static VALUE grpc_rb_channel_credentials_compose(int argc, VALUE* argv, VALUE self) { grpc_channel_credentials* creds; grpc_call_credentials* other; grpc_channel_credentials* prev = NULL; VALUE mark; if (argc == 0) { return self; } mark = rb_ary_new(); rb_ary_push(mark, self); creds = grpc_rb_get_wrapped_channel_credentials(self); for (int i = 0; i < argc; i++) { rb_ary_push(mark, argv[i]); other = grpc_rb_get_wrapped_call_credentials(argv[i]); creds = grpc_composite_channel_credentials_create(creds, other, NULL); if (prev != NULL) { grpc_channel_credentials_release(prev); } prev = creds; if (creds == NULL) { rb_raise(rb_eRuntimeError, "Failed to compose channel and call credentials"); } } return grpc_rb_wrap_channel_credentials(creds, mark); }
int main(int argc, char **argv) { int result = 0; grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT; synchronizer sync; grpc_channel_credentials *creds = NULL; char *service_url = "https://test.foo.google.com/Foo"; grpc_auth_metadata_context context; gpr_cmdline *cl = gpr_cmdline_create("print_google_default_creds_token"); gpr_cmdline_add_string(cl, "service_url", "Service URL for the token request.", &service_url); gpr_cmdline_parse(cl, argc, argv); memset(&context, 0, sizeof(context)); context.service_url = service_url; grpc_init(); creds = grpc_google_default_credentials_create(); if (creds == NULL) { fprintf(stderr, "\nCould not find default credentials.\n\n"); result = 1; goto end; } grpc_pollset *pollset = gpr_malloc(grpc_pollset_size()); grpc_pollset_init(pollset, &sync.mu); sync.pops = grpc_polling_entity_create_from_pollset(pollset); sync.is_done = 0; grpc_call_credentials_get_request_metadata( &exec_ctx, ((grpc_composite_channel_credentials *)creds)->call_creds, &sync.pops, context, on_metadata_response, &sync); gpr_mu_lock(sync.mu); while (!sync.is_done) { grpc_pollset_worker *worker = NULL; if (!GRPC_LOG_IF_ERROR( "pollset_work", grpc_pollset_work(&exec_ctx, grpc_polling_entity_pollset(&sync.pops), &worker, gpr_now(GPR_CLOCK_MONOTONIC), gpr_inf_future(GPR_CLOCK_MONOTONIC)))) sync.is_done = 1; gpr_mu_unlock(sync.mu); grpc_exec_ctx_flush(&exec_ctx); gpr_mu_lock(sync.mu); } gpr_mu_unlock(sync.mu); grpc_exec_ctx_finish(&exec_ctx); grpc_channel_credentials_release(creds); gpr_free(grpc_polling_entity_pollset(&sync.pops)); end: gpr_cmdline_destroy(cl); grpc_shutdown(); return result; }
static void chttp2_init_client_secure_fullstack( grpc_end2end_test_fixture *f, grpc_channel_args *client_args, grpc_channel_credentials *creds) { fullstack_secure_fixture_data *ffd = f->fixture_data; f->client = grpc_secure_channel_create(creds, ffd->localaddr, client_args, NULL); GPR_ASSERT(f->client != NULL); grpc_channel_credentials_release(creds); }
static void grpc_rb_channel_credentials_free_internal(void* p) { grpc_rb_channel_credentials* wrapper = NULL; if (p == NULL) { return; }; wrapper = (grpc_rb_channel_credentials*)p; grpc_channel_credentials_release(wrapper->wrapped); wrapper->wrapped = NULL; xfree(p); }
static grpc_channel *create_proxy_client(const char *target) { grpc_channel *channel; grpc_channel_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL, NULL); grpc_arg ssl_name_override = {GRPC_ARG_STRING, GRPC_SSL_TARGET_NAME_OVERRIDE_ARG, {"foo.test.google.fr"}}; grpc_channel_args client_args; client_args.num_args = 1; client_args.args = &ssl_name_override; channel = grpc_secure_channel_create(ssl_creds, target, &client_args, NULL); grpc_channel_credentials_release(ssl_creds); return channel; }
static void cleanup_rpc(void) { grpc_event ev; grpc_slice_buffer_destroy(&state.incoming_buffer); grpc_slice_buffer_destroy(&state.temp_incoming_buffer); grpc_channel_credentials_release(state.creds); grpc_call_destroy(state.call); grpc_completion_queue_shutdown(state.cq); do { ev = grpc_completion_queue_next(state.cq, n_sec_deadline(1), NULL); } while (ev.type != GRPC_QUEUE_SHUTDOWN); grpc_completion_queue_destroy(state.cq); grpc_channel_destroy(state.channel); gpr_free(state.target); }
static grpc_channel *create_proxy_client(const char *target, grpc_channel_args *client_args) { grpc_channel *channel; grpc_channel_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL, NULL); grpc_arg ssl_name_override = {GRPC_ARG_STRING, GRPC_SSL_TARGET_NAME_OVERRIDE_ARG, {"foo.test.google.fr"}}; grpc_channel_args *new_client_args = grpc_channel_args_copy_and_add(client_args, &ssl_name_override, 1); channel = grpc_secure_channel_create(ssl_creds, target, new_client_args, NULL); grpc_channel_credentials_release(ssl_creds); grpc_channel_args_destroy(new_client_args); return channel; }
int main(int argc, char **argv) { int result = 0; grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT; synchronizer sync; grpc_channel_credentials *creds = NULL; char *service_url = "https://test.foo.google.com/Foo"; gpr_cmdline *cl = gpr_cmdline_create("print_google_default_creds_token"); gpr_cmdline_add_string(cl, "service_url", "Service URL for the token request.", &service_url); gpr_cmdline_parse(cl, argc, argv); grpc_init(); creds = grpc_google_default_credentials_create(); if (creds == NULL) { fprintf(stderr, "\nCould not find default credentials.\n\n"); result = 1; goto end; } grpc_pollset_init(&sync.pollset); sync.is_done = 0; grpc_call_credentials_get_request_metadata( &exec_ctx, ((grpc_composite_channel_credentials *)creds)->call_creds, &sync.pollset, service_url, on_metadata_response, &sync); gpr_mu_lock(GRPC_POLLSET_MU(&sync.pollset)); while (!sync.is_done) { grpc_pollset_worker worker; grpc_pollset_work(&exec_ctx, &sync.pollset, &worker, gpr_now(GPR_CLOCK_MONOTONIC), gpr_inf_future(GPR_CLOCK_MONOTONIC)); gpr_mu_unlock(GRPC_POLLSET_MU(&sync.pollset)); grpc_exec_ctx_finish(&exec_ctx); gpr_mu_lock(GRPC_POLLSET_MU(&sync.pollset)); } gpr_mu_unlock(GRPC_POLLSET_MU(&sync.pollset)); grpc_channel_credentials_release(creds); end: gpr_cmdline_destroy(cl); grpc_shutdown(); return result; }
static void chttp2_init_client_simple_ssl_with_oauth2_secure_fullstack( grpc_end2end_test_fixture *f, grpc_channel_args *client_args) { grpc_channel_credentials *ssl_creds = grpc_ssl_credentials_create(test_root_cert, NULL, NULL); grpc_call_credentials *oauth2_creds = grpc_md_only_test_credentials_create("Authorization", oauth2_md, 1); grpc_channel_credentials *ssl_oauth2_creds = grpc_composite_channel_credentials_create(ssl_creds, oauth2_creds, NULL); grpc_arg ssl_name_override = {GRPC_ARG_STRING, GRPC_SSL_TARGET_NAME_OVERRIDE_ARG, {"foo.test.google.fr"}}; grpc_channel_args *new_client_args = grpc_channel_args_copy_and_add(client_args, &ssl_name_override, 1); chttp2_init_client_secure_fullstack(f, new_client_args, ssl_oauth2_creds); grpc_channel_args_destroy(new_client_args); grpc_channel_credentials_release(ssl_creds); grpc_call_credentials_release(oauth2_creds); }
static void run_test(const char *target, size_t nops) { grpc_channel_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL, NULL); grpc_channel *channel; grpc_call *c; grpc_metadata_array initial_metadata_recv; grpc_metadata_array trailing_metadata_recv; char *details = NULL; size_t details_capacity = 0; grpc_status_code status; grpc_call_error error; gpr_timespec deadline = GRPC_TIMEOUT_SECONDS_TO_DEADLINE(5); grpc_completion_queue *cq = grpc_completion_queue_create(NULL); cq_verifier *cqv = cq_verifier_create(cq); grpc_op ops[6]; grpc_op *op; grpc_arg ssl_name_override = {GRPC_ARG_STRING, GRPC_SSL_TARGET_NAME_OVERRIDE_ARG, {"foo.test.google.fr"} }; grpc_channel_args args; args.num_args = 1; args.args = &ssl_name_override; grpc_metadata_array_init(&initial_metadata_recv); grpc_metadata_array_init(&trailing_metadata_recv); channel = grpc_secure_channel_create(ssl_creds, target, &args, NULL); c = grpc_channel_create_call(channel, NULL, GRPC_PROPAGATE_DEFAULTS, cq, "/foo", "foo.test.google.fr:1234", deadline, NULL); op = ops; op->op = GRPC_OP_SEND_INITIAL_METADATA; op->data.send_initial_metadata.count = 0; op->flags = 0; op->reserved = NULL; op++; op->op = GRPC_OP_RECV_STATUS_ON_CLIENT; op->data.recv_status_on_client.trailing_metadata = &trailing_metadata_recv; op->data.recv_status_on_client.status = &status; op->data.recv_status_on_client.status_details = &details; op->data.recv_status_on_client.status_details_capacity = &details_capacity; op->flags = 0; op->reserved = NULL; op++; op->op = GRPC_OP_RECV_INITIAL_METADATA; op->data.recv_initial_metadata = &initial_metadata_recv; op->flags = 0; op->reserved = NULL; op++; op->op = GRPC_OP_SEND_CLOSE_FROM_CLIENT; op->flags = 0; op->reserved = NULL; op++; error = grpc_call_start_batch(c, ops, nops, tag(1), NULL); GPR_ASSERT(GRPC_CALL_OK == error); cq_expect_completion(cqv, tag(1), 1); cq_verify(cqv); GPR_ASSERT(status != GRPC_STATUS_OK); grpc_call_destroy(c); gpr_free(details); grpc_metadata_array_destroy(&initial_metadata_recv); grpc_metadata_array_destroy(&trailing_metadata_recv); grpc_channel_destroy(channel); grpc_completion_queue_destroy(cq); cq_verifier_destroy(cqv); grpc_channel_credentials_release(ssl_creds); }
GPR_EXPORT void GPR_CALLTYPE grpcsharp_channel_credentials_release( grpc_channel_credentials *creds) { grpc_channel_credentials_release(creds); }
// This test launches a minimal TLS server on a separate thread and then // establishes a TLS handshake via the core library to the server. The TLS // server validates ALPN aspects of the handshake and supplies the protocol // specified in the server_alpn_preferred argument to the client. static bool client_ssl_test(char *server_alpn_preferred) { bool success = true; grpc_init(); // Find a port we can bind to. Retries added to handle flakes in port server // and port picking. int port = -1; int server_socket = -1; int socket_retries = 10; while (server_socket == -1 && socket_retries-- > 0) { port = grpc_pick_unused_port_or_die(); server_socket = create_socket(port); if (server_socket == -1) { sleep(1); } } GPR_ASSERT(server_socket > 0); // Launch the TLS server thread. gpr_thd_options thdopt = gpr_thd_options_default(); gpr_thd_id thdid; gpr_thd_options_set_joinable(&thdopt); server_args args = {.socket = server_socket, .alpn_preferred = server_alpn_preferred}; GPR_ASSERT(gpr_thd_new(&thdid, server_thread, &args, &thdopt)); // Load key pair and establish client SSL credentials. grpc_ssl_pem_key_cert_pair pem_key_cert_pair; gpr_slice ca_slice, cert_slice, key_slice; GPR_ASSERT(GRPC_LOG_IF_ERROR("load_file", grpc_load_file(SSL_CA_PATH, 1, &ca_slice))); GPR_ASSERT(GRPC_LOG_IF_ERROR("load_file", grpc_load_file(SSL_CERT_PATH, 1, &cert_slice))); GPR_ASSERT(GRPC_LOG_IF_ERROR("load_file", grpc_load_file(SSL_KEY_PATH, 1, &key_slice))); const char *ca_cert = (const char *)GPR_SLICE_START_PTR(ca_slice); pem_key_cert_pair.private_key = (const char *)GPR_SLICE_START_PTR(key_slice); pem_key_cert_pair.cert_chain = (const char *)GPR_SLICE_START_PTR(cert_slice); grpc_channel_credentials *ssl_creds = grpc_ssl_credentials_create(ca_cert, &pem_key_cert_pair, NULL); // Establish a channel pointing at the TLS server. Since the gRPC runtime is // lazy, this won't necessarily establish a connection yet. char *target; gpr_asprintf(&target, "127.0.0.1:%d", port); grpc_arg ssl_name_override = {GRPC_ARG_STRING, GRPC_SSL_TARGET_NAME_OVERRIDE_ARG, {"foo.test.google.fr"}}; grpc_channel_args grpc_args; grpc_args.num_args = 1; grpc_args.args = &ssl_name_override; grpc_channel *channel = grpc_secure_channel_create(ssl_creds, target, &grpc_args, NULL); GPR_ASSERT(channel); gpr_free(target); // Initially the channel will be idle, the // grpc_channel_check_connectivity_state triggers an attempt to connect. GPR_ASSERT(grpc_channel_check_connectivity_state( channel, 1 /* try_to_connect */) == GRPC_CHANNEL_IDLE); // Wait a bounded number of times for the channel to be ready. When the // channel is ready, the initial TLS handshake will have successfully // completed and we know that the client's ALPN list satisfied the server. int retries = 10; grpc_connectivity_state state = GRPC_CHANNEL_IDLE; grpc_completion_queue *cq = grpc_completion_queue_create(NULL); while (state != GRPC_CHANNEL_READY && retries-- > 0) { grpc_channel_watch_connectivity_state( channel, state, GRPC_TIMEOUT_SECONDS_TO_DEADLINE(3), cq, NULL); gpr_timespec cq_deadline = GRPC_TIMEOUT_SECONDS_TO_DEADLINE(5); grpc_event ev = grpc_completion_queue_next(cq, cq_deadline, NULL); GPR_ASSERT(ev.type == GRPC_OP_COMPLETE); state = grpc_channel_check_connectivity_state(channel, 0 /* try_to_connect */); } grpc_completion_queue_destroy(cq); if (retries < 0) { success = false; } grpc_channel_destroy(channel); grpc_channel_credentials_release(ssl_creds); gpr_slice_unref(cert_slice); gpr_slice_unref(key_slice); gpr_slice_unref(ca_slice); gpr_thd_join(thdid); grpc_shutdown(); return success; }