static gpr_slice compute_default_pem_root_certs_once(void) {
gpr_slice result = gpr_empty_slice();
/* First try to load the roots from the environment. */
char *default_root_certs_path =
gpr_getenv(GRPC_DEFAULT_SSL_ROOTS_FILE_PATH_ENV_VAR);
if (default_root_certs_path != NULL) {
result = gpr_load_file(default_root_certs_path, 0, NULL);
gpr_free(default_root_certs_path);
}
/* Try overridden roots if needed. */
grpc_ssl_roots_override_result ovrd_res = GRPC_SSL_ROOTS_OVERRIDE_FAIL;
if (GPR_SLICE_IS_EMPTY(result) && ssl_roots_override_cb != NULL) {
char *pem_root_certs = NULL;
ovrd_res = ssl_roots_override_cb(&pem_root_certs);
if (ovrd_res == GRPC_SSL_ROOTS_OVERRIDE_OK) {
GPR_ASSERT(pem_root_certs != NULL);
result = gpr_slice_new(pem_root_certs, strlen(pem_root_certs), gpr_free);
}
}
/* Fall back to installed certs if needed. */
if (GPR_SLICE_IS_EMPTY(result) &&
ovrd_res != GRPC_SSL_ROOTS_OVERRIDE_FAIL_PERMANENTLY) {
result = gpr_load_file(installed_roots_path, 0, NULL);
}
return result;
}
int main(int argc, char **argv) {
const char *addr = bad_ssl_addr(argc, argv);
grpc_ssl_pem_key_cert_pair pem_key_cert_pair;
grpc_server_credentials *ssl_creds;
grpc_server *server;
gpr_slice cert_slice, key_slice;
int ok;
grpc_init();
cert_slice =
gpr_load_file("src/core/lib/tsi/test_creds/badserver.pem", 1, &ok);
GPR_ASSERT(ok);
key_slice =
gpr_load_file("src/core/lib/tsi/test_creds/badserver.key", 1, &ok);
GPR_ASSERT(ok);
pem_key_cert_pair.private_key = (const char *)GPR_SLICE_START_PTR(key_slice);
pem_key_cert_pair.cert_chain = (const char *)GPR_SLICE_START_PTR(cert_slice);
ssl_creds =
grpc_ssl_server_credentials_create(NULL, &pem_key_cert_pair, 1, 0, NULL);
server = grpc_server_create(NULL, NULL);
GPR_ASSERT(grpc_server_add_secure_http2_port(server, addr, ssl_creds));
grpc_server_credentials_release(ssl_creds);
gpr_slice_unref(cert_slice);
gpr_slice_unref(key_slice);
bad_ssl_run(server);
grpc_shutdown();
return 0;
}
static void init_default_pem_root_certs(void) {
/* First try to load the roots from the environment. */
char *default_root_certs_path =
gpr_getenv(GRPC_DEFAULT_SSL_ROOTS_FILE_PATH_ENV_VAR);
if (default_root_certs_path == NULL) {
default_pem_root_certs = gpr_empty_slice();
} else {
default_pem_root_certs = gpr_load_file(default_root_certs_path, 0, NULL);
gpr_free(default_root_certs_path);
}
/* Fall back to installed certs if needed. */
if (GPR_SLICE_IS_EMPTY(default_pem_root_certs)) {
default_pem_root_certs = gpr_load_file(installed_roots_path, 0, NULL);
}
}
static void test_load_big_file(void) {
FILE *tmp = NULL;
gpr_slice slice;
int success;
char *tmp_name;
unsigned char buffer[124631];
unsigned char *current;
size_t i;
LOG_TEST_NAME();
for (i = 0; i < sizeof(buffer); i++) {
buffer[i] = 42;
}
tmp = gpr_tmpfile(prefix, &tmp_name);
GPR_ASSERT(tmp != NULL);
GPR_ASSERT(tmp_name != NULL);
GPR_ASSERT(fwrite(buffer, 1, sizeof(buffer), tmp) == sizeof(buffer));
fclose(tmp);
slice = gpr_load_file(tmp_name, &success);
GPR_ASSERT(success == 1);
GPR_ASSERT(GPR_SLICE_LENGTH(slice) == sizeof(buffer));
current = GPR_SLICE_START_PTR(slice);
for (i = 0; i < sizeof(buffer); i++) {
GPR_ASSERT(current[i] == 42);
}
remove(tmp_name);
gpr_free(tmp_name);
gpr_slice_unref(slice);
}
static void test_code(void) {
/* env.h */
gpr_set_env("abc", gpr_getenv("xyz"));
/* load_file.h */
gpr_load_file("abc", 1, NULL);
/* tmpfile.h */
fclose(gpr_tmpfile("foo", NULL));
}
static grpc_call_credentials *create_refresh_token_creds(
const char *json_refresh_token_file_path) {
int success;
gpr_slice refresh_token =
gpr_load_file(json_refresh_token_file_path, 1, &success);
if (!success) {
gpr_log(GPR_ERROR, "Could not read file %s.", json_refresh_token_file_path);
exit(1);
}
return grpc_google_refresh_token_credentials_create(
(const char *)GPR_SLICE_START_PTR(refresh_token), NULL);
}
/* Takes ownership of creds_path if not NULL. */
static grpc_credentials *create_refresh_token_creds_from_path(
char *creds_path) {
grpc_credentials *result = NULL;
gpr_slice creds_data;
int file_ok = 0;
if (creds_path == NULL) return NULL;
creds_data = gpr_load_file(creds_path, 1, &file_ok);
gpr_free(creds_path);
if (file_ok) {
result = grpc_refresh_token_credentials_create(
(const char *)GPR_SLICE_START_PTR(creds_data));
gpr_slice_unref(creds_data);
}
return result;
}
static void test_load_failure(void) {
FILE *tmp = NULL;
gpr_slice slice;
int success;
char *tmp_name;
LOG_TEST_NAME();
tmp = gpr_tmpfile(prefix, &tmp_name);
GPR_ASSERT(tmp_name != NULL);
GPR_ASSERT(tmp != NULL);
fclose(tmp);
remove(tmp_name);
slice = gpr_load_file(tmp_name, &success);
GPR_ASSERT(success == 0);
GPR_ASSERT(GPR_SLICE_LENGTH(slice) == 0);
gpr_free(tmp_name);
gpr_slice_unref(slice);
}
/* Takes ownership of creds_path if not NULL. */
static grpc_call_credentials *create_default_creds_from_path(char *creds_path) {
grpc_json *json = NULL;
grpc_auth_json_key key;
grpc_auth_refresh_token token;
grpc_call_credentials *result = NULL;
gpr_slice creds_data = gpr_empty_slice();
int file_ok = 0;
if (creds_path == NULL) goto end;
creds_data = gpr_load_file(creds_path, 0, &file_ok);
if (!file_ok) goto end;
json = grpc_json_parse_string_with_len(
(char *)GPR_SLICE_START_PTR(creds_data), GPR_SLICE_LENGTH(creds_data));
if (json == NULL) goto end;
/* First, try an auth json key. */
key = grpc_auth_json_key_create_from_json(json);
if (grpc_auth_json_key_is_valid(&key)) {
result =
grpc_service_account_jwt_access_credentials_create_from_auth_json_key(
key, grpc_max_auth_token_lifetime());
goto end;
}
/* Then try a refresh token if the auth json key was invalid. */
token = grpc_auth_refresh_token_create_from_json(json);
if (grpc_auth_refresh_token_is_valid(&token)) {
result =
grpc_refresh_token_credentials_create_from_auth_refresh_token(token);
goto end;
}
end:
if (creds_path != NULL) gpr_free(creds_path);
gpr_slice_unref(creds_data);
if (json != NULL) grpc_json_destroy(json);
return result;
}
static void test_load_small_file(void) {
FILE *tmp = NULL;
gpr_slice slice;
int success;
char *tmp_name;
const char *blah = "blah";
LOG_TEST_NAME();
tmp = gpr_tmpfile(prefix, &tmp_name);
GPR_ASSERT(tmp_name != NULL);
GPR_ASSERT(tmp != NULL);
GPR_ASSERT(fwrite(blah, 1, strlen(blah), tmp) == strlen(blah));
fclose(tmp);
slice = gpr_load_file(tmp_name, &success);
GPR_ASSERT(success == 1);
GPR_ASSERT(GPR_SLICE_LENGTH(slice) == strlen(blah));
GPR_ASSERT(!memcmp(GPR_SLICE_START_PTR(slice), blah, strlen(blah)));
remove(tmp_name);
gpr_free(tmp_name);
gpr_slice_unref(slice);
}
