grpc 1.25.0 → 1.26.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +782 -291
- data/include/grpc/impl/codegen/grpc_types.h +4 -0
- data/include/grpc/impl/codegen/port_platform.h +7 -0
- data/include/grpc/support/alloc.h +0 -16
- data/src/core/ext/filters/client_channel/backend_metric.cc +2 -2
- data/src/core/ext/filters/client_channel/backup_poller.cc +1 -1
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +2 -2
- data/src/core/ext/filters/client_channel/client_channel.cc +95 -88
- data/src/core/ext/filters/client_channel/client_channel_channelz.cc +7 -7
- data/src/core/ext/filters/client_channel/client_channel_channelz.h +4 -2
- data/src/core/ext/filters/client_channel/client_channel_factory.cc +1 -1
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +3 -3
- data/src/core/ext/filters/client_channel/connector.h +40 -45
- data/src/core/ext/filters/client_channel/global_subchannel_pool.cc +10 -10
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +16 -13
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +66 -37
- data/src/core/ext/filters/client_channel/http_proxy.cc +107 -116
- data/src/core/ext/filters/client_channel/http_proxy.h +5 -1
- data/src/core/ext/filters/client_channel/lb_policy.cc +3 -3
- data/src/core/ext/filters/client_channel/lb_policy.h +9 -5
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +10 -8
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +18 -19
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +4 -3
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +4 -4
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +3 -3
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +3 -3
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +6 -9
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +368 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.cc +157 -77
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +5 -5
- data/src/core/ext/filters/client_channel/lb_policy_registry.h +1 -1
- data/src/core/ext/filters/client_channel/local_subchannel_pool.cc +8 -8
- data/src/core/ext/filters/client_channel/proxy_mapper.h +14 -34
- data/src/core/ext/filters/client_channel/proxy_mapper_registry.cc +46 -79
- data/src/core/ext/filters/client_channel/proxy_mapper_registry.h +23 -17
- data/src/core/ext/filters/client_channel/resolver.cc +2 -1
- data/src/core/ext/filters/client_channel/resolver.h +2 -2
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +1 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +13 -10
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +3 -2
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +9 -8
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +17 -16
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +2 -2
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +9 -9
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +5 -3
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver_factory.h +3 -3
- data/src/core/ext/filters/client_channel/resolver_registry.cc +14 -12
- data/src/core/ext/filters/client_channel/resolver_registry.h +6 -4
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +6 -6
- data/src/core/ext/filters/client_channel/resolver_result_parsing.h +6 -6
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +5 -5
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +3 -3
- data/src/core/ext/filters/client_channel/service_config.cc +15 -14
- data/src/core/ext/filters/client_channel/service_config.h +14 -19
- data/src/core/ext/filters/client_channel/subchannel.cc +38 -36
- data/src/core/ext/filters/client_channel/subchannel.h +11 -12
- data/src/core/ext/filters/client_channel/subchannel_interface.h +1 -1
- data/src/core/ext/filters/client_channel/xds/xds_api.cc +19 -9
- data/src/core/ext/filters/client_channel/xds/xds_api.h +19 -9
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.cc +3 -3
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.h +6 -5
- data/src/core/ext/filters/client_channel/xds/xds_client.cc +58 -31
- data/src/core/ext/filters/client_channel/xds/xds_client.h +20 -15
- data/src/core/ext/filters/client_channel/xds/xds_client_stats.cc +5 -3
- data/src/core/ext/filters/client_channel/xds/xds_client_stats.h +18 -15
- data/src/core/ext/filters/client_idle/client_idle_filter.cc +10 -10
- data/src/core/ext/filters/deadline/deadline_filter.cc +15 -13
- data/src/core/ext/filters/http/client/http_client_filter.cc +12 -12
- data/src/core/ext/filters/http/client_authority_filter.cc +3 -3
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +13 -7
- data/src/core/ext/filters/http/server/http_server_filter.cc +14 -13
- data/src/core/ext/filters/max_age/max_age_filter.cc +16 -14
- data/src/core/ext/filters/message_size/message_size_filter.cc +10 -8
- data/src/core/ext/filters/message_size/message_size_filter.h +1 -1
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +9 -8
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +141 -174
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +31 -1
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +7 -6
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +14 -12
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +8 -5
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +46 -38
- data/src/core/ext/transport/chttp2/transport/context_list.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/flow_control.h +0 -5
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +6 -7
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +1 -1
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +4 -3
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +5 -5
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +11 -8
- data/src/core/ext/transport/chttp2/transport/internal.h +3 -3
- data/src/core/ext/transport/chttp2/transport/parsing.cc +4 -4
- data/src/core/ext/transport/chttp2/transport/writing.cc +3 -2
- data/src/core/ext/transport/inproc/inproc_transport.cc +65 -41
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.c +141 -70
- data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.h +352 -118
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.c +8 -4
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.h +65 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.c +16 -2
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.h +36 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.c +12 -5
- data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.h +34 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.c +1 -2
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.c +13 -12
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.h +28 -24
- data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.c +5 -4
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.h +13 -0
- data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.c +23 -23
- data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.h +48 -44
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/type/http.upb.c +16 -0
- data/src/core/ext/upb-generated/envoy/type/http.upb.h +36 -0
- data/src/core/ext/upb-generated/envoy/type/percent.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/type/range.upb.c +0 -1
- data/src/core/lib/avl/avl.cc +1 -1
- data/src/core/lib/channel/channel_stack.cc +1 -1
- data/src/core/lib/channel/channel_stack.h +16 -4
- data/src/core/lib/channel/channel_trace.cc +4 -4
- data/src/core/lib/channel/channelz.cc +46 -46
- data/src/core/lib/channel/channelz.h +37 -35
- data/src/core/lib/channel/channelz_registry.cc +2 -2
- data/src/core/lib/channel/channelz_registry.h +1 -1
- data/src/core/lib/channel/connected_channel.cc +3 -2
- data/src/core/lib/channel/handshaker.cc +1 -1
- data/src/core/lib/channel/handshaker_registry.cc +5 -5
- data/src/core/lib/channel/handshaker_registry.h +3 -3
- data/src/core/lib/compression/message_compress.cc +3 -2
- data/src/core/lib/compression/stream_compression_identity.cc +5 -7
- data/src/core/lib/gpr/alloc.cc +4 -29
- data/src/core/lib/gpr/cpu_linux.cc +1 -1
- data/src/core/lib/gprpp/fork.cc +4 -4
- data/src/core/lib/gprpp/global_config_env.cc +7 -7
- data/src/core/lib/gprpp/global_config_env.h +2 -2
- data/src/core/lib/gprpp/host_port.cc +8 -8
- data/src/core/lib/gprpp/host_port.h +3 -3
- data/src/core/lib/gprpp/inlined_vector.h +13 -0
- data/src/core/lib/gprpp/map.h +2 -9
- data/src/core/lib/gprpp/memory.h +12 -98
- data/src/core/lib/gprpp/orphanable.h +3 -3
- data/src/core/lib/gprpp/ref_counted.h +3 -3
- data/src/core/lib/gprpp/ref_counted_ptr.h +1 -1
- data/src/core/lib/gprpp/string_view.h +45 -23
- data/src/core/lib/gprpp/thd.h +1 -1
- data/src/core/lib/gprpp/thd_posix.cc +6 -5
- data/src/core/lib/gprpp/thd_windows.cc +3 -3
- data/src/core/lib/http/httpcli.cc +1 -1
- data/src/core/lib/http/httpcli_security_connector.cc +3 -3
- data/src/core/lib/iomgr/buffer_list.cc +10 -5
- data/src/core/lib/iomgr/call_combiner.cc +7 -6
- data/src/core/lib/iomgr/call_combiner.h +4 -3
- data/src/core/lib/iomgr/cfstream_handle.cc +2 -2
- data/src/core/lib/iomgr/closure.h +33 -135
- data/src/core/lib/iomgr/combiner.cc +10 -17
- data/src/core/lib/iomgr/combiner.h +0 -2
- data/src/core/lib/iomgr/endpoint_cfstream.cc +2 -2
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +1 -1
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +3 -2
- data/src/core/lib/iomgr/ev_epollex_linux.cc +23 -13
- data/src/core/lib/iomgr/ev_poll_posix.cc +30 -17
- data/src/core/lib/iomgr/exec_ctx.cc +52 -5
- data/src/core/lib/iomgr/exec_ctx.h +6 -2
- data/src/core/lib/iomgr/executor.cc +16 -37
- data/src/core/lib/iomgr/executor.h +4 -7
- data/src/core/lib/iomgr/executor/threadpool.cc +4 -4
- data/src/core/lib/iomgr/iomgr_custom.cc +1 -1
- data/src/core/lib/iomgr/lockfree_event.cc +9 -8
- data/src/core/lib/iomgr/logical_thread.cc +103 -0
- data/src/core/lib/iomgr/logical_thread.h +52 -0
- data/src/core/lib/iomgr/pollset_custom.cc +5 -5
- data/src/core/lib/iomgr/pollset_set_custom.cc +9 -9
- data/src/core/lib/iomgr/pollset_windows.cc +16 -2
- data/src/core/lib/iomgr/port.h +3 -0
- data/src/core/lib/iomgr/resolve_address_custom.cc +4 -4
- data/src/core/lib/iomgr/resolve_address_posix.cc +8 -9
- data/src/core/lib/iomgr/resolve_address_windows.cc +4 -6
- data/src/core/lib/iomgr/resource_quota.cc +26 -21
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +11 -0
- data/src/core/lib/iomgr/socket_windows.cc +2 -2
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +2 -2
- data/src/core/lib/iomgr/tcp_client_custom.cc +2 -2
- data/src/core/lib/iomgr/tcp_client_posix.cc +5 -4
- data/src/core/lib/iomgr/tcp_client_windows.cc +2 -2
- data/src/core/lib/iomgr/tcp_custom.cc +10 -9
- data/src/core/lib/iomgr/tcp_posix.cc +19 -15
- data/src/core/lib/iomgr/tcp_server_custom.cc +3 -2
- data/src/core/lib/iomgr/tcp_server_posix.cc +5 -4
- data/src/core/lib/iomgr/tcp_server_windows.cc +5 -3
- data/src/core/lib/iomgr/tcp_windows.cc +16 -13
- data/src/core/lib/iomgr/timer_custom.cc +4 -3
- data/src/core/lib/iomgr/timer_generic.cc +11 -9
- data/src/core/lib/iomgr/udp_server.cc +16 -13
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +8 -5
- data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +45 -57
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +7 -6
- data/src/core/lib/security/credentials/credentials.cc +8 -8
- data/src/core/lib/security/credentials/credentials.h +5 -5
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +5 -5
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +1 -1
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +4 -4
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +4 -4
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +2 -2
- data/src/core/lib/security/credentials/local/local_credentials.cc +3 -3
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +13 -11
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +6 -5
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +4 -4
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +5 -5
- data/src/core/lib/security/credentials/tls/spiffe_credentials.cc +2 -2
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +28 -22
- data/src/core/lib/security/security_connector/alts/alts_security_connector.h +5 -0
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +10 -10
- data/src/core/lib/security/security_connector/load_system_roots_linux.cc +2 -1
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +8 -8
- data/src/core/lib/security/security_connector/security_connector.h +1 -1
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +9 -9
- data/src/core/lib/security/security_connector/ssl_utils.cc +5 -4
- data/src/core/lib/security/security_connector/tls/spiffe_security_connector.cc +14 -15
- data/src/core/lib/security/transport/client_auth_filter.cc +4 -3
- data/src/core/lib/security/transport/secure_endpoint.cc +9 -8
- data/src/core/lib/security/transport/security_handshaker.cc +67 -23
- data/src/core/lib/security/transport/server_auth_filter.cc +6 -5
- data/src/core/lib/security/transport/target_authority_table.h +1 -1
- data/src/core/lib/slice/b64.cc +3 -4
- data/src/core/lib/slice/b64.h +1 -2
- data/src/core/lib/slice/slice.cc +8 -13
- data/src/core/lib/surface/call.cc +19 -19
- data/src/core/lib/surface/call.h +6 -7
- data/src/core/lib/surface/call_log_batch.cc +1 -2
- data/src/core/lib/surface/channel.cc +17 -18
- data/src/core/lib/surface/channel.h +4 -19
- data/src/core/lib/surface/channel_ping.cc +1 -1
- data/src/core/lib/surface/completion_queue.cc +21 -22
- data/src/core/lib/surface/completion_queue_factory.cc +1 -1
- data/src/core/lib/surface/init.cc +1 -1
- data/src/core/lib/surface/init_secure.cc +2 -2
- data/src/core/lib/surface/lame_client.cc +10 -12
- data/src/core/lib/surface/server.cc +24 -18
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/byte_stream.cc +2 -2
- data/src/core/lib/transport/byte_stream.h +2 -1
- data/src/core/lib/transport/connectivity_state.cc +4 -4
- data/src/core/lib/transport/connectivity_state.h +2 -2
- data/src/core/lib/transport/metadata.cc +8 -10
- data/src/core/lib/transport/metadata.h +5 -8
- data/src/core/lib/transport/metadata_batch.cc +6 -0
- data/src/core/lib/transport/static_metadata.cc +2 -4
- data/src/core/lib/transport/status_metadata.cc +7 -0
- data/src/core/lib/transport/status_metadata.h +18 -0
- data/src/core/lib/transport/transport.cc +9 -7
- data/src/core/plugin_registry/grpc_plugin_registry.cc +4 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +292 -43
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +197 -46
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +4 -2
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h +5 -0
- data/src/core/tsi/ssl/session_cache/ssl_session.h +1 -1
- data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +4 -4
- data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +1 -1
- data/src/core/tsi/ssl_transport_security.cc +2 -1
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +0 -4
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +0 -6
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/upb/upb/decode.c +1 -0
- metadata +40 -38
- data/src/core/ext/filters/client_channel/connector.cc +0 -41
- data/src/core/ext/filters/client_channel/proxy_mapper.cc +0 -48
- data/src/core/lib/gprpp/set.h +0 -33
@@ -80,8 +80,9 @@ static void composite_call_metadata_cb(void* arg, grpc_error* error) {
|
|
80
80
|
}
|
81
81
|
// We're done!
|
82
82
|
}
|
83
|
-
|
84
|
-
|
83
|
+
grpc_core::ExecCtx::Run(DEBUG_LOCATION, ctx->on_request_metadata,
|
84
|
+
GRPC_ERROR_REF(error));
|
85
|
+
delete ctx;
|
85
86
|
}
|
86
87
|
|
87
88
|
bool grpc_composite_call_credentials::get_request_metadata(
|
@@ -89,7 +90,7 @@ bool grpc_composite_call_credentials::get_request_metadata(
|
|
89
90
|
grpc_credentials_mdelem_array* md_array, grpc_closure* on_request_metadata,
|
90
91
|
grpc_error** error) {
|
91
92
|
grpc_composite_call_credentials_metadata_context* ctx;
|
92
|
-
ctx =
|
93
|
+
ctx = new grpc_composite_call_credentials_metadata_context(
|
93
94
|
this, pollent, auth_md_context, md_array, on_request_metadata);
|
94
95
|
bool synchronous = true;
|
95
96
|
const CallCredentialsList& inner = ctx->composite_creds->inner();
|
@@ -103,7 +104,7 @@ bool grpc_composite_call_credentials::get_request_metadata(
|
|
103
104
|
break;
|
104
105
|
}
|
105
106
|
}
|
106
|
-
if (synchronous)
|
107
|
+
if (synchronous) delete ctx;
|
107
108
|
return synchronous;
|
108
109
|
}
|
109
110
|
|
@@ -204,6 +205,6 @@ grpc_channel_credentials* grpc_composite_channel_credentials_create(
|
|
204
205
|
"grpc_composite_channel_credentials_create(channel_creds=%p, "
|
205
206
|
"call_creds=%p, reserved=%p)",
|
206
207
|
3, (channel_creds, call_creds, reserved));
|
207
|
-
return
|
208
|
-
|
208
|
+
return new grpc_composite_channel_credentials(channel_creds->Ref(),
|
209
|
+
call_creds->Ref());
|
209
210
|
}
|
@@ -45,18 +45,18 @@ void grpc_channel_credentials_release(grpc_channel_credentials* creds) {
|
|
45
45
|
if (creds) creds->Unref();
|
46
46
|
}
|
47
47
|
|
48
|
-
static
|
49
|
-
|
50
|
-
|
48
|
+
static std::map<grpc_core::UniquePtr<char>,
|
49
|
+
grpc_core::RefCountedPtr<grpc_channel_credentials>,
|
50
|
+
grpc_core::StringLess>* g_grpc_control_plane_creds;
|
51
51
|
static gpr_mu g_control_plane_creds_mu;
|
52
52
|
|
53
53
|
static void do_control_plane_creds_init() {
|
54
54
|
gpr_mu_init(&g_control_plane_creds_mu);
|
55
55
|
GPR_ASSERT(g_grpc_control_plane_creds == nullptr);
|
56
|
-
g_grpc_control_plane_creds =
|
57
|
-
|
58
|
-
|
59
|
-
|
56
|
+
g_grpc_control_plane_creds =
|
57
|
+
new std::map<grpc_core::UniquePtr<char>,
|
58
|
+
grpc_core::RefCountedPtr<grpc_channel_credentials>,
|
59
|
+
grpc_core::StringLess>();
|
60
60
|
}
|
61
61
|
|
62
62
|
void grpc_control_plane_credentials_init() {
|
@@ -65,7 +65,7 @@ void grpc_control_plane_credentials_init() {
|
|
65
65
|
}
|
66
66
|
|
67
67
|
void grpc_test_only_control_plane_credentials_destroy() {
|
68
|
-
|
68
|
+
delete g_grpc_control_plane_creds;
|
69
69
|
g_grpc_control_plane_creds = nullptr;
|
70
70
|
gpr_mu_destroy(&g_control_plane_creds_mu);
|
71
71
|
}
|
@@ -148,9 +148,9 @@ struct grpc_channel_credentials
|
|
148
148
|
|
149
149
|
private:
|
150
150
|
const char* type_;
|
151
|
-
|
152
|
-
|
153
|
-
|
151
|
+
std::map<grpc_core::UniquePtr<char>,
|
152
|
+
grpc_core::RefCountedPtr<grpc_channel_credentials>,
|
153
|
+
grpc_core::StringLess>
|
154
154
|
local_control_plane_creds_;
|
155
155
|
};
|
156
156
|
|
@@ -314,12 +314,12 @@ struct grpc_credentials_metadata_request {
|
|
314
314
|
inline grpc_credentials_metadata_request*
|
315
315
|
grpc_credentials_metadata_request_create(
|
316
316
|
grpc_core::RefCountedPtr<grpc_call_credentials> creds) {
|
317
|
-
return
|
317
|
+
return new grpc_credentials_metadata_request(std::move(creds));
|
318
318
|
}
|
319
319
|
|
320
320
|
inline void grpc_credentials_metadata_request_destroy(
|
321
321
|
grpc_credentials_metadata_request* r) {
|
322
|
-
|
322
|
+
delete r;
|
323
323
|
}
|
324
324
|
|
325
325
|
#endif /* GRPC_CORE_LIB_SECURITY_CREDENTIALS_CREDENTIALS_H */
|
@@ -66,12 +66,12 @@ class grpc_fake_server_credentials final : public grpc_server_credentials {
|
|
66
66
|
} // namespace
|
67
67
|
|
68
68
|
grpc_channel_credentials* grpc_fake_transport_security_credentials_create() {
|
69
|
-
return
|
69
|
+
return new grpc_fake_channel_credentials();
|
70
70
|
}
|
71
71
|
|
72
72
|
grpc_server_credentials*
|
73
73
|
grpc_fake_transport_security_server_credentials_create() {
|
74
|
-
return
|
74
|
+
return new grpc_fake_server_credentials();
|
75
75
|
}
|
76
76
|
|
77
77
|
grpc_arg grpc_fake_transport_expected_targets_arg(char* expected_targets) {
|
@@ -94,7 +94,8 @@ bool grpc_md_only_test_credentials::get_request_metadata(
|
|
94
94
|
grpc_error** /*error*/) {
|
95
95
|
grpc_credentials_mdelem_array_add(md_array, md_);
|
96
96
|
if (is_async_) {
|
97
|
-
|
97
|
+
grpc_core::ExecCtx::Run(DEBUG_LOCATION, on_request_metadata,
|
98
|
+
GRPC_ERROR_NONE);
|
98
99
|
return false;
|
99
100
|
}
|
100
101
|
return true;
|
@@ -107,6 +108,5 @@ void grpc_md_only_test_credentials::cancel_get_request_metadata(
|
|
107
108
|
|
108
109
|
grpc_call_credentials* grpc_md_only_test_credentials_create(
|
109
110
|
const char* md_key, const char* md_value, bool is_async) {
|
110
|
-
return
|
111
|
-
is_async);
|
111
|
+
return new grpc_md_only_test_credentials(md_key, md_value, is_async);
|
112
112
|
}
|
@@ -154,7 +154,7 @@ static void on_metadata_server_detection_http_response(void* user_data,
|
|
154
154
|
gpr_mu_unlock(g_polling_mu);
|
155
155
|
}
|
156
156
|
|
157
|
-
static void destroy_pollset(void* p, grpc_error* e) {
|
157
|
+
static void destroy_pollset(void* p, grpc_error* /*e*/) {
|
158
158
|
grpc_pollset_destroy(static_cast<grpc_pollset*>(p));
|
159
159
|
}
|
160
160
|
|
@@ -35,15 +35,15 @@ grpc_google_iam_credentials::~grpc_google_iam_credentials() {
|
|
35
35
|
}
|
36
36
|
|
37
37
|
bool grpc_google_iam_credentials::get_request_metadata(
|
38
|
-
grpc_polling_entity* pollent
|
39
|
-
grpc_credentials_mdelem_array* md_array,
|
40
|
-
grpc_error** error) {
|
38
|
+
grpc_polling_entity* /*pollent*/, grpc_auth_metadata_context /*context*/,
|
39
|
+
grpc_credentials_mdelem_array* md_array,
|
40
|
+
grpc_closure* /*on_request_metadata*/, grpc_error** /*error*/) {
|
41
41
|
grpc_credentials_mdelem_array_append(md_array, &md_array_);
|
42
42
|
return true;
|
43
43
|
}
|
44
44
|
|
45
45
|
void grpc_google_iam_credentials::cancel_get_request_metadata(
|
46
|
-
grpc_credentials_mdelem_array* md_array
|
46
|
+
grpc_credentials_mdelem_array* /*md_array*/, grpc_error* error) {
|
47
47
|
GRPC_ERROR_UNREF(error);
|
48
48
|
}
|
49
49
|
|
@@ -50,9 +50,9 @@ grpc_service_account_jwt_access_credentials::
|
|
50
50
|
}
|
51
51
|
|
52
52
|
bool grpc_service_account_jwt_access_credentials::get_request_metadata(
|
53
|
-
grpc_polling_entity* pollent
|
54
|
-
grpc_credentials_mdelem_array* md_array,
|
55
|
-
grpc_error** error) {
|
53
|
+
grpc_polling_entity* /*pollent*/, grpc_auth_metadata_context context,
|
54
|
+
grpc_credentials_mdelem_array* md_array,
|
55
|
+
grpc_closure* /*on_request_metadata*/, grpc_error** error) {
|
56
56
|
gpr_timespec refresh_threshold = gpr_time_from_seconds(
|
57
57
|
GRPC_SECURE_TOKEN_REFRESH_THRESHOLD_SECS, GPR_TIMESPAN);
|
58
58
|
|
@@ -104,7 +104,7 @@ bool grpc_service_account_jwt_access_credentials::get_request_metadata(
|
|
104
104
|
}
|
105
105
|
|
106
106
|
void grpc_service_account_jwt_access_credentials::cancel_get_request_metadata(
|
107
|
-
grpc_credentials_mdelem_array* md_array
|
107
|
+
grpc_credentials_mdelem_array* /*md_array*/, grpc_error* error) {
|
108
108
|
GRPC_ERROR_UNREF(error);
|
109
109
|
}
|
110
110
|
|
@@ -636,7 +636,7 @@ end:
|
|
636
636
|
return result;
|
637
637
|
}
|
638
638
|
|
639
|
-
static void on_keys_retrieved(void* user_data, grpc_error* error) {
|
639
|
+
static void on_keys_retrieved(void* user_data, grpc_error* /*error*/) {
|
640
640
|
verifier_cb_ctx* ctx = static_cast<verifier_cb_ctx*>(user_data);
|
641
641
|
grpc_json* json = json_from_http(&ctx->responses[HTTP_RESPONSE_KEYS]);
|
642
642
|
EVP_PKEY* verification_key = nullptr;
|
@@ -676,7 +676,7 @@ end:
|
|
676
676
|
verifier_cb_ctx_destroy(ctx);
|
677
677
|
}
|
678
678
|
|
679
|
-
static void on_openid_config_retrieved(void* user_data, grpc_error* error) {
|
679
|
+
static void on_openid_config_retrieved(void* user_data, grpc_error* /*error*/) {
|
680
680
|
const grpc_json* cur;
|
681
681
|
verifier_cb_ctx* ctx = static_cast<verifier_cb_ctx*>(user_data);
|
682
682
|
const grpc_http_response* response = &ctx->responses[HTTP_RESPONSE_OPENID];
|
@@ -33,7 +33,7 @@ grpc_core::RefCountedPtr<grpc_channel_security_connector>
|
|
33
33
|
grpc_local_credentials::create_security_connector(
|
34
34
|
grpc_core::RefCountedPtr<grpc_call_credentials> request_metadata_creds,
|
35
35
|
const char* target_name, const grpc_channel_args* args,
|
36
|
-
grpc_channel_args** new_args) {
|
36
|
+
grpc_channel_args** /*new_args*/) {
|
37
37
|
return grpc_local_channel_security_connector_create(
|
38
38
|
this->Ref(), std::move(request_metadata_creds), args, target_name);
|
39
39
|
}
|
@@ -50,7 +50,7 @@ grpc_local_credentials::grpc_local_credentials(
|
|
50
50
|
|
51
51
|
grpc_channel_credentials* grpc_local_credentials_create(
|
52
52
|
grpc_local_connect_type connect_type) {
|
53
|
-
return
|
53
|
+
return new grpc_local_credentials(connect_type);
|
54
54
|
}
|
55
55
|
|
56
56
|
grpc_local_server_credentials::grpc_local_server_credentials(
|
@@ -60,5 +60,5 @@ grpc_local_server_credentials::grpc_local_server_credentials(
|
|
60
60
|
|
61
61
|
grpc_server_credentials* grpc_local_server_credentials_create(
|
62
62
|
grpc_local_connect_type connect_type) {
|
63
|
-
return
|
63
|
+
return new grpc_local_server_credentials(connect_type);
|
64
64
|
}
|
@@ -256,7 +256,8 @@ void grpc_oauth2_token_fetcher_credentials::on_http_response(
|
|
256
256
|
new_error = GRPC_ERROR_CREATE_REFERENCING_FROM_STATIC_STRING(
|
257
257
|
"Error occurred when fetching oauth2 token.", &error, 1);
|
258
258
|
}
|
259
|
-
|
259
|
+
grpc_core::ExecCtx::Run(DEBUG_LOCATION,
|
260
|
+
pending_request->on_request_metadata, new_error);
|
260
261
|
grpc_polling_entity_del_from_pollset_set(
|
261
262
|
pending_request->pollent, grpc_polling_entity_pollset_set(&pollent_));
|
262
263
|
grpc_oauth2_pending_get_request_metadata* prev = pending_request;
|
@@ -269,9 +270,9 @@ void grpc_oauth2_token_fetcher_credentials::on_http_response(
|
|
269
270
|
}
|
270
271
|
|
271
272
|
bool grpc_oauth2_token_fetcher_credentials::get_request_metadata(
|
272
|
-
grpc_polling_entity* pollent, grpc_auth_metadata_context context
|
273
|
+
grpc_polling_entity* pollent, grpc_auth_metadata_context /*context*/,
|
273
274
|
grpc_credentials_mdelem_array* md_array, grpc_closure* on_request_metadata,
|
274
|
-
grpc_error** error) {
|
275
|
+
grpc_error** /*error*/) {
|
275
276
|
// Check if we can use the cached token.
|
276
277
|
grpc_millis refresh_threshold =
|
277
278
|
GRPC_SECURE_TOKEN_REFRESH_THRESHOLD_SECS * GPR_MS_PER_SEC;
|
@@ -332,8 +333,9 @@ void grpc_oauth2_token_fetcher_credentials::cancel_get_request_metadata(
|
|
332
333
|
pending_requests_ = pending_request->next;
|
333
334
|
}
|
334
335
|
// Invoke the callback immediately with an error.
|
335
|
-
|
336
|
-
|
336
|
+
grpc_core::ExecCtx::Run(DEBUG_LOCATION,
|
337
|
+
pending_request->on_request_metadata,
|
338
|
+
GRPC_ERROR_REF(error));
|
337
339
|
gpr_free(pending_request);
|
338
340
|
break;
|
339
341
|
}
|
@@ -614,7 +616,7 @@ class StsTokenFetcherCredentials
|
|
614
616
|
if (err != GRPC_ERROR_NONE) return cleanup();
|
615
617
|
MaybeAddToBody(
|
616
618
|
&body_strvec, "actor_token",
|
617
|
-
reinterpret_cast<const char*>(GRPC_SLICE_START_PTR(
|
619
|
+
reinterpret_cast<const char*>(GRPC_SLICE_START_PTR(actor_token)));
|
618
620
|
MaybeAddToBody(&body_strvec, "actor_token_type", actor_token_type_.get());
|
619
621
|
}
|
620
622
|
return cleanup();
|
@@ -641,7 +643,7 @@ grpc_error* ValidateStsCredentialsOptions(
|
|
641
643
|
};
|
642
644
|
*sts_url_out = nullptr;
|
643
645
|
InlinedVector<grpc_error*, 3> error_list;
|
644
|
-
|
646
|
+
std::unique_ptr<grpc_uri, GrpcUriDeleter> sts_url(
|
645
647
|
options->token_exchange_service_uri != nullptr
|
646
648
|
? grpc_uri_parse(options->token_exchange_service_uri, false)
|
647
649
|
: nullptr);
|
@@ -702,15 +704,15 @@ grpc_access_token_credentials::~grpc_access_token_credentials() {
|
|
702
704
|
}
|
703
705
|
|
704
706
|
bool grpc_access_token_credentials::get_request_metadata(
|
705
|
-
grpc_polling_entity* pollent
|
706
|
-
grpc_credentials_mdelem_array* md_array,
|
707
|
-
grpc_error** error) {
|
707
|
+
grpc_polling_entity* /*pollent*/, grpc_auth_metadata_context /*context*/,
|
708
|
+
grpc_credentials_mdelem_array* md_array,
|
709
|
+
grpc_closure* /*on_request_metadata*/, grpc_error** /*error*/) {
|
708
710
|
grpc_credentials_mdelem_array_add(md_array, access_token_md_);
|
709
711
|
return true;
|
710
712
|
}
|
711
713
|
|
712
714
|
void grpc_access_token_credentials::cancel_get_request_metadata(
|
713
|
-
grpc_credentials_mdelem_array* md_array
|
715
|
+
grpc_credentials_mdelem_array* /*md_array*/, grpc_error* error) {
|
714
716
|
GRPC_ERROR_UNREF(error);
|
715
717
|
}
|
716
718
|
|
@@ -131,7 +131,7 @@ static void plugin_md_request_metadata_ready(void* request,
|
|
131
131
|
if (!r->cancelled) {
|
132
132
|
grpc_error* error =
|
133
133
|
process_plugin_result(r, md, num_md, status, error_details);
|
134
|
-
|
134
|
+
grpc_core::ExecCtx::Run(DEBUG_LOCATION, r->on_request_metadata, error);
|
135
135
|
} else if (GRPC_TRACE_FLAG_ENABLED(grpc_plugin_credentials_trace)) {
|
136
136
|
gpr_log(GPR_INFO,
|
137
137
|
"plugin_credentials[%p]: request %p: plugin was previously "
|
@@ -142,7 +142,7 @@ static void plugin_md_request_metadata_ready(void* request,
|
|
142
142
|
}
|
143
143
|
|
144
144
|
bool grpc_plugin_credentials::get_request_metadata(
|
145
|
-
grpc_polling_entity* pollent
|
145
|
+
grpc_polling_entity* /*pollent*/, grpc_auth_metadata_context context,
|
146
146
|
grpc_credentials_mdelem_array* md_array, grpc_closure* on_request_metadata,
|
147
147
|
grpc_error** error) {
|
148
148
|
bool retval = true; // Synchronous return.
|
@@ -228,8 +228,9 @@ void grpc_plugin_credentials::cancel_get_request_metadata(
|
|
228
228
|
pending_request);
|
229
229
|
}
|
230
230
|
pending_request->cancelled = true;
|
231
|
-
|
232
|
-
|
231
|
+
grpc_core::ExecCtx::Run(DEBUG_LOCATION,
|
232
|
+
pending_request->on_request_metadata,
|
233
|
+
GRPC_ERROR_REF(error));
|
233
234
|
pending_request_remove_locked(pending_request);
|
234
235
|
break;
|
235
236
|
}
|
@@ -249,5 +250,5 @@ grpc_call_credentials* grpc_metadata_credentials_create_from_plugin(
|
|
249
250
|
GRPC_API_TRACE("grpc_metadata_credentials_create_from_plugin(reserved=%p)", 1,
|
250
251
|
(reserved));
|
251
252
|
GPR_ASSERT(reserved == nullptr);
|
252
|
-
return
|
253
|
+
return new grpc_plugin_credentials(plugin);
|
253
254
|
}
|
@@ -130,7 +130,7 @@ grpc_channel_credentials* grpc_ssl_credentials_create(
|
|
130
130
|
4, (pem_root_certs, pem_key_cert_pair, verify_options, reserved));
|
131
131
|
GPR_ASSERT(reserved == nullptr);
|
132
132
|
|
133
|
-
return
|
133
|
+
return new grpc_ssl_credentials(
|
134
134
|
pem_root_certs, pem_key_cert_pair,
|
135
135
|
reinterpret_cast<const grpc_ssl_verify_peer_options*>(verify_options));
|
136
136
|
}
|
@@ -146,8 +146,8 @@ grpc_channel_credentials* grpc_ssl_credentials_create_ex(
|
|
146
146
|
4, (pem_root_certs, pem_key_cert_pair, verify_options, reserved));
|
147
147
|
GPR_ASSERT(reserved == nullptr);
|
148
148
|
|
149
|
-
return
|
150
|
-
|
149
|
+
return new grpc_ssl_credentials(pem_root_certs, pem_key_cert_pair,
|
150
|
+
verify_options);
|
151
151
|
}
|
152
152
|
|
153
153
|
//
|
@@ -348,7 +348,7 @@ grpc_server_credentials* grpc_ssl_server_credentials_create_with_options(
|
|
348
348
|
goto done;
|
349
349
|
}
|
350
350
|
|
351
|
-
retval =
|
351
|
+
retval = new grpc_ssl_server_credentials(*options);
|
352
352
|
|
353
353
|
done:
|
354
354
|
grpc_ssl_server_credentials_options_destroy(options);
|
@@ -76,7 +76,7 @@ grpc_tls_server_authorization_check_config::
|
|
76
76
|
|
77
77
|
/** -- Wrapper APIs declared in grpc_security.h -- **/
|
78
78
|
grpc_tls_credentials_options* grpc_tls_credentials_options_create() {
|
79
|
-
return
|
79
|
+
return new grpc_tls_credentials_options();
|
80
80
|
}
|
81
81
|
|
82
82
|
int grpc_tls_credentials_options_set_cert_request_type(
|
@@ -133,7 +133,7 @@ int grpc_tls_credentials_options_set_server_authorization_check_config(
|
|
133
133
|
}
|
134
134
|
|
135
135
|
grpc_tls_key_materials_config* grpc_tls_key_materials_config_create() {
|
136
|
-
return
|
136
|
+
return new grpc_tls_key_materials_config();
|
137
137
|
}
|
138
138
|
|
139
139
|
int grpc_tls_key_materials_config_set_key_materials(
|
@@ -192,8 +192,8 @@ grpc_tls_credential_reload_config* grpc_tls_credential_reload_config_create(
|
|
192
192
|
"Schedule API is nullptr in creating TLS credential reload config.");
|
193
193
|
return nullptr;
|
194
194
|
}
|
195
|
-
return
|
196
|
-
|
195
|
+
return new grpc_tls_credential_reload_config(config_user_data, schedule,
|
196
|
+
cancel, destruct);
|
197
197
|
}
|
198
198
|
|
199
199
|
grpc_tls_server_authorization_check_config*
|
@@ -210,6 +210,6 @@ grpc_tls_server_authorization_check_config_create(
|
|
210
210
|
"check config.");
|
211
211
|
return nullptr;
|
212
212
|
}
|
213
|
-
return
|
213
|
+
return new grpc_tls_server_authorization_check_config(
|
214
214
|
config_user_data, schedule, cancel, destruct);
|
215
215
|
}
|
@@ -115,7 +115,7 @@ grpc_channel_credentials* grpc_tls_spiffe_credentials_create(
|
|
115
115
|
if (!CredentialOptionSanityCheck(options, true /* is_client */)) {
|
116
116
|
return nullptr;
|
117
117
|
}
|
118
|
-
return
|
118
|
+
return new SpiffeCredentials(
|
119
119
|
grpc_core::RefCountedPtr<grpc_tls_credentials_options>(options));
|
120
120
|
}
|
121
121
|
|
@@ -124,6 +124,6 @@ grpc_server_credentials* grpc_tls_spiffe_server_credentials_create(
|
|
124
124
|
if (!CredentialOptionSanityCheck(options, false /* is_client */)) {
|
125
125
|
return nullptr;
|
126
126
|
}
|
127
|
-
return
|
127
|
+
return new SpiffeServerCredentials(
|
128
128
|
grpc_core::RefCountedPtr<grpc_tls_credentials_options>(options));
|
129
129
|
}
|
@@ -36,9 +36,7 @@
|
|
36
36
|
#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h"
|
37
37
|
#include "src/core/tsi/transport_security.h"
|
38
38
|
|
39
|
-
|
40
|
-
|
41
|
-
void alts_set_rpc_protocol_versions(
|
39
|
+
void grpc_alts_set_rpc_protocol_versions(
|
42
40
|
grpc_gcp_rpc_protocol_versions* rpc_versions) {
|
43
41
|
grpc_gcp_rpc_protocol_versions_set_max(rpc_versions,
|
44
42
|
GRPC_PROTOCOL_VERSION_MAX_MAJOR,
|
@@ -48,6 +46,8 @@ void alts_set_rpc_protocol_versions(
|
|
48
46
|
GRPC_PROTOCOL_VERSION_MIN_MINOR);
|
49
47
|
}
|
50
48
|
|
49
|
+
namespace {
|
50
|
+
|
51
51
|
void alts_check_peer(tsi_peer peer,
|
52
52
|
grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
|
53
53
|
grpc_closure* on_peer_checked) {
|
@@ -59,7 +59,7 @@ void alts_check_peer(tsi_peer peer,
|
|
59
59
|
? GRPC_ERROR_NONE
|
60
60
|
: GRPC_ERROR_CREATE_FROM_STATIC_STRING(
|
61
61
|
"Could not get ALTS auth context from TSI peer");
|
62
|
-
|
62
|
+
grpc_core::ExecCtx::Run(DEBUG_LOCATION, on_peer_checked, error);
|
63
63
|
}
|
64
64
|
|
65
65
|
class grpc_alts_channel_security_connector final
|
@@ -69,14 +69,10 @@ class grpc_alts_channel_security_connector final
|
|
69
69
|
grpc_core::RefCountedPtr<grpc_channel_credentials> channel_creds,
|
70
70
|
grpc_core::RefCountedPtr<grpc_call_credentials> request_metadata_creds,
|
71
71
|
const char* target_name)
|
72
|
-
: grpc_channel_security_connector(
|
72
|
+
: grpc_channel_security_connector(GRPC_ALTS_URL_SCHEME,
|
73
73
|
std::move(channel_creds),
|
74
74
|
std::move(request_metadata_creds)),
|
75
|
-
target_name_(gpr_strdup(target_name)) {
|
76
|
-
grpc_alts_credentials* creds =
|
77
|
-
static_cast<grpc_alts_credentials*>(mutable_channel_creds());
|
78
|
-
alts_set_rpc_protocol_versions(&creds->mutable_options()->rpc_versions);
|
79
|
-
}
|
75
|
+
target_name_(gpr_strdup(target_name)) {}
|
80
76
|
|
81
77
|
~grpc_alts_channel_security_connector() override { gpr_free(target_name_); }
|
82
78
|
|
@@ -94,7 +90,7 @@ class grpc_alts_channel_security_connector final
|
|
94
90
|
grpc_core::SecurityHandshakerCreate(handshaker, this, args));
|
95
91
|
}
|
96
92
|
|
97
|
-
void check_peer(tsi_peer peer, grpc_endpoint* ep
|
93
|
+
void check_peer(tsi_peer peer, grpc_endpoint* /*ep*/,
|
98
94
|
grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
|
99
95
|
grpc_closure* on_peer_checked) override {
|
100
96
|
alts_check_peer(peer, auth_context, on_peer_checked);
|
@@ -109,8 +105,8 @@ class grpc_alts_channel_security_connector final
|
|
109
105
|
}
|
110
106
|
|
111
107
|
bool check_call_host(grpc_core::StringView host,
|
112
|
-
grpc_auth_context* auth_context
|
113
|
-
grpc_closure* on_call_host_checked
|
108
|
+
grpc_auth_context* /*auth_context*/,
|
109
|
+
grpc_closure* /*on_call_host_checked*/,
|
114
110
|
grpc_error** error) override {
|
115
111
|
if (host.empty() || host != target_name_) {
|
116
112
|
*error = GRPC_ERROR_CREATE_FROM_STATIC_STRING(
|
@@ -119,7 +115,7 @@ class grpc_alts_channel_security_connector final
|
|
119
115
|
return true;
|
120
116
|
}
|
121
117
|
|
122
|
-
void cancel_check_call_host(grpc_closure* on_call_host_checked
|
118
|
+
void cancel_check_call_host(grpc_closure* /*on_call_host_checked*/,
|
123
119
|
grpc_error* error) override {
|
124
120
|
GRPC_ERROR_UNREF(error);
|
125
121
|
}
|
@@ -133,12 +129,9 @@ class grpc_alts_server_security_connector final
|
|
133
129
|
public:
|
134
130
|
grpc_alts_server_security_connector(
|
135
131
|
grpc_core::RefCountedPtr<grpc_server_credentials> server_creds)
|
136
|
-
: grpc_server_security_connector(
|
137
|
-
std::move(server_creds)) {
|
138
|
-
|
139
|
-
reinterpret_cast<grpc_alts_server_credentials*>(mutable_server_creds());
|
140
|
-
alts_set_rpc_protocol_versions(&creds->mutable_options()->rpc_versions);
|
141
|
-
}
|
132
|
+
: grpc_server_security_connector(GRPC_ALTS_URL_SCHEME,
|
133
|
+
std::move(server_creds)) {}
|
134
|
+
|
142
135
|
~grpc_alts_server_security_connector() override = default;
|
143
136
|
|
144
137
|
void add_handshakers(
|
@@ -154,7 +147,7 @@ class grpc_alts_server_security_connector final
|
|
154
147
|
grpc_core::SecurityHandshakerCreate(handshaker, this, args));
|
155
148
|
}
|
156
149
|
|
157
|
-
void check_peer(tsi_peer peer, grpc_endpoint* ep
|
150
|
+
void check_peer(tsi_peer peer, grpc_endpoint* /*ep*/,
|
158
151
|
grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
|
159
152
|
grpc_closure* on_peer_checked) override {
|
160
153
|
alts_check_peer(peer, auth_context, on_peer_checked);
|
@@ -193,7 +186,7 @@ grpc_alts_auth_context_from_tsi_peer(const tsi_peer* peer) {
|
|
193
186
|
return nullptr;
|
194
187
|
}
|
195
188
|
grpc_gcp_rpc_protocol_versions local_versions, peer_versions;
|
196
|
-
|
189
|
+
grpc_alts_set_rpc_protocol_versions(&local_versions);
|
197
190
|
grpc_slice slice = grpc_slice_from_copied_buffer(
|
198
191
|
rpc_versions_prop->value.data, rpc_versions_prop->value.length);
|
199
192
|
bool decode_result =
|
@@ -210,6 +203,13 @@ grpc_alts_auth_context_from_tsi_peer(const tsi_peer* peer) {
|
|
210
203
|
gpr_log(GPR_ERROR, "Mismatch of local and peer rpc protocol versions.");
|
211
204
|
return nullptr;
|
212
205
|
}
|
206
|
+
/* Validate ALTS Context. */
|
207
|
+
const tsi_peer_property* alts_context_prop =
|
208
|
+
tsi_peer_get_property_by_name(peer, TSI_ALTS_CONTEXT);
|
209
|
+
if (alts_context_prop == nullptr) {
|
210
|
+
gpr_log(GPR_ERROR, "Missing alts context property.");
|
211
|
+
return nullptr;
|
212
|
+
}
|
213
213
|
/* Create auth context. */
|
214
214
|
auto ctx = grpc_core::MakeRefCounted<grpc_auth_context>(nullptr);
|
215
215
|
grpc_auth_context_add_cstring_property(
|
@@ -226,6 +226,12 @@ grpc_alts_auth_context_from_tsi_peer(const tsi_peer* peer) {
|
|
226
226
|
GPR_ASSERT(grpc_auth_context_set_peer_identity_property_name(
|
227
227
|
ctx.get(), TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY) == 1);
|
228
228
|
}
|
229
|
+
/* Add alts context to auth context. */
|
230
|
+
if (strcmp(tsi_prop->name, TSI_ALTS_CONTEXT) == 0) {
|
231
|
+
grpc_auth_context_add_property(ctx.get(), TSI_ALTS_CONTEXT,
|
232
|
+
tsi_prop->value.data,
|
233
|
+
tsi_prop->value.length);
|
234
|
+
}
|
229
235
|
}
|
230
236
|
if (!grpc_auth_context_peer_is_authenticated(ctx.get())) {
|
231
237
|
gpr_log(GPR_ERROR, "Invalid unauthenticated peer.");
|