- The SANs take precedence over the CN.
- The CN is only checked if there are no SANs.
- Fixing the tests as the test cert did not list *.test.google.com in
the SANs. Will fix the test cert another time...
- Renaming default credentials -> google default credentials.
- Various other things in cpp:
- Adding Cpp wrapping for JWT Tokens.
- Renaming ComposeCredentials -> CompositeCredentials.
- Remove CredentialsFactory as it's unnecessary
- Effectively make Credentials a channel factory, allowing different credential types to create different channel types - this gives us a hook so that InsecureCredentials can at runtime instantiate a different kind of channel as required - giving us a way of generating an openssl free version of grpc++.
- Server credentials not touched yet, but they'll need to be updated.
- Tested with new tool (print_default_creds_token) on:
- workstation for env var and well known place.
- GCE for compute engine default creds.
- I'd prefer the grpc_default_credentials_create() API to remain
synchronous even though there may be an async call for gce detection
on which we block.
We have many assumptions about languages baked into the test system, and we want this test harness to trigger when testing C++ stuff, so it needs to be written in C++.
We now pass down pointers to closures instead of (callback, arg) pair
elements separately. This allows us to store one word atomically, fixing
a race condition.
All call sites have been updated to the new API. No new allocations are
incurred. grpc_fd_state is deleted to avoid any temptation to ever add
anything there again.