats, :message, 4, "grpc.testing.ServerStats"
repeated :server_cores, :int32, 5
optional :summary, :message, 6, "grpc.testing.ScenarioResultSummary"
end
add_enum "grpc.testing.ClientType" do
value :SYNC_CLIENT, 0
value :ASYNC_CLIENT, 1
@ -106,9 +126,6 @@ end
module Grpc
module Testing
PoissonParams = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.PoissonParams").msgclass
UniformParams = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.UniformParams").msgclass
DeterministicParams = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.DeterministicParams").msgclass
ParetoParams = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.ParetoParams").msgclass
ClosedLoopParams = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.ClosedLoopParams").msgclass
LoadParams = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.LoadParams").msgclass
SecurityParams = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.SecurityParams").msgclass
@ -122,6 +139,10 @@ module Grpc
CoreRequest = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.CoreRequest").msgclass
CoreResponse = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.CoreResponse").msgclass
Void = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.Void").msgclass
Scenario = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.Scenario").msgclass
Scenarios = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.Scenarios").msgclass
ScenarioResultSummary = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.ScenarioResultSummary").msgclass
ScenarioResult = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.ScenarioResult").msgclass
ClientType = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.ClientType").enummodule
ServerType = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.ServerType").enummodule
RpcType = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.RpcType").enummodule

@ -46,6 +46,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
add_message "grpc.testing.StreamingOutputCallResponse" do
optional :payload, :message, 1, "grpc.testing.Payload"
end
add_message "grpc.testing.ReconnectParams" do
optional :max_reconnect_backoff_ms, :int32, 1
end
add_message "grpc.testing.ReconnectInfo" do
optional :passed, :bool, 1
repeated :backoff_ms, :int32, 2
@ -73,6 +76,7 @@ module Grpc
ResponseParameters = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.ResponseParameters").msgclass
StreamingOutputCallRequest = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.StreamingOutputCallRequest").msgclass
StreamingOutputCallResponse = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.StreamingOutputCallResponse").msgclass
ReconnectParams = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.ReconnectParams").msgclass
ReconnectInfo = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.ReconnectInfo").msgclass
PayloadType = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.PayloadType").enummodule
CompressionType = Google::Protobuf::DescriptorPool.generated_pool.lookup("grpc.testing.CompressionType").enummodule

@ -55,12 +55,12 @@ class WorkerServiceImpl < Grpc::Testing::WorkerService::Service
Thread.new {
bms = ''
gtss = Grpc::Testing::ServerStatus
reqs.each do |req|
reqs.each do |req|
case req.argtype.to_s
when 'setup'
bms = BenchmarkServer.new(req.setup, @server_port)
q.push(gtss.new(stats: bms.mark(false), port: bms.get_port))
when 'mark'
when 'mark'
q.push(gtss.new(stats: bms.mark(req.mark.reset), cores: cpu_cores))
end
end

@ -37,6 +37,7 @@
s.add_dependency 'googleauth', '~> 0.5.1'
s.add_development_dependency 'bundler', '~> 1.9'
s.add_development_dependency 'facter', '~> 2.4'
s.add_development_dependency 'logging', '~> 2.0'
s.add_development_dependency 'simplecov', '~> 0.9'
s.add_development_dependency 'rake', '~> 10.4'

@ -0,0 +1,2 @@
# Using login shell removes Go from path, so we add it.
RUN ln -s /usr/local/go/bin/go /usr/local/bin

@ -0,0 +1,17 @@
# Install JDK 8 and Git
#
RUN echo oracle-java8-installer shared/accepted-oracle-license-v1-1 select true | /usr/bin/debconf-set-selections && ${'\\'}
echo "deb http://ppa.launchpad.net/webupd8team/java/ubuntu trusty main" | tee /etc/apt/sources.list.d/webupd8team-java.list && ${'\\'}
echo "deb-src http://ppa.launchpad.net/webupd8team/java/ubuntu trusty main" | tee -a /etc/apt/sources.list.d/webupd8team-java.list && ${'\\'}
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys EEA14886
RUN apt-get update && apt-get -y install ${'\\'}
git ${'\\'}
libapr1 ${'\\'}
oracle-java8-installer ${'\\'}
&& ${'\\'}
apt-get clean && rm -r /var/cache/oracle-jdk8-installer/
ENV JAVA_HOME /usr/lib/jvm/java-8-oracle
ENV PATH $PATH:$JAVA_HOME/bin

@ -0,0 +1,37 @@
%YAML 1.2
--- |
# Copyright 2016, Google Inc.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
#
# * Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# * Redistributions in binary form must reproduce the above
# copyright notice, this list of conditions and the following disclaimer
# in the documentation and/or other materials provided with the
# distribution.
# * Neither the name of Google Inc. nor the names of its
# contributors may be used to endorse or promote products derived from
# this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
FROM golang:1.5
<%include file="../../gcp_api_libraries.include"/>
<%include file="../../go_path.include"/>
# Define the default command.
CMD ["bash"]

@ -0,0 +1,40 @@
%YAML 1.2
--- |
# Copyright 2016, Google Inc.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
#
# * Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# * Redistributions in binary form must reproduce the above
# copyright notice, this list of conditions and the following disclaimer
# in the documentation and/or other materials provided with the
# distribution.
# * Neither the name of Google Inc. nor the names of its
# contributors may be used to endorse or promote products derived from
# this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
FROM debian:jessie
<%include file="../../apt_get_basic.include"/>
<%include file="../../ccache_setup.include"/>
<%include file="../../cxx_deps.include"/>
<%include file="../../gcp_api_libraries.include"/>
<%include file="../../java_deps.include"/>
# Define the default command.
CMD ["bash"]

@ -37,9 +37,13 @@ template: |
flags="-max_total_time=$runtime -artifact_prefix=fuzzer_output/ -max_len=${selected.maxlen}"
%if selected.get('dict'):
flags="$flags -dict=${selected.dict}"
%endif
if [ "$jobs" != "1" ]
then
flags="-jobs=$jobs -workers=$jobs"
flags="-jobs=$jobs -workers=$jobs $flags"
fi
if [ "$config" == "asan-trace-cmp" ]

@ -0,0 +1,343 @@
/*
*
* Copyright 2016, Google Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are
* met:
*
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following disclaimer
* in the documentation and/or other materials provided with the
* distribution.
* * Neither the name of Google Inc. nor the names of its
* contributors may be used to endorse or promote products derived from
* this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
const char test_self_signed_client_cert[] = {
0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x43,
0x45, 0x52, 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d,
0x2d, 0x2d, 0x2d, 0x0a, 0x4d, 0x49, 0x49, 0x43, 0x6f, 0x44, 0x43, 0x43,
0x41, 0x67, 0x6d, 0x67, 0x41, 0x77, 0x49, 0x42, 0x41, 0x67, 0x49, 0x4a,
0x41, 0x4e, 0x49, 0x7a, 0x32, 0x2f, 0x7a, 0x6f, 0x52, 0x69, 0x61, 0x70,
0x4d, 0x41, 0x30, 0x47, 0x43, 0x53, 0x71, 0x47, 0x53, 0x49, 0x62, 0x33,
0x44, 0x51, 0x45, 0x42, 0x42, 0x51, 0x55, 0x41, 0x4d, 0x47, 0x6b, 0x78,
0x43, 0x7a, 0x41, 0x4a, 0x42, 0x67, 0x4e, 0x56, 0x0a, 0x42, 0x41, 0x59,
0x54, 0x41, 0x6b, 0x46, 0x56, 0x4d, 0x52, 0x4d, 0x77, 0x45, 0x51, 0x59,
0x44, 0x56, 0x51, 0x51, 0x49, 0x44, 0x41, 0x70, 0x54, 0x62, 0x32, 0x31,
0x6c, 0x4c, 0x56, 0x4e, 0x30, 0x59, 0x58, 0x52, 0x6c, 0x4d, 0x53, 0x45,
0x77, 0x48, 0x77, 0x59, 0x44, 0x56, 0x51, 0x51, 0x4b, 0x44, 0x42, 0x68,
0x4a, 0x62, 0x6e, 0x52, 0x6c, 0x63, 0x6d, 0x35, 0x6c, 0x64, 0x43, 0x42,
0x58, 0x0a, 0x61, 0x57, 0x52, 0x6e, 0x61, 0x58, 0x52, 0x7a, 0x49, 0x46,
0x42, 0x30, 0x65, 0x53, 0x42, 0x4d, 0x64, 0x47, 0x51, 0x78, 0x49, 0x6a,
0x41, 0x67, 0x42, 0x67, 0x4e, 0x56, 0x42, 0x41, 0x4d, 0x4d, 0x47, 0x57,
0x4a, 0x68, 0x5a, 0x47, 0x4e, 0x73, 0x61, 0x57, 0x56, 0x75, 0x64, 0x43,
0x35, 0x30, 0x5a, 0x58, 0x4e, 0x30, 0x4c, 0x6d, 0x64, 0x76, 0x62, 0x32,
0x64, 0x73, 0x5a, 0x53, 0x35, 0x6a, 0x0a, 0x62, 0x32, 0x30, 0x77, 0x48,
0x68, 0x63, 0x4e, 0x4d, 0x54, 0x51, 0x77, 0x4e, 0x7a, 0x49, 0x34, 0x4d,
0x6a, 0x41, 0x77, 0x4f, 0x44, 0x49, 0x31, 0x57, 0x68, 0x63, 0x4e, 0x4d,
0x6a, 0x51, 0x77, 0x4e, 0x7a, 0x49, 0x31, 0x4d, 0x6a, 0x41, 0x77, 0x4f,
0x44, 0x49, 0x31, 0x57, 0x6a, 0x42, 0x70, 0x4d, 0x51, 0x73, 0x77, 0x43,
0x51, 0x59, 0x44, 0x56, 0x51, 0x51, 0x47, 0x45, 0x77, 0x4a, 0x42, 0x0a,
0x56, 0x54, 0x45, 0x54, 0x4d, 0x42, 0x45, 0x47, 0x41, 0x31, 0x55, 0x45,
0x43, 0x41, 0x77, 0x4b, 0x55, 0x32, 0x39, 0x74, 0x5a, 0x53, 0x31, 0x54,
0x64, 0x47, 0x46, 0x30, 0x5a, 0x54, 0x45, 0x68, 0x4d, 0x42, 0x38, 0x47,
0x41, 0x31, 0x55, 0x45, 0x43, 0x67, 0x77, 0x59, 0x53, 0x57, 0x35, 0x30,
0x5a, 0x58, 0x4a, 0x75, 0x5a, 0x58, 0x51, 0x67, 0x56, 0x32, 0x6c, 0x6b,
0x5a, 0x32, 0x6c, 0x30, 0x0a, 0x63, 0x79, 0x42, 0x51, 0x64, 0x48, 0x6b,
0x67, 0x54, 0x48, 0x52, 0x6b, 0x4d, 0x53, 0x49, 0x77, 0x49, 0x41, 0x59,
0x44, 0x56, 0x51, 0x51, 0x44, 0x44, 0x42, 0x6c, 0x69, 0x59, 0x57, 0x52,
0x6a, 0x62, 0x47, 0x6c, 0x6c, 0x62, 0x6e, 0x51, 0x75, 0x64, 0x47, 0x56,
0x7a, 0x64, 0x43, 0x35, 0x6e, 0x62, 0x32, 0x39, 0x6e, 0x62, 0x47, 0x55,
0x75, 0x59, 0x32, 0x39, 0x74, 0x4d, 0x49, 0x47, 0x66, 0x0a, 0x4d, 0x41,
0x30, 0x47, 0x43, 0x53, 0x71, 0x47, 0x53, 0x49, 0x62, 0x33, 0x44, 0x51,
0x45, 0x42, 0x41, 0x51, 0x55, 0x41, 0x41, 0x34, 0x47, 0x4e, 0x41, 0x44,
0x43, 0x42, 0x69, 0x51, 0x4b, 0x42, 0x67, 0x51, 0x43, 0x79, 0x58, 0x32,
0x4a, 0x78, 0x5a, 0x2b, 0x4a, 0x35, 0x49, 0x2b, 0x64, 0x6c, 0x68, 0x52,
0x4f, 0x56, 0x74, 0x71, 0x6c, 0x4d, 0x51, 0x6e, 0x34, 0x37, 0x42, 0x42,
0x63, 0x72, 0x0a, 0x6c, 0x32, 0x47, 0x43, 0x6b, 0x76, 0x39, 0x4f, 0x31,
0x44, 0x31, 0x72, 0x4c, 0x39, 0x34, 0x4b, 0x57, 0x59, 0x62, 0x59, 0x31,
0x34, 0x48, 0x58, 0x68, 0x69, 0x2f, 0x6e, 0x61, 0x63, 0x42, 0x41, 0x51,
0x74, 0x43, 0x45, 0x51, 0x77, 0x58, 0x78, 0x70, 0x35, 0x44, 0x4b, 0x65,
0x6d, 0x47, 0x4f, 0x55, 0x6a, 0x75, 0x36, 0x35, 0x78, 0x4d, 0x39, 0x46,
0x39, 0x36, 0x2f, 0x33, 0x37, 0x34, 0x47, 0x0a, 0x4d, 0x76, 0x6e, 0x52,
0x4a, 0x64, 0x6f, 0x35, 0x32, 0x67, 0x4f, 0x73, 0x34, 0x48, 0x4f, 0x30,
0x63, 0x7a, 0x42, 0x70, 0x66, 0x56, 0x4e, 0x64, 0x58, 0x65, 0x65, 0x6f,
0x44, 0x2f, 0x52, 0x59, 0x67, 0x77, 0x74, 0x74, 0x66, 0x64, 0x4a, 0x72,
0x7a, 0x2f, 0x34, 0x61, 0x61, 0x74, 0x73, 0x53, 0x32, 0x51, 0x6b, 0x32,
0x79, 0x4d, 0x59, 0x70, 0x71, 0x5a, 0x6d, 0x71, 0x45, 0x4d, 0x73, 0x62,
0x0a, 0x72, 0x68, 0x39, 0x57, 0x32, 0x32, 0x4c, 0x70, 0x33, 0x72, 0x43,
0x42, 0x76, 0x77, 0x49, 0x44, 0x41, 0x51, 0x41, 0x42, 0x6f, 0x31, 0x41,
0x77, 0x54, 0x6a, 0x41, 0x64, 0x42, 0x67, 0x4e, 0x56, 0x48, 0x51, 0x34,
0x45, 0x46, 0x67, 0x51, 0x55, 0x35, 0x32, 0x33, 0x41, 0x4a, 0x4d, 0x52,
0x38, 0x44, 0x73, 0x39, 0x56, 0x38, 0x66, 0x68, 0x66, 0x37, 0x67, 0x75,
0x31, 0x69, 0x30, 0x4d, 0x4d, 0x0a, 0x55, 0x71, 0x41, 0x77, 0x48, 0x77,
0x59, 0x44, 0x56, 0x52, 0x30, 0x6a, 0x42, 0x42, 0x67, 0x77, 0x46, 0x6f,
0x41, 0x55, 0x35, 0x32, 0x33, 0x41, 0x4a, 0x4d, 0x52, 0x38, 0x44, 0x73,
0x39, 0x56, 0x38, 0x66, 0x68, 0x66, 0x37, 0x67, 0x75, 0x31, 0x69, 0x30,
0x4d, 0x4d, 0x55, 0x71, 0x41, 0x77, 0x44, 0x41, 0x59, 0x44, 0x56, 0x52,
0x30, 0x54, 0x42, 0x41, 0x55, 0x77, 0x41, 0x77, 0x45, 0x42, 0x0a, 0x2f,
0x7a, 0x41, 0x4e, 0x42, 0x67, 0x6b, 0x71, 0x68, 0x6b, 0x69, 0x47, 0x39,
0x77, 0x30, 0x42, 0x41, 0x51, 0x55, 0x46, 0x41, 0x41, 0x4f, 0x42, 0x67,
0x51, 0x43, 0x49, 0x2f, 0x74, 0x76, 0x53, 0x42, 0x59, 0x48, 0x31, 0x69,
0x79, 0x66, 0x4c, 0x61, 0x43, 0x54, 0x42, 0x4b, 0x77, 0x70, 0x64, 0x6a,
0x33, 0x36, 0x2b, 0x4d, 0x6b, 0x52, 0x39, 0x45, 0x65, 0x4a, 0x4a, 0x6d,
0x49, 0x6d, 0x78, 0x0a, 0x58, 0x2b, 0x62, 0x6a, 0x68, 0x4b, 0x57, 0x58,
0x77, 0x73, 0x42, 0x58, 0x34, 0x50, 0x44, 0x4d, 0x57, 0x76, 0x64, 0x75,
0x73, 0x72, 0x2b, 0x2b, 0x51, 0x47, 0x55, 0x59, 0x74, 0x79, 0x6f, 0x79,
0x61, 0x2b, 0x68, 0x66, 0x59, 0x4d, 0x58, 0x52, 0x68, 0x58, 0x75, 0x61,
0x33, 0x39, 0x6d, 0x44, 0x35, 0x34, 0x78, 0x67, 0x6c, 0x6f, 0x51, 0x4e,
0x75, 0x75, 0x39, 0x52, 0x45, 0x44, 0x77, 0x58, 0x0a, 0x46, 0x66, 0x74,
0x6f, 0x2b, 0x61, 0x4f, 0x77, 0x33, 0x42, 0x63, 0x59, 0x64, 0x75, 0x63,
0x7a, 0x36, 0x6f, 0x66, 0x78, 0x69, 0x63, 0x46, 0x4b, 0x2f, 0x59, 0x32,
0x56, 0x65, 0x58, 0x44, 0x75, 0x72, 0x53, 0x4d, 0x70, 0x52, 0x76, 0x35,
0x54, 0x66, 0x47, 0x66, 0x32, 0x51, 0x72, 0x36, 0x65, 0x4f, 0x4f, 0x64,
0x61, 0x52, 0x68, 0x6a, 0x36, 0x65, 0x64, 0x37, 0x42, 0x69, 0x62, 0x48,
0x6b, 0x0a, 0x58, 0x31, 0x56, 0x47, 0x5a, 0x41, 0x3d, 0x3d, 0x0a, 0x2d,
0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x43, 0x45, 0x52, 0x54,
0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d,
0x0a, 0x00};
const char test_self_signed_client_key[] = {
0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x50,
0x52, 0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4b, 0x45, 0x59, 0x2d, 0x2d,
0x2d, 0x2d, 0x2d, 0x0a, 0x4d, 0x49, 0x49, 0x43, 0x64, 0x77, 0x49, 0x42,
0x41, 0x44, 0x41, 0x4e, 0x42, 0x67, 0x6b, 0x71, 0x68, 0x6b, 0x69, 0x47,
0x39, 0x77, 0x30, 0x42, 0x41, 0x51, 0x45, 0x46, 0x41, 0x41, 0x53, 0x43,
0x41, 0x6d, 0x45, 0x77, 0x67, 0x67, 0x4a, 0x64, 0x41, 0x67, 0x45, 0x41,
0x41, 0x6f, 0x47, 0x42, 0x41, 0x4c, 0x4a, 0x66, 0x59, 0x6e, 0x46, 0x6e,
0x34, 0x6e, 0x6b, 0x6a, 0x35, 0x32, 0x57, 0x46, 0x0a, 0x45, 0x35, 0x57,
0x32, 0x71, 0x55, 0x78, 0x43, 0x66, 0x6a, 0x73, 0x45, 0x46, 0x79, 0x75,
0x58, 0x59, 0x59, 0x4b, 0x53, 0x2f, 0x30, 0x37, 0x55, 0x50, 0x57, 0x73,
0x76, 0x33, 0x67, 0x70, 0x5a, 0x68, 0x74, 0x6a, 0x58, 0x67, 0x64, 0x65,
0x47, 0x4c, 0x2b, 0x64, 0x70, 0x77, 0x45, 0x42, 0x43, 0x30, 0x49, 0x52,
0x44, 0x42, 0x66, 0x47, 0x6e, 0x6b, 0x4d, 0x70, 0x36, 0x59, 0x59, 0x35,
0x53, 0x0a, 0x4f, 0x37, 0x72, 0x6e, 0x45, 0x7a, 0x30, 0x58, 0x33, 0x72,
0x2f, 0x66, 0x76, 0x67, 0x59, 0x79, 0x2b, 0x64, 0x45, 0x6c, 0x32, 0x6a,
0x6e, 0x61, 0x41, 0x36, 0x7a, 0x67, 0x63, 0x37, 0x52, 0x7a, 0x4d, 0x47,
0x6c, 0x39, 0x55, 0x31, 0x31, 0x64, 0x35, 0x36, 0x67, 0x50, 0x39, 0x46,
0x69, 0x44, 0x43, 0x32, 0x31, 0x39, 0x30, 0x6d, 0x76, 0x50, 0x2f, 0x68,
0x70, 0x71, 0x32, 0x78, 0x4c, 0x5a, 0x0a, 0x43, 0x54, 0x62, 0x49, 0x78,
0x69, 0x6d, 0x70, 0x6d, 0x61, 0x6f, 0x51, 0x79, 0x78, 0x75, 0x75, 0x48,
0x31, 0x62, 0x62, 0x59, 0x75, 0x6e, 0x65, 0x73, 0x49, 0x47, 0x2f, 0x41,
0x67, 0x4d, 0x42, 0x41, 0x41, 0x45, 0x43, 0x67, 0x59, 0x41, 0x64, 0x71,
0x4a, 0x43, 0x45, 0x7a, 0x4d, 0x49, 0x79, 0x5a, 0x45, 0x37, 0x6f, 0x61,
0x57, 0x30, 0x74, 0x4f, 0x70, 0x63, 0x42, 0x30, 0x42, 0x69, 0x50, 0x0a,
0x46, 0x59, 0x6f, 0x49, 0x76, 0x48, 0x34, 0x42, 0x4b, 0x52, 0x48, 0x38,
0x65, 0x48, 0x76, 0x52, 0x34, 0x37, 0x36, 0x6d, 0x74, 0x2b, 0x59, 0x64,
0x44, 0x68, 0x42, 0x50, 0x31, 0x73, 0x63, 0x47, 0x55, 0x6d, 0x59, 0x65,
0x43, 0x54, 0x34, 0x45, 0x6a, 0x2b, 0x52, 0x67, 0x48, 0x76, 0x32, 0x4c,
0x50, 0x54, 0x67, 0x56, 0x59, 0x77, 0x54, 0x39, 0x65, 0x63, 0x69, 0x50,
0x32, 0x2b, 0x45, 0x2f, 0x0a, 0x43, 0x42, 0x43, 0x4e, 0x52, 0x65, 0x6c,
0x30, 0x53, 0x77, 0x39, 0x4a, 0x65, 0x70, 0x77, 0x57, 0x30, 0x72, 0x2b,
0x6a, 0x57, 0x4a, 0x74, 0x44, 0x59, 0x31, 0x70, 0x70, 0x36, 0x59, 0x58,
0x41, 0x67, 0x4e, 0x52, 0x47, 0x58, 0x32, 0x55, 0x66, 0x6c, 0x76, 0x55,
0x73, 0x54, 0x2b, 0x6f, 0x39, 0x6c, 0x5a, 0x76, 0x61, 0x67, 0x66, 0x39,
0x6d, 0x6f, 0x4c, 0x54, 0x4d, 0x79, 0x47, 0x76, 0x55, 0x0a, 0x75, 0x4c,
0x46, 0x6e, 0x73, 0x79, 0x66, 0x4c, 0x69, 0x6d, 0x31, 0x42, 0x34, 0x76,
0x58, 0x76, 0x57, 0x51, 0x4a, 0x42, 0x41, 0x4e, 0x6f, 0x75, 0x5a, 0x6c,
0x6c, 0x58, 0x47, 0x5a, 0x6f, 0x53, 0x72, 0x5a, 0x4c, 0x74, 0x52, 0x33,
0x56, 0x67, 0x56, 0x34, 0x74, 0x7a, 0x52, 0x51, 0x76, 0x4a, 0x78, 0x75,
0x38, 0x34, 0x6b, 0x4c, 0x65, 0x49, 0x6b, 0x36, 0x34, 0x4f, 0x76, 0x34,
0x37, 0x58, 0x0a, 0x70, 0x48, 0x56, 0x42, 0x4d, 0x54, 0x52, 0x42, 0x66,
0x7a, 0x50, 0x45, 0x68, 0x62, 0x42, 0x6f, 0x64, 0x6a, 0x72, 0x31, 0x6d,
0x35, 0x4f, 0x4c, 0x61, 0x56, 0x4c, 0x71, 0x6b, 0x46, 0x63, 0x58, 0x66,
0x74, 0x7a, 0x52, 0x43, 0x72, 0x62, 0x57, 0x6f, 0x4b, 0x73, 0x43, 0x51,
0x51, 0x44, 0x52, 0x53, 0x6f, 0x4c, 0x4c, 0x58, 0x4f, 0x69, 0x4c, 0x72,
0x74, 0x4a, 0x33, 0x44, 0x4c, 0x4a, 0x43, 0x0a, 0x72, 0x58, 0x37, 0x59,
0x38, 0x77, 0x72, 0x48, 0x5a, 0x72, 0x71, 0x6b, 0x35, 0x62, 0x4d, 0x64,
0x5a, 0x4c, 0x47, 0x61, 0x2f, 0x55, 0x58, 0x38, 0x52, 0x61, 0x6e, 0x68,
0x56, 0x77, 0x33, 0x2b, 0x58, 0x70, 0x2b, 0x75, 0x72, 0x64, 0x31, 0x37,
0x31, 0x31, 0x75, 0x6d, 0x65, 0x4e, 0x4a, 0x66, 0x7a, 0x75, 0x2f, 0x4d,
0x43, 0x6b, 0x34, 0x61, 0x31, 0x4b, 0x6b, 0x47, 0x2f, 0x43, 0x55, 0x30,
0x0a, 0x72, 0x71, 0x73, 0x39, 0x41, 0x6b, 0x41, 0x34, 0x63, 0x53, 0x78,
0x31, 0x44, 0x44, 0x31, 0x4a, 0x53, 0x47, 0x2b, 0x79, 0x78, 0x4d, 0x4e,
0x70, 0x73, 0x41, 0x53, 0x31, 0x78, 0x4a, 0x6f, 0x6d, 0x46, 0x49, 0x72,
0x73, 0x4d, 0x39, 0x76, 0x73, 0x50, 0x74, 0x37, 0x46, 0x64, 0x6e, 0x64,
0x44, 0x77, 0x72, 0x46, 0x2b, 0x79, 0x2b, 0x43, 0x6f, 0x76, 0x68, 0x44,
0x6b, 0x47, 0x59, 0x44, 0x6b, 0x0a, 0x52, 0x41, 0x48, 0x68, 0x2b, 0x73,
0x76, 0x47, 0x66, 0x5a, 0x67, 0x2f, 0x70, 0x51, 0x4b, 0x32, 0x4a, 0x52,
0x50, 0x69, 0x6d, 0x41, 0x6d, 0x48, 0x68, 0x7a, 0x71, 0x46, 0x41, 0x6b,
0x45, 0x41, 0x75, 0x36, 0x59, 0x61, 0x37, 0x30, 0x73, 0x32, 0x46, 0x55,
0x65, 0x42, 0x33, 0x4d, 0x75, 0x39, 0x61, 0x4a, 0x73, 0x32, 0x43, 0x44,
0x36, 0x68, 0x67, 0x33, 0x64, 0x51, 0x45, 0x56, 0x6b, 0x42, 0x0a, 0x35,
0x33, 0x44, 0x49, 0x37, 0x54, 0x58, 0x34, 0x38, 0x64, 0x39, 0x6b, 0x47,
0x57, 0x35, 0x38, 0x56, 0x58, 0x31, 0x78, 0x6e, 0x71, 0x53, 0x30, 0x32,
0x4c, 0x79, 0x57, 0x71, 0x41, 0x50, 0x63, 0x57, 0x35, 0x71, 0x6d, 0x31,
0x6b, 0x4c, 0x48, 0x46, 0x4c, 0x64, 0x6e, 0x64, 0x61, 0x50, 0x4e, 0x6d,
0x42, 0x61, 0x6a, 0x34, 0x51, 0x4a, 0x42, 0x41, 0x4a, 0x75, 0x67, 0x6c,
0x33, 0x36, 0x37, 0x0a, 0x39, 0x64, 0x39, 0x74, 0x2f, 0x51, 0x4c, 0x54,
0x53, 0x75, 0x55, 0x4c, 0x4c, 0x61, 0x6f, 0x59, 0x76, 0x32, 0x76, 0x4a,
0x54, 0x33, 0x73, 0x31, 0x79, 0x39, 0x48, 0x4e, 0x38, 0x39, 0x45, 0x6f,
0x61, 0x44, 0x44, 0x45, 0x6b, 0x50, 0x56, 0x66, 0x51, 0x75, 0x36, 0x47,
0x56, 0x45, 0x58, 0x67, 0x49, 0x42, 0x74, 0x69, 0x6d, 0x31, 0x73, 0x49,
0x2f, 0x56, 0x50, 0x53, 0x7a, 0x49, 0x38, 0x48, 0x0a, 0x61, 0x58, 0x76,
0x61, 0x54, 0x55, 0x77, 0x62, 0x6c, 0x46, 0x57, 0x53, 0x4d, 0x37, 0x30,
0x3d, 0x0a, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x50,
0x52, 0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4b, 0x45, 0x59, 0x2d, 0x2d,
0x2d, 0x2d, 0x2d, 0x0a, 0x00};
const char test_signed_client_cert[] = {
0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x43,
0x45, 0x52, 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d,
0x2d, 0x2d, 0x2d, 0x0a, 0x4d, 0x49, 0x49, 0x43, 0x48, 0x7a, 0x43, 0x43,
0x41, 0x59, 0x67, 0x43, 0x41, 0x51, 0x45, 0x77, 0x44, 0x51, 0x59, 0x4a,
0x4b, 0x6f, 0x5a, 0x49, 0x68, 0x76, 0x63, 0x4e, 0x41, 0x51, 0x45, 0x46,
0x42, 0x51, 0x41, 0x77, 0x56, 0x6a, 0x45, 0x4c, 0x4d, 0x41, 0x6b, 0x47,
0x41, 0x31, 0x55, 0x45, 0x42, 0x68, 0x4d, 0x43, 0x51, 0x56, 0x55, 0x78,
0x45, 0x7a, 0x41, 0x52, 0x42, 0x67, 0x4e, 0x56, 0x0a, 0x42, 0x41, 0x67,
0x4d, 0x43, 0x6c, 0x4e, 0x76, 0x62, 0x57, 0x55, 0x74, 0x55, 0x33, 0x52,
0x68, 0x64, 0x47, 0x55, 0x78, 0x49, 0x54, 0x41, 0x66, 0x42, 0x67, 0x4e,
0x56, 0x42, 0x41, 0x6f, 0x4d, 0x47, 0x45, 0x6c, 0x75, 0x64, 0x47, 0x56,
0x79, 0x62, 0x6d, 0x56, 0x30, 0x49, 0x46, 0x64, 0x70, 0x5a, 0x47, 0x64,
0x70, 0x64, 0x48, 0x4d, 0x67, 0x55, 0x48, 0x52, 0x35, 0x49, 0x45, 0x78,
0x30, 0x0a, 0x5a, 0x44, 0x45, 0x50, 0x4d, 0x41, 0x30, 0x47, 0x41, 0x31,
0x55, 0x45, 0x41, 0x77, 0x77, 0x47, 0x64, 0x47, 0x56, 0x7a, 0x64, 0x47,
0x4e, 0x68, 0x4d, 0x42, 0x34, 0x58, 0x44, 0x54, 0x45, 0x30, 0x4d, 0x44,
0x63, 0x78, 0x4e, 0x7a, 0x49, 0x7a, 0x4e, 0x54, 0x59, 0x77, 0x4d, 0x6c,
0x6f, 0x58, 0x44, 0x54, 0x49, 0x30, 0x4d, 0x44, 0x63, 0x78, 0x4e, 0x44,
0x49, 0x7a, 0x4e, 0x54, 0x59, 0x77, 0x0a, 0x4d, 0x6c, 0x6f, 0x77, 0x57,
0x6a, 0x45, 0x4c, 0x4d, 0x41, 0x6b, 0x47, 0x41, 0x31, 0x55, 0x45, 0x42,
0x68, 0x4d, 0x43, 0x51, 0x56, 0x55, 0x78, 0x45, 0x7a, 0x41, 0x52, 0x42,
0x67, 0x4e, 0x56, 0x42, 0x41, 0x67, 0x4d, 0x43, 0x6c, 0x4e, 0x76, 0x62,
0x57, 0x55, 0x74, 0x55, 0x33, 0x52, 0x68, 0x64, 0x47, 0x55, 0x78, 0x49,
0x54, 0x41, 0x66, 0x42, 0x67, 0x4e, 0x56, 0x42, 0x41, 0x6f, 0x4d, 0x0a,
0x47, 0x45, 0x6c, 0x75, 0x64, 0x47, 0x56, 0x79, 0x62, 0x6d, 0x56, 0x30,
0x49, 0x46, 0x64, 0x70, 0x5a, 0x47, 0x64, 0x70, 0x64, 0x48, 0x4d, 0x67,
0x55, 0x48, 0x52, 0x35, 0x49, 0x45, 0x78, 0x30, 0x5a, 0x44, 0x45, 0x54,
0x4d, 0x42, 0x45, 0x47, 0x41, 0x31, 0x55, 0x45, 0x41, 0x77, 0x77, 0x4b,
0x64, 0x47, 0x56, 0x7a, 0x64, 0x47, 0x4e, 0x73, 0x61, 0x57, 0x56, 0x75,
0x64, 0x44, 0x43, 0x42, 0x0a, 0x6e, 0x7a, 0x41, 0x4e, 0x42, 0x67, 0x6b,
0x71, 0x68, 0x6b, 0x69, 0x47, 0x39, 0x77, 0x30, 0x42, 0x41, 0x51, 0x45,
0x46, 0x41, 0x41, 0x4f, 0x42, 0x6a, 0x51, 0x41, 0x77, 0x67, 0x59, 0x6b,
0x43, 0x67, 0x59, 0x45, 0x41, 0x37, 0x46, 0x52, 0x48, 0x32, 0x36, 0x47,
0x2b, 0x46, 0x74, 0x35, 0x56, 0x51, 0x67, 0x79, 0x7a, 0x6c, 0x5a, 0x73,
0x66, 0x53, 0x6e, 0x48, 0x53, 0x5a, 0x36, 0x47, 0x58, 0x0a, 0x62, 0x37,
0x71, 0x78, 0x6d, 0x6b, 0x32, 0x50, 0x4f, 0x38, 0x54, 0x59, 0x71, 0x4b,
0x5a, 0x6d, 0x6b, 0x66, 0x4d, 0x77, 0x6b, 0x65, 0x36, 0x52, 0x55, 0x66,
0x51, 0x56, 0x2b, 0x53, 0x2b, 0x47, 0x7a, 0x52, 0x76, 0x7a, 0x35, 0x4c,
0x6c, 0x53, 0x33, 0x31, 0x55, 0x31, 0x51, 0x43, 0x70, 0x33, 0x63, 0x67,
0x77, 0x6b, 0x49, 0x49, 0x41, 0x51, 0x61, 0x31, 0x45, 0x32, 0x68, 0x43,
0x45, 0x7a, 0x0a, 0x57, 0x33, 0x31, 0x69, 0x76, 0x62, 0x4d, 0x42, 0x79,
0x52, 0x4b, 0x39, 0x74, 0x46, 0x70, 0x79, 0x6e, 0x34, 0x55, 0x76, 0x38,
0x4b, 0x50, 0x31, 0x34, 0x4f, 0x62, 0x4b, 0x6a, 0x54, 0x51, 0x71, 0x78,
0x55, 0x5a, 0x70, 0x35, 0x35, 0x38, 0x44, 0x67, 0x4f, 0x48, 0x67, 0x35,
0x62, 0x35, 0x6d, 0x47, 0x52, 0x4d, 0x30, 0x70, 0x79, 0x56, 0x31, 0x65,
0x71, 0x52, 0x4b, 0x36, 0x50, 0x57, 0x77, 0x0a, 0x52, 0x2f, 0x62, 0x6a,
0x67, 0x6c, 0x6c, 0x69, 0x36, 0x70, 0x6d, 0x6e, 0x72, 0x2b, 0x30, 0x43,
0x41, 0x77, 0x45, 0x41, 0x41, 0x54, 0x41, 0x4e, 0x42, 0x67, 0x6b, 0x71,
0x68, 0x6b, 0x69, 0x47, 0x39, 0x77, 0x30, 0x42, 0x41, 0x51, 0x55, 0x46,
0x41, 0x41, 0x4f, 0x42, 0x67, 0x51, 0x41, 0x53, 0x74, 0x53, 0x6d, 0x35,
0x50, 0x4d, 0x37, 0x75, 0x62, 0x52, 0x4f, 0x69, 0x4b, 0x4b, 0x36, 0x2f,
0x0a, 0x54, 0x32, 0x46, 0x6b, 0x4b, 0x6c, 0x68, 0x69, 0x54, 0x4f, 0x78,
0x2b, 0x52, 0x79, 0x65, 0x6e, 0x6d, 0x33, 0x45, 0x69, 0x6f, 0x35, 0x39,
0x65, 0x6d, 0x71, 0x2b, 0x6a, 0x58, 0x6c, 0x2b, 0x31, 0x6e, 0x68, 0x50,
0x79, 0x53, 0x58, 0x35, 0x47, 0x32, 0x50, 0x51, 0x7a, 0x53, 0x52, 0x35,
0x76, 0x64, 0x31, 0x64, 0x49, 0x68, 0x77, 0x67, 0x5a, 0x53, 0x52, 0x34,
0x47, 0x79, 0x74, 0x74, 0x6b, 0x0a, 0x74, 0x52, 0x5a, 0x35, 0x37, 0x6b,
0x2f, 0x4e, 0x49, 0x31, 0x62, 0x72, 0x55, 0x57, 0x38, 0x6a, 0x6f, 0x69,
0x45, 0x4f, 0x4d, 0x4a, 0x41, 0x2f, 0x4d, 0x72, 0x37, 0x48, 0x37, 0x61,
0x73, 0x78, 0x37, 0x77, 0x49, 0x52, 0x59, 0x44, 0x45, 0x39, 0x31, 0x46,
0x73, 0x38, 0x47, 0x6b, 0x4b, 0x57, 0x64, 0x35, 0x4c, 0x68, 0x6f, 0x50,
0x41, 0x51, 0x6a, 0x2b, 0x71, 0x64, 0x47, 0x33, 0x35, 0x43, 0x0a, 0x4f,
0x4f, 0x2b, 0x73, 0x76, 0x64, 0x6b, 0x6d, 0x71, 0x48, 0x30, 0x4b, 0x5a,
0x6f, 0x33, 0x32, 0x30, 0x5a, 0x55, 0x71, 0x64, 0x6c, 0x32, 0x6f, 0x6f,
0x51, 0x3d, 0x3d, 0x0a, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44,
0x20, 0x43, 0x45, 0x52, 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45,
0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x0a, 0x00};
const char test_signed_client_key[] = {
0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x50,
0x52, 0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4b, 0x45, 0x59, 0x2d, 0x2d,
0x2d, 0x2d, 0x2d, 0x0a, 0x4d, 0x49, 0x49, 0x43, 0x65, 0x51, 0x49, 0x42,
0x41, 0x44, 0x41, 0x4e, 0x42, 0x67, 0x6b, 0x71, 0x68, 0x6b, 0x69, 0x47,
0x39, 0x77, 0x30, 0x42, 0x41, 0x51, 0x45, 0x46, 0x41, 0x41, 0x53, 0x43,
0x41, 0x6d, 0x4d, 0x77, 0x67, 0x67, 0x4a, 0x66, 0x41, 0x67, 0x45, 0x41,
0x41, 0x6f, 0x47, 0x42, 0x41, 0x4f, 0x78, 0x55, 0x52, 0x39, 0x75, 0x68,
0x76, 0x68, 0x62, 0x65, 0x56, 0x55, 0x49, 0x4d, 0x0a, 0x73, 0x35, 0x57,
0x62, 0x48, 0x30, 0x70, 0x78, 0x30, 0x6d, 0x65, 0x68, 0x6c, 0x32, 0x2b,
0x36, 0x73, 0x5a, 0x70, 0x4e, 0x6a, 0x7a, 0x76, 0x45, 0x32, 0x4b, 0x69,
0x6d, 0x5a, 0x70, 0x48, 0x7a, 0x4d, 0x4a, 0x48, 0x75, 0x6b, 0x56, 0x48,
0x30, 0x46, 0x66, 0x6b, 0x76, 0x68, 0x73, 0x30, 0x62, 0x38, 0x2b, 0x53,
0x35, 0x55, 0x74, 0x39, 0x56, 0x4e, 0x55, 0x41, 0x71, 0x64, 0x33, 0x49,
0x4d, 0x0a, 0x4a, 0x43, 0x43, 0x41, 0x45, 0x47, 0x74, 0x52, 0x4e, 0x6f,
0x51, 0x68, 0x4d, 0x31, 0x74, 0x39, 0x59, 0x72, 0x32, 0x7a, 0x41, 0x63,
0x6b, 0x53, 0x76, 0x62, 0x52, 0x61, 0x63, 0x70, 0x2b, 0x46, 0x4c, 0x2f,
0x43, 0x6a, 0x39, 0x65, 0x44, 0x6d, 0x79, 0x6f, 0x30, 0x30, 0x4b, 0x73,
0x56, 0x47, 0x61, 0x65, 0x65, 0x66, 0x41, 0x34, 0x44, 0x68, 0x34, 0x4f,
0x57, 0x2b, 0x5a, 0x68, 0x6b, 0x54, 0x0a, 0x4e, 0x4b, 0x63, 0x6c, 0x64,
0x58, 0x71, 0x6b, 0x53, 0x75, 0x6a, 0x31, 0x73, 0x45, 0x66, 0x32, 0x34,
0x34, 0x4a, 0x5a, 0x59, 0x75, 0x71, 0x5a, 0x70, 0x36, 0x2f, 0x74, 0x41,
0x67, 0x4d, 0x42, 0x41, 0x41, 0x45, 0x43, 0x67, 0x59, 0x45, 0x41, 0x69,
0x32, 0x4e, 0x53, 0x56, 0x71, 0x70, 0x5a, 0x4d, 0x61, 0x66, 0x45, 0x35,
0x59, 0x59, 0x55, 0x54, 0x63, 0x4d, 0x47, 0x65, 0x36, 0x51, 0x53, 0x0a,
0x6b, 0x32, 0x6a, 0x74, 0x70, 0x73, 0x71, 0x59, 0x67, 0x67, 0x67, 0x49,
0x32, 0x52, 0x6e, 0x4c, 0x4a, 0x2f, 0x32, 0x74, 0x4e, 0x5a, 0x77, 0x59,
0x49, 0x35, 0x70, 0x77, 0x50, 0x38, 0x51, 0x56, 0x53, 0x62, 0x6e, 0x4d,
0x61, 0x69, 0x46, 0x34, 0x67, 0x6f, 0x6b, 0x44, 0x35, 0x68, 0x47, 0x64,
0x72, 0x4e, 0x44, 0x66, 0x54, 0x6e, 0x62, 0x32, 0x76, 0x2b, 0x79, 0x49,
0x77, 0x59, 0x45, 0x48, 0x0a, 0x30, 0x77, 0x38, 0x2b, 0x6f, 0x47, 0x37,
0x5a, 0x38, 0x31, 0x4b, 0x6f, 0x64, 0x73, 0x69, 0x5a, 0x53, 0x49, 0x44,
0x4a, 0x66, 0x54, 0x47, 0x73, 0x41, 0x5a, 0x68, 0x56, 0x4e, 0x77, 0x4f,
0x7a, 0x39, 0x79, 0x30, 0x56, 0x44, 0x38, 0x42, 0x42, 0x5a, 0x5a, 0x31,
0x2f, 0x32, 0x37, 0x34, 0x5a, 0x68, 0x35, 0x32, 0x41, 0x55, 0x4b, 0x4c,
0x6a, 0x5a, 0x53, 0x2f, 0x5a, 0x77, 0x49, 0x62, 0x53, 0x0a, 0x57, 0x32,
0x79, 0x77, 0x79, 0x61, 0x38, 0x35, 0x35, 0x64, 0x50, 0x6e, 0x48, 0x2f,
0x77, 0x6a, 0x2b, 0x30, 0x45, 0x43, 0x51, 0x51, 0x44, 0x39, 0x58, 0x38,
0x44, 0x39, 0x32, 0x30, 0x6b, 0x42, 0x79, 0x54, 0x4e, 0x48, 0x68, 0x42,
0x47, 0x31, 0x38, 0x62, 0x69, 0x41, 0x45, 0x5a, 0x34, 0x70, 0x78, 0x73,
0x39, 0x66, 0x30, 0x4f, 0x41, 0x47, 0x38, 0x33, 0x33, 0x33, 0x65, 0x56,
0x63, 0x49, 0x0a, 0x77, 0x32, 0x6c, 0x4a, 0x44, 0x4c, 0x73, 0x59, 0x44,
0x5a, 0x72, 0x43, 0x42, 0x32, 0x6f, 0x63, 0x67, 0x41, 0x33, 0x6c, 0x55,
0x64, 0x6f, 0x7a, 0x6c, 0x7a, 0x50, 0x43, 0x37, 0x59, 0x44, 0x59, 0x77,
0x38, 0x72, 0x65, 0x67, 0x30, 0x74, 0x6b, 0x69, 0x52, 0x59, 0x35, 0x41,
0x6b, 0x45, 0x41, 0x37, 0x73, 0x64, 0x4e, 0x7a, 0x4f, 0x65, 0x51, 0x73,
0x51, 0x52, 0x6e, 0x37, 0x2b, 0x2b, 0x35, 0x0a, 0x30, 0x62, 0x50, 0x39,
0x44, 0x74, 0x54, 0x2f, 0x69, 0x4f, 0x4e, 0x31, 0x67, 0x62, 0x66, 0x78,
0x52, 0x7a, 0x43, 0x66, 0x43, 0x66, 0x58, 0x64, 0x6f, 0x4f, 0x74, 0x66,
0x51, 0x57, 0x49, 0x7a, 0x54, 0x65, 0x50, 0x57, 0x74, 0x55, 0x52, 0x74,
0x39, 0x58, 0x2f, 0x35, 0x44, 0x39, 0x4e, 0x6f, 0x66, 0x49, 0x30, 0x52,
0x67, 0x35, 0x57, 0x32, 0x6f, 0x47, 0x79, 0x2f, 0x4d, 0x4c, 0x65, 0x35,
0x0a, 0x2f, 0x73, 0x58, 0x48, 0x56, 0x51, 0x4a, 0x42, 0x41, 0x49, 0x75,
0x70, 0x35, 0x58, 0x72, 0x4a, 0x44, 0x6b, 0x51, 0x79, 0x77, 0x4e, 0x5a,
0x79, 0x41, 0x55, 0x55, 0x32, 0x65, 0x63, 0x6e, 0x32, 0x62, 0x43, 0x57,
0x42, 0x46, 0x6a, 0x77, 0x74, 0x71, 0x64, 0x2b, 0x4c, 0x42, 0x6d, 0x75,
0x4d, 0x63, 0x69, 0x49, 0x39, 0x66, 0x4f, 0x4b, 0x73, 0x5a, 0x74, 0x45,
0x4b, 0x5a, 0x72, 0x7a, 0x2f, 0x0a, 0x55, 0x30, 0x6c, 0x6b, 0x65, 0x4d,
0x52, 0x6f, 0x53, 0x77, 0x76, 0x58, 0x45, 0x38, 0x77, 0x6d, 0x47, 0x4c,
0x6a, 0x6a, 0x72, 0x41, 0x62, 0x64, 0x66, 0x6f, 0x68, 0x72, 0x58, 0x46,
0x6b, 0x43, 0x51, 0x51, 0x44, 0x5a, 0x45, 0x78, 0x2f, 0x4c, 0x74, 0x49,
0x6c, 0x36, 0x4a, 0x49, 0x4e, 0x4a, 0x51, 0x69, 0x73, 0x77, 0x56, 0x65,
0x30, 0x74, 0x57, 0x72, 0x36, 0x6b, 0x2b, 0x41, 0x53, 0x50, 0x0a, 0x31,
0x57, 0x58, 0x6f, 0x54, 0x6d, 0x2b, 0x48, 0x59, 0x70, 0x6f, 0x46, 0x2f,
0x58, 0x55, 0x76, 0x76, 0x39, 0x4c, 0x63, 0x63, 0x4e, 0x46, 0x31, 0x49,
0x61, 0x7a, 0x46, 0x6a, 0x33, 0x34, 0x68, 0x77, 0x52, 0x51, 0x77, 0x68,
0x78, 0x37, 0x77, 0x2f, 0x56, 0x35, 0x32, 0x49, 0x65, 0x62, 0x2b, 0x70,
0x30, 0x6a, 0x55, 0x4d, 0x59, 0x47, 0x78, 0x41, 0x6b, 0x45, 0x41, 0x6a,
0x44, 0x68, 0x64, 0x0a, 0x39, 0x70, 0x42, 0x4f, 0x31, 0x66, 0x4b, 0x58,
0x57, 0x69, 0x58, 0x7a, 0x69, 0x39, 0x5a, 0x4b, 0x66, 0x6f, 0x79, 0x54,
0x4e, 0x63, 0x55, 0x71, 0x33, 0x65, 0x42, 0x53, 0x56, 0x4b, 0x77, 0x50,
0x47, 0x32, 0x6e, 0x49, 0x74, 0x67, 0x35, 0x79, 0x63, 0x58, 0x65, 0x6e,
0x67, 0x6a, 0x54, 0x35, 0x73, 0x67, 0x63, 0x57, 0x44, 0x6e, 0x63, 0x69,
0x49, 0x7a, 0x57, 0x37, 0x42, 0x49, 0x56, 0x49, 0x0a, 0x4a, 0x69, 0x71,
0x4f, 0x73, 0x7a, 0x71, 0x39, 0x47, 0x57, 0x45, 0x53, 0x45, 0x72, 0x41,
0x61, 0x74, 0x67, 0x3d, 0x3d, 0x0a, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45,
0x4e, 0x44, 0x20, 0x50, 0x52, 0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4b,
0x45, 0x59, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x0a, 0x00};

@ -37,5 +37,9 @@
extern const char test_root_cert[];
extern const char test_server1_cert[];
extern const char test_server1_key[];
extern const char test_self_signed_client_cert[];
extern const char test_self_signed_client_key[];
extern const char test_signed_client_cert[];
extern const char test_signed_client_key[];
#endif /* GRPC_TEST_CORE_END2END_DATA_SSL_TEST_DATA_H */

@ -0,0 +1,376 @@
/*
*
* Copyright 2015, Google Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are
* met:
*
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following disclaimer
* in the documentation and/or other materials provided with the
* distribution.
* * Neither the name of Google Inc. nor the names of its
* contributors may be used to endorse or promote products derived from
* this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#include "test/core/end2end/end2end_tests.h"
#include <stdio.h>
#include <string.h>
#include <grpc/support/alloc.h>
#include <grpc/support/host_port.h>
#include <grpc/support/log.h>
#include "src/core/lib/channel/channel_args.h"
#include "src/core/lib/security/credentials.h"
#include "src/core/lib/support/env.h"
#include "src/core/lib/support/string.h"
#include "src/core/lib/support/tmpfile.h"
#include "test/core/end2end/cq_verifier.h"
#include "test/core/end2end/data/ssl_test_data.h"
#include "test/core/util/port.h"
#include "test/core/util/test_config.h"
extern void simple_request(grpc_end2end_test_config config);
typedef struct fullstack_secure_fixture_data {
char *localaddr;
} fullstack_secure_fixture_data;
static grpc_end2end_test_fixture chttp2_create_fixture_secure_fullstack(
grpc_channel_args *client_args, grpc_channel_args *server_args) {
grpc_end2end_test_fixture f;
int port = grpc_pick_unused_port_or_die();
fullstack_secure_fixture_data *ffd =
gpr_malloc(sizeof(fullstack_secure_fixture_data));
memset(&f, 0, sizeof(f));
gpr_join_host_port(&ffd->localaddr, "localhost", port);
f.fixture_data = ffd;
f.cq = grpc_completion_queue_create(NULL);
return f;
}
static void process_auth_failure(void *state, grpc_auth_context *ctx,
const grpc_metadata *md, size_t md_count,
grpc_process_auth_metadata_done_cb cb,
void *user_data) {
GPR_ASSERT(state == NULL);
cb(user_data, NULL, 0, NULL, 0, GRPC_STATUS_UNAUTHENTICATED, NULL);
}
static void chttp2_init_client_secure_fullstack(
grpc_end2end_test_fixture *f, grpc_channel_args *client_args,
grpc_channel_credentials *creds) {
fullstack_secure_fixture_data *ffd = f->fixture_data;
f->client =
grpc_secure_channel_create(creds, ffd->localaddr, client_args, NULL);
GPR_ASSERT(f->client != NULL);
grpc_channel_credentials_release(creds);
}
static void chttp2_init_server_secure_fullstack(
grpc_end2end_test_fixture *f, grpc_channel_args *server_args,
grpc_server_credentials *server_creds) {
fullstack_secure_fixture_data *ffd = f->fixture_data;
if (f->server) {
grpc_server_destroy(f->server);
}
f->server = grpc_server_create(server_args, NULL);
grpc_server_register_completion_queue(f->server, f->cq, NULL);
GPR_ASSERT(grpc_server_add_secure_http2_port(f->server, ffd->localaddr,
server_creds));
grpc_server_credentials_release(server_creds);
grpc_server_start(f->server);
}
void chttp2_tear_down_secure_fullstack(grpc_end2end_test_fixture *f) {
fullstack_secure_fixture_data *ffd = f->fixture_data;
gpr_free(ffd->localaddr);
gpr_free(ffd);
}
static int fail_server_auth_check(grpc_channel_args *server_args) {
size_t i;
if (server_args == NULL) return 0;
for (i = 0; i < server_args->num_args; i++) {
if (strcmp(server_args->args[i].key, FAIL_AUTH_CHECK_SERVER_ARG_NAME) ==
0) {
return 1;
}
}
return 0;
}
#define SERVER_INIT_NAME(REQUEST_TYPE) \
chttp2_init_server_simple_ssl_secure_fullstack_##REQUEST_TYPE
#define SERVER_INIT(REQUEST_TYPE) \
static void SERVER_INIT_NAME(REQUEST_TYPE)( \
grpc_end2end_test_fixture * f, grpc_channel_args * server_args) { \
grpc_ssl_pem_key_cert_pair pem_cert_key_pair = {test_server1_key, \
test_server1_cert}; \
grpc_server_credentials *ssl_creds = \
grpc_ssl_server_credentials_create_ex( \
test_root_cert, &pem_cert_key_pair, 1, REQUEST_TYPE, NULL); \
if (fail_server_auth_check(server_args)) { \
grpc_auth_metadata_processor processor = {process_auth_failure, NULL, \
NULL}; \
grpc_server_credentials_set_auth_metadata_processor(ssl_creds, \
processor); \
} \
chttp2_init_server_secure_fullstack(f, server_args, ssl_creds); \
}
SERVER_INIT(GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE);
SERVER_INIT(GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY);
SERVER_INIT(GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY);
SERVER_INIT(GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY);
SERVER_INIT(GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY);
#define CLIENT_INIT_NAME(cert_type) \
chttp2_init_client_simple_ssl_secure_fullstack_##cert_type
typedef enum { NONE, SELF_SIGNED, SIGNED, BAD_CERT_PAIR } certtype;
#define CLIENT_INIT(cert_type) \
static void CLIENT_INIT_NAME(cert_type)(grpc_end2end_test_fixture * f, \
grpc_channel_args * client_args) { \
grpc_channel_credentials *ssl_creds = NULL; \
grpc_ssl_pem_key_cert_pair self_signed_client_key_cert_pair = { \
test_self_signed_client_key, test_self_signed_client_cert}; \
grpc_ssl_pem_key_cert_pair signed_client_key_cert_pair = { \
test_signed_client_key, test_signed_client_cert}; \
grpc_ssl_pem_key_cert_pair bad_client_key_cert_pair = { \
test_self_signed_client_key, test_signed_client_cert}; \
grpc_ssl_pem_key_cert_pair *key_cert_pair = NULL; \
switch (cert_type) { \
case SELF_SIGNED: \
key_cert_pair = &self_signed_client_key_cert_pair; \
break; \
case SIGNED: \
key_cert_pair = &signed_client_key_cert_pair; \
break; \
case BAD_CERT_PAIR: \
key_cert_pair = &bad_client_key_cert_pair; \
break; \
default: \
break; \
} \
ssl_creds = \
grpc_ssl_credentials_create(test_root_cert, key_cert_pair, NULL); \
grpc_arg ssl_name_override = {GRPC_ARG_STRING, \
GRPC_SSL_TARGET_NAME_OVERRIDE_ARG, \
{"foo.test.google.fr"}}; \
grpc_channel_args *new_client_args = \
grpc_channel_args_copy_and_add(client_args, &ssl_name_override, 1); \
chttp2_init_client_secure_fullstack(f, new_client_args, ssl_creds); \
grpc_channel_args_destroy(new_client_args); \
}
CLIENT_INIT(NONE);
CLIENT_INIT(SELF_SIGNED);
CLIENT_INIT(SIGNED);
CLIENT_INIT(BAD_CERT_PAIR);
#define TEST_NAME(enum_name, cert_type, result) \
"chttp2/ssl_" #enum_name "_" #cert_type "_" #result "_"
typedef enum { SUCCESS, FAIL } test_result;
#define SSL_TEST(request_type, cert_type, result) \
{ \
{TEST_NAME(request_type, cert_type, result), \
FEATURE_MASK_SUPPORTS_DELAYED_CONNECTION | \
FEATURE_MASK_SUPPORTS_PER_CALL_CREDENTIALS, \
chttp2_create_fixture_secure_fullstack, CLIENT_INIT_NAME(cert_type), \
SERVER_INIT_NAME(request_type), chttp2_tear_down_secure_fullstack}, \
result \
}
/* All test configurations */
typedef struct grpc_end2end_test_config_wrapper {
grpc_end2end_test_config config;
test_result result;
} grpc_end2end_test_config_wrapper;
static grpc_end2end_test_config_wrapper configs[] = {
SSL_TEST(GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE, NONE, SUCCESS),
SSL_TEST(GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE, SELF_SIGNED, SUCCESS),
SSL_TEST(GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE, SIGNED, SUCCESS),
SSL_TEST(GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE, BAD_CERT_PAIR, FAIL),
SSL_TEST(GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY, NONE,
SUCCESS),
SSL_TEST(GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY, SELF_SIGNED,
SUCCESS),
SSL_TEST(GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY, SIGNED,
SUCCESS),
SSL_TEST(GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY, BAD_CERT_PAIR,
FAIL),
SSL_TEST(GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY, NONE, SUCCESS),
SSL_TEST(GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY, SELF_SIGNED, FAIL),
SSL_TEST(GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY, SIGNED, SUCCESS),
SSL_TEST(GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY, BAD_CERT_PAIR,
FAIL),
SSL_TEST(GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY,
NONE, FAIL),
SSL_TEST(GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY,
SELF_SIGNED, SUCCESS),
SSL_TEST(GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY,
SIGNED, SUCCESS),
SSL_TEST(GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY,
BAD_CERT_PAIR, FAIL),
SSL_TEST(GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY, NONE,
FAIL),
SSL_TEST(GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY,
SELF_SIGNED, FAIL),
SSL_TEST(GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY, SIGNED,
SUCCESS),
SSL_TEST(GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY,
BAD_CERT_PAIR, FAIL),
};
static void *tag(intptr_t t) { return (void *)t; }
static grpc_end2end_test_fixture begin_test(grpc_end2end_test_config config,
const char *test_name,
grpc_channel_args *client_args,
grpc_channel_args *server_args) {
grpc_end2end_test_fixture f;
gpr_log(GPR_INFO, "%s/%s", test_name, config.name);
f = config.create_fixture(client_args, server_args);
config.init_server(&f, server_args);
config.init_client(&f, client_args);
return f;
}
static gpr_timespec n_seconds_time(int n) {
return GRPC_TIMEOUT_SECONDS_TO_DEADLINE(n);
}
static gpr_timespec five_seconds_time(void) { return n_seconds_time(5); }
static void drain_cq(grpc_completion_queue *cq) {
grpc_event ev;
do {
ev = grpc_completion_queue_next(cq, five_seconds_time(), NULL);
} while (ev.type != GRPC_QUEUE_SHUTDOWN);
}
static void shutdown_server(grpc_end2end_test_fixture *f) {
if (!f->server) return;
grpc_server_shutdown_and_notify(f->server, f->cq, tag(1000));
GPR_ASSERT(grpc_completion_queue_pluck(
f->cq, tag(1000), GRPC_TIMEOUT_SECONDS_TO_DEADLINE(5), NULL)
.type == GRPC_OP_COMPLETE);
grpc_server_destroy(f->server);
f->server = NULL;
}
static void shutdown_client(grpc_end2end_test_fixture *f) {
if (!f->client) return;
grpc_channel_destroy(f->client);
f->client = NULL;
}
static void end_test(grpc_end2end_test_fixture *f) {
shutdown_server(f);
shutdown_client(f);
grpc_completion_queue_shutdown(f->cq);
drain_cq(f->cq);
grpc_completion_queue_destroy(f->cq);
}
static void simple_request_body(grpc_end2end_test_fixture f,
test_result expected_result) {
grpc_call *c;
gpr_timespec deadline = five_seconds_time();
cq_verifier *cqv = cq_verifier_create(f.cq);
grpc_op ops[6];
grpc_op *op;
grpc_call_error error;
c = grpc_channel_create_call(f.client, NULL, GRPC_PROPAGATE_DEFAULTS, f.cq,
"/foo", "foo.test.google.fr:1234", deadline,
NULL);
GPR_ASSERT(c);
op = ops;
op->op = GRPC_OP_SEND_INITIAL_METADATA;
op->data.send_initial_metadata.count = 0;
op->flags = 0;
op->reserved = NULL;
op++;
error = grpc_call_start_batch(c, ops, (size_t)(op - ops), tag(1), NULL);
GPR_ASSERT(GRPC_CALL_OK == error);
cq_expect_completion(cqv, tag(1), expected_result == SUCCESS);
cq_verify(cqv);
grpc_call_destroy(c);
cq_verifier_destroy(cqv);
}
int main(int argc, char **argv) {
size_t i;
FILE *roots_file;
size_t roots_size = strlen(test_root_cert);
char *roots_filename;
grpc_test_init(argc, argv);
grpc_end2end_tests_pre_init();
/* Set the SSL roots env var. */
roots_file =
gpr_tmpfile("chttp2_simple_ssl_cert_fullstack_test", &roots_filename);
GPR_ASSERT(roots_filename != NULL);
GPR_ASSERT(roots_file != NULL);
GPR_ASSERT(fwrite(test_root_cert, 1, roots_size, roots_file) == roots_size);
fclose(roots_file);
gpr_setenv(GRPC_DEFAULT_SSL_ROOTS_FILE_PATH_ENV_VAR, roots_filename);
grpc_init();
for (i = 0; i < sizeof(configs) / sizeof(*configs); i++) {
grpc_end2end_test_fixture f =
begin_test(configs[i].config, "SSL_CERT_tests", NULL, NULL);
simple_request_body(f, configs[i].result);
end_test(&f);
configs[i].config.tear_down_data(&f);
}
grpc_shutdown();
/* Cleanup. */
remove(roots_filename);
gpr_free(roots_filename);
return 0;
}

@ -36,6 +36,7 @@
#include "src/core/ext/transport/chttp2/transport/chttp2_transport.h"
#include "src/core/lib/surface/channel.h"
#include "test/core/util/memory_counters.h"
#include "test/core/util/mock_endpoint.h"
static const bool squelch = true;
@ -48,7 +49,9 @@ static void dont_log(gpr_log_func_args *args) {}
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
grpc_test_only_set_metadata_hash_seed(0);
struct grpc_memory_counters counters;
if (squelch) gpr_set_log_function(dont_log);
grpc_memory_counters_init();
grpc_init();
grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
@ -150,5 +153,8 @@ done:
grpc_byte_buffer_destroy(response_payload_recv);
}
grpc_shutdown();
counters = grpc_memory_counters_snapshot();
grpc_memory_counters_destroy();
GPR_ASSERT(counters.total_size_relative == 0);
return 0;
}

Binary file not shown.

After

Width:  |  Height:  |  Size: 66 B

@ -0,0 +1 @@
!m<EFBFBD><EFBFBD>!<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>

Some files were not shown because too many files have changed in this diff Show More

Loading…
Cancel
Save