grpc 0.14.1 → 0.15.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of grpc might be problematic. Click here for more details.

Files changed (277) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +1398 -817
  3. data/include/grpc/compression.h +2 -1
  4. data/include/grpc/grpc.h +10 -1
  5. data/include/grpc/grpc_cronet.h +51 -0
  6. data/include/grpc/grpc_posix.h +70 -0
  7. data/include/grpc/impl/codegen/atm.h +2 -2
  8. data/include/grpc/impl/codegen/{atm_win32.h → atm_windows.h} +3 -3
  9. data/include/grpc/impl/codegen/compression_types.h +39 -5
  10. data/include/grpc/impl/codegen/connectivity_state.h +1 -1
  11. data/include/grpc/impl/codegen/grpc_types.h +10 -0
  12. data/include/grpc/impl/codegen/log.h +2 -1
  13. data/include/grpc/impl/codegen/port_platform.h +30 -12
  14. data/include/grpc/impl/codegen/slice_buffer.h +2 -3
  15. data/include/grpc/impl/codegen/sync.h +2 -2
  16. data/include/grpc/impl/codegen/{sync_win32.h → sync_windows.h} +3 -3
  17. data/include/grpc/support/{sync_win32.h → atm_windows.h} +4 -4
  18. data/include/grpc/support/avl.h +5 -0
  19. data/include/grpc/support/{log_win32.h → log_windows.h} +3 -3
  20. data/include/grpc/support/string_util.h +2 -1
  21. data/include/grpc/support/{atm_win32.h → sync_windows.h} +4 -4
  22. data/src/core/ext/census/gen/census.pb.c +179 -0
  23. data/src/core/ext/census/gen/census.pb.h +294 -0
  24. data/src/core/ext/census/grpc_filter.c +11 -7
  25. data/src/core/ext/client_config/channel_connectivity.c +28 -14
  26. data/src/core/ext/client_config/client_channel.c +77 -53
  27. data/src/core/ext/client_config/connector.h +1 -1
  28. data/src/core/ext/client_config/lb_policy.c +9 -6
  29. data/src/core/ext/client_config/lb_policy.h +9 -5
  30. data/src/core/ext/client_config/subchannel.c +58 -39
  31. data/src/core/ext/client_config/subchannel.h +3 -2
  32. data/src/core/ext/client_config/subchannel_call_holder.c +34 -19
  33. data/src/core/ext/client_config/subchannel_call_holder.h +2 -1
  34. data/src/core/ext/client_config/subchannel_index.c +20 -9
  35. data/src/core/ext/lb_policy/grpclb/load_balancer_api.c +7 -7
  36. data/src/core/ext/lb_policy/grpclb/load_balancer_api.h +5 -5
  37. data/src/core/ext/lb_policy/grpclb/proto/grpc/lb/{v0 → v1}/load_balancer.pb.c +29 -30
  38. data/src/core/ext/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.h +178 -0
  39. data/src/core/ext/lb_policy/pick_first/pick_first.c +65 -45
  40. data/src/core/ext/lb_policy/round_robin/round_robin.c +84 -43
  41. data/src/core/ext/load_reporting/load_reporting.c +133 -0
  42. data/src/core/ext/load_reporting/load_reporting.h +75 -0
  43. data/src/core/ext/load_reporting/load_reporting_filter.c +151 -0
  44. data/src/core/ext/load_reporting/load_reporting_filter.h +41 -0
  45. data/src/core/ext/resolver/dns/native/dns_resolver.c +22 -8
  46. data/src/core/ext/resolver/sockaddr/sockaddr_resolver.c +2 -2
  47. data/src/core/ext/transport/chttp2/client/insecure/channel_create.c +4 -4
  48. data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.c +95 -0
  49. data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.c +14 -18
  50. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.c +49 -24
  51. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.c +82 -0
  52. data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.c +104 -60
  53. data/src/core/ext/transport/chttp2/transport/bin_decoder.c +232 -0
  54. data/src/{ruby/ext/grpc/rb_signal.c → core/ext/transport/chttp2/transport/bin_decoder.h} +27 -31
  55. data/src/core/ext/transport/chttp2/transport/chttp2_transport.c +481 -260
  56. data/src/core/ext/transport/chttp2/transport/frame.h +1 -7
  57. data/src/core/ext/transport/chttp2/transport/frame_data.c +44 -27
  58. data/src/core/ext/transport/chttp2/transport/frame_data.h +6 -5
  59. data/src/core/ext/transport/chttp2/transport/frame_goaway.c +23 -17
  60. data/src/core/ext/transport/chttp2/transport/frame_goaway.h +2 -2
  61. data/src/core/ext/transport/chttp2/transport/frame_ping.c +12 -7
  62. data/src/core/ext/transport/chttp2/transport/frame_ping.h +3 -3
  63. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.c +25 -12
  64. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +2 -2
  65. data/src/core/ext/transport/chttp2/transport/frame_settings.c +23 -21
  66. data/src/core/ext/transport/chttp2/transport/frame_settings.h +2 -2
  67. data/src/core/ext/transport/chttp2/transport/frame_window_update.c +17 -9
  68. data/src/core/ext/transport/chttp2/transport/frame_window_update.h +2 -2
  69. data/src/core/ext/transport/chttp2/transport/hpack_parser.c +365 -287
  70. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +8 -6
  71. data/src/core/ext/transport/chttp2/transport/hpack_table.c +24 -20
  72. data/src/core/ext/transport/chttp2/transport/hpack_table.h +5 -4
  73. data/src/core/ext/transport/chttp2/transport/incoming_metadata.c +1 -0
  74. data/src/core/ext/transport/chttp2/transport/incoming_metadata.h +1 -0
  75. data/src/core/ext/transport/chttp2/transport/internal.h +34 -32
  76. data/src/core/ext/transport/chttp2/transport/parsing.c +296 -212
  77. data/src/core/ext/transport/chttp2/transport/writing.c +12 -9
  78. data/src/core/lib/channel/channel_args.c +26 -12
  79. data/src/core/lib/channel/channel_args.h +1 -1
  80. data/src/core/lib/channel/channel_stack.c +12 -8
  81. data/src/core/lib/channel/channel_stack.h +27 -11
  82. data/src/core/lib/channel/channel_stack_builder.c +2 -2
  83. data/src/core/lib/channel/compress_filter.c +26 -31
  84. data/src/core/lib/channel/compress_filter.h +4 -4
  85. data/src/core/lib/channel/connected_channel.c +7 -5
  86. data/src/core/lib/channel/http_client_filter.c +34 -8
  87. data/src/core/lib/channel/http_client_filter.h +1 -1
  88. data/src/core/lib/channel/http_server_filter.c +21 -12
  89. data/src/core/lib/compression/{compression_algorithm.c → compression.c} +22 -21
  90. data/src/core/lib/http/httpcli.c +81 -59
  91. data/src/core/lib/http/httpcli.h +11 -15
  92. data/src/core/lib/http/httpcli_security_connector.c +5 -3
  93. data/src/core/lib/http/parser.c +127 -118
  94. data/src/core/lib/http/parser.h +11 -6
  95. data/src/core/lib/iomgr/closure.c +20 -16
  96. data/src/core/lib/iomgr/closure.h +19 -15
  97. data/src/core/lib/iomgr/endpoint.h +1 -1
  98. data/src/core/lib/iomgr/endpoint_pair_posix.c +2 -2
  99. data/src/core/lib/iomgr/error.c +535 -0
  100. data/src/core/lib/iomgr/error.h +192 -0
  101. data/src/core/lib/iomgr/ev_poll_and_epoll_posix.c +190 -83
  102. data/src/core/lib/iomgr/ev_poll_posix.c +1267 -0
  103. data/src/{ruby/ext/grpc/rb_signal.h → core/lib/iomgr/ev_poll_posix.h} +7 -5
  104. data/src/core/lib/iomgr/ev_posix.c +104 -14
  105. data/src/core/lib/iomgr/ev_posix.h +17 -7
  106. data/src/core/lib/iomgr/exec_ctx.c +25 -7
  107. data/src/core/lib/iomgr/exec_ctx.h +27 -8
  108. data/src/core/lib/iomgr/executor.c +2 -2
  109. data/src/core/lib/iomgr/executor.h +1 -1
  110. data/src/core/lib/iomgr/iocp_windows.c +2 -41
  111. data/src/core/lib/iomgr/iocp_windows.h +0 -8
  112. data/src/core/lib/iomgr/iomgr.c +5 -4
  113. data/src/core/lib/iomgr/iomgr_posix.c +5 -1
  114. data/src/core/lib/iomgr/iomgr_windows.c +1 -1
  115. data/src/core/lib/{support → iomgr}/load_file.c +15 -17
  116. data/src/core/lib/{support → iomgr}/load_file.h +8 -7
  117. data/src/core/lib/iomgr/polling_entity.c +104 -0
  118. data/src/core/lib/iomgr/polling_entity.h +81 -0
  119. data/src/core/lib/iomgr/pollset.h +6 -5
  120. data/src/core/lib/iomgr/pollset_set_windows.c +4 -1
  121. data/src/core/lib/iomgr/pollset_windows.c +10 -6
  122. data/src/core/lib/iomgr/resolve_address.h +5 -9
  123. data/src/core/lib/iomgr/resolve_address_posix.c +55 -38
  124. data/src/core/lib/iomgr/resolve_address_windows.c +51 -37
  125. data/src/core/lib/iomgr/sockaddr.h +2 -2
  126. data/src/core/lib/iomgr/{sockaddr_win32.h → sockaddr_windows.h} +3 -3
  127. data/src/core/lib/iomgr/socket_utils_common_posix.c +92 -45
  128. data/src/core/lib/iomgr/socket_utils_posix.h +19 -12
  129. data/src/core/lib/iomgr/socket_windows.c +61 -2
  130. data/src/core/lib/iomgr/socket_windows.h +13 -0
  131. data/src/core/lib/iomgr/tcp_client_posix.c +54 -39
  132. data/src/core/lib/iomgr/tcp_client_windows.c +34 -34
  133. data/src/core/lib/iomgr/tcp_posix.c +43 -39
  134. data/src/core/lib/iomgr/tcp_server.h +5 -3
  135. data/src/core/lib/iomgr/tcp_server_posix.c +103 -64
  136. data/src/core/lib/iomgr/tcp_server_windows.c +114 -101
  137. data/src/core/lib/iomgr/tcp_windows.c +45 -50
  138. data/src/core/lib/iomgr/tcp_windows.h +1 -1
  139. data/src/core/lib/iomgr/timer.c +26 -13
  140. data/src/core/lib/iomgr/udp_server.c +28 -4
  141. data/src/core/lib/iomgr/udp_server.h +5 -1
  142. data/src/core/lib/iomgr/unix_sockets_posix.c +8 -7
  143. data/src/core/lib/iomgr/unix_sockets_posix.h +2 -1
  144. data/src/core/lib/iomgr/unix_sockets_posix_noop.c +4 -2
  145. data/src/core/lib/iomgr/wakeup_fd_eventfd.c +15 -5
  146. data/src/core/lib/iomgr/wakeup_fd_pipe.c +13 -9
  147. data/src/core/lib/iomgr/wakeup_fd_posix.c +6 -6
  148. data/src/core/lib/iomgr/wakeup_fd_posix.h +9 -6
  149. data/src/core/lib/iomgr/workqueue.h +5 -4
  150. data/src/core/lib/iomgr/workqueue_posix.c +40 -26
  151. data/src/core/lib/iomgr/workqueue_windows.c +2 -2
  152. data/src/core/lib/profiling/basic_timers.c +2 -2
  153. data/src/core/lib/security/{security_context.c → context/security_context.c} +1 -1
  154. data/src/core/lib/security/{security_context.h → context/security_context.h} +4 -4
  155. data/src/core/lib/security/credentials/composite/composite_credentials.c +263 -0
  156. data/src/core/lib/security/credentials/composite/composite_credentials.h +72 -0
  157. data/src/core/lib/security/credentials/credentials.c +233 -0
  158. data/src/core/lib/security/{credentials.h → credentials/credentials.h} +19 -157
  159. data/src/core/lib/security/{credentials_metadata.c → credentials/credentials_metadata.c} +1 -1
  160. data/src/core/lib/security/credentials/fake/fake_credentials.c +139 -0
  161. data/src/core/lib/security/credentials/fake/fake_credentials.h +56 -0
  162. data/src/core/lib/security/{credentials_posix.c → credentials/google_default/credentials_posix.c} +1 -1
  163. data/src/core/lib/security/{credentials_win32.c → credentials/google_default/credentials_windows.c} +3 -3
  164. data/src/core/lib/security/{google_default_credentials.c → credentials/google_default/google_default_credentials.c} +93 -35
  165. data/src/core/lib/security/credentials/google_default/google_default_credentials.h +46 -0
  166. data/src/core/lib/security/credentials/iam/iam_credentials.c +85 -0
  167. data/src/core/lib/security/credentials/iam/iam_credentials.h +44 -0
  168. data/src/core/lib/security/{json_token.c → credentials/jwt/json_token.c} +10 -101
  169. data/src/core/lib/security/{json_token.h → credentials/jwt/json_token.h} +3 -33
  170. data/src/core/lib/security/credentials/jwt/jwt_credentials.c +160 -0
  171. data/src/core/lib/security/credentials/jwt/jwt_credentials.h +62 -0
  172. data/src/core/lib/security/{jwt_verifier.c → credentials/jwt/jwt_verifier.c} +35 -15
  173. data/src/core/lib/security/{jwt_verifier.h → credentials/jwt/jwt_verifier.h} +3 -3
  174. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.c +433 -0
  175. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +109 -0
  176. data/src/core/lib/security/credentials/plugin/plugin_credentials.c +129 -0
  177. data/src/core/lib/security/credentials/plugin/plugin_credentials.h +45 -0
  178. data/src/core/lib/security/credentials/ssl/ssl_credentials.c +240 -0
  179. data/src/core/lib/security/credentials/ssl/ssl_credentials.h +48 -0
  180. data/src/core/lib/security/{auth_filters.h → transport/auth_filters.h} +3 -3
  181. data/src/core/lib/security/{client_auth_filter.c → transport/client_auth_filter.c} +27 -20
  182. data/src/core/lib/security/{handshake.c → transport/handshake.c} +77 -45
  183. data/src/core/lib/security/{handshake.h → transport/handshake.h} +9 -11
  184. data/src/core/lib/security/{secure_endpoint.c → transport/secure_endpoint.c} +19 -12
  185. data/src/core/lib/security/{secure_endpoint.h → transport/secure_endpoint.h} +3 -3
  186. data/src/core/lib/security/{security_connector.c → transport/security_connector.c} +26 -17
  187. data/src/core/lib/security/{security_connector.h → transport/security_connector.h} +8 -8
  188. data/src/core/lib/security/{server_auth_filter.c → transport/server_auth_filter.c} +24 -16
  189. data/src/core/lib/security/transport/tsi_error.c +40 -0
  190. data/src/core/lib/security/transport/tsi_error.h +42 -0
  191. data/src/core/lib/security/{b64.c → util/b64.c} +1 -1
  192. data/src/core/lib/security/{b64.h → util/b64.h} +3 -3
  193. data/src/core/lib/security/util/json_util.c +61 -0
  194. data/src/core/lib/security/util/json_util.h +55 -0
  195. data/src/core/lib/support/avl.c +11 -0
  196. data/src/core/lib/support/cpu_windows.c +2 -2
  197. data/src/core/lib/support/{env_win32.c → env_windows.c} +3 -3
  198. data/src/core/lib/support/log.c +3 -1
  199. data/src/core/lib/support/log_linux.c +2 -2
  200. data/src/core/lib/support/{log_win32.c → log_windows.c} +4 -4
  201. data/src/core/lib/support/murmur_hash.c +3 -5
  202. data/src/core/lib/support/string.c +10 -0
  203. data/src/core/lib/support/string.h +4 -0
  204. data/src/core/lib/support/{string_util_win32.c → string_util_windows.c} +3 -3
  205. data/src/core/lib/support/{string_win32.c → string_windows.c} +2 -2
  206. data/src/core/lib/support/{string_win32.h → string_windows.h} +5 -5
  207. data/src/core/lib/support/subprocess_windows.c +1 -1
  208. data/src/core/lib/support/{sync_win32.c → sync_windows.c} +2 -2
  209. data/src/core/lib/support/{thd_win32.c → thd_windows.c} +2 -2
  210. data/src/core/lib/support/{time_win32.c → time_windows.c} +2 -2
  211. data/src/core/lib/support/tmpfile_msys.c +1 -1
  212. data/src/core/lib/support/{tmpfile_win32.c → tmpfile_windows.c} +3 -3
  213. data/src/core/lib/surface/alarm.c +2 -2
  214. data/src/core/lib/surface/byte_buffer_reader.c +13 -6
  215. data/src/core/lib/surface/call.c +323 -123
  216. data/src/core/lib/surface/call.h +2 -0
  217. data/src/core/lib/surface/call_log_batch.c +1 -1
  218. data/src/core/lib/surface/channel.c +64 -15
  219. data/src/core/lib/surface/channel.h +9 -0
  220. data/src/core/lib/surface/channel_ping.c +3 -3
  221. data/src/core/lib/surface/completion_queue.c +75 -19
  222. data/src/core/lib/surface/completion_queue.h +7 -2
  223. data/src/core/lib/surface/init.c +2 -1
  224. data/src/core/lib/surface/init_secure.c +4 -4
  225. data/src/core/lib/surface/lame_client.c +12 -8
  226. data/src/core/lib/surface/server.c +213 -120
  227. data/src/core/lib/surface/server.h +1 -0
  228. data/src/core/lib/surface/version.c +1 -1
  229. data/src/core/lib/transport/connectivity_state.c +40 -18
  230. data/src/core/lib/transport/connectivity_state.h +4 -1
  231. data/src/core/lib/transport/metadata.c +23 -23
  232. data/src/core/lib/transport/metadata.h +4 -0
  233. data/src/core/lib/transport/metadata_batch.c +9 -0
  234. data/src/core/lib/transport/metadata_batch.h +3 -0
  235. data/src/core/lib/transport/static_metadata.c +6 -5
  236. data/src/core/lib/transport/static_metadata.h +64 -60
  237. data/src/core/lib/transport/transport.c +24 -12
  238. data/src/core/lib/transport/transport.h +6 -5
  239. data/src/core/lib/transport/transport_impl.h +4 -0
  240. data/src/core/lib/transport/transport_op_string.c +2 -2
  241. data/src/core/plugin_registry/grpc_plugin_registry.c +4 -0
  242. data/src/ruby/bin/math_services.rb +41 -2
  243. data/src/ruby/ext/grpc/rb_call.c +42 -40
  244. data/src/ruby/ext/grpc/rb_channel.c +1 -1
  245. data/src/ruby/ext/grpc/rb_completion_queue.c +59 -6
  246. data/src/ruby/ext/grpc/rb_completion_queue.h +1 -1
  247. data/src/ruby/ext/grpc/rb_grpc.c +1 -3
  248. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +12 -2
  249. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +21 -5
  250. data/src/ruby/ext/grpc/rb_loader.c +1 -1
  251. data/src/ruby/ext/grpc/rb_server.c +5 -3
  252. data/src/ruby/lib/grpc.rb +0 -3
  253. data/src/ruby/lib/grpc/errors.rb +3 -2
  254. data/src/ruby/lib/grpc/generic/active_call.rb +32 -42
  255. data/src/ruby/lib/grpc/generic/bidi_call.rb +20 -0
  256. data/src/ruby/lib/grpc/generic/client_stub.rb +31 -54
  257. data/src/ruby/lib/grpc/generic/rpc_desc.rb +4 -4
  258. data/src/ruby/lib/grpc/generic/rpc_server.rb +12 -23
  259. data/src/ruby/lib/grpc/generic/service.rb +8 -8
  260. data/src/ruby/lib/grpc/version.rb +1 -1
  261. data/src/ruby/pb/grpc/health/v1/health_services.rb +30 -2
  262. data/src/ruby/pb/grpc/testing/duplicate/echo_duplicate_services.rb +34 -4
  263. data/src/ruby/pb/grpc/testing/metrics_services.rb +39 -2
  264. data/src/ruby/pb/src/proto/grpc/testing/empty.rb +15 -0
  265. data/src/ruby/pb/src/proto/grpc/testing/messages.rb +84 -0
  266. data/src/ruby/pb/src/proto/grpc/testing/test.rb +14 -0
  267. data/src/ruby/pb/src/proto/grpc/testing/test_services.rb +110 -0
  268. data/src/ruby/pb/test/client.rb +5 -2
  269. data/src/ruby/spec/generic/active_call_spec.rb +3 -2
  270. data/src/ruby/spec/generic/client_stub_spec.rb +27 -24
  271. data/src/ruby/spec/generic/rpc_desc_spec.rb +11 -11
  272. data/src/ruby/spec/generic/rpc_server_spec.rb +42 -61
  273. data/src/ruby/spec/pb/health/checker_spec.rb +3 -5
  274. metadata +86 -48
  275. data/src/core/ext/lb_policy/grpclb/proto/grpc/lb/v0/load_balancer.pb.h +0 -182
  276. data/src/core/lib/security/credentials.c +0 -1296
  277. data/src/ruby/lib/grpc/signals.rb +0 -69
@@ -1,182 +0,0 @@
1
- /*
2
- *
3
- * Copyright 2016, Google Inc.
4
- * All rights reserved.
5
- *
6
- * Redistribution and use in source and binary forms, with or without
7
- * modification, are permitted provided that the following conditions are
8
- * met:
9
- *
10
- * * Redistributions of source code must retain the above copyright
11
- * notice, this list of conditions and the following disclaimer.
12
- * * Redistributions in binary form must reproduce the above
13
- * copyright notice, this list of conditions and the following disclaimer
14
- * in the documentation and/or other materials provided with the
15
- * distribution.
16
- * * Neither the name of Google Inc. nor the names of its
17
- * contributors may be used to endorse or promote products derived from
18
- * this software without specific prior written permission.
19
- *
20
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
23
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
24
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
25
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
26
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
27
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
28
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
29
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31
- *
32
- */
33
- /* Automatically generated nanopb header */
34
- /* Generated by nanopb-0.3.5-dev */
35
-
36
- #ifndef PB_LOAD_BALANCER_PB_H_INCLUDED
37
- #define PB_LOAD_BALANCER_PB_H_INCLUDED
38
- #include "third_party/nanopb/pb.h"
39
- #if PB_PROTO_HEADER_VERSION != 30
40
- #error Regenerate this file with the current version of nanopb generator.
41
- #endif
42
-
43
- #ifdef __cplusplus
44
- extern "C" {
45
- #endif
46
-
47
- /* Struct definitions */
48
- typedef struct _grpc_lb_v0_ClientStats {
49
- bool has_total_requests;
50
- int64_t total_requests;
51
- bool has_client_rpc_errors;
52
- int64_t client_rpc_errors;
53
- bool has_dropped_requests;
54
- int64_t dropped_requests;
55
- } grpc_lb_v0_ClientStats;
56
-
57
- typedef struct _grpc_lb_v0_Duration {
58
- bool has_seconds;
59
- int64_t seconds;
60
- bool has_nanos;
61
- int32_t nanos;
62
- } grpc_lb_v0_Duration;
63
-
64
- typedef struct _grpc_lb_v0_InitialLoadBalanceRequest {
65
- bool has_name;
66
- char name[128];
67
- } grpc_lb_v0_InitialLoadBalanceRequest;
68
-
69
- typedef PB_BYTES_ARRAY_T(64) grpc_lb_v0_Server_load_balance_token_t;
70
- typedef struct _grpc_lb_v0_Server {
71
- bool has_ip_address;
72
- char ip_address[46];
73
- bool has_port;
74
- int32_t port;
75
- bool has_load_balance_token;
76
- grpc_lb_v0_Server_load_balance_token_t load_balance_token;
77
- bool has_drop_request;
78
- bool drop_request;
79
- } grpc_lb_v0_Server;
80
-
81
- typedef struct _grpc_lb_v0_InitialLoadBalanceResponse {
82
- bool has_client_config;
83
- char client_config[64];
84
- bool has_load_balancer_delegate;
85
- char load_balancer_delegate[64];
86
- bool has_client_stats_report_interval;
87
- grpc_lb_v0_Duration client_stats_report_interval;
88
- } grpc_lb_v0_InitialLoadBalanceResponse;
89
-
90
- typedef struct _grpc_lb_v0_LoadBalanceRequest {
91
- bool has_initial_request;
92
- grpc_lb_v0_InitialLoadBalanceRequest initial_request;
93
- bool has_client_stats;
94
- grpc_lb_v0_ClientStats client_stats;
95
- } grpc_lb_v0_LoadBalanceRequest;
96
-
97
- typedef struct _grpc_lb_v0_ServerList {
98
- pb_callback_t servers;
99
- bool has_expiration_interval;
100
- grpc_lb_v0_Duration expiration_interval;
101
- } grpc_lb_v0_ServerList;
102
-
103
- typedef struct _grpc_lb_v0_LoadBalanceResponse {
104
- bool has_initial_response;
105
- grpc_lb_v0_InitialLoadBalanceResponse initial_response;
106
- bool has_server_list;
107
- grpc_lb_v0_ServerList server_list;
108
- } grpc_lb_v0_LoadBalanceResponse;
109
-
110
- /* Default values for struct fields */
111
-
112
- /* Initializer values for message structs */
113
- #define grpc_lb_v0_Duration_init_default {false, 0, false, 0}
114
- #define grpc_lb_v0_LoadBalanceRequest_init_default {false, grpc_lb_v0_InitialLoadBalanceRequest_init_default, false, grpc_lb_v0_ClientStats_init_default}
115
- #define grpc_lb_v0_InitialLoadBalanceRequest_init_default {false, ""}
116
- #define grpc_lb_v0_ClientStats_init_default {false, 0, false, 0, false, 0}
117
- #define grpc_lb_v0_LoadBalanceResponse_init_default {false, grpc_lb_v0_InitialLoadBalanceResponse_init_default, false, grpc_lb_v0_ServerList_init_default}
118
- #define grpc_lb_v0_InitialLoadBalanceResponse_init_default {false, "", false, "", false, grpc_lb_v0_Duration_init_default}
119
- #define grpc_lb_v0_ServerList_init_default {{{NULL}, NULL}, false, grpc_lb_v0_Duration_init_default}
120
- #define grpc_lb_v0_Server_init_default {false, "", false, 0, false, {0, {0}}, false, 0}
121
- #define grpc_lb_v0_Duration_init_zero {false, 0, false, 0}
122
- #define grpc_lb_v0_LoadBalanceRequest_init_zero {false, grpc_lb_v0_InitialLoadBalanceRequest_init_zero, false, grpc_lb_v0_ClientStats_init_zero}
123
- #define grpc_lb_v0_InitialLoadBalanceRequest_init_zero {false, ""}
124
- #define grpc_lb_v0_ClientStats_init_zero {false, 0, false, 0, false, 0}
125
- #define grpc_lb_v0_LoadBalanceResponse_init_zero {false, grpc_lb_v0_InitialLoadBalanceResponse_init_zero, false, grpc_lb_v0_ServerList_init_zero}
126
- #define grpc_lb_v0_InitialLoadBalanceResponse_init_zero {false, "", false, "", false, grpc_lb_v0_Duration_init_zero}
127
- #define grpc_lb_v0_ServerList_init_zero {{{NULL}, NULL}, false, grpc_lb_v0_Duration_init_zero}
128
- #define grpc_lb_v0_Server_init_zero {false, "", false, 0, false, {0, {0}}, false, 0}
129
-
130
- /* Field tags (for use in manual encoding/decoding) */
131
- #define grpc_lb_v0_ClientStats_total_requests_tag 1
132
- #define grpc_lb_v0_ClientStats_client_rpc_errors_tag 2
133
- #define grpc_lb_v0_ClientStats_dropped_requests_tag 3
134
- #define grpc_lb_v0_Duration_seconds_tag 1
135
- #define grpc_lb_v0_Duration_nanos_tag 2
136
- #define grpc_lb_v0_InitialLoadBalanceRequest_name_tag 1
137
- #define grpc_lb_v0_Server_ip_address_tag 1
138
- #define grpc_lb_v0_Server_port_tag 2
139
- #define grpc_lb_v0_Server_load_balance_token_tag 3
140
- #define grpc_lb_v0_Server_drop_request_tag 4
141
- #define grpc_lb_v0_InitialLoadBalanceResponse_client_config_tag 1
142
- #define grpc_lb_v0_InitialLoadBalanceResponse_load_balancer_delegate_tag 2
143
- #define grpc_lb_v0_InitialLoadBalanceResponse_client_stats_report_interval_tag 3
144
- #define grpc_lb_v0_LoadBalanceRequest_initial_request_tag 1
145
- #define grpc_lb_v0_LoadBalanceRequest_client_stats_tag 2
146
- #define grpc_lb_v0_ServerList_servers_tag 1
147
- #define grpc_lb_v0_ServerList_expiration_interval_tag 3
148
- #define grpc_lb_v0_LoadBalanceResponse_initial_response_tag 1
149
- #define grpc_lb_v0_LoadBalanceResponse_server_list_tag 2
150
-
151
- /* Struct field encoding specification for nanopb */
152
- extern const pb_field_t grpc_lb_v0_Duration_fields[3];
153
- extern const pb_field_t grpc_lb_v0_LoadBalanceRequest_fields[3];
154
- extern const pb_field_t grpc_lb_v0_InitialLoadBalanceRequest_fields[2];
155
- extern const pb_field_t grpc_lb_v0_ClientStats_fields[4];
156
- extern const pb_field_t grpc_lb_v0_LoadBalanceResponse_fields[3];
157
- extern const pb_field_t grpc_lb_v0_InitialLoadBalanceResponse_fields[4];
158
- extern const pb_field_t grpc_lb_v0_ServerList_fields[3];
159
- extern const pb_field_t grpc_lb_v0_Server_fields[5];
160
-
161
- /* Maximum encoded size of messages (where known) */
162
- #define grpc_lb_v0_Duration_size 22
163
- #define grpc_lb_v0_LoadBalanceRequest_size 169
164
- #define grpc_lb_v0_InitialLoadBalanceRequest_size 131
165
- #define grpc_lb_v0_ClientStats_size 33
166
- #define grpc_lb_v0_LoadBalanceResponse_size (165 + grpc_lb_v0_ServerList_size)
167
- #define grpc_lb_v0_InitialLoadBalanceResponse_size 156
168
- #define grpc_lb_v0_Server_size 127
169
-
170
- /* Message IDs (where set with "msgid" option) */
171
- #ifdef PB_MSGID
172
-
173
- #define LOAD_BALANCER_MESSAGES \
174
-
175
-
176
- #endif
177
-
178
- #ifdef __cplusplus
179
- } /* extern "C" */
180
- #endif
181
-
182
- #endif
@@ -1,1296 +0,0 @@
1
- /*
2
- *
3
- * Copyright 2015, Google Inc.
4
- * All rights reserved.
5
- *
6
- * Redistribution and use in source and binary forms, with or without
7
- * modification, are permitted provided that the following conditions are
8
- * met:
9
- *
10
- * * Redistributions of source code must retain the above copyright
11
- * notice, this list of conditions and the following disclaimer.
12
- * * Redistributions in binary form must reproduce the above
13
- * copyright notice, this list of conditions and the following disclaimer
14
- * in the documentation and/or other materials provided with the
15
- * distribution.
16
- * * Neither the name of Google Inc. nor the names of its
17
- * contributors may be used to endorse or promote products derived from
18
- * this software without specific prior written permission.
19
- *
20
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
23
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
24
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
25
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
26
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
27
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
28
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
29
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31
- *
32
- */
33
-
34
- #include "src/core/lib/security/credentials.h"
35
-
36
- #include <stdio.h>
37
- #include <string.h>
38
-
39
- #include "src/core/lib/channel/channel_args.h"
40
- #include "src/core/lib/channel/http_client_filter.h"
41
- #include "src/core/lib/http/httpcli.h"
42
- #include "src/core/lib/http/parser.h"
43
- #include "src/core/lib/iomgr/executor.h"
44
- #include "src/core/lib/json/json.h"
45
- #include "src/core/lib/support/string.h"
46
- #include "src/core/lib/surface/api_trace.h"
47
-
48
- #include <grpc/support/alloc.h>
49
- #include <grpc/support/log.h>
50
- #include <grpc/support/string_util.h>
51
- #include <grpc/support/sync.h>
52
- #include <grpc/support/time.h>
53
-
54
- /* -- Common. -- */
55
-
56
- struct grpc_credentials_metadata_request {
57
- grpc_call_credentials *creds;
58
- grpc_credentials_metadata_cb cb;
59
- void *user_data;
60
- };
61
-
62
- static grpc_credentials_metadata_request *
63
- grpc_credentials_metadata_request_create(grpc_call_credentials *creds,
64
- grpc_credentials_metadata_cb cb,
65
- void *user_data) {
66
- grpc_credentials_metadata_request *r =
67
- gpr_malloc(sizeof(grpc_credentials_metadata_request));
68
- r->creds = grpc_call_credentials_ref(creds);
69
- r->cb = cb;
70
- r->user_data = user_data;
71
- return r;
72
- }
73
-
74
- static void grpc_credentials_metadata_request_destroy(
75
- grpc_credentials_metadata_request *r) {
76
- grpc_call_credentials_unref(r->creds);
77
- gpr_free(r);
78
- }
79
-
80
- grpc_channel_credentials *grpc_channel_credentials_ref(
81
- grpc_channel_credentials *creds) {
82
- if (creds == NULL) return NULL;
83
- gpr_ref(&creds->refcount);
84
- return creds;
85
- }
86
-
87
- void grpc_channel_credentials_unref(grpc_channel_credentials *creds) {
88
- if (creds == NULL) return;
89
- if (gpr_unref(&creds->refcount)) {
90
- if (creds->vtable->destruct != NULL) creds->vtable->destruct(creds);
91
- gpr_free(creds);
92
- }
93
- }
94
-
95
- void grpc_channel_credentials_release(grpc_channel_credentials *creds) {
96
- GRPC_API_TRACE("grpc_channel_credentials_release(creds=%p)", 1, (creds));
97
- grpc_channel_credentials_unref(creds);
98
- }
99
-
100
- grpc_call_credentials *grpc_call_credentials_ref(grpc_call_credentials *creds) {
101
- if (creds == NULL) return NULL;
102
- gpr_ref(&creds->refcount);
103
- return creds;
104
- }
105
-
106
- void grpc_call_credentials_unref(grpc_call_credentials *creds) {
107
- if (creds == NULL) return;
108
- if (gpr_unref(&creds->refcount)) {
109
- if (creds->vtable->destruct != NULL) creds->vtable->destruct(creds);
110
- gpr_free(creds);
111
- }
112
- }
113
-
114
- void grpc_call_credentials_release(grpc_call_credentials *creds) {
115
- GRPC_API_TRACE("grpc_call_credentials_release(creds=%p)", 1, (creds));
116
- grpc_call_credentials_unref(creds);
117
- }
118
-
119
- void grpc_call_credentials_get_request_metadata(
120
- grpc_exec_ctx *exec_ctx, grpc_call_credentials *creds,
121
- grpc_pollset *pollset, grpc_auth_metadata_context context,
122
- grpc_credentials_metadata_cb cb, void *user_data) {
123
- if (creds == NULL || creds->vtable->get_request_metadata == NULL) {
124
- if (cb != NULL) {
125
- cb(exec_ctx, user_data, NULL, 0, GRPC_CREDENTIALS_OK);
126
- }
127
- return;
128
- }
129
- creds->vtable->get_request_metadata(exec_ctx, creds, pollset, context, cb,
130
- user_data);
131
- }
132
-
133
- grpc_security_status grpc_channel_credentials_create_security_connector(
134
- grpc_channel_credentials *channel_creds, const char *target,
135
- const grpc_channel_args *args, grpc_channel_security_connector **sc,
136
- grpc_channel_args **new_args) {
137
- *new_args = NULL;
138
- if (channel_creds == NULL) {
139
- return GRPC_SECURITY_ERROR;
140
- }
141
- GPR_ASSERT(channel_creds->vtable->create_security_connector != NULL);
142
- return channel_creds->vtable->create_security_connector(
143
- channel_creds, NULL, target, args, sc, new_args);
144
- }
145
-
146
- grpc_server_credentials *grpc_server_credentials_ref(
147
- grpc_server_credentials *creds) {
148
- if (creds == NULL) return NULL;
149
- gpr_ref(&creds->refcount);
150
- return creds;
151
- }
152
-
153
- void grpc_server_credentials_unref(grpc_server_credentials *creds) {
154
- if (creds == NULL) return;
155
- if (gpr_unref(&creds->refcount)) {
156
- if (creds->vtable->destruct != NULL) creds->vtable->destruct(creds);
157
- if (creds->processor.destroy != NULL && creds->processor.state != NULL) {
158
- creds->processor.destroy(creds->processor.state);
159
- }
160
- gpr_free(creds);
161
- }
162
- }
163
-
164
- void grpc_server_credentials_release(grpc_server_credentials *creds) {
165
- GRPC_API_TRACE("grpc_server_credentials_release(creds=%p)", 1, (creds));
166
- grpc_server_credentials_unref(creds);
167
- }
168
-
169
- grpc_security_status grpc_server_credentials_create_security_connector(
170
- grpc_server_credentials *creds, grpc_server_security_connector **sc) {
171
- if (creds == NULL || creds->vtable->create_security_connector == NULL) {
172
- gpr_log(GPR_ERROR, "Server credentials cannot create security context.");
173
- return GRPC_SECURITY_ERROR;
174
- }
175
- return creds->vtable->create_security_connector(creds, sc);
176
- }
177
-
178
- void grpc_server_credentials_set_auth_metadata_processor(
179
- grpc_server_credentials *creds, grpc_auth_metadata_processor processor) {
180
- GRPC_API_TRACE(
181
- "grpc_server_credentials_set_auth_metadata_processor("
182
- "creds=%p, "
183
- "processor=grpc_auth_metadata_processor { process: %p, state: %p })",
184
- 3, (creds, (void *)(intptr_t)processor.process, processor.state));
185
- if (creds == NULL) return;
186
- if (creds->processor.destroy != NULL && creds->processor.state != NULL) {
187
- creds->processor.destroy(creds->processor.state);
188
- }
189
- creds->processor = processor;
190
- }
191
-
192
- static void server_credentials_pointer_arg_destroy(void *p) {
193
- grpc_server_credentials_unref(p);
194
- }
195
-
196
- static void *server_credentials_pointer_arg_copy(void *p) {
197
- return grpc_server_credentials_ref(p);
198
- }
199
-
200
- static int server_credentials_pointer_cmp(void *a, void *b) {
201
- return GPR_ICMP(a, b);
202
- }
203
-
204
- static const grpc_arg_pointer_vtable cred_ptr_vtable = {
205
- server_credentials_pointer_arg_copy, server_credentials_pointer_arg_destroy,
206
- server_credentials_pointer_cmp};
207
-
208
- grpc_arg grpc_server_credentials_to_arg(grpc_server_credentials *p) {
209
- grpc_arg arg;
210
- memset(&arg, 0, sizeof(grpc_arg));
211
- arg.type = GRPC_ARG_POINTER;
212
- arg.key = GRPC_SERVER_CREDENTIALS_ARG;
213
- arg.value.pointer.p = p;
214
- arg.value.pointer.vtable = &cred_ptr_vtable;
215
- return arg;
216
- }
217
-
218
- grpc_server_credentials *grpc_server_credentials_from_arg(const grpc_arg *arg) {
219
- if (strcmp(arg->key, GRPC_SERVER_CREDENTIALS_ARG) != 0) return NULL;
220
- if (arg->type != GRPC_ARG_POINTER) {
221
- gpr_log(GPR_ERROR, "Invalid type %d for arg %s", arg->type,
222
- GRPC_SERVER_CREDENTIALS_ARG);
223
- return NULL;
224
- }
225
- return arg->value.pointer.p;
226
- }
227
-
228
- grpc_server_credentials *grpc_find_server_credentials_in_args(
229
- const grpc_channel_args *args) {
230
- size_t i;
231
- if (args == NULL) return NULL;
232
- for (i = 0; i < args->num_args; i++) {
233
- grpc_server_credentials *p =
234
- grpc_server_credentials_from_arg(&args->args[i]);
235
- if (p != NULL) return p;
236
- }
237
- return NULL;
238
- }
239
-
240
- /* -- Ssl credentials. -- */
241
-
242
- static void ssl_destruct(grpc_channel_credentials *creds) {
243
- grpc_ssl_credentials *c = (grpc_ssl_credentials *)creds;
244
- if (c->config.pem_root_certs != NULL) gpr_free(c->config.pem_root_certs);
245
- if (c->config.pem_private_key != NULL) gpr_free(c->config.pem_private_key);
246
- if (c->config.pem_cert_chain != NULL) gpr_free(c->config.pem_cert_chain);
247
- }
248
-
249
- static void ssl_server_destruct(grpc_server_credentials *creds) {
250
- grpc_ssl_server_credentials *c = (grpc_ssl_server_credentials *)creds;
251
- size_t i;
252
- for (i = 0; i < c->config.num_key_cert_pairs; i++) {
253
- if (c->config.pem_private_keys[i] != NULL) {
254
- gpr_free(c->config.pem_private_keys[i]);
255
- }
256
- if (c->config.pem_cert_chains[i] != NULL) {
257
- gpr_free(c->config.pem_cert_chains[i]);
258
- }
259
- }
260
- if (c->config.pem_private_keys != NULL) gpr_free(c->config.pem_private_keys);
261
- if (c->config.pem_private_keys_sizes != NULL) {
262
- gpr_free(c->config.pem_private_keys_sizes);
263
- }
264
- if (c->config.pem_cert_chains != NULL) gpr_free(c->config.pem_cert_chains);
265
- if (c->config.pem_cert_chains_sizes != NULL) {
266
- gpr_free(c->config.pem_cert_chains_sizes);
267
- }
268
- if (c->config.pem_root_certs != NULL) gpr_free(c->config.pem_root_certs);
269
- }
270
-
271
- static grpc_security_status ssl_create_security_connector(
272
- grpc_channel_credentials *creds, grpc_call_credentials *call_creds,
273
- const char *target, const grpc_channel_args *args,
274
- grpc_channel_security_connector **sc, grpc_channel_args **new_args) {
275
- grpc_ssl_credentials *c = (grpc_ssl_credentials *)creds;
276
- grpc_security_status status = GRPC_SECURITY_OK;
277
- size_t i = 0;
278
- const char *overridden_target_name = NULL;
279
- grpc_arg new_arg;
280
-
281
- for (i = 0; args && i < args->num_args; i++) {
282
- grpc_arg *arg = &args->args[i];
283
- if (strcmp(arg->key, GRPC_SSL_TARGET_NAME_OVERRIDE_ARG) == 0 &&
284
- arg->type == GRPC_ARG_STRING) {
285
- overridden_target_name = arg->value.string;
286
- break;
287
- }
288
- }
289
- status = grpc_ssl_channel_security_connector_create(
290
- call_creds, &c->config, target, overridden_target_name, sc);
291
- if (status != GRPC_SECURITY_OK) {
292
- return status;
293
- }
294
- new_arg.type = GRPC_ARG_STRING;
295
- new_arg.key = GRPC_ARG_HTTP2_SCHEME;
296
- new_arg.value.string = "https";
297
- *new_args = grpc_channel_args_copy_and_add(args, &new_arg, 1);
298
- return status;
299
- }
300
-
301
- static grpc_security_status ssl_server_create_security_connector(
302
- grpc_server_credentials *creds, grpc_server_security_connector **sc) {
303
- grpc_ssl_server_credentials *c = (grpc_ssl_server_credentials *)creds;
304
- return grpc_ssl_server_security_connector_create(&c->config, sc);
305
- }
306
-
307
- static grpc_channel_credentials_vtable ssl_vtable = {
308
- ssl_destruct, ssl_create_security_connector};
309
-
310
- static grpc_server_credentials_vtable ssl_server_vtable = {
311
- ssl_server_destruct, ssl_server_create_security_connector};
312
-
313
- static void ssl_copy_key_material(const char *input, unsigned char **output,
314
- size_t *output_size) {
315
- *output_size = strlen(input);
316
- *output = gpr_malloc(*output_size);
317
- memcpy(*output, input, *output_size);
318
- }
319
-
320
- static void ssl_build_config(const char *pem_root_certs,
321
- grpc_ssl_pem_key_cert_pair *pem_key_cert_pair,
322
- grpc_ssl_config *config) {
323
- if (pem_root_certs != NULL) {
324
- ssl_copy_key_material(pem_root_certs, &config->pem_root_certs,
325
- &config->pem_root_certs_size);
326
- }
327
- if (pem_key_cert_pair != NULL) {
328
- GPR_ASSERT(pem_key_cert_pair->private_key != NULL);
329
- GPR_ASSERT(pem_key_cert_pair->cert_chain != NULL);
330
- ssl_copy_key_material(pem_key_cert_pair->private_key,
331
- &config->pem_private_key,
332
- &config->pem_private_key_size);
333
- ssl_copy_key_material(pem_key_cert_pair->cert_chain,
334
- &config->pem_cert_chain,
335
- &config->pem_cert_chain_size);
336
- }
337
- }
338
-
339
- static void ssl_build_server_config(
340
- const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs,
341
- size_t num_key_cert_pairs,
342
- grpc_ssl_client_certificate_request_type client_certificate_request,
343
- grpc_ssl_server_config *config) {
344
- size_t i;
345
- config->client_certificate_request = client_certificate_request;
346
- if (pem_root_certs != NULL) {
347
- ssl_copy_key_material(pem_root_certs, &config->pem_root_certs,
348
- &config->pem_root_certs_size);
349
- }
350
- if (num_key_cert_pairs > 0) {
351
- GPR_ASSERT(pem_key_cert_pairs != NULL);
352
- config->pem_private_keys =
353
- gpr_malloc(num_key_cert_pairs * sizeof(unsigned char *));
354
- config->pem_cert_chains =
355
- gpr_malloc(num_key_cert_pairs * sizeof(unsigned char *));
356
- config->pem_private_keys_sizes =
357
- gpr_malloc(num_key_cert_pairs * sizeof(size_t));
358
- config->pem_cert_chains_sizes =
359
- gpr_malloc(num_key_cert_pairs * sizeof(size_t));
360
- }
361
- config->num_key_cert_pairs = num_key_cert_pairs;
362
- for (i = 0; i < num_key_cert_pairs; i++) {
363
- GPR_ASSERT(pem_key_cert_pairs[i].private_key != NULL);
364
- GPR_ASSERT(pem_key_cert_pairs[i].cert_chain != NULL);
365
- ssl_copy_key_material(pem_key_cert_pairs[i].private_key,
366
- &config->pem_private_keys[i],
367
- &config->pem_private_keys_sizes[i]);
368
- ssl_copy_key_material(pem_key_cert_pairs[i].cert_chain,
369
- &config->pem_cert_chains[i],
370
- &config->pem_cert_chains_sizes[i]);
371
- }
372
- }
373
-
374
- grpc_channel_credentials *grpc_ssl_credentials_create(
375
- const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pair,
376
- void *reserved) {
377
- grpc_ssl_credentials *c = gpr_malloc(sizeof(grpc_ssl_credentials));
378
- GRPC_API_TRACE(
379
- "grpc_ssl_credentials_create(pem_root_certs=%s, "
380
- "pem_key_cert_pair=%p, "
381
- "reserved=%p)",
382
- 3, (pem_root_certs, pem_key_cert_pair, reserved));
383
- GPR_ASSERT(reserved == NULL);
384
- memset(c, 0, sizeof(grpc_ssl_credentials));
385
- c->base.type = GRPC_CHANNEL_CREDENTIALS_TYPE_SSL;
386
- c->base.vtable = &ssl_vtable;
387
- gpr_ref_init(&c->base.refcount, 1);
388
- ssl_build_config(pem_root_certs, pem_key_cert_pair, &c->config);
389
- return &c->base;
390
- }
391
-
392
- grpc_server_credentials *grpc_ssl_server_credentials_create(
393
- const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs,
394
- size_t num_key_cert_pairs, int force_client_auth, void *reserved) {
395
- return grpc_ssl_server_credentials_create_ex(
396
- pem_root_certs, pem_key_cert_pairs, num_key_cert_pairs,
397
- force_client_auth
398
- ? GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY
399
- : GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE,
400
- reserved);
401
- }
402
-
403
- grpc_server_credentials *grpc_ssl_server_credentials_create_ex(
404
- const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs,
405
- size_t num_key_cert_pairs,
406
- grpc_ssl_client_certificate_request_type client_certificate_request,
407
- void *reserved) {
408
- grpc_ssl_server_credentials *c =
409
- gpr_malloc(sizeof(grpc_ssl_server_credentials));
410
- GRPC_API_TRACE(
411
- "grpc_ssl_server_credentials_create_ex("
412
- "pem_root_certs=%s, pem_key_cert_pairs=%p, num_key_cert_pairs=%lu, "
413
- "client_certificate_request=%d, reserved=%p)",
414
- 5, (pem_root_certs, pem_key_cert_pairs, (unsigned long)num_key_cert_pairs,
415
- client_certificate_request, reserved));
416
- GPR_ASSERT(reserved == NULL);
417
- memset(c, 0, sizeof(grpc_ssl_server_credentials));
418
- c->base.type = GRPC_CHANNEL_CREDENTIALS_TYPE_SSL;
419
- gpr_ref_init(&c->base.refcount, 1);
420
- c->base.vtable = &ssl_server_vtable;
421
- ssl_build_server_config(pem_root_certs, pem_key_cert_pairs,
422
- num_key_cert_pairs, client_certificate_request,
423
- &c->config);
424
- return &c->base;
425
- }
426
-
427
- /* -- Jwt credentials -- */
428
-
429
- static void jwt_reset_cache(grpc_service_account_jwt_access_credentials *c) {
430
- if (c->cached.jwt_md != NULL) {
431
- grpc_credentials_md_store_unref(c->cached.jwt_md);
432
- c->cached.jwt_md = NULL;
433
- }
434
- if (c->cached.service_url != NULL) {
435
- gpr_free(c->cached.service_url);
436
- c->cached.service_url = NULL;
437
- }
438
- c->cached.jwt_expiration = gpr_inf_past(GPR_CLOCK_REALTIME);
439
- }
440
-
441
- static void jwt_destruct(grpc_call_credentials *creds) {
442
- grpc_service_account_jwt_access_credentials *c =
443
- (grpc_service_account_jwt_access_credentials *)creds;
444
- grpc_auth_json_key_destruct(&c->key);
445
- jwt_reset_cache(c);
446
- gpr_mu_destroy(&c->cache_mu);
447
- }
448
-
449
- static void jwt_get_request_metadata(grpc_exec_ctx *exec_ctx,
450
- grpc_call_credentials *creds,
451
- grpc_pollset *pollset,
452
- grpc_auth_metadata_context context,
453
- grpc_credentials_metadata_cb cb,
454
- void *user_data) {
455
- grpc_service_account_jwt_access_credentials *c =
456
- (grpc_service_account_jwt_access_credentials *)creds;
457
- gpr_timespec refresh_threshold = gpr_time_from_seconds(
458
- GRPC_SECURE_TOKEN_REFRESH_THRESHOLD_SECS, GPR_TIMESPAN);
459
-
460
- /* See if we can return a cached jwt. */
461
- grpc_credentials_md_store *jwt_md = NULL;
462
- {
463
- gpr_mu_lock(&c->cache_mu);
464
- if (c->cached.service_url != NULL &&
465
- strcmp(c->cached.service_url, context.service_url) == 0 &&
466
- c->cached.jwt_md != NULL &&
467
- (gpr_time_cmp(gpr_time_sub(c->cached.jwt_expiration,
468
- gpr_now(GPR_CLOCK_REALTIME)),
469
- refresh_threshold) > 0)) {
470
- jwt_md = grpc_credentials_md_store_ref(c->cached.jwt_md);
471
- }
472
- gpr_mu_unlock(&c->cache_mu);
473
- }
474
-
475
- if (jwt_md == NULL) {
476
- char *jwt = NULL;
477
- /* Generate a new jwt. */
478
- gpr_mu_lock(&c->cache_mu);
479
- jwt_reset_cache(c);
480
- jwt = grpc_jwt_encode_and_sign(&c->key, context.service_url,
481
- c->jwt_lifetime, NULL);
482
- if (jwt != NULL) {
483
- char *md_value;
484
- gpr_asprintf(&md_value, "Bearer %s", jwt);
485
- gpr_free(jwt);
486
- c->cached.jwt_expiration =
487
- gpr_time_add(gpr_now(GPR_CLOCK_REALTIME), c->jwt_lifetime);
488
- c->cached.service_url = gpr_strdup(context.service_url);
489
- c->cached.jwt_md = grpc_credentials_md_store_create(1);
490
- grpc_credentials_md_store_add_cstrings(
491
- c->cached.jwt_md, GRPC_AUTHORIZATION_METADATA_KEY, md_value);
492
- gpr_free(md_value);
493
- jwt_md = grpc_credentials_md_store_ref(c->cached.jwt_md);
494
- }
495
- gpr_mu_unlock(&c->cache_mu);
496
- }
497
-
498
- if (jwt_md != NULL) {
499
- cb(exec_ctx, user_data, jwt_md->entries, jwt_md->num_entries,
500
- GRPC_CREDENTIALS_OK);
501
- grpc_credentials_md_store_unref(jwt_md);
502
- } else {
503
- cb(exec_ctx, user_data, NULL, 0, GRPC_CREDENTIALS_ERROR);
504
- }
505
- }
506
-
507
- static grpc_call_credentials_vtable jwt_vtable = {jwt_destruct,
508
- jwt_get_request_metadata};
509
-
510
- grpc_call_credentials *
511
- grpc_service_account_jwt_access_credentials_create_from_auth_json_key(
512
- grpc_auth_json_key key, gpr_timespec token_lifetime) {
513
- grpc_service_account_jwt_access_credentials *c;
514
- if (!grpc_auth_json_key_is_valid(&key)) {
515
- gpr_log(GPR_ERROR, "Invalid input for jwt credentials creation");
516
- return NULL;
517
- }
518
- c = gpr_malloc(sizeof(grpc_service_account_jwt_access_credentials));
519
- memset(c, 0, sizeof(grpc_service_account_jwt_access_credentials));
520
- c->base.type = GRPC_CALL_CREDENTIALS_TYPE_JWT;
521
- gpr_ref_init(&c->base.refcount, 1);
522
- c->base.vtable = &jwt_vtable;
523
- c->key = key;
524
- c->jwt_lifetime = token_lifetime;
525
- gpr_mu_init(&c->cache_mu);
526
- jwt_reset_cache(c);
527
- return &c->base;
528
- }
529
-
530
- grpc_call_credentials *grpc_service_account_jwt_access_credentials_create(
531
- const char *json_key, gpr_timespec token_lifetime, void *reserved) {
532
- GRPC_API_TRACE(
533
- "grpc_service_account_jwt_access_credentials_create("
534
- "json_key=%s, "
535
- "token_lifetime="
536
- "gpr_timespec { tv_sec: %lld, tv_nsec: %d, clock_type: %d }, "
537
- "reserved=%p)",
538
- 5,
539
- (json_key, (long long)token_lifetime.tv_sec, (int)token_lifetime.tv_nsec,
540
- (int)token_lifetime.clock_type, reserved));
541
- GPR_ASSERT(reserved == NULL);
542
- return grpc_service_account_jwt_access_credentials_create_from_auth_json_key(
543
- grpc_auth_json_key_create_from_string(json_key), token_lifetime);
544
- }
545
-
546
- /* -- Oauth2TokenFetcher credentials -- */
547
-
548
- static void oauth2_token_fetcher_destruct(grpc_call_credentials *creds) {
549
- grpc_oauth2_token_fetcher_credentials *c =
550
- (grpc_oauth2_token_fetcher_credentials *)creds;
551
- grpc_credentials_md_store_unref(c->access_token_md);
552
- gpr_mu_destroy(&c->mu);
553
- grpc_httpcli_context_destroy(&c->httpcli_context);
554
- }
555
-
556
- grpc_credentials_status
557
- grpc_oauth2_token_fetcher_credentials_parse_server_response(
558
- const grpc_http_response *response, grpc_credentials_md_store **token_md,
559
- gpr_timespec *token_lifetime) {
560
- char *null_terminated_body = NULL;
561
- char *new_access_token = NULL;
562
- grpc_credentials_status status = GRPC_CREDENTIALS_OK;
563
- grpc_json *json = NULL;
564
-
565
- if (response == NULL) {
566
- gpr_log(GPR_ERROR, "Received NULL response.");
567
- status = GRPC_CREDENTIALS_ERROR;
568
- goto end;
569
- }
570
-
571
- if (response->body_length > 0) {
572
- null_terminated_body = gpr_malloc(response->body_length + 1);
573
- null_terminated_body[response->body_length] = '\0';
574
- memcpy(null_terminated_body, response->body, response->body_length);
575
- }
576
-
577
- if (response->status != 200) {
578
- gpr_log(GPR_ERROR, "Call to http server ended with error %d [%s].",
579
- response->status,
580
- null_terminated_body != NULL ? null_terminated_body : "");
581
- status = GRPC_CREDENTIALS_ERROR;
582
- goto end;
583
- } else {
584
- grpc_json *access_token = NULL;
585
- grpc_json *token_type = NULL;
586
- grpc_json *expires_in = NULL;
587
- grpc_json *ptr;
588
- json = grpc_json_parse_string(null_terminated_body);
589
- if (json == NULL) {
590
- gpr_log(GPR_ERROR, "Could not parse JSON from %s", null_terminated_body);
591
- status = GRPC_CREDENTIALS_ERROR;
592
- goto end;
593
- }
594
- if (json->type != GRPC_JSON_OBJECT) {
595
- gpr_log(GPR_ERROR, "Response should be a JSON object");
596
- status = GRPC_CREDENTIALS_ERROR;
597
- goto end;
598
- }
599
- for (ptr = json->child; ptr; ptr = ptr->next) {
600
- if (strcmp(ptr->key, "access_token") == 0) {
601
- access_token = ptr;
602
- } else if (strcmp(ptr->key, "token_type") == 0) {
603
- token_type = ptr;
604
- } else if (strcmp(ptr->key, "expires_in") == 0) {
605
- expires_in = ptr;
606
- }
607
- }
608
- if (access_token == NULL || access_token->type != GRPC_JSON_STRING) {
609
- gpr_log(GPR_ERROR, "Missing or invalid access_token in JSON.");
610
- status = GRPC_CREDENTIALS_ERROR;
611
- goto end;
612
- }
613
- if (token_type == NULL || token_type->type != GRPC_JSON_STRING) {
614
- gpr_log(GPR_ERROR, "Missing or invalid token_type in JSON.");
615
- status = GRPC_CREDENTIALS_ERROR;
616
- goto end;
617
- }
618
- if (expires_in == NULL || expires_in->type != GRPC_JSON_NUMBER) {
619
- gpr_log(GPR_ERROR, "Missing or invalid expires_in in JSON.");
620
- status = GRPC_CREDENTIALS_ERROR;
621
- goto end;
622
- }
623
- gpr_asprintf(&new_access_token, "%s %s", token_type->value,
624
- access_token->value);
625
- token_lifetime->tv_sec = strtol(expires_in->value, NULL, 10);
626
- token_lifetime->tv_nsec = 0;
627
- token_lifetime->clock_type = GPR_TIMESPAN;
628
- if (*token_md != NULL) grpc_credentials_md_store_unref(*token_md);
629
- *token_md = grpc_credentials_md_store_create(1);
630
- grpc_credentials_md_store_add_cstrings(
631
- *token_md, GRPC_AUTHORIZATION_METADATA_KEY, new_access_token);
632
- status = GRPC_CREDENTIALS_OK;
633
- }
634
-
635
- end:
636
- if (status != GRPC_CREDENTIALS_OK && (*token_md != NULL)) {
637
- grpc_credentials_md_store_unref(*token_md);
638
- *token_md = NULL;
639
- }
640
- if (null_terminated_body != NULL) gpr_free(null_terminated_body);
641
- if (new_access_token != NULL) gpr_free(new_access_token);
642
- if (json != NULL) grpc_json_destroy(json);
643
- return status;
644
- }
645
-
646
- static void on_oauth2_token_fetcher_http_response(
647
- grpc_exec_ctx *exec_ctx, void *user_data,
648
- const grpc_http_response *response) {
649
- grpc_credentials_metadata_request *r =
650
- (grpc_credentials_metadata_request *)user_data;
651
- grpc_oauth2_token_fetcher_credentials *c =
652
- (grpc_oauth2_token_fetcher_credentials *)r->creds;
653
- gpr_timespec token_lifetime;
654
- grpc_credentials_status status;
655
-
656
- gpr_mu_lock(&c->mu);
657
- status = grpc_oauth2_token_fetcher_credentials_parse_server_response(
658
- response, &c->access_token_md, &token_lifetime);
659
- if (status == GRPC_CREDENTIALS_OK) {
660
- c->token_expiration =
661
- gpr_time_add(gpr_now(GPR_CLOCK_REALTIME), token_lifetime);
662
- r->cb(exec_ctx, r->user_data, c->access_token_md->entries,
663
- c->access_token_md->num_entries, status);
664
- } else {
665
- c->token_expiration = gpr_inf_past(GPR_CLOCK_REALTIME);
666
- r->cb(exec_ctx, r->user_data, NULL, 0, status);
667
- }
668
- gpr_mu_unlock(&c->mu);
669
- grpc_credentials_metadata_request_destroy(r);
670
- }
671
-
672
- static void oauth2_token_fetcher_get_request_metadata(
673
- grpc_exec_ctx *exec_ctx, grpc_call_credentials *creds,
674
- grpc_pollset *pollset, grpc_auth_metadata_context context,
675
- grpc_credentials_metadata_cb cb, void *user_data) {
676
- grpc_oauth2_token_fetcher_credentials *c =
677
- (grpc_oauth2_token_fetcher_credentials *)creds;
678
- gpr_timespec refresh_threshold = gpr_time_from_seconds(
679
- GRPC_SECURE_TOKEN_REFRESH_THRESHOLD_SECS, GPR_TIMESPAN);
680
- grpc_credentials_md_store *cached_access_token_md = NULL;
681
- {
682
- gpr_mu_lock(&c->mu);
683
- if (c->access_token_md != NULL &&
684
- (gpr_time_cmp(
685
- gpr_time_sub(c->token_expiration, gpr_now(GPR_CLOCK_REALTIME)),
686
- refresh_threshold) > 0)) {
687
- cached_access_token_md =
688
- grpc_credentials_md_store_ref(c->access_token_md);
689
- }
690
- gpr_mu_unlock(&c->mu);
691
- }
692
- if (cached_access_token_md != NULL) {
693
- cb(exec_ctx, user_data, cached_access_token_md->entries,
694
- cached_access_token_md->num_entries, GRPC_CREDENTIALS_OK);
695
- grpc_credentials_md_store_unref(cached_access_token_md);
696
- } else {
697
- c->fetch_func(
698
- exec_ctx,
699
- grpc_credentials_metadata_request_create(creds, cb, user_data),
700
- &c->httpcli_context, pollset, on_oauth2_token_fetcher_http_response,
701
- gpr_time_add(gpr_now(GPR_CLOCK_REALTIME), refresh_threshold));
702
- }
703
- }
704
-
705
- static void init_oauth2_token_fetcher(grpc_oauth2_token_fetcher_credentials *c,
706
- grpc_fetch_oauth2_func fetch_func) {
707
- memset(c, 0, sizeof(grpc_oauth2_token_fetcher_credentials));
708
- c->base.type = GRPC_CALL_CREDENTIALS_TYPE_OAUTH2;
709
- gpr_ref_init(&c->base.refcount, 1);
710
- gpr_mu_init(&c->mu);
711
- c->token_expiration = gpr_inf_past(GPR_CLOCK_REALTIME);
712
- c->fetch_func = fetch_func;
713
- grpc_httpcli_context_init(&c->httpcli_context);
714
- }
715
-
716
- /* -- GoogleComputeEngine credentials. -- */
717
-
718
- static grpc_call_credentials_vtable compute_engine_vtable = {
719
- oauth2_token_fetcher_destruct, oauth2_token_fetcher_get_request_metadata};
720
-
721
- static void compute_engine_fetch_oauth2(
722
- grpc_exec_ctx *exec_ctx, grpc_credentials_metadata_request *metadata_req,
723
- grpc_httpcli_context *httpcli_context, grpc_pollset *pollset,
724
- grpc_httpcli_response_cb response_cb, gpr_timespec deadline) {
725
- grpc_http_header header = {"Metadata-Flavor", "Google"};
726
- grpc_httpcli_request request;
727
- memset(&request, 0, sizeof(grpc_httpcli_request));
728
- request.host = GRPC_COMPUTE_ENGINE_METADATA_HOST;
729
- request.http.path = GRPC_COMPUTE_ENGINE_METADATA_TOKEN_PATH;
730
- request.http.hdr_count = 1;
731
- request.http.hdrs = &header;
732
- grpc_httpcli_get(exec_ctx, httpcli_context, pollset, &request, deadline,
733
- response_cb, metadata_req);
734
- }
735
-
736
- grpc_call_credentials *grpc_google_compute_engine_credentials_create(
737
- void *reserved) {
738
- grpc_oauth2_token_fetcher_credentials *c =
739
- gpr_malloc(sizeof(grpc_oauth2_token_fetcher_credentials));
740
- GRPC_API_TRACE("grpc_compute_engine_credentials_create(reserved=%p)", 1,
741
- (reserved));
742
- GPR_ASSERT(reserved == NULL);
743
- init_oauth2_token_fetcher(c, compute_engine_fetch_oauth2);
744
- c->base.vtable = &compute_engine_vtable;
745
- return &c->base;
746
- }
747
-
748
- /* -- GoogleRefreshToken credentials. -- */
749
-
750
- static void refresh_token_destruct(grpc_call_credentials *creds) {
751
- grpc_google_refresh_token_credentials *c =
752
- (grpc_google_refresh_token_credentials *)creds;
753
- grpc_auth_refresh_token_destruct(&c->refresh_token);
754
- oauth2_token_fetcher_destruct(&c->base.base);
755
- }
756
-
757
- static grpc_call_credentials_vtable refresh_token_vtable = {
758
- refresh_token_destruct, oauth2_token_fetcher_get_request_metadata};
759
-
760
- static void refresh_token_fetch_oauth2(
761
- grpc_exec_ctx *exec_ctx, grpc_credentials_metadata_request *metadata_req,
762
- grpc_httpcli_context *httpcli_context, grpc_pollset *pollset,
763
- grpc_httpcli_response_cb response_cb, gpr_timespec deadline) {
764
- grpc_google_refresh_token_credentials *c =
765
- (grpc_google_refresh_token_credentials *)metadata_req->creds;
766
- grpc_http_header header = {"Content-Type",
767
- "application/x-www-form-urlencoded"};
768
- grpc_httpcli_request request;
769
- char *body = NULL;
770
- gpr_asprintf(&body, GRPC_REFRESH_TOKEN_POST_BODY_FORMAT_STRING,
771
- c->refresh_token.client_id, c->refresh_token.client_secret,
772
- c->refresh_token.refresh_token);
773
- memset(&request, 0, sizeof(grpc_httpcli_request));
774
- request.host = GRPC_GOOGLE_OAUTH2_SERVICE_HOST;
775
- request.http.path = GRPC_GOOGLE_OAUTH2_SERVICE_TOKEN_PATH;
776
- request.http.hdr_count = 1;
777
- request.http.hdrs = &header;
778
- request.handshaker = &grpc_httpcli_ssl;
779
- grpc_httpcli_post(exec_ctx, httpcli_context, pollset, &request, body,
780
- strlen(body), deadline, response_cb, metadata_req);
781
- gpr_free(body);
782
- }
783
-
784
- grpc_call_credentials *
785
- grpc_refresh_token_credentials_create_from_auth_refresh_token(
786
- grpc_auth_refresh_token refresh_token) {
787
- grpc_google_refresh_token_credentials *c;
788
- if (!grpc_auth_refresh_token_is_valid(&refresh_token)) {
789
- gpr_log(GPR_ERROR, "Invalid input for refresh token credentials creation");
790
- return NULL;
791
- }
792
- c = gpr_malloc(sizeof(grpc_google_refresh_token_credentials));
793
- memset(c, 0, sizeof(grpc_google_refresh_token_credentials));
794
- init_oauth2_token_fetcher(&c->base, refresh_token_fetch_oauth2);
795
- c->base.base.vtable = &refresh_token_vtable;
796
- c->refresh_token = refresh_token;
797
- return &c->base.base;
798
- }
799
-
800
- grpc_call_credentials *grpc_google_refresh_token_credentials_create(
801
- const char *json_refresh_token, void *reserved) {
802
- GRPC_API_TRACE(
803
- "grpc_refresh_token_credentials_create(json_refresh_token=%s, "
804
- "reserved=%p)",
805
- 2, (json_refresh_token, reserved));
806
- GPR_ASSERT(reserved == NULL);
807
- return grpc_refresh_token_credentials_create_from_auth_refresh_token(
808
- grpc_auth_refresh_token_create_from_string(json_refresh_token));
809
- }
810
-
811
- /* -- Metadata-only credentials. -- */
812
-
813
- static void md_only_test_destruct(grpc_call_credentials *creds) {
814
- grpc_md_only_test_credentials *c = (grpc_md_only_test_credentials *)creds;
815
- grpc_credentials_md_store_unref(c->md_store);
816
- }
817
-
818
- static void on_simulated_token_fetch_done(grpc_exec_ctx *exec_ctx,
819
- void *user_data, bool success) {
820
- grpc_credentials_metadata_request *r =
821
- (grpc_credentials_metadata_request *)user_data;
822
- grpc_md_only_test_credentials *c = (grpc_md_only_test_credentials *)r->creds;
823
- r->cb(exec_ctx, r->user_data, c->md_store->entries, c->md_store->num_entries,
824
- GRPC_CREDENTIALS_OK);
825
- grpc_credentials_metadata_request_destroy(r);
826
- }
827
-
828
- static void md_only_test_get_request_metadata(
829
- grpc_exec_ctx *exec_ctx, grpc_call_credentials *creds,
830
- grpc_pollset *pollset, grpc_auth_metadata_context context,
831
- grpc_credentials_metadata_cb cb, void *user_data) {
832
- grpc_md_only_test_credentials *c = (grpc_md_only_test_credentials *)creds;
833
-
834
- if (c->is_async) {
835
- grpc_credentials_metadata_request *cb_arg =
836
- grpc_credentials_metadata_request_create(creds, cb, user_data);
837
- grpc_executor_enqueue(
838
- grpc_closure_create(on_simulated_token_fetch_done, cb_arg), true);
839
- } else {
840
- cb(exec_ctx, user_data, c->md_store->entries, 1, GRPC_CREDENTIALS_OK);
841
- }
842
- }
843
-
844
- static grpc_call_credentials_vtable md_only_test_vtable = {
845
- md_only_test_destruct, md_only_test_get_request_metadata};
846
-
847
- grpc_call_credentials *grpc_md_only_test_credentials_create(
848
- const char *md_key, const char *md_value, int is_async) {
849
- grpc_md_only_test_credentials *c =
850
- gpr_malloc(sizeof(grpc_md_only_test_credentials));
851
- memset(c, 0, sizeof(grpc_md_only_test_credentials));
852
- c->base.type = GRPC_CALL_CREDENTIALS_TYPE_OAUTH2;
853
- c->base.vtable = &md_only_test_vtable;
854
- gpr_ref_init(&c->base.refcount, 1);
855
- c->md_store = grpc_credentials_md_store_create(1);
856
- grpc_credentials_md_store_add_cstrings(c->md_store, md_key, md_value);
857
- c->is_async = is_async;
858
- return &c->base;
859
- }
860
-
861
- /* -- Oauth2 Access Token credentials. -- */
862
-
863
- static void access_token_destruct(grpc_call_credentials *creds) {
864
- grpc_access_token_credentials *c = (grpc_access_token_credentials *)creds;
865
- grpc_credentials_md_store_unref(c->access_token_md);
866
- }
867
-
868
- static void access_token_get_request_metadata(
869
- grpc_exec_ctx *exec_ctx, grpc_call_credentials *creds,
870
- grpc_pollset *pollset, grpc_auth_metadata_context context,
871
- grpc_credentials_metadata_cb cb, void *user_data) {
872
- grpc_access_token_credentials *c = (grpc_access_token_credentials *)creds;
873
- cb(exec_ctx, user_data, c->access_token_md->entries, 1, GRPC_CREDENTIALS_OK);
874
- }
875
-
876
- static grpc_call_credentials_vtable access_token_vtable = {
877
- access_token_destruct, access_token_get_request_metadata};
878
-
879
- grpc_call_credentials *grpc_access_token_credentials_create(
880
- const char *access_token, void *reserved) {
881
- grpc_access_token_credentials *c =
882
- gpr_malloc(sizeof(grpc_access_token_credentials));
883
- char *token_md_value;
884
- GRPC_API_TRACE(
885
- "grpc_access_token_credentials_create(access_token=%s, "
886
- "reserved=%p)",
887
- 2, (access_token, reserved));
888
- GPR_ASSERT(reserved == NULL);
889
- memset(c, 0, sizeof(grpc_access_token_credentials));
890
- c->base.type = GRPC_CALL_CREDENTIALS_TYPE_OAUTH2;
891
- c->base.vtable = &access_token_vtable;
892
- gpr_ref_init(&c->base.refcount, 1);
893
- c->access_token_md = grpc_credentials_md_store_create(1);
894
- gpr_asprintf(&token_md_value, "Bearer %s", access_token);
895
- grpc_credentials_md_store_add_cstrings(
896
- c->access_token_md, GRPC_AUTHORIZATION_METADATA_KEY, token_md_value);
897
- gpr_free(token_md_value);
898
- return &c->base;
899
- }
900
-
901
- /* -- Fake transport security credentials. -- */
902
-
903
- static grpc_security_status fake_transport_security_create_security_connector(
904
- grpc_channel_credentials *c, grpc_call_credentials *call_creds,
905
- const char *target, const grpc_channel_args *args,
906
- grpc_channel_security_connector **sc, grpc_channel_args **new_args) {
907
- *sc = grpc_fake_channel_security_connector_create(call_creds);
908
- return GRPC_SECURITY_OK;
909
- }
910
-
911
- static grpc_security_status
912
- fake_transport_security_server_create_security_connector(
913
- grpc_server_credentials *c, grpc_server_security_connector **sc) {
914
- *sc = grpc_fake_server_security_connector_create();
915
- return GRPC_SECURITY_OK;
916
- }
917
-
918
- static grpc_channel_credentials_vtable
919
- fake_transport_security_credentials_vtable = {
920
- NULL, fake_transport_security_create_security_connector};
921
-
922
- static grpc_server_credentials_vtable
923
- fake_transport_security_server_credentials_vtable = {
924
- NULL, fake_transport_security_server_create_security_connector};
925
-
926
- grpc_channel_credentials *grpc_fake_transport_security_credentials_create(
927
- void) {
928
- grpc_channel_credentials *c = gpr_malloc(sizeof(grpc_channel_credentials));
929
- memset(c, 0, sizeof(grpc_channel_credentials));
930
- c->type = GRPC_CHANNEL_CREDENTIALS_TYPE_FAKE_TRANSPORT_SECURITY;
931
- c->vtable = &fake_transport_security_credentials_vtable;
932
- gpr_ref_init(&c->refcount, 1);
933
- return c;
934
- }
935
-
936
- grpc_server_credentials *grpc_fake_transport_security_server_credentials_create(
937
- void) {
938
- grpc_server_credentials *c = gpr_malloc(sizeof(grpc_server_credentials));
939
- memset(c, 0, sizeof(grpc_server_credentials));
940
- c->type = GRPC_CHANNEL_CREDENTIALS_TYPE_FAKE_TRANSPORT_SECURITY;
941
- gpr_ref_init(&c->refcount, 1);
942
- c->vtable = &fake_transport_security_server_credentials_vtable;
943
- return c;
944
- }
945
-
946
- /* -- Composite call credentials. -- */
947
-
948
- typedef struct {
949
- grpc_composite_call_credentials *composite_creds;
950
- size_t creds_index;
951
- grpc_credentials_md_store *md_elems;
952
- grpc_auth_metadata_context auth_md_context;
953
- void *user_data;
954
- grpc_pollset *pollset;
955
- grpc_credentials_metadata_cb cb;
956
- } grpc_composite_call_credentials_metadata_context;
957
-
958
- static void composite_call_destruct(grpc_call_credentials *creds) {
959
- grpc_composite_call_credentials *c = (grpc_composite_call_credentials *)creds;
960
- size_t i;
961
- for (i = 0; i < c->inner.num_creds; i++) {
962
- grpc_call_credentials_unref(c->inner.creds_array[i]);
963
- }
964
- gpr_free(c->inner.creds_array);
965
- }
966
-
967
- static void composite_call_md_context_destroy(
968
- grpc_composite_call_credentials_metadata_context *ctx) {
969
- grpc_credentials_md_store_unref(ctx->md_elems);
970
- gpr_free(ctx);
971
- }
972
-
973
- static void composite_call_metadata_cb(grpc_exec_ctx *exec_ctx, void *user_data,
974
- grpc_credentials_md *md_elems,
975
- size_t num_md,
976
- grpc_credentials_status status) {
977
- grpc_composite_call_credentials_metadata_context *ctx =
978
- (grpc_composite_call_credentials_metadata_context *)user_data;
979
- if (status != GRPC_CREDENTIALS_OK) {
980
- ctx->cb(exec_ctx, ctx->user_data, NULL, 0, status);
981
- return;
982
- }
983
-
984
- /* Copy the metadata in the context. */
985
- if (num_md > 0) {
986
- size_t i;
987
- for (i = 0; i < num_md; i++) {
988
- grpc_credentials_md_store_add(ctx->md_elems, md_elems[i].key,
989
- md_elems[i].value);
990
- }
991
- }
992
-
993
- /* See if we need to get some more metadata. */
994
- if (ctx->creds_index < ctx->composite_creds->inner.num_creds) {
995
- grpc_call_credentials *inner_creds =
996
- ctx->composite_creds->inner.creds_array[ctx->creds_index++];
997
- grpc_call_credentials_get_request_metadata(
998
- exec_ctx, inner_creds, ctx->pollset, ctx->auth_md_context,
999
- composite_call_metadata_cb, ctx);
1000
- return;
1001
- }
1002
-
1003
- /* We're done!. */
1004
- ctx->cb(exec_ctx, ctx->user_data, ctx->md_elems->entries,
1005
- ctx->md_elems->num_entries, GRPC_CREDENTIALS_OK);
1006
- composite_call_md_context_destroy(ctx);
1007
- }
1008
-
1009
- static void composite_call_get_request_metadata(
1010
- grpc_exec_ctx *exec_ctx, grpc_call_credentials *creds,
1011
- grpc_pollset *pollset, grpc_auth_metadata_context auth_md_context,
1012
- grpc_credentials_metadata_cb cb, void *user_data) {
1013
- grpc_composite_call_credentials *c = (grpc_composite_call_credentials *)creds;
1014
- grpc_composite_call_credentials_metadata_context *ctx;
1015
-
1016
- ctx = gpr_malloc(sizeof(grpc_composite_call_credentials_metadata_context));
1017
- memset(ctx, 0, sizeof(grpc_composite_call_credentials_metadata_context));
1018
- ctx->auth_md_context = auth_md_context;
1019
- ctx->user_data = user_data;
1020
- ctx->cb = cb;
1021
- ctx->composite_creds = c;
1022
- ctx->pollset = pollset;
1023
- ctx->md_elems = grpc_credentials_md_store_create(c->inner.num_creds);
1024
- grpc_call_credentials_get_request_metadata(
1025
- exec_ctx, c->inner.creds_array[ctx->creds_index++], pollset,
1026
- auth_md_context, composite_call_metadata_cb, ctx);
1027
- }
1028
-
1029
- static grpc_call_credentials_vtable composite_call_credentials_vtable = {
1030
- composite_call_destruct, composite_call_get_request_metadata};
1031
-
1032
- static grpc_call_credentials_array get_creds_array(
1033
- grpc_call_credentials **creds_addr) {
1034
- grpc_call_credentials_array result;
1035
- grpc_call_credentials *creds = *creds_addr;
1036
- result.creds_array = creds_addr;
1037
- result.num_creds = 1;
1038
- if (strcmp(creds->type, GRPC_CALL_CREDENTIALS_TYPE_COMPOSITE) == 0) {
1039
- result = *grpc_composite_call_credentials_get_credentials(creds);
1040
- }
1041
- return result;
1042
- }
1043
-
1044
- grpc_call_credentials *grpc_composite_call_credentials_create(
1045
- grpc_call_credentials *creds1, grpc_call_credentials *creds2,
1046
- void *reserved) {
1047
- size_t i;
1048
- size_t creds_array_byte_size;
1049
- grpc_call_credentials_array creds1_array;
1050
- grpc_call_credentials_array creds2_array;
1051
- grpc_composite_call_credentials *c;
1052
- GRPC_API_TRACE(
1053
- "grpc_composite_call_credentials_create(creds1=%p, creds2=%p, "
1054
- "reserved=%p)",
1055
- 3, (creds1, creds2, reserved));
1056
- GPR_ASSERT(reserved == NULL);
1057
- GPR_ASSERT(creds1 != NULL);
1058
- GPR_ASSERT(creds2 != NULL);
1059
- c = gpr_malloc(sizeof(grpc_composite_call_credentials));
1060
- memset(c, 0, sizeof(grpc_composite_call_credentials));
1061
- c->base.type = GRPC_CALL_CREDENTIALS_TYPE_COMPOSITE;
1062
- c->base.vtable = &composite_call_credentials_vtable;
1063
- gpr_ref_init(&c->base.refcount, 1);
1064
- creds1_array = get_creds_array(&creds1);
1065
- creds2_array = get_creds_array(&creds2);
1066
- c->inner.num_creds = creds1_array.num_creds + creds2_array.num_creds;
1067
- creds_array_byte_size = c->inner.num_creds * sizeof(grpc_call_credentials *);
1068
- c->inner.creds_array = gpr_malloc(creds_array_byte_size);
1069
- memset(c->inner.creds_array, 0, creds_array_byte_size);
1070
- for (i = 0; i < creds1_array.num_creds; i++) {
1071
- grpc_call_credentials *cur_creds = creds1_array.creds_array[i];
1072
- c->inner.creds_array[i] = grpc_call_credentials_ref(cur_creds);
1073
- }
1074
- for (i = 0; i < creds2_array.num_creds; i++) {
1075
- grpc_call_credentials *cur_creds = creds2_array.creds_array[i];
1076
- c->inner.creds_array[i + creds1_array.num_creds] =
1077
- grpc_call_credentials_ref(cur_creds);
1078
- }
1079
- return &c->base;
1080
- }
1081
-
1082
- const grpc_call_credentials_array *
1083
- grpc_composite_call_credentials_get_credentials(grpc_call_credentials *creds) {
1084
- const grpc_composite_call_credentials *c =
1085
- (const grpc_composite_call_credentials *)creds;
1086
- GPR_ASSERT(strcmp(creds->type, GRPC_CALL_CREDENTIALS_TYPE_COMPOSITE) == 0);
1087
- return &c->inner;
1088
- }
1089
-
1090
- grpc_call_credentials *grpc_credentials_contains_type(
1091
- grpc_call_credentials *creds, const char *type,
1092
- grpc_call_credentials **composite_creds) {
1093
- size_t i;
1094
- if (strcmp(creds->type, type) == 0) {
1095
- if (composite_creds != NULL) *composite_creds = NULL;
1096
- return creds;
1097
- } else if (strcmp(creds->type, GRPC_CALL_CREDENTIALS_TYPE_COMPOSITE) == 0) {
1098
- const grpc_call_credentials_array *inner_creds_array =
1099
- grpc_composite_call_credentials_get_credentials(creds);
1100
- for (i = 0; i < inner_creds_array->num_creds; i++) {
1101
- if (strcmp(type, inner_creds_array->creds_array[i]->type) == 0) {
1102
- if (composite_creds != NULL) *composite_creds = creds;
1103
- return inner_creds_array->creds_array[i];
1104
- }
1105
- }
1106
- }
1107
- return NULL;
1108
- }
1109
-
1110
- /* -- IAM credentials. -- */
1111
-
1112
- static void iam_destruct(grpc_call_credentials *creds) {
1113
- grpc_google_iam_credentials *c = (grpc_google_iam_credentials *)creds;
1114
- grpc_credentials_md_store_unref(c->iam_md);
1115
- }
1116
-
1117
- static void iam_get_request_metadata(grpc_exec_ctx *exec_ctx,
1118
- grpc_call_credentials *creds,
1119
- grpc_pollset *pollset,
1120
- grpc_auth_metadata_context context,
1121
- grpc_credentials_metadata_cb cb,
1122
- void *user_data) {
1123
- grpc_google_iam_credentials *c = (grpc_google_iam_credentials *)creds;
1124
- cb(exec_ctx, user_data, c->iam_md->entries, c->iam_md->num_entries,
1125
- GRPC_CREDENTIALS_OK);
1126
- }
1127
-
1128
- static grpc_call_credentials_vtable iam_vtable = {iam_destruct,
1129
- iam_get_request_metadata};
1130
-
1131
- grpc_call_credentials *grpc_google_iam_credentials_create(
1132
- const char *token, const char *authority_selector, void *reserved) {
1133
- grpc_google_iam_credentials *c;
1134
- GRPC_API_TRACE(
1135
- "grpc_iam_credentials_create(token=%s, authority_selector=%s, "
1136
- "reserved=%p)",
1137
- 3, (token, authority_selector, reserved));
1138
- GPR_ASSERT(reserved == NULL);
1139
- GPR_ASSERT(token != NULL);
1140
- GPR_ASSERT(authority_selector != NULL);
1141
- c = gpr_malloc(sizeof(grpc_google_iam_credentials));
1142
- memset(c, 0, sizeof(grpc_google_iam_credentials));
1143
- c->base.type = GRPC_CALL_CREDENTIALS_TYPE_IAM;
1144
- c->base.vtable = &iam_vtable;
1145
- gpr_ref_init(&c->base.refcount, 1);
1146
- c->iam_md = grpc_credentials_md_store_create(2);
1147
- grpc_credentials_md_store_add_cstrings(
1148
- c->iam_md, GRPC_IAM_AUTHORIZATION_TOKEN_METADATA_KEY, token);
1149
- grpc_credentials_md_store_add_cstrings(
1150
- c->iam_md, GRPC_IAM_AUTHORITY_SELECTOR_METADATA_KEY, authority_selector);
1151
- return &c->base;
1152
- }
1153
-
1154
- /* -- Plugin credentials. -- */
1155
-
1156
- typedef struct {
1157
- void *user_data;
1158
- grpc_credentials_metadata_cb cb;
1159
- } grpc_metadata_plugin_request;
1160
-
1161
- static void plugin_destruct(grpc_call_credentials *creds) {
1162
- grpc_plugin_credentials *c = (grpc_plugin_credentials *)creds;
1163
- if (c->plugin.state != NULL && c->plugin.destroy != NULL) {
1164
- c->plugin.destroy(c->plugin.state);
1165
- }
1166
- }
1167
-
1168
- static void plugin_md_request_metadata_ready(void *request,
1169
- const grpc_metadata *md,
1170
- size_t num_md,
1171
- grpc_status_code status,
1172
- const char *error_details) {
1173
- /* called from application code */
1174
- grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
1175
- grpc_metadata_plugin_request *r = (grpc_metadata_plugin_request *)request;
1176
- if (status != GRPC_STATUS_OK) {
1177
- if (error_details != NULL) {
1178
- gpr_log(GPR_ERROR, "Getting metadata from plugin failed with error: %s",
1179
- error_details);
1180
- }
1181
- r->cb(&exec_ctx, r->user_data, NULL, 0, GRPC_CREDENTIALS_ERROR);
1182
- } else {
1183
- size_t i;
1184
- grpc_credentials_md *md_array = NULL;
1185
- if (num_md > 0) {
1186
- md_array = gpr_malloc(num_md * sizeof(grpc_credentials_md));
1187
- for (i = 0; i < num_md; i++) {
1188
- md_array[i].key = gpr_slice_from_copied_string(md[i].key);
1189
- md_array[i].value =
1190
- gpr_slice_from_copied_buffer(md[i].value, md[i].value_length);
1191
- }
1192
- }
1193
- r->cb(&exec_ctx, r->user_data, md_array, num_md, GRPC_CREDENTIALS_OK);
1194
- if (md_array != NULL) {
1195
- for (i = 0; i < num_md; i++) {
1196
- gpr_slice_unref(md_array[i].key);
1197
- gpr_slice_unref(md_array[i].value);
1198
- }
1199
- gpr_free(md_array);
1200
- }
1201
- }
1202
- gpr_free(r);
1203
- grpc_exec_ctx_finish(&exec_ctx);
1204
- }
1205
-
1206
- static void plugin_get_request_metadata(grpc_exec_ctx *exec_ctx,
1207
- grpc_call_credentials *creds,
1208
- grpc_pollset *pollset,
1209
- grpc_auth_metadata_context context,
1210
- grpc_credentials_metadata_cb cb,
1211
- void *user_data) {
1212
- grpc_plugin_credentials *c = (grpc_plugin_credentials *)creds;
1213
- if (c->plugin.get_metadata != NULL) {
1214
- grpc_metadata_plugin_request *request = gpr_malloc(sizeof(*request));
1215
- memset(request, 0, sizeof(*request));
1216
- request->user_data = user_data;
1217
- request->cb = cb;
1218
- c->plugin.get_metadata(c->plugin.state, context,
1219
- plugin_md_request_metadata_ready, request);
1220
- } else {
1221
- cb(exec_ctx, user_data, NULL, 0, GRPC_CREDENTIALS_OK);
1222
- }
1223
- }
1224
-
1225
- static grpc_call_credentials_vtable plugin_vtable = {
1226
- plugin_destruct, plugin_get_request_metadata};
1227
-
1228
- grpc_call_credentials *grpc_metadata_credentials_create_from_plugin(
1229
- grpc_metadata_credentials_plugin plugin, void *reserved) {
1230
- grpc_plugin_credentials *c = gpr_malloc(sizeof(*c));
1231
- GRPC_API_TRACE("grpc_metadata_credentials_create_from_plugin(reserved=%p)", 1,
1232
- (reserved));
1233
- GPR_ASSERT(reserved == NULL);
1234
- memset(c, 0, sizeof(*c));
1235
- c->base.type = plugin.type;
1236
- c->base.vtable = &plugin_vtable;
1237
- gpr_ref_init(&c->base.refcount, 1);
1238
- c->plugin = plugin;
1239
- return &c->base;
1240
- }
1241
-
1242
- /* -- Composite channel credentials. -- */
1243
-
1244
- static void composite_channel_destruct(grpc_channel_credentials *creds) {
1245
- grpc_composite_channel_credentials *c =
1246
- (grpc_composite_channel_credentials *)creds;
1247
- grpc_channel_credentials_unref(c->inner_creds);
1248
- grpc_call_credentials_unref(c->call_creds);
1249
- }
1250
-
1251
- static grpc_security_status composite_channel_create_security_connector(
1252
- grpc_channel_credentials *creds, grpc_call_credentials *call_creds,
1253
- const char *target, const grpc_channel_args *args,
1254
- grpc_channel_security_connector **sc, grpc_channel_args **new_args) {
1255
- grpc_composite_channel_credentials *c =
1256
- (grpc_composite_channel_credentials *)creds;
1257
- grpc_security_status status = GRPC_SECURITY_ERROR;
1258
-
1259
- GPR_ASSERT(c->inner_creds != NULL && c->call_creds != NULL &&
1260
- c->inner_creds->vtable != NULL &&
1261
- c->inner_creds->vtable->create_security_connector != NULL);
1262
- /* If we are passed a call_creds, create a call composite to pass it
1263
- downstream. */
1264
- if (call_creds != NULL) {
1265
- grpc_call_credentials *composite_call_creds =
1266
- grpc_composite_call_credentials_create(c->call_creds, call_creds, NULL);
1267
- status = c->inner_creds->vtable->create_security_connector(
1268
- c->inner_creds, composite_call_creds, target, args, sc, new_args);
1269
- grpc_call_credentials_unref(composite_call_creds);
1270
- } else {
1271
- status = c->inner_creds->vtable->create_security_connector(
1272
- c->inner_creds, c->call_creds, target, args, sc, new_args);
1273
- }
1274
- return status;
1275
- }
1276
-
1277
- static grpc_channel_credentials_vtable composite_channel_credentials_vtable = {
1278
- composite_channel_destruct, composite_channel_create_security_connector};
1279
-
1280
- grpc_channel_credentials *grpc_composite_channel_credentials_create(
1281
- grpc_channel_credentials *channel_creds, grpc_call_credentials *call_creds,
1282
- void *reserved) {
1283
- grpc_composite_channel_credentials *c = gpr_malloc(sizeof(*c));
1284
- memset(c, 0, sizeof(*c));
1285
- GPR_ASSERT(channel_creds != NULL && call_creds != NULL && reserved == NULL);
1286
- GRPC_API_TRACE(
1287
- "grpc_composite_channel_credentials_create(channel_creds=%p, "
1288
- "call_creds=%p, reserved=%p)",
1289
- 3, (channel_creds, call_creds, reserved));
1290
- c->base.type = channel_creds->type;
1291
- c->base.vtable = &composite_channel_credentials_vtable;
1292
- gpr_ref_init(&c->base.refcount, 1);
1293
- c->inner_creds = grpc_channel_credentials_ref(channel_creds);
1294
- c->call_creds = grpc_call_credentials_ref(call_creds);
1295
- return &c->base;
1296
- }