mirror of
https://fuchsia.googlesource.com/third_party/grpc
synced 2024-09-20 11:26:56 +00:00
0c475f0ad7
Change on 2014/12/01 by nnoble <nnoble@google.com> ------------- new [] file for grpc testing. Change on 2014/12/02 by donnadionne <donnadionne@google.com> ------------- Fix unfinished calls in thread_stress_test. Previously we had an early return if we cancelled a stream part way through a message. Correct this, so that half close and full close signals are propagated up the stack correctly so that higher level state machines can see the termination. Change on 2014/12/02 by ctiller <ctiller@google.com> ------------- Remove dependency on internal C code. Change on 2014/12/02 by ctiller <ctiller@google.com> ------------- Turn off the flaky bit from thread_stress_test. Change on 2014/12/02 by ctiller <ctiller@google.com> ------------- Add test cases of empty request/response, request streaming, response streaming, and half duplex streaming. Bring up the GFE/ESF for mannual test: [] build java/com/google/net/[]/testing/integration/hexa:server_components_env []-bin/java/com/google/net/[]/testing/integration/hexa/server_components_env --manual --rpc_port=25000 --use_autobahn Change on 2014/12/02 by chenw <chenw@google.com> ------------- Make echo/server.c and fling/server.c shutdown cleanly on SIGINT, and update the relevant tests to exercise this mechanism. Now "[] coverage" and the memory leak detector are able to see into the server processes. Change on 2014/12/02 by pmarks <pmarks@google.com> ------------- Allow the # of channels to be configurable in this performance test. The threads will use the channels in statically-defined round-robin order (not based on when RPCs complete on any channel). The interesting cases are #channels=1 or #channels=#threads (we previously only had the latter case) Change on 2014/12/02 by vpai <vpai@google.com> ------------- Fixed a typo and reworded a comment. Change on 2014/12/02 by gnezdo <gnezdo@google.com> ------------- Require the grpc_call in this ClientContext to be NULL before allowing set_call to be invoked. Otherwise, it's an indication of a leak somewhere. Change on 2014/12/02 by vpai <vpai@google.com> ------------- Correctly return status other than ok and add a test for it. Change on 2014/12/02 by yangg <yangg@google.com> ------------- Better C++ guards for grpc_security.h Change on 2014/12/02 by nnoble <nnoble@google.com> ------------- Use nullptr instead of NULL for consistency. Change on 2014/12/02 by vpai <vpai@google.com> ------------- Updates the ruby gRPC service class to require the serialization method to be a static method - this brings it inline with the proto3 ruby API - it adds a monkey patch to allow existing proto (beefcake) to continue working. Change on 2014/12/02 by temiola <temiola@google.com> ------------- Adding a buildable unit to the blue print file. Added the buildable unit as its name will be usesd as tap project id. This test will fail right away in tap until tests are actually added. Change on 2014/12/02 by donnadionne <donnadionne@google.com> ------------- Move interop ESF C++ server from Java to grpc directory. Tests passed: [] test javatests/com/google/net/[]/testing/integration/hexa/... [] test net/grpc/testing/interop/esf_server/... Change on 2014/12/02 by chenw <chenw@google.com> ------------- Return a lame channel as opposed to NULL when secure channel creation fails. - Looks like we're going to need something similar server-side. - I changed the prototype of the lame client channel factory to take an explicit void as I think this is better practice in C. Let me know if you disagree and I will revert these changes. Change on 2014/12/02 by jboeuf <jboeuf@google.com> ------------- Putting ALPN support where it belongs. Change on 2014/12/02 by jboeuf <jboeuf@google.com> ------------- GOAWAY send path. Sends a GOAWAY frame when shutting down. This is not read and understood yet. Change on 2014/12/03 by ctiller <ctiller@google.com> ------------- Adds support for secure channels and servers. - wraps new C apis (credentials, server_credentials) and Server#add_secure_http_port - adds tests to ensure credentials and server credentials can be created - updates client_server_spec to run the client_server wrapper layer end-to-end tests using a secure channel Change on 2014/12/03 by temiola <temiola@google.com> ------------- Fix existing issues regarding out of order events. At the client side, using pluck as the client_metadata_read can happen anytime after invoke. At the server side, allow halfclose_ok and rpc_end to come in reverse order. Change on 2014/12/03 by yangg <yangg@google.com> ------------- Don't track coverage of tests. Change on 2014/12/03 by ctiller <ctiller@google.com> ------------- Change UnaryCall to conform standard test requirement of LargeUnaryCall. Change on 2014/12/03 by yangg <yangg@google.com> ------------- updating alpn version to h2-15 ensure all interop are on the same version and working. Java and go are not ready for h2-16 yet. Change on 2014/12/03 by donnadionne <donnadionne@google.com> ------------- Add config to bring echo server in []. This is used to test production GFE as its bckend. Change on 2014/12/03 by chenw <chenw@google.com> ------------- In preparation for fixing shutdown race issues, change em to take ownership of the file descriptor. Add an API to grpc_tcp to take an already created grpc_em_fd object, and change tcp_client to use that API. This is needed because otherwise an em user's close() of the file descriptor may race with libevent internals. That's not an issue yet because destroy() frees the events inline, but that can't be done safely if there is a concurrent poller. Change on 2014/12/03 by klempner <klempner@google.com> ------------- Fixing TAP opensource build We don't want to compile and run C++ tests in the C target. Change on 2014/12/03 by nnoble <nnoble@google.com> ------------- Move and separate interop tests by languages. Small fixes to the test runner. Improving logging. Change on 2014/12/03 by donnadionne <donnadionne@google.com> ------------- Fixing the opensource build: -) The C/C++ split wasn't done up to the 'dep' target level -) The alpn.c file was missing from build.json Change on 2014/12/03 by nnoble <nnoble@google.com> ------------- Adding blue print files after projects exist Change on 2014/12/03 by donnadionne <donnadionne@google.com> ------------- Refactor StreamContext using the new completion_queue_pluck API. The dedicated the poller thread has been removed. This CL keeps the current behavior to make it short. There is one following to make it usable for both client and server. The tags for pluck is based on the address of this StreamContext object for potential debug use. The Read/Write and Wait cannot be called concurrently now and this might need to be fixed. Change on 2014/12/03 by yangg <yangg@google.com> ------------- Binary encoding utilities. Support base64 encoding, HPACK static huffman encoding, and doing both at once. Change on 2014/12/03 by ctiller <ctiller@google.com> ------------- Enforce Makefile regeneration in presubmits. Change on 2014/12/03 by ctiller <ctiller@google.com> ------------- Make CloseSend() send a real zero-length control message to indicate EOS. Change on 2014/12/03 by zhaoq <zhaoq@google.com> ------------- Prefer to create dualstack sockets for TCP clients and servers, with automatic fallback for environments where IPV6_V6ONLY can't be turned off. Change on 2014/12/03 by pmarks <pmarks@google.com> ------------- Add opensource path to build targets. Ensure that MOE is going to run. Change on 2014/12/03 by ctiller <ctiller@google.com> ------------- Add PingPong test case. Delete FullDuplex test case. The latter is not specified for client in https://docs.google.com/document/d/1dwrPpIu5EqiKVsquZfoOqTj7vP8fa1i49gornJo50Qw/edit# Change on 2014/12/03 by chenw <chenw@google.com> ------------- Make generate_projects.sh check out the generated targets. Change on 2014/12/03 by ctiller <ctiller@google.com> ------------- rspec cleanup - stops declaring specs within the GRPC module - splits Bidi streaming specs into a separate test suite adding tests in the GRPC module was a mistake, it pollutes the module and can affect other tests that run later by the test runner the bidi tests are currently flaky, having them run in their own test suite allows having two separate continuous builds (once ruby gRPC is on GitHub), one that includes bidi where we tolerate flakiness, and another that does not, where there should be no flakiness at all Change on 2014/12/03 by temiola <temiola@google.com> ------------- Adding support for composite and IAM credentials. - For now, we don't do any checks on credentials compatibility in the composite credentials. Maybe we'll add that later. - Refactored the end to end security tests so that we always use the public API (except for the fake security context which is not exposed). Change on 2014/12/03 by jboeuf <jboeuf@google.com> ------------- Make GPR library buildable in Visual Studio 2013. Change on 2014/12/04 by jtattermusch <jtattermusch@google.com> ------------- Adds codegen for ruby This is being added now that ruby's proto and grpc apis are defined and stable Change on 2014/12/04 by temiola <temiola@google.com> ------------- Prevent NewStream() from sending negative or 0 timeout. Change on 2014/12/04 by zhaoq <zhaoq@google.com> ------------- Add a grpc_sockaddr_to_string() function, and use it when logging bind failures. Also improve const-correctness in some earlier code. I'm not certain whether inet_ntop() will need any platform-specific implementations, but for now the compiler offers no complaints. Demo: $ []-bin/net/grpc/c/echo_server 1.2.3.4:80 ... tcp_server.c:139] bind addr=[::ffff:1.2.3.4]:80: Permission denied Change on 2014/12/04 by pmarks <pmarks@google.com> ------------- Refactoring - moves c wrapped classes to a submodule Google::RPC::Core - this allows for an explicit rule when reading through gRPC ruby code for telling when an object is pure ruby or wrapped C Change on 2014/12/04 by temiola <temiola@google.com> ------------- Fixes the bidi_call [] Change on 2014/12/04 by temiola <temiola@google.com> ------------- Fixing dev build when activating surface traces. Change on 2014/12/04 by nnoble <nnoble@google.com> ------------- Updates the tests to reflect that fact that some Credentials compose works. Change on 2014/12/04 by temiola <temiola@google.com> ------------- Making the generate_project_test actually do something. Change on 2014/12/04 by nnoble <nnoble@google.com> ------------- Rename "esf_server" to "[]4_server". Delete "test_sever" from Java directory. Change on 2014/12/04 by chenw <chenw@google.com> ------------- Added PHP client interop tests. Tested large_unary against the C++ server. Change on 2014/12/04 by mlumish <mlumish@google.com> ------------- Refactor grpc_create_dualstack_socket() by pulling the setsockopt into its own function. This separates the magic test flag from the real fallback logic. Change on 2014/12/04 by pmarks <pmarks@google.com> ------------- Fixes the type of the constant used for test cert hostname Change on 2014/12/04 by temiola <temiola@google.com> ------------- Disabling these tests as they're causing flakiness. Change on 2014/12/04 by ctiller <ctiller@google.com> ------------- Change intptr --> uintptr. Handles the case where a void* turns into a negative number, which then gets hashed into a negative bucket and segfaults. Change on 2014/12/04 by ctiller <ctiller@google.com> ------------- Add a test fixture to force parsers to handle one byte at a time. This should expand coverage and hopefully prevent errors at some point (it seems to pass out of the box for now though). Change on 2014/12/04 by ctiller <ctiller@google.com> ------------- The code generator isn't +x. Change on 2014/12/04 by ctiller <ctiller@google.com> ------------- Updates math_client and math_server to allow construction using crednetials By: - Extending rpc_server constructor so that it takes a credentials keyword param - Extending client_stub constructor so that it takes a credentials keyword param Change on 2014/12/04 by temiola <temiola@google.com> ------------- Format output a little more nicely. Print each line of output separately - previously logging.info was truncating this at some maximum length, and logs were getting lost. Change on 2014/12/04 by ctiller <ctiller@google.com> ------------- Up timeout for this test. Under TSAN, if we process one byte at a time, this timeout can be reached - and I think this is the cause of the following flake: [] Change on 2014/12/05 by ctiller <ctiller@google.com> ------------- Adding more error logging for ssl. Change on 2014/12/05 by jboeuf <jboeuf@google.com> ------------- Read path for goaway. Still need to add hooks to deprecate a channel on the client side when goaway is received. Change on 2014/12/05 by ctiller <ctiller@google.com> ------------- Separate accept() into server_accept() and server_end_of_initial_metadata(). This allows servers to initiate reads before finishing writing metadata. Change on 2014/12/05 by ctiller <ctiller@google.com> ------------- Fix for breakage 11512317 - adding missing test files. Change on 2014/12/05 by nnoble <nnoble@google.com> ------------- grpc c++ server side streaming support. This is based on [] There is a lot of room to clean up the internal implementation which may require refactoring of CompletionQueue. The current cl serves as a working implementation with the missing interfaces. The sample generated files are included and will be removed before submitting. Change on 2014/12/05 by yangg <yangg@google.com> ------------- Changed to the latest timeout format again (search "grpc-timeout" in [] for the spec). Change on 2014/12/05 by zhaoq <zhaoq@google.com> ------------- Fixing opensource build. Change on 2014/12/05 by nnoble <nnoble@google.com> ------------- Making absolutely sure we can do the moe export by adding a sh_test for it. Change on 2014/12/05 by nnoble <nnoble@google.com> ------------- Change :scheme psuedo-header from "grpc" to "http" or "https". Change on 2014/12/05 by zhaoq <zhaoq@google.com> ------------- Add server credential wrapping for c++ server. It only wraps ssl and []2 for now. The ServerCredentials class and the factory class are in a similar fashion as client side wrapping. The difference is the factory method returns shared_ptr instead of unique_ptr as the server builder needs to keep a reference to it for actually creating the server later. The integration will happen in a following cl. Change on 2014/12/05 by yangg <yangg@google.com> ------------- Fixed bugs in new_grpc_docker_builder.sh Change on 2014/12/05 by mlumish <mlumish@google.com> ------------- In secure endpoint, hold a refcount for the life of a write callback if the write does not complete immediately. Change on 2014/12/05 by klempner <klempner@google.com> ------------- Add migration support to MOE and have TAP verify it doesn't break. Migration support allows mirroring commits from [] into the git repo, instead of just a dump of the current source. Change on 2014/12/05 by ejona <ejona@google.com> ------------- Change initial window size to 65535 according http2 draft 15. Change on 2014/12/05 by zhaoq <zhaoq@google.com> ------------- Re-enable the flaky cases in dualstack_socket_test, with additional logging to help track down the problem if it surfaces again. This also seems like a good opportunity to make grpc_socket_utils a separate library, as it's not really specific to TCP. Example output: logspam: [], 26570) resolved 2 addrs in 37ms: logspam: [0] [::1]:26570 logspam: [1] 127.0.0.1:26570 Change on 2014/12/05 by pmarks <pmarks@google.com> ------------- Opensource build fixes. -) A function that has a return type should actually return something. -) Don't pass unsigned chars to strlen and strncmp. Change on 2014/12/05 by nnoble <nnoble@google.com> ------------- Created by MOE: http://code.google.com/p/moe-java MOE_MIGRATED_REVID=81458281
156 lines
6.7 KiB
C
156 lines
6.7 KiB
C
/*
|
|
*
|
|
* Copyright 2014, Google Inc.
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions are
|
|
* met:
|
|
*
|
|
* * Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* * Redistributions in binary form must reproduce the above
|
|
* copyright notice, this list of conditions and the following disclaimer
|
|
* in the documentation and/or other materials provided with the
|
|
* distribution.
|
|
* * Neither the name of Google Inc. nor the names of its
|
|
* contributors may be used to endorse or promote products derived from
|
|
* this software without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
|
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
*
|
|
*/
|
|
|
|
#ifndef GRPC_SECURITY_H_
|
|
#define GRPC_SECURITY_H_
|
|
|
|
#include "grpc.h"
|
|
#include "status.h"
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
|
|
/* --- grpc_credentials object. ---
|
|
|
|
A credentials object represents a way to authenticate a client. */
|
|
|
|
typedef struct grpc_credentials grpc_credentials;
|
|
|
|
/* Releases a credentials object.
|
|
The creator of the credentials object is responsible for its release. */
|
|
void grpc_credentials_release(grpc_credentials *creds);
|
|
|
|
/* Creates default credentials. */
|
|
grpc_credentials *grpc_default_credentials_create(void);
|
|
|
|
/* Creates an SSL credentials object.
|
|
- pem_roots_cert is the buffer containing the PEM encoding of the server
|
|
root certificates. This parameter cannot be NULL.
|
|
- pem_roots_cert_size is the size of the associated buffer.
|
|
- pem_private_key is the buffer containing the PEM encoding of the client's
|
|
private key. This parameter can be NULL if the client does not have a
|
|
private key.
|
|
- pem_private_key_size is the size of the associated buffer.
|
|
- pem_cert_chain is the buffer containing the PEM encoding of the client's
|
|
certificate chain. This parameter can be NULL if the client does not have
|
|
a certificate chain.
|
|
- pem_cert_chain_size is the size of the associated buffer. */
|
|
grpc_credentials *grpc_ssl_credentials_create(
|
|
const unsigned char *pem_root_certs, size_t pem_root_certs_size,
|
|
const unsigned char *pem_private_key, size_t pem_private_key_size,
|
|
const unsigned char *pem_cert_chain, size_t pem_cert_chain_size);
|
|
|
|
/* Creates a composite credentials object. */
|
|
grpc_credentials *grpc_composite_credentials_create(grpc_credentials *creds1,
|
|
grpc_credentials *creds2);
|
|
|
|
/* Creates a compute engine credentials object. */
|
|
grpc_credentials *grpc_compute_engine_credentials_create(void);
|
|
|
|
/* Creates a fake transport security credentials object for testing. */
|
|
grpc_credentials *grpc_fake_transport_security_credentials_create(void);
|
|
|
|
/* Creates an IAM credentials object. */
|
|
grpc_credentials *grpc_iam_credentials_create(const char *authorization_token,
|
|
const char *authority_selector);
|
|
|
|
|
|
/* --- Secure channel creation. --- */
|
|
|
|
/* The caller of the secure_channel_create functions may override the target
|
|
name used for SSL host name checking using this channel argument which is of
|
|
type GRPC_ARG_STRING. This *should* be used for testing only.
|
|
If this argument is not specified, the name used for SSL host name checking
|
|
will be the target parameter (assuming that the secure channel is an SSL
|
|
channel). If this parameter is specified and the underlying is not an SSL
|
|
channel, it will just be ignored. */
|
|
#define GRPC_SSL_TARGET_NAME_OVERRIDE_ARG "grpc.ssl_target_name_override"
|
|
|
|
/* Creates a default secure channel using the default credentials object using
|
|
the environment. */
|
|
grpc_channel *grpc_default_secure_channel_create(const char *target,
|
|
const grpc_channel_args *args);
|
|
|
|
/* Creates a secure channel using the passed-in credentials. */
|
|
grpc_channel *grpc_secure_channel_create(grpc_credentials *creds,
|
|
const char *target,
|
|
const grpc_channel_args *args);
|
|
|
|
/* --- grpc_server_credentials object. ---
|
|
|
|
A server credentials object represents a way to authenticate a server. */
|
|
|
|
typedef struct grpc_server_credentials grpc_server_credentials;
|
|
|
|
/* Releases a server_credentials object.
|
|
The creator of the server_credentials object is responsible for its release.
|
|
*/
|
|
void grpc_server_credentials_release(grpc_server_credentials *creds);
|
|
|
|
/* Creates an SSL server_credentials object.
|
|
TODO(jboeuf): Change the constructor so that it can support multiple
|
|
key/cert pairs.
|
|
- pem_roots_cert is the buffer containing the PEM encoding of the server
|
|
root certificates. This parameter may be NULL if the server does not want
|
|
the client to be authenticated with SSL.
|
|
- pem_roots_cert_size is the size of the associated buffer.
|
|
- pem_private_key is the buffer containing the PEM encoding of the client's
|
|
private key. This parameter cannot be NULL.
|
|
- pem_private_key_size is the size of the associated buffer.
|
|
- pem_cert_chain is the buffer containing the PEM encoding of the client's
|
|
certificate chain. This parameter cannot be NULL.
|
|
- pem_cert_chain_size is the size of the associated buffer. */
|
|
grpc_server_credentials *grpc_ssl_server_credentials_create(
|
|
const unsigned char *pem_root_certs, size_t pem_root_certs_size,
|
|
const unsigned char *pem_private_key, size_t pem_private_key_size,
|
|
const unsigned char *pem_cert_chain, size_t pem_cert_chain_size);
|
|
|
|
/* Creates a fake server transport security credentials object for testing. */
|
|
grpc_server_credentials *grpc_fake_transport_security_server_credentials_create(
|
|
void);
|
|
|
|
|
|
/* --- Secure server creation. --- */
|
|
|
|
/* Creates a secure server using the passed-in server credentials. */
|
|
grpc_server *grpc_secure_server_create(grpc_server_credentials *creds,
|
|
grpc_completion_queue *cq,
|
|
const grpc_channel_args *args);
|
|
|
|
#ifdef __cplusplus
|
|
}
|
|
#endif
|
|
|
|
#endif /* GRPC_SECURITY_H_ */
|