RubyGems - grpc - Versions diffs - 1.28.0 → 1.30.2 - Mend

grpc 1.28.0 → 1.30.2

Potentially problematic release.

This version of grpc might be problematic. Click here for more details.

Files changed (503) hide show

data/src/core/lib/security/credentials/fake/fake_credentials.h CHANGED

@@ -21,6 +21,8 @@
 #include <grpc/support/port_platform.h>
+#include <string.h>
 #include "src/core/lib/security/credentials/credentials.h"
 #define GRPC_ARG_FAKE_SECURITY_EXPECTED_TARGETS \
@@ -75,6 +77,8 @@ class grpc_md_only_test_credentials : public grpc_call_credentials {
   void cancel_get_request_metadata(grpc_credentials_mdelem_array* md_array,
                                    grpc_error* error) override;
+  std::string debug_string() override { return "MD only Test Credentials"; };
  private:
   grpc_mdelem md_;
   bool is_async_;

data/src/core/lib/security/credentials/google_default/google_default_credentials.cc CHANGED

@@ -68,13 +68,12 @@ static grpc_core::internal::grpc_gce_tenancy_checker g_gce_tenancy_checker =
 static void init_default_credentials(void) { gpr_mu_init(&g_state_mu); }
-typedef struct {
+struct metadata_server_detector {
   grpc_polling_entity pollent;
   int is_done;
   int success;
   grpc_http_response response;
-} metadata_server_detector;
+};
 grpc_core::RefCountedPtr<grpc_channel_security_connector>
 grpc_google_default_channel_credentials::create_security_connector(
     grpc_core::RefCountedPtr<grpc_call_credentials> call_creds,
@@ -224,17 +223,13 @@ static grpc_error* create_default_creds_from_path(
   grpc_slice creds_data = grpc_empty_slice();
   grpc_error* error = GRPC_ERROR_NONE;
   Json json;
-  grpc_core::StringView str;
   if (creds_path == nullptr) {
     error = GRPC_ERROR_CREATE_FROM_STATIC_STRING("creds_path unset");
     goto end;
   }
   error = grpc_load_file(creds_path, 0, &creds_data);
   if (error != GRPC_ERROR_NONE) goto end;
-  str = grpc_core::StringView(
-      reinterpret_cast<char*>(GRPC_SLICE_START_PTR(creds_data)),
-      GRPC_SLICE_LENGTH(creds_data));
-  json = Json::Parse(str, &error);
+  json = Json::Parse(grpc_core::StringViewFromSlice(creds_data), &error);
   if (error != GRPC_ERROR_NONE) goto end;
   if (json.type() != Json::Type::OBJECT) {
     error = grpc_error_set_str(

data/src/core/lib/security/credentials/iam/iam_credentials.cc CHANGED

@@ -20,16 +20,15 @@
 #include "src/core/lib/security/credentials/iam/iam_credentials.h"
-#include <string.h>
-#include "src/core/lib/gprpp/ref_counted_ptr.h"
-#include "src/core/lib/surface/api_trace.h"
 #include <grpc/support/alloc.h>
 #include <grpc/support/log.h>
 #include <grpc/support/string_util.h>
 #include <grpc/support/sync.h>
+#include "absl/strings/str_format.h"
+#include "src/core/lib/gprpp/ref_counted_ptr.h"
+#include "src/core/lib/surface/api_trace.h"
 grpc_google_iam_credentials::~grpc_google_iam_credentials() {
   grpc_credentials_mdelem_array_destroy(&md_array_);
 }
@@ -49,7 +48,10 @@ void grpc_google_iam_credentials::cancel_get_request_metadata(
 grpc_google_iam_credentials::grpc_google_iam_credentials(
     const char* token, const char* authority_selector)
-    : grpc_call_credentials(GRPC_CALL_CREDENTIALS_TYPE_IAM) {
+    : grpc_call_credentials(GRPC_CALL_CREDENTIALS_TYPE_IAM),
+      debug_string_(absl::StrFormat(
+          "GoogleIAMCredentials{Token:%s,AuthoritySelector:%s}",
+          token != nullptr ? "present" : "absent", authority_selector)) {
   grpc_mdelem md = grpc_mdelem_from_slices(
       grpc_slice_from_static_string(GRPC_IAM_AUTHORIZATION_TOKEN_METADATA_KEY),
       grpc_slice_from_copied_string(token));

data/src/core/lib/security/credentials/iam/iam_credentials.h CHANGED

@@ -21,6 +21,8 @@
 #include <grpc/support/port_platform.h>
+#include <string>
 #include "src/core/lib/security/credentials/credentials.h"
 class grpc_google_iam_credentials : public grpc_call_credentials {
@@ -37,9 +39,11 @@ class grpc_google_iam_credentials : public grpc_call_credentials {
   void cancel_get_request_metadata(grpc_credentials_mdelem_array* md_array,
                                    grpc_error* error) override;
+  std::string debug_string() override { return debug_string_; }
  private:
   grpc_credentials_mdelem_array md_array_;
+  const std::string debug_string_;
 };
 #endif /* GRPC_CORE_LIB_SECURITY_CREDENTIALS_IAM_IAM_CREDENTIALS_H */

data/src/core/lib/security/credentials/jwt/json_token.cc CHANGED

@@ -127,7 +127,7 @@ grpc_auth_json_key grpc_auth_json_key_create_from_string(
   grpc_error* error = GRPC_ERROR_NONE;
   Json json = Json::Parse(json_string, &error);
   GRPC_LOG_IF_ERROR("JSON key parsing", error);
-  return grpc_auth_json_key_create_from_json(std::move(json));
+  return grpc_auth_json_key_create_from_json(json);
 }
 void grpc_auth_json_key_destruct(grpc_auth_json_key* json_key) {

data/src/core/lib/security/credentials/jwt/json_token.h CHANGED

@@ -21,8 +21,6 @@
 #include <grpc/support/port_platform.h>
-#include "src/core/tsi/grpc_shadow_boringssl.h"
 #include <grpc/slice.h>
 #include <openssl/rsa.h>
@@ -34,14 +32,13 @@
 /* --- auth_json_key parsing. --- */
-typedef struct {
+struct grpc_auth_json_key {
   const char* type;
   char* private_key_id;
   char* client_id;
   char* client_email;
   RSA* private_key;
-} grpc_auth_json_key;
+};
 /* Returns 1 if the object is valid, 0 otherwise. */
 int grpc_auth_json_key_is_valid(const grpc_auth_json_key* json_key);

data/src/core/lib/security/credentials/jwt/jwt_credentials.h CHANGED

@@ -21,6 +21,12 @@
 #include <grpc/support/port_platform.h>
+#include <string>
+#include <grpc/support/time.h>
+#include "absl/strings/str_format.h"
+#include "absl/time/time.h"
 #include "src/core/lib/security/credentials/credentials.h"
 #include "src/core/lib/security/credentials/jwt/json_token.h"
@@ -43,6 +49,12 @@ class grpc_service_account_jwt_access_credentials
   const gpr_timespec& jwt_lifetime() const { return jwt_lifetime_; }
   const grpc_auth_json_key& key() const { return key_; }
+  std::string debug_string() override {
+    return absl::StrFormat("JWTAccessCredentials{ExpirationTime:%s}",
+                           absl::FormatTime(absl::FromUnixMicros(
+                               gpr_timespec_to_micros(jwt_lifetime_))));
+  };
  private:
   void reset_cache();

data/src/core/lib/security/credentials/jwt/jwt_verifier.cc CHANGED

@@ -18,8 +18,6 @@
 #include <grpc/support/port_platform.h>
-#include "src/core/tsi/grpc_shadow_boringssl.h"
 #include "src/core/lib/security/credentials/jwt/jwt_verifier.h"
 #include <limits.h>
@@ -88,9 +86,7 @@ static Json parse_json_part_from_jwt(const char* str, size_t len) {
     gpr_log(GPR_ERROR, "Invalid base64.");
     return Json();  // JSON null
   }
-  grpc_core::StringView string(
-      reinterpret_cast<char*>(GRPC_SLICE_START_PTR(slice)),
-      GRPC_SLICE_LENGTH(slice));
+  absl::string_view string = grpc_core::StringViewFromSlice(slice);
   grpc_error* error = GRPC_ERROR_NONE;
   Json json = Json::Parse(string, &error);
   if (error != GRPC_ERROR_NONE) {
@@ -122,14 +118,13 @@ static gpr_timespec validate_time_field(const Json& json, const char* key) {
 /* --- JOSE header. see http://tools.ietf.org/html/rfc7515#section-4 --- */
-typedef struct {
+struct jose_header {
   const char* alg;
   const char* kid;
   const char* typ;
   /* TODO(jboeuf): Add others as needed (jku, jwk, x5u, x5c and so on...). */
   grpc_core::ManualConstructor<Json> json;
-} jose_header;
+};
 static void jose_header_destroy(jose_header* h) {
   h->json.Destroy();
   gpr_free(h);
@@ -339,7 +334,7 @@ typedef enum {
   HTTP_RESPONSE_COUNT /* must be last */
 } http_response_index;
-typedef struct {
+struct verifier_cb_ctx {
   grpc_jwt_verifier* verifier;
   grpc_polling_entity pollent;
   jose_header* header;
@@ -350,8 +345,7 @@ typedef struct {
   void* user_data;
   grpc_jwt_verification_done_cb user_cb;
   grpc_http_response responses[HTTP_RESPONSE_COUNT];
-} verifier_cb_ctx;
+};
 /* Takes ownership of the header, claims and signature. */
 static verifier_cb_ctx* verifier_cb_ctx_create(
     grpc_jwt_verifier* verifier, grpc_pollset* pollset, jose_header* header,
@@ -396,11 +390,10 @@ gpr_timespec grpc_jwt_verifier_clock_skew = {60, 0, GPR_TIMESPAN};
 /* Max delay defaults to one minute. */
 grpc_millis grpc_jwt_verifier_max_delay = 60 * GPR_MS_PER_SEC;
-typedef struct {
+struct email_key_mapping {
   char* email_domain;
   char* key_url_prefix;
-} email_key_mapping;
+};
 struct grpc_jwt_verifier {
   email_key_mapping* mappings;
   size_t num_mappings; /* Should be very few, linear search ok. */
@@ -420,7 +413,7 @@ static Json json_from_http(const grpc_httpcli_response* response) {
   }
   grpc_error* error = GRPC_ERROR_NONE;
   Json json = Json::Parse(
-      grpc_core::StringView(response->body, response->body_length), &error);
+      absl::string_view(response->body, response->body_length), &error);
   if (error != GRPC_ERROR_NONE) {
     gpr_log(GPR_ERROR, "Invalid JSON found in response.");
     return Json();  // JSON null

data/src/core/lib/security/credentials/jwt/jwt_verifier.h CHANGED

@@ -71,7 +71,7 @@ gpr_timespec grpc_jwt_claims_not_before(const grpc_jwt_claims* claims);
 typedef struct grpc_jwt_verifier grpc_jwt_verifier;
-typedef struct {
+struct grpc_jwt_verifier_email_domain_key_url_mapping {
   /* The email domain is the part after the @ sign. */
   const char* email_domain;
@@ -79,8 +79,7 @@ typedef struct {
      https://<key_url_prefix>/<issuer_email>
      Therefore the key_url_prefix must NOT contain https://. */
   const char* key_url_prefix;
-} grpc_jwt_verifier_email_domain_key_url_mapping;
+};
 /* Globals to control the verifier. Not thread-safe. */
 extern gpr_timespec grpc_jwt_verifier_clock_skew;
 extern grpc_millis grpc_jwt_verifier_max_delay;

data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc CHANGED

@@ -23,6 +23,9 @@
 #include <string.h>
+#include "absl/container/inlined_vector.h"
+#include "absl/strings/str_join.h"
 #include <grpc/grpc_security.h>
 #include <grpc/impl/codegen/slice.h>
 #include <grpc/slice.h>
@@ -30,8 +33,8 @@
 #include <grpc/support/log.h>
 #include <grpc/support/string_util.h>
+#include "absl/strings/str_format.h"
 #include "src/core/lib/gpr/string.h"
-#include "src/core/lib/gprpp/inlined_vector.h"
 #include "src/core/lib/gprpp/ref_counted_ptr.h"
 #include "src/core/lib/iomgr/error.h"
 #include "src/core/lib/iomgr/load_file.h"
@@ -96,7 +99,7 @@ grpc_auth_refresh_token grpc_auth_refresh_token_create_from_string(
     gpr_log(GPR_ERROR, "JSON parsing failed: %s", grpc_error_string(error));
     GRPC_ERROR_UNREF(error);
   }
-  return grpc_auth_refresh_token_create_from_json(std::move(json));
+  return grpc_auth_refresh_token_create_from_json(json);
 }
 void grpc_auth_refresh_token_destruct(grpc_auth_refresh_token* refresh_token) {
@@ -358,6 +361,10 @@ grpc_oauth2_token_fetcher_credentials::grpc_oauth2_token_fetcher_credentials()
   grpc_httpcli_context_init(&httpcli_context_);
 }
+std::string grpc_oauth2_token_fetcher_credentials::debug_string() {
+  return "OAuth2TokenFetcherCredentials";
+}
 //
 //  Google Compute Engine credentials.
 //
@@ -396,6 +403,12 @@ class grpc_compute_engine_token_fetcher_credentials
     grpc_resource_quota_unref_internal(resource_quota);
   }
+  std::string debug_string() override {
+    return absl::StrFormat(
+        "GoogleComputeEngineTokenFetcherCredentials{%s}",
+        grpc_oauth2_token_fetcher_credentials::debug_string());
+  }
  private:
   grpc_closure http_get_cb_closure_;
 };
@@ -468,6 +481,12 @@ grpc_refresh_token_credentials_create_from_auth_refresh_token(
       refresh_token);
 }
+std::string grpc_google_refresh_token_credentials::debug_string() {
+  return absl::StrFormat("GoogleRefreshToken{ClientID:%s,%s}",
+                         refresh_token_.client_id,
+                         grpc_oauth2_token_fetcher_credentials::debug_string());
+}
 static char* create_loggable_refresh_token(grpc_auth_refresh_token* token) {
   if (strcmp(token->type, GRPC_AUTH_JSON_TYPE_INVALID) == 0) {
     return gpr_strdup("<Invalid json token>");
@@ -505,12 +524,10 @@ namespace grpc_core {
 namespace {
-void MaybeAddToBody(gpr_strvec* body_strvec, const char* field_name,
-                    const char* field) {
+void MaybeAddToBody(const char* field_name, const char* field,
+                    std::vector<std::string>* body) {
   if (field == nullptr || strlen(field) == 0) return;
-  char* new_query;
-  gpr_asprintf(&new_query, "&%s=%s", field_name, field);
-  gpr_strvec_add(body_strvec, new_query);
+  body->push_back(absl::StrFormat("&%s=%s", field_name, field));
 }
 grpc_error* LoadTokenFile(const char* path, gpr_slice* token) {
@@ -540,6 +557,13 @@ class StsTokenFetcherCredentials
   ~StsTokenFetcherCredentials() override { grpc_uri_destroy(sts_url_); }
+  std::string debug_string() override {
+    return absl::StrFormat(
+        "StsTokenFetcherCredentials{Path:%s,Authority:%s,%s}", sts_url_->path,
+        sts_url_->authority,
+        grpc_oauth2_token_fetcher_credentials::debug_string());
+  }
  private:
   void fetch_oauth2(grpc_credentials_metadata_request* metadata_req,
                     grpc_httpcli_context* http_context,
@@ -583,20 +607,18 @@ class StsTokenFetcherCredentials
   grpc_error* FillBody(char** body, size_t* body_length) {
     *body = nullptr;
-    gpr_strvec body_strvec;
-    gpr_strvec_init(&body_strvec);
+    std::vector<std::string> body_parts;
     grpc_slice subject_token = grpc_empty_slice();
     grpc_slice actor_token = grpc_empty_slice();
     grpc_error* err = GRPC_ERROR_NONE;
-    auto cleanup = [&body, &body_length, &body_strvec, &subject_token,
+    auto cleanup = [&body, &body_length, &body_parts, &subject_token,
                     &actor_token, &err]() {
       if (err == GRPC_ERROR_NONE) {
-        *body = gpr_strvec_flatten(&body_strvec, body_length);
-      } else {
-        gpr_free(*body);
+        std::string body_str = absl::StrJoin(body_parts, "");
+        *body = gpr_strdup(body_str.c_str());
+        *body_length = body_str.size();
       }
-      gpr_strvec_destroy(&body_strvec);
       grpc_slice_unref_internal(subject_token);
       grpc_slice_unref_internal(actor_token);
       return err;
@@ -604,23 +626,23 @@ class StsTokenFetcherCredentials
     err = LoadTokenFile(subject_token_path_.get(), &subject_token);
     if (err != GRPC_ERROR_NONE) return cleanup();
-    gpr_asprintf(
-        body, GRPC_STS_POST_MINIMAL_BODY_FORMAT_STRING,
+    body_parts.push_back(absl::StrFormat(
+        GRPC_STS_POST_MINIMAL_BODY_FORMAT_STRING,
         reinterpret_cast<const char*>(GRPC_SLICE_START_PTR(subject_token)),
-        subject_token_type_.get());
-    gpr_strvec_add(&body_strvec, *body);
-    MaybeAddToBody(&body_strvec, "resource", resource_.get());
-    MaybeAddToBody(&body_strvec, "audience", audience_.get());
-    MaybeAddToBody(&body_strvec, "scope", scope_.get());
-    MaybeAddToBody(&body_strvec, "requested_token_type",
-                   requested_token_type_.get());
+        subject_token_type_.get()));
+    MaybeAddToBody("resource", resource_.get(), &body_parts);
+    MaybeAddToBody("audience", audience_.get(), &body_parts);
+    MaybeAddToBody("scope", scope_.get(), &body_parts);
+    MaybeAddToBody("requested_token_type", requested_token_type_.get(),
+                   &body_parts);
     if ((actor_token_path_ != nullptr) && *actor_token_path_ != '\0') {
       err = LoadTokenFile(actor_token_path_.get(), &actor_token);
       if (err != GRPC_ERROR_NONE) return cleanup();
       MaybeAddToBody(
-          &body_strvec, "actor_token",
-          reinterpret_cast<const char*>(GRPC_SLICE_START_PTR(actor_token)));
-      MaybeAddToBody(&body_strvec, "actor_token_type", actor_token_type_.get());
+          "actor_token",
+          reinterpret_cast<const char*>(GRPC_SLICE_START_PTR(actor_token)),
+          &body_parts);
+      MaybeAddToBody("actor_token_type", actor_token_type_.get(), &body_parts);
     }
     return cleanup();
   }
@@ -645,7 +667,7 @@ grpc_error* ValidateStsCredentialsOptions(
     void operator()(grpc_uri* uri) { grpc_uri_destroy(uri); }
   };
   *sts_url_out = nullptr;
-  InlinedVector<grpc_error*, 3> error_list;
+  absl::InlinedVector<grpc_error*, 3> error_list;
   std::unique_ptr<grpc_uri, GrpcUriDeleter> sts_url(
       options->token_exchange_service_uri != nullptr
           ? grpc_uri_parse(options->token_exchange_service_uri, false)
@@ -731,6 +753,12 @@ grpc_access_token_credentials::grpc_access_token_credentials(
   gpr_free(token_md_value);
 }
+std::string grpc_access_token_credentials::debug_string() {
+  bool access_token_present = !GRPC_MDISNULL(access_token_md_);
+  return absl::StrFormat("AccessTokenCredentials{Token:%s}",
+                         access_token_present ? "present" : "absent");
+}
 grpc_call_credentials* grpc_access_token_credentials_create(
     const char* access_token, void* reserved) {
   GRPC_API_TRACE(

data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h CHANGED

@@ -21,6 +21,8 @@
 #include <grpc/support/port_platform.h>
+#include <string>
 #include <grpc/grpc_security.h>
 #include "src/core/lib/json/json.h"
 #include "src/core/lib/security/credentials/credentials.h"
@@ -32,13 +34,12 @@
   "s&subject_token_type=%s"
 // auth_refresh_token parsing.
-typedef struct {
+struct grpc_auth_refresh_token {
   const char* type;
   char* client_id;
   char* client_secret;
   char* refresh_token;
-} grpc_auth_refresh_token;
+};
 /// Returns 1 if the object is valid, 0 otherwise.
 int grpc_auth_refresh_token_is_valid(
     const grpc_auth_refresh_token* refresh_token);
@@ -84,6 +85,7 @@ class grpc_oauth2_token_fetcher_credentials : public grpc_call_credentials {
   void on_http_response(grpc_credentials_metadata_request* r,
                         grpc_error* error);
+  std::string debug_string() override;
  protected:
   virtual void fetch_oauth2(grpc_credentials_metadata_request* req,
@@ -112,6 +114,8 @@ class grpc_google_refresh_token_credentials final
     return refresh_token_;
   }
+  std::string debug_string() override;
  protected:
   void fetch_oauth2(grpc_credentials_metadata_request* req,
                     grpc_httpcli_context* httpcli_context,
@@ -138,6 +142,8 @@ class grpc_access_token_credentials final : public grpc_call_credentials {
   void cancel_get_request_metadata(grpc_credentials_mdelem_array* md_array,
                                    grpc_error* error) override;
+  std::string debug_string() override;
  private:
   grpc_mdelem access_token_md_;
 };