From b458db9246a38ec3faa131044bed38020b19f9f2 Mon Sep 17 00:00:00 2001 From: yihuaz Date: Thu, 10 Feb 2022 11:17:18 -0800 Subject: [PATCH] Eliminate gRPC insecure build (#25586) * force submit * fix test error * remove is_client from local tsi and its callsites * fix too_many_pings_test * add missing dep --- BUILD | 928 ++++++++++-------- BUILD.gn | 10 +- CMakeLists.txt | 60 +- Makefile | 49 +- build_autogenerated.yaml | 66 +- config.m4 | 13 +- config.w32 | 13 +- gRPC-C++.podspec | 2 - gRPC-Core.podspec | 11 +- grpc.def | 16 +- grpc.gemspec | 10 +- grpc.gyp | 35 +- include/grpc/grpc.h | 54 +- include/grpc/grpc_posix.h | 39 +- include/grpc/grpc_security.h | 48 +- .../security/authorization_policy_provider.h | 6 +- .../security/tls_certificate_provider.h | 5 +- .../grpcpp/security/tls_credentials_options.h | 11 +- package.xml | 10 +- .../client_channel/lb_policy/grpclb/grpclb.cc | 35 +- .../lb_policy/grpclb/grpclb_channel.cc | 36 - .../lb_policy/grpclb/grpclb_channel.h | 44 - .../lb_policy/grpclb/grpclb_channel_secure.cc | 83 -- .../client_channel/lb_policy/rls/rls.cc | 6 +- .../binder/client/channel_create_impl.cc | 13 +- .../chttp2/client/chttp2_connector.cc | 232 +++++ .../chttp2/client/insecure/README.md | 1 - .../chttp2/client/insecure/channel_create.cc | 122 --- .../client/insecure/channel_create_posix.cc | 92 -- .../transport/chttp2/client/secure/README.md | 1 - .../client/secure/secure_channel_create.cc | 192 ---- .../transport/chttp2/server/chttp2_server.cc | 142 +++ .../chttp2/server/insecure/README.md | 1 - .../chttp2/server/insecure/server_chttp2.cc | 52 - .../server/insecure/server_chttp2_posix.cc | 79 -- .../transport/chttp2/server/secure/README.md | 1 - .../server/secure/server_secure_chttp2.cc | 125 --- src/core/ext/transport/cronet/BUILD | 2 +- .../client/secure/cronet_channel_create.cc | 2 +- .../ext/transport/inproc/inproc_transport.cc | 9 +- src/core/ext/xds/xds_client.cc | 4 +- .../lib/security/credentials/credentials.h | 1 + .../insecure/insecure_credentials.cc | 9 +- .../credentials/ssl/ssl_credentials.h | 3 - .../alts/alts_security_connector.cc | 4 +- .../alts/alts_security_connector.h | 2 +- .../fake/fake_security_connector.cc | 2 - .../fake/fake_security_connector.h | 2 - .../insecure/insecure_security_connector.cc | 6 +- .../local/local_security_connector.cc | 6 +- .../security/transport/security_handshaker.cc | 20 +- src/core/lib/surface/channel.cc | 11 +- src/core/lib/surface/channel.h | 9 +- src/core/lib/surface/init.cc | 74 +- src/core/lib/surface/init.h | 2 - src/core/lib/surface/init_secure.cc | 99 -- src/core/lib/surface/init_unsecure.cc | 27 - src/core/lib/surface/lame_client.cc | 2 +- src/core/lib/surface/server.cc | 2 +- .../plugin_registry/grpc_plugin_registry.cc | 64 +- .../grpc_plugin_registry_extra.cc | 91 ++ .../grpc_plugin_registry_noextra.cc} | 14 +- .../grpc_unsecure_plugin_registry.cc | 122 --- .../alts/handshaker/alts_shared_resource.cc | 4 +- .../alts/handshaker/alts_tsi_handshaker.cc | 7 +- src/core/tsi/local_transport_security.cc | 14 +- src/core/tsi/local_transport_security.h | 5 +- src/cpp/client/create_channel_posix.cc | 25 +- src/cpp/client/insecure_credentials.cc | 9 +- src/cpp/client/secure_credentials.cc | 3 +- src/cpp/server/insecure_server_credentials.cc | 7 +- src/cpp/server/secure_server_credentials.cc | 2 +- src/cpp/server/server_posix.cc | 5 +- .../Grpc.Core.Tests/ClientServerTest.cs | 4 +- src/csharp/ext/grpc_csharp_ext.c | 14 +- .../GRPCCore/GRPCInsecureChannelFactory.m | 7 +- .../GRPCCore/GRPCSecureChannelFactory.m | 2 +- .../CronetTests/CoreCronetEnd2EndTests.mm | 2 +- src/php/ext/grpc/channel.c | 7 +- src/php/ext/grpc/php_grpc.c | 8 +- src/php/ext/grpc/server.c | 7 +- .../grpc/_cython/_cygrpc/aio/channel.pyx.pxi | 15 +- .../grpc/_cython/_cygrpc/channel.pyx.pxi | 14 +- .../grpcio/grpc/_cython/_cygrpc/grpc.pxi | 13 +- .../grpc/_cython/_cygrpc/server.pyx.pxi | 8 +- src/python/grpcio/grpc_core_dependencies.py | 9 +- .../tests/unit/_auth_context_test.py | 6 +- .../tests_aio/unit/auth_context_test.py | 6 +- src/ruby/ext/grpc/rb_channel.c | 7 +- src/ruby/ext/grpc/rb_grpc_imports.generated.c | 32 +- src/ruby/ext/grpc/rb_grpc_imports.generated.h | 48 +- src/ruby/ext/grpc/rb_server.c | 11 +- test/core/bad_connection/close_fd_test.cc | 6 +- test/core/bad_ssl/bad_ssl_test.cc | 2 +- test/core/bad_ssl/servers/alpn.cc | 2 +- test/core/bad_ssl/servers/cert.cc | 2 +- test/core/channel/channel_args_test.cc | 16 +- .../channel/channel_stack_builder_test.cc | 5 +- test/core/channel/channel_trace_test.cc | 6 +- test/core/channel/channelz_test.cc | 15 +- test/core/end2end/BUILD | 1 - test/core/end2end/bad_server_response_test.cc | 6 +- test/core/end2end/connection_refused_test.cc | 5 +- test/core/end2end/dualstack_socket_test.cc | 13 +- test/core/end2end/fixtures/h2_census.cc | 13 +- test/core/end2end/fixtures/h2_compress.cc | 14 +- test/core/end2end/fixtures/h2_fakesec.cc | 7 +- test/core/end2end/fixtures/h2_fd.cc | 12 +- test/core/end2end/fixtures/h2_full+pipe.cc | 13 +- test/core/end2end/fixtures/h2_full+trace.cc | 13 +- test/core/end2end/fixtures/h2_full.cc | 13 +- test/core/end2end/fixtures/h2_http_proxy.cc | 10 +- test/core/end2end/fixtures/h2_insecure.cc | 7 +- test/core/end2end/fixtures/h2_oauth2.cc | 7 +- test/core/end2end/fixtures/h2_proxy.cc | 24 +- .../end2end/fixtures/h2_sockpair+trace.cc | 2 +- test/core/end2end/fixtures/h2_sockpair.cc | 2 +- .../end2end/fixtures/h2_sockpair_1byte.cc | 2 +- test/core/end2end/fixtures/h2_ssl.cc | 7 +- .../end2end/fixtures/h2_ssl_cred_reload.cc | 7 +- test/core/end2end/fixtures/h2_ssl_proxy.cc | 12 +- test/core/end2end/fixtures/h2_tls.cc | 7 +- test/core/end2end/fixtures/h2_uds.cc | 13 +- test/core/end2end/fixtures/local_util.cc | 7 +- test/core/end2end/fuzzers/api_fuzzer.cc | 17 +- test/core/end2end/fuzzers/client_fuzzer.cc | 6 +- test/core/end2end/goaway_server_test.cc | 16 +- test/core/end2end/h2_ssl_cert_test.cc | 7 +- .../core/end2end/h2_ssl_session_reuse_test.cc | 7 +- .../end2end/invalid_call_argument_test.cc | 18 +- .../end2end/multiple_server_queues_test.cc | 6 +- test/core/end2end/no_server_test.cc | 6 +- test/core/fling/client.cc | 5 +- test/core/fling/server.cc | 14 +- test/core/handshake/client_ssl.cc | 4 +- test/core/handshake/server_ssl_common.cc | 3 +- test/core/handshake/verify_peer_options.cc | 7 +- test/core/iomgr/stranded_event_test.cc | 12 +- test/core/security/BUILD | 8 +- test/core/surface/channel_create_test.cc | 5 +- .../surface/concurrent_connectivity_test.cc | 18 +- ...num_external_connectivity_watchers_test.cc | 8 +- .../core/surface/public_headers_must_be_c89.c | 12 +- .../surface/secure_channel_create_test.cc | 9 +- .../surface/sequential_connectivity_test.cc | 14 +- test/core/surface/server_chttp2_test.cc | 11 +- test/core/surface/server_test.cc | 27 +- .../binder/end2end/fuzzers/client_fuzzer.cc | 6 +- .../binder/end2end/testing_channel_create.cc | 6 +- .../transport/chttp2/flow_control_test.cc | 14 +- .../remove_stream_from_stalled_lists_test.cc | 13 +- .../transport/chttp2/settings_timeout_test.cc | 6 +- .../transport/chttp2/streams_not_seen_test.cc | 8 +- .../transport/chttp2/too_many_pings_test.cc | 56 +- test/core/tsi/BUILD | 4 - .../alts_concurrent_connectivity_test.cc | 8 +- .../handshaker/alts_handshaker_client_test.cc | 7 +- test/cpp/end2end/grpclb_end2end_test.cc | 2 +- test/cpp/microbenchmarks/bm_call_create.cc | 12 +- test/cpp/microbenchmarks/bm_channel.cc | 5 +- test/cpp/microbenchmarks/fullstack_fixtures.h | 6 +- test/cpp/naming/cancel_ares_query_test.cc | 5 +- test/cpp/performance/writes_per_rpc_test.cc | 2 +- tools/doxygen/Doxyfile.c++.internal | 10 +- tools/doxygen/Doxyfile.core.internal | 14 +- 165 files changed, 1917 insertions(+), 2311 deletions(-) delete mode 100644 src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.cc delete mode 100644 src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h delete mode 100644 src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc delete mode 100644 src/core/ext/transport/chttp2/client/insecure/README.md delete mode 100644 src/core/ext/transport/chttp2/client/insecure/channel_create.cc delete mode 100644 src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc delete mode 100644 src/core/ext/transport/chttp2/client/secure/README.md delete mode 100644 src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc delete mode 100644 src/core/ext/transport/chttp2/server/insecure/README.md delete mode 100644 src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc delete mode 100644 src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc delete mode 100644 src/core/ext/transport/chttp2/server/secure/README.md delete mode 100644 src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc delete mode 100644 src/core/lib/surface/init_secure.cc delete mode 100644 src/core/lib/surface/init_unsecure.cc create mode 100644 src/core/plugin_registry/grpc_plugin_registry_extra.cc rename src/core/{lib/security/authorization/authorization_policy_provider_null_vtable.cc => plugin_registry/grpc_plugin_registry_noextra.cc} (71%) delete mode 100644 src/core/plugin_registry/grpc_unsecure_plugin_registry.cc diff --git a/BUILD b/BUILD index 0c78d6fa72052..c78876178c041 100644 --- a/BUILD +++ b/BUILD @@ -185,6 +185,7 @@ GRPC_PUBLIC_HDRS = [ "include/grpc/fork.h", "include/grpc/grpc.h", "include/grpc/grpc_posix.h", + "include/grpc/grpc_security.h", "include/grpc/grpc_security_constants.h", "include/grpc/slice.h", "include/grpc/slice_buffer.h", @@ -202,11 +203,6 @@ GRPC_PUBLIC_EVENT_ENGINE_HDRS = [ "include/grpc/event_engine/internal/memory_allocator_impl.h", ] -GRPC_SECURE_PUBLIC_HDRS = [ - "include/grpc/grpc_security.h", -] - -# TODO(ctiller): layer grpc atop grpc_unsecure, layer grpc++ atop grpc++_unsecure GRPCXX_SRCS = [ "src/cpp/client/channel_cc.cc", "src/cpp/client/client_callback.cc", @@ -385,10 +381,9 @@ grpc_cc_library( grpc_cc_library( name = "grpc_unsecure", srcs = [ - "src/core/lib/security/authorization/authorization_policy_provider_null_vtable.cc", "src/core/lib/surface/init.cc", - "src/core/lib/surface/init_unsecure.cc", - "src/core/plugin_registry/grpc_unsecure_plugin_registry.cc", + "src/core/plugin_registry/grpc_plugin_registry.cc", + "src/core/plugin_registry/grpc_plugin_registry_noextra.cc", ], language = "c++", public_hdrs = GRPC_PUBLIC_HDRS, @@ -398,9 +393,10 @@ grpc_cc_library( deps = [ "config", "gpr_base", + "grpc_authorization_base", "grpc_base", "grpc_common", - "grpc_lb_policy_grpclb", + "grpc_security_base", "grpc_trace", "slice", ], @@ -424,25 +420,19 @@ grpc_cc_library( srcs = [ "src/core/lib/surface/init.cc", "src/core/plugin_registry/grpc_plugin_registry.cc", + "src/core/plugin_registry/grpc_plugin_registry_extra.cc", ], defines = select({ "grpc_no_xds": ["GRPC_NO_XDS"], "//conditions:default": [], - }) + select({ - "grpc_no_rls": ["GRPC_NO_RLS"], - "//conditions:default": [], }), language = "c++", - public_hdrs = GRPC_PUBLIC_HDRS + GRPC_SECURE_PUBLIC_HDRS, + public_hdrs = GRPC_PUBLIC_HDRS, select_deps = [ { "grpc_no_xds": [], "//conditions:default": GRPC_XDS_TARGETS, }, - { - "grpc_no_rls": [], - "//conditions:default": ["grpc_lb_policy_rls"], - }, ], standalone = True, visibility = [ @@ -451,13 +441,12 @@ grpc_cc_library( deps = [ "config", "gpr_base", + "grpc_authorization_base", "grpc_base", "grpc_common", - "grpc_lb_policy_grpclb_secure", "grpc_secure", + "grpc_security_base", "grpc_trace", - "grpc_transport_chttp2_client_secure", - "grpc_transport_chttp2_server_secure", "slice", ], ) @@ -686,6 +675,7 @@ grpc_cc_library( "grpc++_codegen_base", "grpc++_codegen_base_src", "grpc++_codegen_proto", + "grpc_insecure_credentials", "grpc_unsecure", ], ) @@ -728,7 +718,7 @@ grpc_cc_library( "alts_util", "gpr_base", "grpc++", - "tsi", + "grpc_base", "tsi_alts_credentials", ], ) @@ -2197,13 +2187,24 @@ grpc_cc_library( grpc_cc_library( name = "grpc_common", + defines = select({ + "grpc_no_rls": ["GRPC_NO_RLS"], + "//conditions:default": [], + }), language = "c++", + select_deps = [ + { + "grpc_no_rls": [], + "//conditions:default": ["grpc_lb_policy_rls"], + }, + ], deps = [ "grpc_base", # standard plugins "census", "grpc_deadline_filter", "grpc_client_authority_filter", + "grpc_lb_policy_grpclb", "grpc_lb_policy_pick_first", "grpc_lb_policy_priority", "grpc_lb_policy_ring_hash", @@ -2212,13 +2213,13 @@ grpc_cc_library( "grpc_client_idle_filter", "grpc_max_age_filter", "grpc_message_size_filter", + "grpc_resolver_binder", "grpc_resolver_dns_ares", "grpc_resolver_fake", "grpc_resolver_dns_native", "grpc_resolver_sockaddr", - "grpc_resolver_binder", - "grpc_transport_chttp2_client_insecure", - "grpc_transport_chttp2_server_insecure", + "grpc_transport_chttp2_client_connector", + "grpc_transport_chttp2_server", "grpc_transport_inproc", "grpc_fault_injection_filter", ], @@ -2666,59 +2667,12 @@ grpc_cc_library( srcs = [ "src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc", "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc", - "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.cc", - "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc", - "src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc", - ], - hdrs = [ - "src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.h", - "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h", - "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h", - "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h", - "src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h", - ], - external_deps = [ - "absl/memory", - "absl/container:inlined_vector", - "absl/strings", - "absl/strings:str_format", - "upb_lib", - ], - language = "c++", - deps = [ - "config", - "error", - "gpr_base", - "grpc_base", - "grpc_client_channel", - "grpc_grpclb_balancer_addresses", - "grpc_lb_upb", - "grpc_resolver_fake", - "grpc_sockaddr", - "grpc_transport_chttp2_client_insecure", - "orphanable", - "protobuf_duration_upb", - "protobuf_timestamp_upb", - "ref_counted_ptr", - "server_address", - "slice", - "sockaddr_utils", - ], -) - -grpc_cc_library( - name = "grpc_lb_policy_grpclb_secure", - srcs = [ - "src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc", - "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc", - "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc", "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc", "src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc", ], hdrs = [ "src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.h", "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h", - "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h", "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h", "src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h", ], @@ -2739,10 +2693,9 @@ grpc_cc_library( "grpc_grpclb_balancer_addresses", "grpc_lb_upb", "grpc_resolver_fake", - "grpc_secure", "grpc_security_base", "grpc_sockaddr", - "grpc_transport_chttp2_client_secure", + "grpc_transport_chttp2_client_connector", "orphanable", "protobuf_duration_upb", "protobuf_timestamp_upb", @@ -2773,8 +2726,8 @@ grpc_cc_library( "grpc_base", "grpc_client_channel", "grpc_codegen", + "grpc_fake_credentials", "grpc_resolver", - "grpc_secure", "grpc_security_base", "json", "json_util", @@ -2890,6 +2843,7 @@ grpc_cc_library( "grpc_client_channel", "grpc_codegen", "grpc_credentials_util", + "grpc_fake_credentials", "grpc_fault_injection_filter", "grpc_lb_xds_channel_args", "grpc_matchers", @@ -2898,7 +2852,7 @@ grpc_cc_library( "grpc_security_base", "grpc_sockaddr", "grpc_tls_credentials", - "grpc_transport_chttp2_client_secure", + "grpc_transport_chttp2_client_connector", "json", "json_util", "orphanable", @@ -2967,6 +2921,7 @@ grpc_cc_library( deps = [ "config", "gpr_base", + "grpc_fake_credentials", "grpc_secure", "grpc_security_base", "json", @@ -3257,7 +3212,7 @@ grpc_cc_library( "gpr", "grpc++_base", "grpc_base", - "grpc_secure", + "grpc_lb_policy_grpclb", "grpc_security_base", "grpc_sockaddr", "slice", @@ -3589,219 +3544,530 @@ grpc_cc_library( ) grpc_cc_library( - name = "httpcli_ssl_credentials", + name = "grpc_authorization_base", srcs = [ - "src/core/lib/http/httpcli_security_connector.cc", + "src/core/lib/security/authorization/authorization_policy_provider_vtable.cc", + "src/core/lib/security/authorization/evaluate_args.cc", + "src/core/lib/security/authorization/sdk_server_authz_filter.cc", ], hdrs = [ - "src/core/lib/http/httpcli_ssl_credentials.h", + "src/core/lib/security/authorization/authorization_engine.h", + "src/core/lib/security/authorization/authorization_policy_provider.h", + "src/core/lib/security/authorization/evaluate_args.h", + "src/core/lib/security/authorization/sdk_server_authz_filter.h", ], external_deps = [ "absl/strings", ], language = "c++", deps = [ - "config", "gpr_base", "grpc_base", - "grpc_security_base", - "ref_counted_ptr", - "tsi_ssl_credentials", + "grpc_credentials_util", + "grpc_trace", + "slice_refcount", + "sockaddr_utils", ], ) grpc_cc_library( - name = "grpc_secure", + name = "tsi_fake_credentials", srcs = [ - "src/core/lib/security/authorization/authorization_policy_provider_vtable.cc", - "src/core/lib/security/authorization/evaluate_args.cc", - "src/core/lib/security/authorization/sdk_server_authz_filter.cc", - "src/core/lib/security/credentials/external/aws_external_account_credentials.cc", - "src/core/lib/security/credentials/external/aws_request_signer.cc", - "src/core/lib/security/credentials/external/external_account_credentials.cc", - "src/core/lib/security/credentials/external/file_external_account_credentials.cc", - "src/core/lib/security/credentials/external/url_external_account_credentials.cc", - "src/core/lib/security/credentials/fake/fake_credentials.cc", - "src/core/lib/security/credentials/google_default/credentials_generic.cc", - "src/core/lib/security/credentials/google_default/google_default_credentials.cc", - "src/core/lib/security/credentials/iam/iam_credentials.cc", - "src/core/lib/security/credentials/insecure/insecure_credentials.cc", - "src/core/lib/security/credentials/local/local_credentials.cc", - "src/core/lib/security/credentials/oauth2/oauth2_credentials.cc", - "src/core/lib/security/security_connector/fake/fake_security_connector.cc", - "src/core/lib/security/security_connector/insecure/insecure_security_connector.cc", - "src/core/lib/security/security_connector/local/local_security_connector.cc", - "src/core/lib/surface/init_secure.cc", + "src/core/tsi/fake_transport_security.cc", ], hdrs = [ - "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h", - "src/core/ext/xds/xds_channel_args.h", - "src/core/lib/security/authorization/authorization_engine.h", - "src/core/lib/security/authorization/authorization_policy_provider.h", - "src/core/lib/security/authorization/evaluate_args.h", - "src/core/lib/security/authorization/sdk_server_authz_filter.h", - "src/core/lib/security/credentials/external/aws_external_account_credentials.h", - "src/core/lib/security/credentials/external/aws_request_signer.h", - "src/core/lib/security/credentials/external/external_account_credentials.h", - "src/core/lib/security/credentials/external/file_external_account_credentials.h", - "src/core/lib/security/credentials/external/url_external_account_credentials.h", - "src/core/lib/security/credentials/fake/fake_credentials.h", - "src/core/lib/security/credentials/google_default/google_default_credentials.h", - "src/core/lib/security/credentials/iam/iam_credentials.h", - "src/core/lib/security/credentials/local/local_credentials.h", - "src/core/lib/security/credentials/oauth2/oauth2_credentials.h", - "src/core/lib/security/security_connector/fake/fake_security_connector.h", - "src/core/lib/security/security_connector/insecure/insecure_security_connector.h", - "src/core/lib/security/security_connector/local/local_security_connector.h", + "src/core/tsi/fake_transport_security.h", ], external_deps = [ - "absl/container:inlined_vector", - "absl/functional:bind_front", "absl/strings", "absl/strings:str_format", - "absl/time", - "libcrypto", - "libssl", ], language = "c++", - public_hdrs = GRPC_SECURE_PUBLIC_HDRS, - visibility = ["@grpc:public"], + visibility = [ + "@grpc:public", + ], deps = [ - "alts_util", - "arena", - "config", - "error", "gpr_base", - "grpc_alts_credentials", "grpc_base", - "grpc_client_channel", - "grpc_codegen", - "grpc_credentials_util", - "grpc_jwt_credentials", - "grpc_lb_xds_channel_args", - "grpc_security_base", - "grpc_sockaddr", - "grpc_ssl_credentials", - "grpc_tls_credentials", - "grpc_trace", - "grpc_transport_chttp2_alpn", - "httpcli", - "httpcli_ssl_credentials", - "json", - "ref_counted", - "ref_counted_ptr", - "slice", - "slice_refcount", - "sockaddr_utils", - "tsi", "tsi_base", - "uri_parser", "useful", ], ) grpc_cc_library( - name = "tsi_ssl_types", + name = "grpc_fake_credentials", + srcs = [ + "src/core/lib/security/credentials/fake/fake_credentials.cc", + "src/core/lib/security/security_connector/fake/fake_security_connector.cc", + ], hdrs = [ - "src/core/tsi/ssl_types.h", + "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h", + "src/core/lib/security/credentials/fake/fake_credentials.h", + "src/core/lib/security/security_connector/fake/fake_security_connector.h", ], external_deps = [ - "libssl", + "absl/strings", + "absl/strings:str_format", ], language = "c++", + deps = [ + "gpr_base", + "grpc_base", + "grpc_security_base", + "ref_counted_ptr", + "tsi_fake_credentials", + ], ) grpc_cc_library( - name = "tsi_base", + name = "grpc_insecure_credentials", srcs = [ - "src/core/tsi/transport_security.cc", - "src/core/tsi/transport_security_grpc.cc", + "src/core/lib/security/credentials/insecure/insecure_credentials.cc", + "src/core/lib/security/security_connector/insecure/insecure_security_connector.cc", ], hdrs = [ - "src/core/tsi/transport_security.h", - "src/core/tsi/transport_security_grpc.h", - "src/core/tsi/transport_security_interface.h", + "src/core/lib/security/security_connector/insecure/insecure_security_connector.h", ], language = "c++", - visibility = ["@grpc:tsi_interface"], deps = [ "gpr", - "grpc_trace", + "grpc_security_base", + "ref_counted_ptr", + "tsi_local_credentials", ], ) grpc_cc_library( - name = "grpc_security_base", + name = "tsi_local_credentials", srcs = [ - "src/core/lib/security/context/security_context.cc", - "src/core/lib/security/credentials/composite/composite_credentials.cc", - "src/core/lib/security/credentials/credentials.cc", - "src/core/lib/security/credentials/plugin/plugin_credentials.cc", - "src/core/lib/security/security_connector/security_connector.cc", - "src/core/lib/security/transport/client_auth_filter.cc", - "src/core/lib/security/transport/secure_endpoint.cc", - "src/core/lib/security/transport/security_handshaker.cc", - "src/core/lib/security/transport/server_auth_filter.cc", - "src/core/lib/security/transport/tsi_error.cc", + "src/core/tsi/local_transport_security.cc", ], hdrs = [ - "src/core/lib/security/context/security_context.h", - "src/core/lib/security/credentials/composite/composite_credentials.h", - "src/core/lib/security/credentials/credentials.h", - "src/core/lib/security/credentials/plugin/plugin_credentials.h", - "src/core/lib/security/security_connector/security_connector.h", - "src/core/lib/security/transport/auth_filters.h", - "src/core/lib/security/transport/secure_endpoint.h", - "src/core/lib/security/transport/security_handshaker.h", - "src/core/lib/security/transport/tsi_error.h", - ], - external_deps = [ - "absl/strings", - "absl/strings:str_format", - "absl/time", + "src/core/tsi/local_transport_security.h", ], language = "c++", - public_hdrs = GRPC_SECURE_PUBLIC_HDRS, - visibility = ["@grpc:public"], deps = [ - "arena", - "config", - "gpr_base", + "gpr", "grpc_base", - "grpc_trace", - "json", - "ref_counted", - "ref_counted_ptr", "tsi_base", ], ) grpc_cc_library( - name = "grpc_credentials_util", + name = "grpc_local_credentials", srcs = [ - "src/core/lib/security/credentials/tls/tls_utils.cc", - "src/core/lib/security/security_connector/load_system_roots_fallback.cc", - "src/core/lib/security/security_connector/load_system_roots_linux.cc", - "src/core/lib/security/util/json_util.cc", + "src/core/lib/security/credentials/local/local_credentials.cc", + "src/core/lib/security/security_connector/local/local_security_connector.cc", ], hdrs = [ - "src/core/lib/security/credentials/tls/tls_utils.h", - "src/core/lib/security/security_connector/load_system_roots.h", - "src/core/lib/security/security_connector/load_system_roots_linux.h", - "src/core/lib/security/util/json_util.h", + "src/core/lib/security/credentials/local/local_credentials.h", + "src/core/lib/security/security_connector/local/local_security_connector.h", ], external_deps = [ - "absl/container:inlined_vector", + "absl/strings:str_format", "absl/strings", ], language = "c++", - visibility = ["@grpc:public"], deps = [ "gpr_base", "grpc_base", + "grpc_client_channel", "grpc_security_base", - "useful", - ], + "grpc_sockaddr", + "ref_counted_ptr", + "sockaddr_utils", + "tsi_local_credentials", + "uri_parser", + ], +) + +grpc_cc_library( + name = "grpc_alts_credentials", + srcs = [ + "src/core/lib/security/credentials/alts/alts_credentials.cc", + "src/core/lib/security/security_connector/alts/alts_security_connector.cc", + ], + hdrs = [ + "src/core/lib/security/credentials/alts/alts_credentials.h", + "src/core/lib/security/security_connector/alts/alts_security_connector.h", + ], + external_deps = [ + "libssl", + "upb_lib", + "upb_lib_descriptor", + ], + language = "c++", + visibility = ["@grpc:public"], + deps = [ + "alts_util", + "gpr_base", + "grpc_base", + "grpc_security_base", + "ref_counted_ptr", + "tsi_alts_credentials", + "tsi_base", + ], +) + +grpc_cc_library( + name = "grpc_ssl_credentials", + srcs = [ + "src/core/lib/security/credentials/ssl/ssl_credentials.cc", + "src/core/lib/security/security_connector/ssl/ssl_security_connector.cc", + ], + hdrs = [ + "src/core/lib/security/credentials/ssl/ssl_credentials.h", + "src/core/lib/security/security_connector/ssl/ssl_security_connector.h", + ], + external_deps = [ + "absl/strings", + "absl/strings:str_format", + ], + language = "c++", + deps = [ + "gpr_base", + "grpc_base", + "grpc_credentials_util", + "grpc_security_base", + "grpc_transport_chttp2_alpn", + "ref_counted_ptr", + "tsi_base", + "tsi_ssl_credentials", + ], +) + +grpc_cc_library( + name = "grpc_google_default_credentials", + srcs = [ + "src/core/lib/security/credentials/google_default/credentials_generic.cc", + "src/core/lib/security/credentials/google_default/google_default_credentials.cc", + ], + hdrs = [ + "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h", + "src/core/lib/security/credentials/google_default/google_default_credentials.h", + ], + external_deps = [ + "absl/strings", + "absl/strings:str_format", + ], + language = "c++", + deps = [ + "alts_util", + "gpr_base", + "grpc_alts_credentials", + "grpc_base", + "grpc_codegen", + "grpc_external_account_credentials", + "grpc_jwt_credentials", + "grpc_lb_xds_channel_args", + "grpc_oauth2_credentials", + "grpc_security_base", + "grpc_ssl_credentials", + "httpcli", + "httpcli_ssl_credentials", + "ref_counted_ptr", + ], +) + +grpc_cc_library( + name = "grpc_tls_credentials", + srcs = [ + "src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc", + "src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc", + "src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.cc", + "src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc", + "src/core/lib/security/credentials/tls/tls_credentials.cc", + "src/core/lib/security/security_connector/tls/tls_security_connector.cc", + ], + hdrs = [ + "src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h", + "src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h", + "src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.h", + "src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h", + "src/core/lib/security/credentials/tls/tls_credentials.h", + "src/core/lib/security/security_connector/tls/tls_security_connector.h", + ], + external_deps = [ + "absl/functional:bind_front", + "absl/strings", + "libssl", + ], + language = "c++", + deps = [ + "gpr_base", + "grpc_base", + "grpc_credentials_util", + "grpc_security_base", + "tsi_base", + "tsi_ssl_credentials", + ], +) + +grpc_cc_library( + name = "grpc_iam_credentials", + srcs = [ + "src/core/lib/security/credentials/iam/iam_credentials.cc", + ], + hdrs = [ + "src/core/lib/security/credentials/iam/iam_credentials.h", + ], + external_deps = [ + "absl/strings", + "absl/strings:str_format", + ], + language = "c++", + deps = [ + "gpr_base", + "grpc_base", + "grpc_security_base", + "ref_counted_ptr", + ], +) + +grpc_cc_library( + name = "grpc_jwt_credentials", + srcs = [ + "src/core/lib/security/credentials/jwt/json_token.cc", + "src/core/lib/security/credentials/jwt/jwt_credentials.cc", + "src/core/lib/security/credentials/jwt/jwt_verifier.cc", + ], + hdrs = [ + "src/core/lib/security/credentials/jwt/json_token.h", + "src/core/lib/security/credentials/jwt/jwt_credentials.h", + "src/core/lib/security/credentials/jwt/jwt_verifier.h", + ], + external_deps = [ + "absl/strings", + "libcrypto", + "libssl", + ], + language = "c++", + visibility = ["@grpc:public"], + deps = [ + "gpr_base", + "grpc_base", + "grpc_credentials_util", + "grpc_security_base", + "httpcli", + "httpcli_ssl_credentials", + "json", + "ref_counted", + "ref_counted_ptr", + "tsi_ssl_types", + "uri_parser", + ], +) + +grpc_cc_library( + name = "grpc_oauth2_credentials", + srcs = [ + "src/core/lib/security/credentials/oauth2/oauth2_credentials.cc", + ], + hdrs = [ + "src/core/lib/security/credentials/oauth2/oauth2_credentials.h", + ], + external_deps = [ + "absl/container:inlined_vector", + "absl/strings", + "absl/strings:str_format", + ], + language = "c++", + deps = [ + "gpr_base", + "grpc_base", + "grpc_codegen", + "grpc_credentials_util", + "grpc_security_base", + "httpcli", + "httpcli_ssl_credentials", + "json", + "ref_counted_ptr", + "uri_parser", + ], +) + +grpc_cc_library( + name = "grpc_external_account_credentials", + srcs = [ + "src/core/lib/security/credentials/external/aws_external_account_credentials.cc", + "src/core/lib/security/credentials/external/aws_request_signer.cc", + "src/core/lib/security/credentials/external/external_account_credentials.cc", + "src/core/lib/security/credentials/external/file_external_account_credentials.cc", + "src/core/lib/security/credentials/external/url_external_account_credentials.cc", + ], + hdrs = [ + "src/core/lib/security/credentials/external/aws_external_account_credentials.h", + "src/core/lib/security/credentials/external/aws_request_signer.h", + "src/core/lib/security/credentials/external/external_account_credentials.h", + "src/core/lib/security/credentials/external/file_external_account_credentials.h", + "src/core/lib/security/credentials/external/url_external_account_credentials.h", + ], + external_deps = [ + "absl/strings", + "absl/strings:str_format", + "absl/time", + "libcrypto", + "libssl", + ], + language = "c++", + deps = [ + "gpr_base", + "grpc_base", + "grpc_credentials_util", + "grpc_oauth2_credentials", + "grpc_security_base", + "httpcli", + "httpcli_ssl_credentials", + "slice_refcount", + ], +) + +grpc_cc_library( + name = "httpcli_ssl_credentials", + srcs = [ + "src/core/lib/http/httpcli_security_connector.cc", + ], + hdrs = [ + "src/core/lib/http/httpcli_ssl_credentials.h", + ], + external_deps = [ + "absl/strings", + ], + language = "c++", + deps = [ + "config", + "gpr_base", + "grpc_base", + "grpc_security_base", + "ref_counted_ptr", + "tsi_ssl_credentials", + ], +) + +grpc_cc_library( + name = "grpc_secure", + language = "c++", + public_hdrs = GRPC_PUBLIC_HDRS, + visibility = ["@grpc:public"], + deps = [ + "config", + "gpr_base", + "grpc_alts_credentials", + "grpc_authorization_base", + "grpc_base", + "grpc_client_channel", + "grpc_codegen", + "grpc_credentials_util", + "grpc_external_account_credentials", + "grpc_fake_credentials", + "grpc_google_default_credentials", + "grpc_iam_credentials", + "grpc_insecure_credentials", + "grpc_jwt_credentials", + "grpc_local_credentials", + "grpc_oauth2_credentials", + "grpc_security_base", + "grpc_ssl_credentials", + "grpc_tls_credentials", + "grpc_trace", + "grpc_transport_chttp2_alpn", + "httpcli", + "httpcli_ssl_credentials", + "json", + "ref_counted", + "ref_counted_ptr", + "slice", + "slice_refcount", + "sockaddr_utils", + "tsi_base", + "uri_parser", + "useful", + ], +) + +grpc_cc_library( + name = "tsi_ssl_types", + hdrs = [ + "src/core/tsi/ssl_types.h", + ], + external_deps = [ + "libssl", + ], + language = "c++", +) + +grpc_cc_library( + name = "grpc_security_base", + srcs = [ + "src/core/lib/security/context/security_context.cc", + "src/core/lib/security/credentials/composite/composite_credentials.cc", + "src/core/lib/security/credentials/credentials.cc", + "src/core/lib/security/credentials/plugin/plugin_credentials.cc", + "src/core/lib/security/security_connector/security_connector.cc", + "src/core/lib/security/transport/client_auth_filter.cc", + "src/core/lib/security/transport/secure_endpoint.cc", + "src/core/lib/security/transport/security_handshaker.cc", + "src/core/lib/security/transport/server_auth_filter.cc", + "src/core/lib/security/transport/tsi_error.cc", + ], + hdrs = [ + "src/core/lib/security/context/security_context.h", + "src/core/lib/security/credentials/composite/composite_credentials.h", + "src/core/lib/security/credentials/credentials.h", + "src/core/lib/security/credentials/plugin/plugin_credentials.h", + "src/core/lib/security/security_connector/security_connector.h", + "src/core/lib/security/transport/auth_filters.h", + "src/core/lib/security/transport/secure_endpoint.h", + "src/core/lib/security/transport/security_handshaker.h", + "src/core/lib/security/transport/tsi_error.h", + ], + external_deps = [ + "absl/strings", + "absl/strings:str_format", + "absl/time", + ], + language = "c++", + public_hdrs = GRPC_PUBLIC_HDRS, + visibility = ["@grpc:public"], + deps = [ + "arena", + "config", + "gpr_base", + "grpc_base", + "grpc_trace", + "json", + "ref_counted", + "ref_counted_ptr", + "tsi_base", + ], +) + +grpc_cc_library( + name = "grpc_credentials_util", + srcs = [ + "src/core/lib/security/credentials/tls/tls_utils.cc", + "src/core/lib/security/security_connector/load_system_roots_fallback.cc", + "src/core/lib/security/security_connector/load_system_roots_linux.cc", + "src/core/lib/security/util/json_util.cc", + ], + hdrs = [ + "src/core/lib/security/credentials/tls/tls_utils.h", + "src/core/lib/security/security_connector/load_system_roots.h", + "src/core/lib/security/security_connector/load_system_roots_linux.h", + "src/core/lib/security/util/json_util.h", + ], + external_deps = [ + "absl/container:inlined_vector", + "absl/strings", + ], + language = "c++", + visibility = ["@grpc:public"], + deps = [ + "gpr_base", + "grpc_base", + "grpc_security_base", + "useful", + ], ) grpc_cc_library( @@ -3854,6 +4120,7 @@ grpc_cc_library( visibility = ["@grpc:public"], deps = [ "alts_util", + "arena", "config", "error", "gpr_base", @@ -3902,129 +4169,6 @@ grpc_cc_library( ], ) -grpc_cc_library( - name = "grpc_jwt_credentials", - srcs = [ - "src/core/lib/security/credentials/jwt/json_token.cc", - "src/core/lib/security/credentials/jwt/jwt_credentials.cc", - "src/core/lib/security/credentials/jwt/jwt_verifier.cc", - ], - hdrs = [ - "src/core/lib/security/credentials/jwt/json_token.h", - "src/core/lib/security/credentials/jwt/jwt_credentials.h", - "src/core/lib/security/credentials/jwt/jwt_verifier.h", - ], - external_deps = [ - "absl/strings", - "libcrypto", - "libssl", - ], - language = "c++", - visibility = ["@grpc:public"], - deps = [ - "gpr_base", - "grpc_base", - "grpc_credentials_util", - "grpc_security_base", - "httpcli", - "httpcli_ssl_credentials", - "json", - "ref_counted", - "ref_counted_ptr", - "tsi_ssl_types", - "uri_parser", - ], -) - -grpc_cc_library( - name = "grpc_alts_credentials", - srcs = [ - "src/core/lib/security/credentials/alts/alts_credentials.cc", - "src/core/lib/security/security_connector/alts/alts_security_connector.cc", - ], - hdrs = [ - "src/core/lib/security/credentials/alts/alts_credentials.h", - "src/core/lib/security/security_connector/alts/alts_security_connector.h", - ], - external_deps = [ - "libssl", - "upb_lib", - "upb_lib_descriptor", - ], - language = "c++", - visibility = ["@grpc:public"], - deps = [ - "alts_util", - "gpr_base", - "grpc_base", - "grpc_security_base", - "ref_counted_ptr", - "tsi_alts_credentials", - "tsi_base", - ], -) - -grpc_cc_library( - name = "grpc_ssl_credentials", - srcs = [ - "src/core/lib/security/credentials/ssl/ssl_credentials.cc", - "src/core/lib/security/security_connector/ssl/ssl_security_connector.cc", - ], - hdrs = [ - "src/core/lib/security/credentials/ssl/ssl_credentials.h", - "src/core/lib/security/security_connector/ssl/ssl_security_connector.h", - ], - external_deps = [ - "absl/strings", - "absl/strings:str_format", - ], - language = "c++", - deps = [ - "gpr_base", - "grpc_base", - "grpc_credentials_util", - "grpc_security_base", - "grpc_transport_chttp2_alpn", - "ref_counted_ptr", - "tsi_base", - "tsi_ssl_credentials", - ], -) - -grpc_cc_library( - name = "grpc_tls_credentials", - srcs = [ - "src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc", - "src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc", - "src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.cc", - "src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc", - "src/core/lib/security/credentials/tls/tls_credentials.cc", - "src/core/lib/security/security_connector/tls/tls_security_connector.cc", - ], - hdrs = [ - "src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h", - "src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h", - "src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.h", - "src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h", - "src/core/lib/security/credentials/tls/tls_credentials.h", - "src/core/lib/security/security_connector/tls/tls_security_connector.h", - ], - external_deps = [ - "absl/functional:bind_front", - "absl/strings", - "libssl", - ], - language = "c++", - deps = [ - "gpr_base", - "grpc_base", - "grpc_credentials_util", - "grpc_security_base", - "tsi_base", - "tsi_ssl_credentials", - ], -) - grpc_cc_library( name = "grpc_mock_cel", hdrs = [ @@ -4083,9 +4227,9 @@ grpc_cc_library( language = "c++", deps = [ "gpr_base", + "grpc_authorization_base", "grpc_base", "grpc_matchers", - "grpc_secure", "sockaddr_utils", ], ) @@ -4106,12 +4250,12 @@ grpc_cc_library( "absl/strings:str_format", ], language = "c++", + public_hdrs = GRPC_PUBLIC_HDRS, deps = [ "gpr_base", "grpc_base", "grpc_matchers", "grpc_rbac_engine", - "grpc_secure", "useful", ], ) @@ -4127,7 +4271,7 @@ grpc_cc_library( "protobuf_headers", ], language = "c++", - public_hdrs = GRPCXX_PUBLIC_HDRS + GRPC_SECURE_PUBLIC_HDRS, + public_hdrs = GRPCXX_PUBLIC_HDRS, deps = [ "gpr_base", "grpc++_codegen_base", @@ -4292,46 +4436,9 @@ grpc_cc_library( "gpr_base", "grpc_base", "grpc_client_channel", - "grpc_transport_chttp2", - "slice", - "sockaddr_utils", - ], -) - -grpc_cc_library( - name = "grpc_transport_chttp2_client_insecure", - srcs = [ - "src/core/ext/transport/chttp2/client/insecure/channel_create.cc", - "src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc", - ], - language = "c++", - deps = [ - "channel_args", - "gpr_base", - "grpc_base", - "grpc_client_channel", - "grpc_resolver", - "grpc_transport_chttp2", - "grpc_transport_chttp2_client_connector", - ], -) - -grpc_cc_library( - name = "grpc_transport_chttp2_client_secure", - srcs = [ - "src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc", - ], - language = "c++", - deps = [ - "error", - "gpr_base", - "grpc_base", - "grpc_client_channel", "grpc_resolver", - "grpc_secure", "grpc_security_base", "grpc_transport_chttp2", - "grpc_transport_chttp2_client_connector", "slice", "sockaddr_utils", "uri_parser", @@ -4357,6 +4464,7 @@ grpc_cc_library( "grpc_base", "grpc_codegen", "grpc_http_filters", + "grpc_security_base", "grpc_transport_chttp2", "memory_quota", "ref_counted", @@ -4367,44 +4475,6 @@ grpc_cc_library( ], ) -grpc_cc_library( - name = "grpc_transport_chttp2_server_insecure", - srcs = [ - "src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc", - "src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc", - ], - external_deps = [ - "absl/strings", - ], - language = "c++", - deps = [ - "gpr_base", - "grpc_base", - "grpc_transport_chttp2", - "grpc_transport_chttp2_server", - ], -) - -grpc_cc_library( - name = "grpc_transport_chttp2_server_secure", - srcs = [ - "src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc", - ], - external_deps = [ - "absl/strings", - ], - language = "c++", - deps = [ - "gpr_base", - "grpc_base", - "grpc_secure", - "grpc_security_base", - "grpc_transport_chttp2", - "grpc_transport_chttp2_server", - "ref_counted_ptr", - ], -) - grpc_cc_library( name = "grpc_transport_inproc", srcs = [ @@ -4424,13 +4494,21 @@ grpc_cc_library( ) grpc_cc_library( - name = "tsi_interface", + name = "tsi_base", + srcs = [ + "src/core/tsi/transport_security.cc", + "src/core/tsi/transport_security_grpc.cc", + ], + hdrs = [ + "src/core/tsi/transport_security.h", + "src/core/tsi/transport_security_grpc.h", + "src/core/tsi/transport_security_interface.h", + ], language = "c++", visibility = ["@grpc:tsi_interface"], deps = [ "gpr", "grpc_trace", - "tsi_base", ], ) @@ -4455,7 +4533,6 @@ grpc_cc_library( "upb_lib", ], language = "c++", - public_hdrs = GRPC_SECURE_PUBLIC_HDRS, visibility = ["@grpc:tsi"], deps = [ "alts_upb", @@ -4466,14 +4543,6 @@ grpc_cc_library( grpc_cc_library( name = "tsi", - srcs = [ - "src/core/tsi/fake_transport_security.cc", - "src/core/tsi/local_transport_security.cc", - ], - hdrs = [ - "src/core/tsi/fake_transport_security.h", - "src/core/tsi/local_transport_security.h", - ], external_deps = [ "libssl", "libcrypto", @@ -4483,15 +4552,13 @@ grpc_cc_library( language = "c++", visibility = ["@grpc:tsi"], deps = [ - "alts_util", - "gpr_base", + "gpr", "grpc_base", - "grpc_transport_chttp2_client_insecure", - "slice", "tsi_alts_credentials", "tsi_base", + "tsi_fake_credentials", + "tsi_local_credentials", "tsi_ssl_credentials", - "tsi_ssl_types", "useful", ], ) @@ -4550,6 +4617,7 @@ grpc_cc_library( "grpc_base", "grpc_codegen", "grpc_health_upb", + "grpc_insecure_credentials", "grpc_service_config", "grpc_trace", "grpc_transport_inproc", diff --git a/BUILD.gn b/BUILD.gn index 2d558a8873941..bc561476ba7fc 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -278,8 +278,6 @@ config("grpc_config") { "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h", "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc", "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h", - "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h", - "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc", "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc", "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h", "src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc", @@ -384,14 +382,8 @@ config("grpc_config") { "src/core/ext/transport/chttp2/client/authority.h", "src/core/ext/transport/chttp2/client/chttp2_connector.cc", "src/core/ext/transport/chttp2/client/chttp2_connector.h", - "src/core/ext/transport/chttp2/client/insecure/channel_create.cc", - "src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc", - "src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc", "src/core/ext/transport/chttp2/server/chttp2_server.cc", "src/core/ext/transport/chttp2/server/chttp2_server.h", - "src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc", - "src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc", - "src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc", "src/core/ext/transport/chttp2/transport/bin_decoder.cc", "src/core/ext/transport/chttp2/transport/bin_decoder.h", "src/core/ext/transport/chttp2/transport/bin_encoder.cc", @@ -1206,7 +1198,6 @@ config("grpc_config") { "src/core/lib/surface/event_string.h", "src/core/lib/surface/init.cc", "src/core/lib/surface/init.h", - "src/core/lib/surface/init_secure.cc", "src/core/lib/surface/lame_client.cc", "src/core/lib/surface/lame_client.h", "src/core/lib/surface/metadata_array.cc", @@ -1406,6 +1397,7 @@ config("grpc_config") { "include/grpc++/support/stub_options.h", "include/grpc++/support/sync_stream.h", "include/grpc++/support/time.h", + "include/grpc/grpc_security.h", "include/grpcpp/alarm.h", "include/grpcpp/channel.h", "include/grpcpp/client_context.h", diff --git a/CMakeLists.txt b/CMakeLists.txt index 0321f77587808..74827b652cbf0 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1382,6 +1382,27 @@ target_link_libraries(end2end_tests grpc_test_util ) +foreach(_hdr + include/grpc/byte_buffer.h + include/grpc/byte_buffer_reader.h + include/grpc/compression.h + include/grpc/fork.h + include/grpc/grpc.h + include/grpc/grpc_posix.h + include/grpc/grpc_security.h + include/grpc/grpc_security_constants.h + include/grpc/load_reporting.h + include/grpc/slice.h + include/grpc/slice_buffer.h + include/grpc/status.h + include/grpc/support/workaround_list.h +) + string(REPLACE "include/" "" _path ${_hdr}) + get_filename_component(_path ${_path} PATH) + install(FILES ${_hdr} + DESTINATION "${gRPC_INSTALL_INCLUDEDIR}/${_path}" + ) +endforeach() endif() @@ -1567,7 +1588,6 @@ add_library(grpc src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc @@ -1624,13 +1644,7 @@ add_library(grpc src/core/ext/filters/server_config_selector/server_config_selector_filter.cc src/core/ext/transport/chttp2/alpn/alpn.cc src/core/ext/transport/chttp2/client/chttp2_connector.cc - src/core/ext/transport/chttp2/client/insecure/channel_create.cc - src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc - src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc src/core/ext/transport/chttp2/server/chttp2_server.cc - src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc - src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc - src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc src/core/ext/transport/chttp2/transport/bin_decoder.cc src/core/ext/transport/chttp2/transport/bin_encoder.cc src/core/ext/transport/chttp2/transport/chttp2_plugin.cc @@ -2172,7 +2186,6 @@ add_library(grpc src/core/lib/surface/completion_queue_factory.cc src/core/lib/surface/event_string.cc src/core/lib/surface/init.cc - src/core/lib/surface/init_secure.cc src/core/lib/surface/lame_client.cc src/core/lib/surface/metadata_array.cc src/core/lib/surface/server.cc @@ -2190,6 +2203,7 @@ add_library(grpc src/core/lib/transport/transport_op_string.cc src/core/lib/uri/uri_parser.cc src/core/plugin_registry/grpc_plugin_registry.cc + src/core/plugin_registry/grpc_plugin_registry_extra.cc src/core/tsi/alts/crypt/aes_gcm.cc src/core/tsi/alts/crypt/gsec.cc src/core/tsi/alts/frame_protector/alts_counter.cc @@ -2512,12 +2526,12 @@ add_library(grpc_unsecure src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.cc src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc src/core/ext/filters/client_channel/lb_policy/priority/priority.cc src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc + src/core/ext/filters/client_channel/lb_policy/rls/rls.cc src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc src/core/ext/filters/client_channel/lb_policy_registry.cc @@ -2558,11 +2572,7 @@ add_library(grpc_unsecure src/core/ext/filters/message_size/message_size_filter.cc src/core/ext/transport/chttp2/alpn/alpn.cc src/core/ext/transport/chttp2/client/chttp2_connector.cc - src/core/ext/transport/chttp2/client/insecure/channel_create.cc - src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc src/core/ext/transport/chttp2/server/chttp2_server.cc - src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc - src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc src/core/ext/transport/chttp2/transport/bin_decoder.cc src/core/ext/transport/chttp2/transport/bin_encoder.cc src/core/ext/transport/chttp2/transport/chttp2_plugin.cc @@ -2600,6 +2610,7 @@ add_library(grpc_unsecure src/core/ext/upb-generated/google/rpc/status.upb.c src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c + src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.c src/core/ext/upb-generated/validate/validate.upb.c src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c src/core/lib/address_utils/parse_address.cc @@ -2739,17 +2750,25 @@ add_library(grpc_unsecure src/core/lib/resource_quota/resource_quota.cc src/core/lib/resource_quota/thread_quota.cc src/core/lib/resource_quota/trace.cc - src/core/lib/security/authorization/authorization_policy_provider_null_vtable.cc + src/core/lib/security/authorization/authorization_policy_provider_vtable.cc + src/core/lib/security/authorization/evaluate_args.cc + src/core/lib/security/authorization/sdk_server_authz_filter.cc src/core/lib/security/context/security_context.cc src/core/lib/security/credentials/composite/composite_credentials.cc src/core/lib/security/credentials/credentials.cc + src/core/lib/security/credentials/fake/fake_credentials.cc src/core/lib/security/credentials/plugin/plugin_credentials.cc + src/core/lib/security/credentials/tls/tls_utils.cc + src/core/lib/security/security_connector/fake/fake_security_connector.cc + src/core/lib/security/security_connector/load_system_roots_fallback.cc + src/core/lib/security/security_connector/load_system_roots_linux.cc src/core/lib/security/security_connector/security_connector.cc src/core/lib/security/transport/client_auth_filter.cc src/core/lib/security/transport/secure_endpoint.cc src/core/lib/security/transport/security_handshaker.cc src/core/lib/security/transport/server_auth_filter.cc src/core/lib/security/transport/tsi_error.cc + src/core/lib/security/util/json_util.cc src/core/lib/service_config/service_config.cc src/core/lib/service_config/service_config_parser.cc src/core/lib/slice/b64.cc @@ -2775,7 +2794,6 @@ add_library(grpc_unsecure src/core/lib/surface/completion_queue_factory.cc src/core/lib/surface/event_string.cc src/core/lib/surface/init.cc - src/core/lib/surface/init_unsecure.cc src/core/lib/surface/lame_client.cc src/core/lib/surface/metadata_array.cc src/core/lib/surface/server.cc @@ -2792,7 +2810,9 @@ add_library(grpc_unsecure src/core/lib/transport/transport.cc src/core/lib/transport/transport_op_string.cc src/core/lib/uri/uri_parser.cc - src/core/plugin_registry/grpc_unsecure_plugin_registry.cc + src/core/plugin_registry/grpc_plugin_registry.cc + src/core/plugin_registry/grpc_plugin_registry_noextra.cc + src/core/tsi/fake_transport_security.cc src/core/tsi/transport_security.cc src/core/tsi/transport_security_grpc.cc ) @@ -2837,6 +2857,7 @@ target_link_libraries(grpc_unsecure absl::flat_hash_map absl::inlined_vector absl::bind_front + absl::hash absl::statusor absl::variant absl::utility @@ -3639,6 +3660,9 @@ target_link_libraries(grpc++_test_util endif() add_library(grpc++_unsecure + src/core/lib/security/credentials/insecure/insecure_credentials.cc + src/core/lib/security/security_connector/insecure/insecure_security_connector.cc + src/core/tsi/local_transport_security.cc src/cpp/client/channel_cc.cc src/cpp/client/client_callback.cc src/cpp/client/client_context.cc @@ -17503,7 +17527,7 @@ generate_pkgconfig( "gRPC unsecure" "high performance general RPC framework without SSL" "${gRPC_CORE_VERSION}" - "gpr absl_base absl_bind_front absl_cord absl_core_headers absl_flat_hash_map absl_inlined_vector absl_memory absl_optional absl_random_random absl_status absl_statusor absl_str_format absl_strings absl_synchronization absl_time absl_utility absl_variant" + "gpr absl_base absl_bind_front absl_cord absl_core_headers absl_flat_hash_map absl_hash absl_inlined_vector absl_memory absl_optional absl_random_random absl_status absl_statusor absl_str_format absl_strings absl_synchronization absl_time absl_utility absl_variant" "-lgrpc_unsecure" "" "grpc_unsecure.pc") @@ -17523,7 +17547,7 @@ generate_pkgconfig( "gRPC++ unsecure" "C++ wrapper for gRPC without SSL" "${gRPC_CPP_VERSION}" - "grpc_unsecure absl_base absl_bind_front absl_cord absl_core_headers absl_flat_hash_map absl_inlined_vector absl_memory absl_optional absl_random_random absl_status absl_statusor absl_str_format absl_strings absl_synchronization absl_time absl_utility absl_variant" + "grpc_unsecure absl_base absl_bind_front absl_cord absl_core_headers absl_flat_hash_map absl_hash absl_inlined_vector absl_memory absl_optional absl_random_random absl_status absl_statusor absl_str_format absl_strings absl_synchronization absl_time absl_utility absl_variant" "-lgrpc++_unsecure" "" "grpc++_unsecure.pc") diff --git a/Makefile b/Makefile index 3496118ce16e6..79cc47da74fd3 100644 --- a/Makefile +++ b/Makefile @@ -1042,7 +1042,6 @@ LIBGRPC_SRC = \ src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc \ - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc \ src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc \ @@ -1099,13 +1098,7 @@ LIBGRPC_SRC = \ src/core/ext/filters/server_config_selector/server_config_selector_filter.cc \ src/core/ext/transport/chttp2/alpn/alpn.cc \ src/core/ext/transport/chttp2/client/chttp2_connector.cc \ - src/core/ext/transport/chttp2/client/insecure/channel_create.cc \ - src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc \ - src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc \ src/core/ext/transport/chttp2/server/chttp2_server.cc \ - src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc \ - src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc \ - src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc \ src/core/ext/transport/chttp2/transport/bin_decoder.cc \ src/core/ext/transport/chttp2/transport/bin_encoder.cc \ src/core/ext/transport/chttp2/transport/chttp2_plugin.cc \ @@ -1647,7 +1640,6 @@ LIBGRPC_SRC = \ src/core/lib/surface/completion_queue_factory.cc \ src/core/lib/surface/event_string.cc \ src/core/lib/surface/init.cc \ - src/core/lib/surface/init_secure.cc \ src/core/lib/surface/lame_client.cc \ src/core/lib/surface/metadata_array.cc \ src/core/lib/surface/server.cc \ @@ -1665,6 +1657,7 @@ LIBGRPC_SRC = \ src/core/lib/transport/transport_op_string.cc \ src/core/lib/uri/uri_parser.cc \ src/core/plugin_registry/grpc_plugin_registry.cc \ + src/core/plugin_registry/grpc_plugin_registry_extra.cc \ src/core/tsi/alts/crypt/aes_gcm.cc \ src/core/tsi/alts/crypt/gsec.cc \ src/core/tsi/alts/frame_protector/alts_counter.cc \ @@ -1834,12 +1827,12 @@ LIBGRPC_UNSECURE_SRC = \ src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc \ - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc \ src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc \ src/core/ext/filters/client_channel/lb_policy/priority/priority.cc \ src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc \ + src/core/ext/filters/client_channel/lb_policy/rls/rls.cc \ src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc \ src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc \ src/core/ext/filters/client_channel/lb_policy_registry.cc \ @@ -1880,11 +1873,7 @@ LIBGRPC_UNSECURE_SRC = \ src/core/ext/filters/message_size/message_size_filter.cc \ src/core/ext/transport/chttp2/alpn/alpn.cc \ src/core/ext/transport/chttp2/client/chttp2_connector.cc \ - src/core/ext/transport/chttp2/client/insecure/channel_create.cc \ - src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc \ src/core/ext/transport/chttp2/server/chttp2_server.cc \ - src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc \ - src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc \ src/core/ext/transport/chttp2/transport/bin_decoder.cc \ src/core/ext/transport/chttp2/transport/bin_encoder.cc \ src/core/ext/transport/chttp2/transport/chttp2_plugin.cc \ @@ -1922,6 +1911,7 @@ LIBGRPC_UNSECURE_SRC = \ src/core/ext/upb-generated/google/rpc/status.upb.c \ src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c \ src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c \ + src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.c \ src/core/ext/upb-generated/validate/validate.upb.c \ src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c \ src/core/lib/address_utils/parse_address.cc \ @@ -2061,17 +2051,25 @@ LIBGRPC_UNSECURE_SRC = \ src/core/lib/resource_quota/resource_quota.cc \ src/core/lib/resource_quota/thread_quota.cc \ src/core/lib/resource_quota/trace.cc \ - src/core/lib/security/authorization/authorization_policy_provider_null_vtable.cc \ + src/core/lib/security/authorization/authorization_policy_provider_vtable.cc \ + src/core/lib/security/authorization/evaluate_args.cc \ + src/core/lib/security/authorization/sdk_server_authz_filter.cc \ src/core/lib/security/context/security_context.cc \ src/core/lib/security/credentials/composite/composite_credentials.cc \ src/core/lib/security/credentials/credentials.cc \ + src/core/lib/security/credentials/fake/fake_credentials.cc \ src/core/lib/security/credentials/plugin/plugin_credentials.cc \ + src/core/lib/security/credentials/tls/tls_utils.cc \ + src/core/lib/security/security_connector/fake/fake_security_connector.cc \ + src/core/lib/security/security_connector/load_system_roots_fallback.cc \ + src/core/lib/security/security_connector/load_system_roots_linux.cc \ src/core/lib/security/security_connector/security_connector.cc \ src/core/lib/security/transport/client_auth_filter.cc \ src/core/lib/security/transport/secure_endpoint.cc \ src/core/lib/security/transport/security_handshaker.cc \ src/core/lib/security/transport/server_auth_filter.cc \ src/core/lib/security/transport/tsi_error.cc \ + src/core/lib/security/util/json_util.cc \ src/core/lib/service_config/service_config.cc \ src/core/lib/service_config/service_config_parser.cc \ src/core/lib/slice/b64.cc \ @@ -2097,7 +2095,6 @@ LIBGRPC_UNSECURE_SRC = \ src/core/lib/surface/completion_queue_factory.cc \ src/core/lib/surface/event_string.cc \ src/core/lib/surface/init.cc \ - src/core/lib/surface/init_unsecure.cc \ src/core/lib/surface/lame_client.cc \ src/core/lib/surface/metadata_array.cc \ src/core/lib/surface/server.cc \ @@ -2114,7 +2111,9 @@ LIBGRPC_UNSECURE_SRC = \ src/core/lib/transport/transport.cc \ src/core/lib/transport/transport_op_string.cc \ src/core/lib/uri/uri_parser.cc \ - src/core/plugin_registry/grpc_unsecure_plugin_registry.cc \ + src/core/plugin_registry/grpc_plugin_registry.cc \ + src/core/plugin_registry/grpc_plugin_registry_noextra.cc \ + src/core/tsi/fake_transport_security.cc \ src/core/tsi/transport_security.cc \ src/core/tsi/transport_security_grpc.cc \ @@ -2830,8 +2829,6 @@ ifneq ($(OPENSSL_DEP),) # This is to ensure the embedded OpenSSL is built beforehand, properly # installing headers to their final destination on the drive. We need this # otherwise parallel compilation will fail if a source is compiled first. -src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc: $(OPENSSL_DEP) -src/core/ext/filters/client_channel/lb_policy/rls/rls.cc: $(OPENSSL_DEP) src/core/ext/filters/client_channel/lb_policy/xds/cds.cc: $(OPENSSL_DEP) src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc: $(OPENSSL_DEP) src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc: $(OPENSSL_DEP) @@ -2842,8 +2839,6 @@ src/core/ext/filters/rbac/rbac_filter.cc: $(OPENSSL_DEP) src/core/ext/filters/rbac/rbac_service_config_parser.cc: $(OPENSSL_DEP) src/core/ext/filters/server_config_selector/server_config_selector.cc: $(OPENSSL_DEP) src/core/ext/filters/server_config_selector/server_config_selector_filter.cc: $(OPENSSL_DEP) -src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc: $(OPENSSL_DEP) -src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc: $(OPENSSL_DEP) src/core/ext/upb-generated/envoy/admin/v3/certs.upb.c: $(OPENSSL_DEP) src/core/ext/upb-generated/envoy/admin/v3/clusters.upb.c: $(OPENSSL_DEP) src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.c: $(OPENSSL_DEP) @@ -2948,7 +2943,6 @@ src/core/ext/upb-generated/opencensus/proto/trace/v1/trace_config.upb.c: $(OPENS src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c: $(OPENSSL_DEP) src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c: $(OPENSSL_DEP) src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c: $(OPENSSL_DEP) -src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.c: $(OPENSSL_DEP) src/core/ext/upb-generated/udpa/annotations/migrate.upb.c: $(OPENSSL_DEP) src/core/ext/upb-generated/udpa/annotations/security.upb.c: $(OPENSSL_DEP) src/core/ext/upb-generated/udpa/annotations/sensitive.upb.c: $(OPENSSL_DEP) @@ -3124,12 +3118,9 @@ src/core/ext/xds/xds_routing.cc: $(OPENSSL_DEP) src/core/ext/xds/xds_server_config_fetcher.cc: $(OPENSSL_DEP) src/core/lib/http/httpcli_security_connector.cc: $(OPENSSL_DEP) src/core/lib/matchers/matchers.cc: $(OPENSSL_DEP) -src/core/lib/security/authorization/authorization_policy_provider_vtable.cc: $(OPENSSL_DEP) -src/core/lib/security/authorization/evaluate_args.cc: $(OPENSSL_DEP) src/core/lib/security/authorization/grpc_authorization_engine.cc: $(OPENSSL_DEP) src/core/lib/security/authorization/matchers.cc: $(OPENSSL_DEP) src/core/lib/security/authorization/rbac_policy.cc: $(OPENSSL_DEP) -src/core/lib/security/authorization/sdk_server_authz_filter.cc: $(OPENSSL_DEP) src/core/lib/security/credentials/alts/alts_credentials.cc: $(OPENSSL_DEP) src/core/lib/security/credentials/alts/check_gcp_environment.cc: $(OPENSSL_DEP) src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc: $(OPENSSL_DEP) @@ -3144,7 +3135,6 @@ src/core/lib/security/credentials/external/aws_request_signer.cc: $(OPENSSL_DEP) src/core/lib/security/credentials/external/external_account_credentials.cc: $(OPENSSL_DEP) src/core/lib/security/credentials/external/file_external_account_credentials.cc: $(OPENSSL_DEP) src/core/lib/security/credentials/external/url_external_account_credentials.cc: $(OPENSSL_DEP) -src/core/lib/security/credentials/fake/fake_credentials.cc: $(OPENSSL_DEP) src/core/lib/security/credentials/google_default/credentials_generic.cc: $(OPENSSL_DEP) src/core/lib/security/credentials/google_default/google_default_credentials.cc: $(OPENSSL_DEP) src/core/lib/security/credentials/iam/iam_credentials.cc: $(OPENSSL_DEP) @@ -3160,21 +3150,15 @@ src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc: $(OPENSS src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.cc: $(OPENSSL_DEP) src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc: $(OPENSSL_DEP) src/core/lib/security/credentials/tls/tls_credentials.cc: $(OPENSSL_DEP) -src/core/lib/security/credentials/tls/tls_utils.cc: $(OPENSSL_DEP) src/core/lib/security/credentials/xds/xds_credentials.cc: $(OPENSSL_DEP) src/core/lib/security/security_connector/alts/alts_security_connector.cc: $(OPENSSL_DEP) -src/core/lib/security/security_connector/fake/fake_security_connector.cc: $(OPENSSL_DEP) src/core/lib/security/security_connector/insecure/insecure_security_connector.cc: $(OPENSSL_DEP) -src/core/lib/security/security_connector/load_system_roots_fallback.cc: $(OPENSSL_DEP) -src/core/lib/security/security_connector/load_system_roots_linux.cc: $(OPENSSL_DEP) src/core/lib/security/security_connector/local/local_security_connector.cc: $(OPENSSL_DEP) src/core/lib/security/security_connector/ssl/ssl_security_connector.cc: $(OPENSSL_DEP) src/core/lib/security/security_connector/ssl_utils.cc: $(OPENSSL_DEP) src/core/lib/security/security_connector/ssl_utils_config.cc: $(OPENSSL_DEP) src/core/lib/security/security_connector/tls/tls_security_connector.cc: $(OPENSSL_DEP) -src/core/lib/security/util/json_util.cc: $(OPENSSL_DEP) -src/core/lib/surface/init_secure.cc: $(OPENSSL_DEP) -src/core/plugin_registry/grpc_plugin_registry.cc: $(OPENSSL_DEP) +src/core/plugin_registry/grpc_plugin_registry_extra.cc: $(OPENSSL_DEP) src/core/tsi/alts/crypt/aes_gcm.cc: $(OPENSSL_DEP) src/core/tsi/alts/crypt/gsec.cc: $(OPENSSL_DEP) src/core/tsi/alts/frame_protector/alts_counter.cc: $(OPENSSL_DEP) @@ -3194,7 +3178,6 @@ src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_p src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc: $(OPENSSL_DEP) src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc: $(OPENSSL_DEP) src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc: $(OPENSSL_DEP) -src/core/tsi/fake_transport_security.cc: $(OPENSSL_DEP) src/core/tsi/local_transport_security.cc: $(OPENSSL_DEP) src/core/tsi/ssl/key_logging/ssl_key_logging.cc: $(OPENSSL_DEP) src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc: $(OPENSSL_DEP) diff --git a/build_autogenerated.yaml b/build_autogenerated.yaml index de06d15860e1a..53df1db66474c 100644 --- a/build_autogenerated.yaml +++ b/build_autogenerated.yaml @@ -130,7 +130,20 @@ libs: - name: end2end_tests build: private language: c - public_headers: [] + public_headers: + - include/grpc/byte_buffer.h + - include/grpc/byte_buffer_reader.h + - include/grpc/compression.h + - include/grpc/fork.h + - include/grpc/grpc.h + - include/grpc/grpc_posix.h + - include/grpc/grpc_security.h + - include/grpc/grpc_security_constants.h + - include/grpc/load_reporting.h + - include/grpc/slice.h + - include/grpc/slice_buffer.h + - include/grpc/status.h + - include/grpc/support/workaround_list.h headers: - src/core/lib/security/authorization/grpc_authorization_policy_provider.h - src/core/lib/security/authorization/rbac_translator.h @@ -427,7 +440,6 @@ libs: - src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.h - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h - - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h - src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h - src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h @@ -1077,7 +1089,6 @@ libs: - src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc - - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc - src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc - src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc @@ -1134,13 +1145,7 @@ libs: - src/core/ext/filters/server_config_selector/server_config_selector_filter.cc - src/core/ext/transport/chttp2/alpn/alpn.cc - src/core/ext/transport/chttp2/client/chttp2_connector.cc - - src/core/ext/transport/chttp2/client/insecure/channel_create.cc - - src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc - - src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc - src/core/ext/transport/chttp2/server/chttp2_server.cc - - src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc - - src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc - - src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc - src/core/ext/transport/chttp2/transport/bin_decoder.cc - src/core/ext/transport/chttp2/transport/bin_encoder.cc - src/core/ext/transport/chttp2/transport/chttp2_plugin.cc @@ -1682,7 +1687,6 @@ libs: - src/core/lib/surface/completion_queue_factory.cc - src/core/lib/surface/event_string.cc - src/core/lib/surface/init.cc - - src/core/lib/surface/init_secure.cc - src/core/lib/surface/lame_client.cc - src/core/lib/surface/metadata_array.cc - src/core/lib/surface/server.cc @@ -1700,6 +1704,7 @@ libs: - src/core/lib/transport/transport_op_string.cc - src/core/lib/uri/uri_parser.cc - src/core/plugin_registry/grpc_plugin_registry.cc + - src/core/plugin_registry/grpc_plugin_registry_extra.cc - src/core/tsi/alts/crypt/aes_gcm.cc - src/core/tsi/alts/crypt/gsec.cc - src/core/tsi/alts/frame_protector/alts_counter.cc @@ -1901,7 +1906,6 @@ libs: - src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.h - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h - - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h - src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h - src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h @@ -1971,6 +1975,7 @@ libs: - src/core/ext/upb-generated/google/rpc/status.upb.h - src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h - src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h + - src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.h - src/core/ext/upb-generated/validate/validate.upb.h - src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h - src/core/lib/address_utils/parse_address.h @@ -2120,16 +2125,26 @@ libs: - src/core/lib/resource_quota/resource_quota.h - src/core/lib/resource_quota/thread_quota.h - src/core/lib/resource_quota/trace.h + - src/core/lib/security/authorization/authorization_engine.h + - src/core/lib/security/authorization/authorization_policy_provider.h + - src/core/lib/security/authorization/evaluate_args.h + - src/core/lib/security/authorization/sdk_server_authz_filter.h - src/core/lib/security/context/security_context.h - src/core/lib/security/credentials/channel_creds_registry.h - src/core/lib/security/credentials/composite/composite_credentials.h - src/core/lib/security/credentials/credentials.h + - src/core/lib/security/credentials/fake/fake_credentials.h - src/core/lib/security/credentials/plugin/plugin_credentials.h + - src/core/lib/security/credentials/tls/tls_utils.h + - src/core/lib/security/security_connector/fake/fake_security_connector.h + - src/core/lib/security/security_connector/load_system_roots.h + - src/core/lib/security/security_connector/load_system_roots_linux.h - src/core/lib/security/security_connector/security_connector.h - src/core/lib/security/transport/auth_filters.h - src/core/lib/security/transport/secure_endpoint.h - src/core/lib/security/transport/security_handshaker.h - src/core/lib/security/transport/tsi_error.h + - src/core/lib/security/util/json_util.h - src/core/lib/service_config/service_config.h - src/core/lib/service_config/service_config_call_data.h - src/core/lib/service_config/service_config_parser.h @@ -2168,6 +2183,7 @@ libs: - src/core/lib/transport/transport.h - src/core/lib/transport/transport_impl.h - src/core/lib/uri/uri_parser.h + - src/core/tsi/fake_transport_security.h - src/core/tsi/transport_security.h - src/core/tsi/transport_security_grpc.h - src/core/tsi/transport_security_interface.h @@ -2193,12 +2209,12 @@ libs: - src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc - - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.cc - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc - src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc - src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc - src/core/ext/filters/client_channel/lb_policy/priority/priority.cc - src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc + - src/core/ext/filters/client_channel/lb_policy/rls/rls.cc - src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc - src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc - src/core/ext/filters/client_channel/lb_policy_registry.cc @@ -2239,11 +2255,7 @@ libs: - src/core/ext/filters/message_size/message_size_filter.cc - src/core/ext/transport/chttp2/alpn/alpn.cc - src/core/ext/transport/chttp2/client/chttp2_connector.cc - - src/core/ext/transport/chttp2/client/insecure/channel_create.cc - - src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc - src/core/ext/transport/chttp2/server/chttp2_server.cc - - src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc - - src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc - src/core/ext/transport/chttp2/transport/bin_decoder.cc - src/core/ext/transport/chttp2/transport/bin_encoder.cc - src/core/ext/transport/chttp2/transport/chttp2_plugin.cc @@ -2281,6 +2293,7 @@ libs: - src/core/ext/upb-generated/google/rpc/status.upb.c - src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c - src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c + - src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.c - src/core/ext/upb-generated/validate/validate.upb.c - src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c - src/core/lib/address_utils/parse_address.cc @@ -2420,17 +2433,25 @@ libs: - src/core/lib/resource_quota/resource_quota.cc - src/core/lib/resource_quota/thread_quota.cc - src/core/lib/resource_quota/trace.cc - - src/core/lib/security/authorization/authorization_policy_provider_null_vtable.cc + - src/core/lib/security/authorization/authorization_policy_provider_vtable.cc + - src/core/lib/security/authorization/evaluate_args.cc + - src/core/lib/security/authorization/sdk_server_authz_filter.cc - src/core/lib/security/context/security_context.cc - src/core/lib/security/credentials/composite/composite_credentials.cc - src/core/lib/security/credentials/credentials.cc + - src/core/lib/security/credentials/fake/fake_credentials.cc - src/core/lib/security/credentials/plugin/plugin_credentials.cc + - src/core/lib/security/credentials/tls/tls_utils.cc + - src/core/lib/security/security_connector/fake/fake_security_connector.cc + - src/core/lib/security/security_connector/load_system_roots_fallback.cc + - src/core/lib/security/security_connector/load_system_roots_linux.cc - src/core/lib/security/security_connector/security_connector.cc - src/core/lib/security/transport/client_auth_filter.cc - src/core/lib/security/transport/secure_endpoint.cc - src/core/lib/security/transport/security_handshaker.cc - src/core/lib/security/transport/server_auth_filter.cc - src/core/lib/security/transport/tsi_error.cc + - src/core/lib/security/util/json_util.cc - src/core/lib/service_config/service_config.cc - src/core/lib/service_config/service_config_parser.cc - src/core/lib/slice/b64.cc @@ -2456,7 +2477,6 @@ libs: - src/core/lib/surface/completion_queue_factory.cc - src/core/lib/surface/event_string.cc - src/core/lib/surface/init.cc - - src/core/lib/surface/init_unsecure.cc - src/core/lib/surface/lame_client.cc - src/core/lib/surface/metadata_array.cc - src/core/lib/surface/server.cc @@ -2473,13 +2493,16 @@ libs: - src/core/lib/transport/transport.cc - src/core/lib/transport/transport_op_string.cc - src/core/lib/uri/uri_parser.cc - - src/core/plugin_registry/grpc_unsecure_plugin_registry.cc + - src/core/plugin_registry/grpc_plugin_registry.cc + - src/core/plugin_registry/grpc_plugin_registry_noextra.cc + - src/core/tsi/fake_transport_security.cc - src/core/tsi/transport_security.cc - src/core/tsi/transport_security_grpc.cc deps: - absl/container:flat_hash_map - absl/container:inlined_vector - absl/functional:bind_front + - absl/hash:hash - absl/status:statusor - absl/types:variant - absl/utility:utility @@ -3084,6 +3107,8 @@ libs: - include/grpcpp/support/time.h - include/grpcpp/support/validate_service_config.h headers: + - src/core/lib/security/security_connector/insecure/insecure_security_connector.h + - src/core/tsi/local_transport_security.h - src/cpp/client/create_channel_internal.h - src/cpp/common/channel_filter.h - src/cpp/server/dynamic_thread_pool.h @@ -3092,6 +3117,9 @@ libs: - src/cpp/server/thread_pool_interface.h - src/cpp/thread_manager/thread_manager.h src: + - src/core/lib/security/credentials/insecure/insecure_credentials.cc + - src/core/lib/security/security_connector/insecure/insecure_security_connector.cc + - src/core/tsi/local_transport_security.cc - src/cpp/client/channel_cc.cc - src/cpp/client/client_callback.cc - src/cpp/client/client_context.cc diff --git a/config.m4 b/config.m4 index 1173409355395..3e6788665047a 100644 --- a/config.m4 +++ b/config.m4 @@ -60,7 +60,6 @@ if test "$PHP_GRPC" != "no"; then src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc \ - src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc \ src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc \ @@ -117,13 +116,7 @@ if test "$PHP_GRPC" != "no"; then src/core/ext/filters/server_config_selector/server_config_selector_filter.cc \ src/core/ext/transport/chttp2/alpn/alpn.cc \ src/core/ext/transport/chttp2/client/chttp2_connector.cc \ - src/core/ext/transport/chttp2/client/insecure/channel_create.cc \ - src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc \ - src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc \ src/core/ext/transport/chttp2/server/chttp2_server.cc \ - src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc \ - src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc \ - src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc \ src/core/ext/transport/chttp2/transport/bin_decoder.cc \ src/core/ext/transport/chttp2/transport/bin_encoder.cc \ src/core/ext/transport/chttp2/transport/chttp2_plugin.cc \ @@ -709,7 +702,6 @@ if test "$PHP_GRPC" != "no"; then src/core/lib/surface/completion_queue_factory.cc \ src/core/lib/surface/event_string.cc \ src/core/lib/surface/init.cc \ - src/core/lib/surface/init_secure.cc \ src/core/lib/surface/lame_client.cc \ src/core/lib/surface/metadata_array.cc \ src/core/lib/surface/server.cc \ @@ -727,6 +719,7 @@ if test "$PHP_GRPC" != "no"; then src/core/lib/transport/transport_op_string.cc \ src/core/lib/uri/uri_parser.cc \ src/core/plugin_registry/grpc_plugin_registry.cc \ + src/core/plugin_registry/grpc_plugin_registry_extra.cc \ src/core/tsi/alts/crypt/aes_gcm.cc \ src/core/tsi/alts/crypt/gsec.cc \ src/core/tsi/alts/frame_protector/alts_counter.cc \ @@ -1202,11 +1195,7 @@ if test "$PHP_GRPC" != "no"; then PHP_ADD_BUILD_DIR($ext_builddir/src/core/ext/filters/server_config_selector) PHP_ADD_BUILD_DIR($ext_builddir/src/core/ext/transport/chttp2/alpn) PHP_ADD_BUILD_DIR($ext_builddir/src/core/ext/transport/chttp2/client) - PHP_ADD_BUILD_DIR($ext_builddir/src/core/ext/transport/chttp2/client/insecure) - PHP_ADD_BUILD_DIR($ext_builddir/src/core/ext/transport/chttp2/client/secure) PHP_ADD_BUILD_DIR($ext_builddir/src/core/ext/transport/chttp2/server) - PHP_ADD_BUILD_DIR($ext_builddir/src/core/ext/transport/chttp2/server/insecure) - PHP_ADD_BUILD_DIR($ext_builddir/src/core/ext/transport/chttp2/server/secure) PHP_ADD_BUILD_DIR($ext_builddir/src/core/ext/transport/chttp2/transport) PHP_ADD_BUILD_DIR($ext_builddir/src/core/ext/transport/inproc) PHP_ADD_BUILD_DIR($ext_builddir/src/core/ext/upb-generated/envoy/admin/v3) diff --git a/config.w32 b/config.w32 index 7790424e42bb7..eba85230be1f5 100644 --- a/config.w32 +++ b/config.w32 @@ -26,7 +26,6 @@ if (PHP_GRPC != "no") { "src\\core\\ext\\filters\\client_channel\\lb_policy\\grpclb\\client_load_reporting_filter.cc " + "src\\core\\ext\\filters\\client_channel\\lb_policy\\grpclb\\grpclb.cc " + "src\\core\\ext\\filters\\client_channel\\lb_policy\\grpclb\\grpclb_balancer_addresses.cc " + - "src\\core\\ext\\filters\\client_channel\\lb_policy\\grpclb\\grpclb_channel_secure.cc " + "src\\core\\ext\\filters\\client_channel\\lb_policy\\grpclb\\grpclb_client_stats.cc " + "src\\core\\ext\\filters\\client_channel\\lb_policy\\grpclb\\load_balancer_api.cc " + "src\\core\\ext\\filters\\client_channel\\lb_policy\\pick_first\\pick_first.cc " + @@ -83,13 +82,7 @@ if (PHP_GRPC != "no") { "src\\core\\ext\\filters\\server_config_selector\\server_config_selector_filter.cc " + "src\\core\\ext\\transport\\chttp2\\alpn\\alpn.cc " + "src\\core\\ext\\transport\\chttp2\\client\\chttp2_connector.cc " + - "src\\core\\ext\\transport\\chttp2\\client\\insecure\\channel_create.cc " + - "src\\core\\ext\\transport\\chttp2\\client\\insecure\\channel_create_posix.cc " + - "src\\core\\ext\\transport\\chttp2\\client\\secure\\secure_channel_create.cc " + "src\\core\\ext\\transport\\chttp2\\server\\chttp2_server.cc " + - "src\\core\\ext\\transport\\chttp2\\server\\insecure\\server_chttp2.cc " + - "src\\core\\ext\\transport\\chttp2\\server\\insecure\\server_chttp2_posix.cc " + - "src\\core\\ext\\transport\\chttp2\\server\\secure\\server_secure_chttp2.cc " + "src\\core\\ext\\transport\\chttp2\\transport\\bin_decoder.cc " + "src\\core\\ext\\transport\\chttp2\\transport\\bin_encoder.cc " + "src\\core\\ext\\transport\\chttp2\\transport\\chttp2_plugin.cc " + @@ -675,7 +668,6 @@ if (PHP_GRPC != "no") { "src\\core\\lib\\surface\\completion_queue_factory.cc " + "src\\core\\lib\\surface\\event_string.cc " + "src\\core\\lib\\surface\\init.cc " + - "src\\core\\lib\\surface\\init_secure.cc " + "src\\core\\lib\\surface\\lame_client.cc " + "src\\core\\lib\\surface\\metadata_array.cc " + "src\\core\\lib\\surface\\server.cc " + @@ -693,6 +685,7 @@ if (PHP_GRPC != "no") { "src\\core\\lib\\transport\\transport_op_string.cc " + "src\\core\\lib\\uri\\uri_parser.cc " + "src\\core\\plugin_registry\\grpc_plugin_registry.cc " + + "src\\core\\plugin_registry\\grpc_plugin_registry_extra.cc " + "src\\core\\tsi\\alts\\crypt\\aes_gcm.cc " + "src\\core\\tsi\\alts\\crypt\\gsec.cc " + "src\\core\\tsi\\alts\\frame_protector\\alts_counter.cc " + @@ -1203,11 +1196,7 @@ if (PHP_GRPC != "no") { FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\ext\\transport\\chttp2"); FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\ext\\transport\\chttp2\\alpn"); FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\ext\\transport\\chttp2\\client"); - FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\ext\\transport\\chttp2\\client\\insecure"); - FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\ext\\transport\\chttp2\\client\\secure"); FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\ext\\transport\\chttp2\\server"); - FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\ext\\transport\\chttp2\\server\\insecure"); - FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\ext\\transport\\chttp2\\server\\secure"); FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\ext\\transport\\chttp2\\transport"); FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\ext\\transport\\inproc"); FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\ext\\upb-generated"); diff --git a/gRPC-C++.podspec b/gRPC-C++.podspec index 610d3d97d1c5c..b29b703a658d6 100644 --- a/gRPC-C++.podspec +++ b/gRPC-C++.podspec @@ -232,7 +232,6 @@ Pod::Spec.new do |s| 'src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.h', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h', - 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h', 'src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h', 'src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h', @@ -1049,7 +1048,6 @@ Pod::Spec.new do |s| 'src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.h', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h', - 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h', 'src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h', 'src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h', diff --git a/gRPC-Core.podspec b/gRPC-Core.podspec index 910b0e38ffc79..78b910a97f830 100644 --- a/gRPC-Core.podspec +++ b/gRPC-Core.podspec @@ -229,8 +229,6 @@ Pod::Spec.new do |s| 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h', - 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h', - 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h', 'src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc', @@ -327,14 +325,8 @@ Pod::Spec.new do |s| 'src/core/ext/transport/chttp2/alpn/alpn.h', 'src/core/ext/transport/chttp2/client/chttp2_connector.cc', 'src/core/ext/transport/chttp2/client/chttp2_connector.h', - 'src/core/ext/transport/chttp2/client/insecure/channel_create.cc', - 'src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc', - 'src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc', 'src/core/ext/transport/chttp2/server/chttp2_server.cc', 'src/core/ext/transport/chttp2/server/chttp2_server.h', - 'src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc', - 'src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc', - 'src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc', 'src/core/ext/transport/chttp2/transport/bin_decoder.cc', 'src/core/ext/transport/chttp2/transport/bin_decoder.h', 'src/core/ext/transport/chttp2/transport/bin_encoder.cc', @@ -1490,7 +1482,6 @@ Pod::Spec.new do |s| 'src/core/lib/surface/event_string.h', 'src/core/lib/surface/init.cc', 'src/core/lib/surface/init.h', - 'src/core/lib/surface/init_secure.cc', 'src/core/lib/surface/lame_client.cc', 'src/core/lib/surface/lame_client.h', 'src/core/lib/surface/metadata_array.cc', @@ -1524,6 +1515,7 @@ Pod::Spec.new do |s| 'src/core/lib/uri/uri_parser.cc', 'src/core/lib/uri/uri_parser.h', 'src/core/plugin_registry/grpc_plugin_registry.cc', + 'src/core/plugin_registry/grpc_plugin_registry_extra.cc', 'src/core/tsi/alts/crypt/aes_gcm.cc', 'src/core/tsi/alts/crypt/gsec.cc', 'src/core/tsi/alts/crypt/gsec.h', @@ -1674,7 +1666,6 @@ Pod::Spec.new do |s| 'src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.h', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h', - 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h', 'src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h', 'src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h', diff --git a/grpc.def b/grpc.def index e1e7f28930274..9a605619c77fe 100644 --- a/grpc.def +++ b/grpc.def @@ -45,7 +45,9 @@ EXPORTS grpc_channel_get_target grpc_channel_get_info grpc_channel_reset_connect_backoff - grpc_insecure_channel_create + grpc_channel_credentials_release + grpc_server_credentials_release + grpc_channel_create grpc_lame_client_channel_create grpc_channel_destroy grpc_call_cancel @@ -61,7 +63,7 @@ EXPORTS grpc_server_config_fetcher_xds_create grpc_server_config_fetcher_destroy grpc_server_set_config_fetcher - grpc_server_add_insecure_http2_port + grpc_server_add_http2_port grpc_server_start grpc_server_shutdown_and_notify grpc_server_cancel_all_calls @@ -86,8 +88,8 @@ EXPORTS grpc_channelz_get_subchannel grpc_channelz_get_socket grpc_authorization_policy_provider_arg_vtable - grpc_insecure_channel_create_from_fd - grpc_server_add_insecure_channel_from_fd + grpc_channel_create_from_fd + grpc_server_add_channel_from_fd grpc_auth_property_iterator_next grpc_auth_context_property_iterator grpc_auth_context_peer_identity @@ -103,7 +105,6 @@ EXPORTS grpc_ssl_session_cache_destroy grpc_ssl_session_cache_create_channel_arg grpc_call_credentials_release - grpc_channel_credentials_release grpc_google_default_credentials_create grpc_set_ssl_roots_override_callback grpc_ssl_credentials_create @@ -121,8 +122,6 @@ EXPORTS grpc_auth_metadata_context_copy grpc_auth_metadata_context_reset grpc_metadata_credentials_create_from_plugin - grpc_secure_channel_create - grpc_server_credentials_release grpc_ssl_server_certificate_config_create grpc_ssl_server_certificate_config_destroy grpc_ssl_server_credentials_create @@ -131,7 +130,6 @@ EXPORTS grpc_ssl_server_credentials_create_options_using_config_fetcher grpc_ssl_server_credentials_options_destroy grpc_ssl_server_credentials_create_with_options - grpc_server_add_secure_http2_port grpc_call_set_credentials grpc_server_credentials_set_auth_metadata_processor grpc_alts_credentials_client_options_create @@ -158,6 +156,8 @@ EXPORTS grpc_tls_credentials_options_set_crl_directory grpc_tls_credentials_options_set_verify_server_cert grpc_tls_credentials_options_set_check_call_host + grpc_insecure_credentials_create + grpc_insecure_server_credentials_create grpc_xds_credentials_create grpc_xds_server_credentials_create grpc_authorization_policy_provider_static_data_create diff --git a/grpc.gemspec b/grpc.gemspec index 8e915b64f24e0..41c08b2bdc359 100644 --- a/grpc.gemspec +++ b/grpc.gemspec @@ -148,8 +148,6 @@ Gem::Specification.new do |s| s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h ) s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc ) s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h ) - s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h ) - s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc ) s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc ) s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h ) s.files += %w( src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc ) @@ -246,14 +244,8 @@ Gem::Specification.new do |s| s.files += %w( src/core/ext/transport/chttp2/alpn/alpn.h ) s.files += %w( src/core/ext/transport/chttp2/client/chttp2_connector.cc ) s.files += %w( src/core/ext/transport/chttp2/client/chttp2_connector.h ) - s.files += %w( src/core/ext/transport/chttp2/client/insecure/channel_create.cc ) - s.files += %w( src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc ) - s.files += %w( src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc ) s.files += %w( src/core/ext/transport/chttp2/server/chttp2_server.cc ) s.files += %w( src/core/ext/transport/chttp2/server/chttp2_server.h ) - s.files += %w( src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc ) - s.files += %w( src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc ) - s.files += %w( src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc ) s.files += %w( src/core/ext/transport/chttp2/transport/bin_decoder.cc ) s.files += %w( src/core/ext/transport/chttp2/transport/bin_decoder.h ) s.files += %w( src/core/ext/transport/chttp2/transport/bin_encoder.cc ) @@ -1409,7 +1401,6 @@ Gem::Specification.new do |s| s.files += %w( src/core/lib/surface/event_string.h ) s.files += %w( src/core/lib/surface/init.cc ) s.files += %w( src/core/lib/surface/init.h ) - s.files += %w( src/core/lib/surface/init_secure.cc ) s.files += %w( src/core/lib/surface/lame_client.cc ) s.files += %w( src/core/lib/surface/lame_client.h ) s.files += %w( src/core/lib/surface/metadata_array.cc ) @@ -1443,6 +1434,7 @@ Gem::Specification.new do |s| s.files += %w( src/core/lib/uri/uri_parser.cc ) s.files += %w( src/core/lib/uri/uri_parser.h ) s.files += %w( src/core/plugin_registry/grpc_plugin_registry.cc ) + s.files += %w( src/core/plugin_registry/grpc_plugin_registry_extra.cc ) s.files += %w( src/core/tsi/alts/crypt/aes_gcm.cc ) s.files += %w( src/core/tsi/alts/crypt/gsec.cc ) s.files += %w( src/core/tsi/alts/crypt/gsec.h ) diff --git a/grpc.gyp b/grpc.gyp index 4f92b0231010a..af333be544155 100644 --- a/grpc.gyp +++ b/grpc.gyp @@ -492,7 +492,6 @@ 'src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc', - 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc', 'src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc', @@ -549,13 +548,7 @@ 'src/core/ext/filters/server_config_selector/server_config_selector_filter.cc', 'src/core/ext/transport/chttp2/alpn/alpn.cc', 'src/core/ext/transport/chttp2/client/chttp2_connector.cc', - 'src/core/ext/transport/chttp2/client/insecure/channel_create.cc', - 'src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc', - 'src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc', 'src/core/ext/transport/chttp2/server/chttp2_server.cc', - 'src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc', - 'src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc', - 'src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc', 'src/core/ext/transport/chttp2/transport/bin_decoder.cc', 'src/core/ext/transport/chttp2/transport/bin_encoder.cc', 'src/core/ext/transport/chttp2/transport/chttp2_plugin.cc', @@ -1097,7 +1090,6 @@ 'src/core/lib/surface/completion_queue_factory.cc', 'src/core/lib/surface/event_string.cc', 'src/core/lib/surface/init.cc', - 'src/core/lib/surface/init_secure.cc', 'src/core/lib/surface/lame_client.cc', 'src/core/lib/surface/metadata_array.cc', 'src/core/lib/surface/server.cc', @@ -1115,6 +1107,7 @@ 'src/core/lib/transport/transport_op_string.cc', 'src/core/lib/uri/uri_parser.cc', 'src/core/plugin_registry/grpc_plugin_registry.cc', + 'src/core/plugin_registry/grpc_plugin_registry_extra.cc', 'src/core/tsi/alts/crypt/aes_gcm.cc', 'src/core/tsi/alts/crypt/gsec.cc', 'src/core/tsi/alts/frame_protector/alts_counter.cc', @@ -1229,6 +1222,7 @@ 'absl/container:flat_hash_map', 'absl/container:inlined_vector', 'absl/functional:bind_front', + 'absl/hash:hash', 'absl/status:statusor', 'absl/types:variant', 'absl/utility:utility', @@ -1256,12 +1250,12 @@ 'src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc', - 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc', 'src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc', 'src/core/ext/filters/client_channel/lb_policy/priority/priority.cc', 'src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc', + 'src/core/ext/filters/client_channel/lb_policy/rls/rls.cc', 'src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc', 'src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc', 'src/core/ext/filters/client_channel/lb_policy_registry.cc', @@ -1302,11 +1296,7 @@ 'src/core/ext/filters/message_size/message_size_filter.cc', 'src/core/ext/transport/chttp2/alpn/alpn.cc', 'src/core/ext/transport/chttp2/client/chttp2_connector.cc', - 'src/core/ext/transport/chttp2/client/insecure/channel_create.cc', - 'src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc', 'src/core/ext/transport/chttp2/server/chttp2_server.cc', - 'src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc', - 'src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc', 'src/core/ext/transport/chttp2/transport/bin_decoder.cc', 'src/core/ext/transport/chttp2/transport/bin_encoder.cc', 'src/core/ext/transport/chttp2/transport/chttp2_plugin.cc', @@ -1344,6 +1334,7 @@ 'src/core/ext/upb-generated/google/rpc/status.upb.c', 'src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c', 'src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c', + 'src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.c', 'src/core/ext/upb-generated/validate/validate.upb.c', 'src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c', 'src/core/lib/address_utils/parse_address.cc', @@ -1483,17 +1474,25 @@ 'src/core/lib/resource_quota/resource_quota.cc', 'src/core/lib/resource_quota/thread_quota.cc', 'src/core/lib/resource_quota/trace.cc', - 'src/core/lib/security/authorization/authorization_policy_provider_null_vtable.cc', + 'src/core/lib/security/authorization/authorization_policy_provider_vtable.cc', + 'src/core/lib/security/authorization/evaluate_args.cc', + 'src/core/lib/security/authorization/sdk_server_authz_filter.cc', 'src/core/lib/security/context/security_context.cc', 'src/core/lib/security/credentials/composite/composite_credentials.cc', 'src/core/lib/security/credentials/credentials.cc', + 'src/core/lib/security/credentials/fake/fake_credentials.cc', 'src/core/lib/security/credentials/plugin/plugin_credentials.cc', + 'src/core/lib/security/credentials/tls/tls_utils.cc', + 'src/core/lib/security/security_connector/fake/fake_security_connector.cc', + 'src/core/lib/security/security_connector/load_system_roots_fallback.cc', + 'src/core/lib/security/security_connector/load_system_roots_linux.cc', 'src/core/lib/security/security_connector/security_connector.cc', 'src/core/lib/security/transport/client_auth_filter.cc', 'src/core/lib/security/transport/secure_endpoint.cc', 'src/core/lib/security/transport/security_handshaker.cc', 'src/core/lib/security/transport/server_auth_filter.cc', 'src/core/lib/security/transport/tsi_error.cc', + 'src/core/lib/security/util/json_util.cc', 'src/core/lib/service_config/service_config.cc', 'src/core/lib/service_config/service_config_parser.cc', 'src/core/lib/slice/b64.cc', @@ -1519,7 +1518,6 @@ 'src/core/lib/surface/completion_queue_factory.cc', 'src/core/lib/surface/event_string.cc', 'src/core/lib/surface/init.cc', - 'src/core/lib/surface/init_unsecure.cc', 'src/core/lib/surface/lame_client.cc', 'src/core/lib/surface/metadata_array.cc', 'src/core/lib/surface/server.cc', @@ -1536,7 +1534,9 @@ 'src/core/lib/transport/transport.cc', 'src/core/lib/transport/transport_op_string.cc', 'src/core/lib/uri/uri_parser.cc', - 'src/core/plugin_registry/grpc_unsecure_plugin_registry.cc', + 'src/core/plugin_registry/grpc_plugin_registry.cc', + 'src/core/plugin_registry/grpc_plugin_registry_noextra.cc', + 'src/core/tsi/fake_transport_security.cc', 'src/core/tsi/transport_security.cc', 'src/core/tsi/transport_security_grpc.cc', ], @@ -1715,6 +1715,9 @@ 'grpc_unsecure', ], 'sources': [ + 'src/core/lib/security/credentials/insecure/insecure_credentials.cc', + 'src/core/lib/security/security_connector/insecure/insecure_security_connector.cc', + 'src/core/tsi/local_transport_security.cc', 'src/cpp/client/channel_cc.cc', 'src/cpp/client/client_callback.cc', 'src/cpp/client/client_context.cc', diff --git a/include/grpc/grpc.h b/include/grpc/grpc.h index 136a4e5273f6b..0d863b9ad52c5 100644 --- a/include/grpc/grpc.h +++ b/include/grpc/grpc.h @@ -295,15 +295,41 @@ GRPCAPI void grpc_channel_get_info(grpc_channel* channel, to non-experimental or remove it. */ GRPCAPI void grpc_channel_reset_connect_backoff(grpc_channel* channel); -/** Create a client channel to 'target'. Additional channel level configuration - MAY be provided by grpc_channel_args, though the expectation is that most - clients will want to simply pass NULL. The user data in 'args' need only - live through the invocation of this function. However, if any args of the - 'pointer' type are passed, then the referenced vtable must be maintained - by the caller until grpc_channel_destroy terminates. See grpc_channel_args - definition for more on this. */ -GRPCAPI grpc_channel* grpc_insecure_channel_create( - const char* target, const grpc_channel_args* args, void* reserved); +/** --- grpc_channel_credentials object. --- + + A channel credentials object represents a way to authenticate a client on a + channel. Different types of channel credentials are declared in + grpc_security.h. */ + +typedef struct grpc_channel_credentials grpc_channel_credentials; + +/** Releases a channel credentials object. + The creator of the credentials object is responsible for its release. */ + +GRPCAPI void grpc_channel_credentials_release(grpc_channel_credentials* creds); + +/** --- grpc_server_credentials object. --- + + A server credentials object represents a way to authenticate a server. + Different types of server credentials are declared in grpc_security.h. */ + +typedef struct grpc_server_credentials grpc_server_credentials; + +/** Releases a server_credentials object. + The creator of the server_credentials object is responsible for its release. + */ +GRPCAPI void grpc_server_credentials_release(grpc_server_credentials* creds); + +/** Creates a secure channel using the passed-in credentials. Additional + channel level configuration MAY be provided by grpc_channel_args, though + the expectation is that most clients will want to simply pass NULL. The + user data in 'args' need only live through the invocation of this function. + However, if any args of the 'pointer' type are passed, then the referenced + vtable must be maintained by the caller until grpc_channel_destroy + terminates. See grpc_channel_args definition for more on this. */ +GRPCAPI grpc_channel* grpc_channel_create(const char* target, + grpc_channel_credentials* creds, + const grpc_channel_args* args); /** Create a lame client: this client fails every operation attempted on it. */ GRPCAPI grpc_channel* grpc_lame_client_channel_create( @@ -444,11 +470,11 @@ GRPCAPI void grpc_server_config_fetcher_destroy( GRPCAPI void grpc_server_set_config_fetcher( grpc_server* server, grpc_server_config_fetcher* config_fetcher); -/** Add a HTTP2 over plaintext over tcp listener. - Returns bound port number on success, 0 on failure. - REQUIRES: server not started */ -GRPCAPI int grpc_server_add_insecure_http2_port(grpc_server* server, - const char* addr); +/** Add a HTTP2 over an encrypted link over tcp listener. + Returns bound port number on success, 0 on failure. + REQUIRES: server not started */ +GRPCAPI int grpc_server_add_http2_port(grpc_server* server, const char* addr, + grpc_server_credentials* creds); /** Start a server - tells all listeners to start listening */ GRPCAPI void grpc_server_start(grpc_server* server); diff --git a/include/grpc/grpc_posix.h b/include/grpc/grpc_posix.h index 4f1c8f5487cee..797e3c5bebd17 100644 --- a/include/grpc/grpc_posix.h +++ b/include/grpc/grpc_posix.h @@ -23,6 +23,7 @@ #include +#include #include #ifdef __cplusplus @@ -35,25 +36,25 @@ extern "C" { * functionality on top of GRPC Core. */ -/** Create a client channel to 'target' using file descriptor 'fd'. The 'target' - argument will be used to indicate the name for this channel. See the comment - for grpc_insecure_channel_create for description of 'args' argument. */ -GRPCAPI grpc_channel* grpc_insecure_channel_create_from_fd( - const char* target, int fd, const grpc_channel_args* args); - -/** Add the connected communication channel based on file descriptor 'fd' to the - 'server'. The 'fd' must be an open file descriptor corresponding to a - connected socket. Events from the file descriptor may come on any of the - server completion queues (i.e completion queues registered via the - grpc_server_register_completion_queue API). - - The 'reserved' pointer MUST be NULL. - - TODO(hork): add channel_args to this API to allow endpoints and transports - created in this function to participate in the resource quota feature. - */ -GRPCAPI void grpc_server_add_insecure_channel_from_fd(grpc_server* server, - void* reserved, int fd); +/** Create a secure channel to 'target' using file descriptor 'fd' and passed-in + credentials. The 'target' argument will be used to indicate the name for + this channel. Note that this API currently only supports insecure channel + credentials. Using other types of credentials will result in a failure. */ +GRPCAPI grpc_channel* grpc_channel_create_from_fd( + const char* target, int fd, grpc_channel_credentials* creds, + const grpc_channel_args* args); + +/** Add the connected secure communication channel based on file descriptor 'fd' + to the 'server' and server credentials 'creds'. The 'fd' must be an open file + descriptor corresponding to a connected socket. Events from the file + descriptor may come on any of the server completion queues (i.e completion + queues registered via the grpc_server_register_completion_queue API). + Note that this API currently only supports inseure server credentials + Using other types of credentials will result in a failure. + TODO(hork): add channel_args to this API to allow endpoints and transports + created in this function to participate in the resource quota feature. */ +GRPCAPI void grpc_server_add_channel_from_fd(grpc_server* server, int fd, + grpc_server_credentials* creds); #ifdef __cplusplus } diff --git a/include/grpc/grpc_security.h b/include/grpc/grpc_security.h index 2b35bfacbb5c7..6f86d1894ce9a 100644 --- a/include/grpc/grpc_security.h +++ b/include/grpc/grpc_security.h @@ -131,17 +131,6 @@ typedef struct grpc_call_credentials grpc_call_credentials; The creator of the credentials object is responsible for its release. */ GRPCAPI void grpc_call_credentials_release(grpc_call_credentials* creds); -/** --- grpc_channel_credentials object. --- - - A channel credentials object represents a way to authenticate a client on a - channel. */ - -typedef struct grpc_channel_credentials grpc_channel_credentials; - -/** Releases a channel credentials object. - The creator of the credentials object is responsible for its release. */ -GRPCAPI void grpc_channel_credentials_release(grpc_channel_credentials* creds); - /** Creates default credentials to connect to a google gRPC service. WARNING: Do NOT use this credentials to connect to a non-google service as this could result in an oauth2 token leak. The security level of the @@ -478,30 +467,6 @@ GRPCAPI grpc_call_credentials* grpc_metadata_credentials_create_from_plugin( grpc_metadata_credentials_plugin plugin, grpc_security_level min_security_level, void* reserved); -/** --- Secure channel creation. --- */ - -/** Creates a secure channel using the passed-in credentials. Additional - channel level configuration MAY be provided by grpc_channel_args, though - the expectation is that most clients will want to simply pass NULL. The - user data in 'args' need only live through the invocation of this function. - However, if any args of the 'pointer' type are passed, then the referenced - vtable must be maintained by the caller until grpc_channel_destroy - terminates. See grpc_channel_args definition for more on this. */ -GRPCAPI grpc_channel* grpc_secure_channel_create( - grpc_channel_credentials* creds, const char* target, - const grpc_channel_args* args, void* reserved); - -/** --- grpc_server_credentials object. --- - - A server credentials object represents a way to authenticate a server. */ - -typedef struct grpc_server_credentials grpc_server_credentials; - -/** Releases a server_credentials object. - The creator of the server_credentials object is responsible for its release. - */ -GRPCAPI void grpc_server_credentials_release(grpc_server_credentials* creds); - /** Server certificate config object holds the server's public certificates and associated private keys, as well as any CA certificates needed for client certificate validation (if applicable). Create using @@ -599,15 +564,6 @@ GRPCAPI grpc_server_credentials* grpc_ssl_server_credentials_create_with_options( grpc_ssl_server_credentials_options* options); -/** --- Server-side secure ports. --- */ - -/** Add a HTTP2 over an encrypted link over tcp listener. - Returns bound port number on success, 0 on failure. - REQUIRES: server not started */ -GRPCAPI int grpc_server_add_secure_http2_port(grpc_server* server, - const char* addr, - grpc_server_credentials* creds); - /** --- Call specific credentials. --- */ /** Sets a credentials to a call. Can only be called on the client side before @@ -1187,14 +1143,14 @@ grpc_server_credentials* grpc_tls_server_credentials_create( * * This method creates an insecure channel credentials object. */ -grpc_channel_credentials* grpc_insecure_credentials_create(); +GRPCAPI grpc_channel_credentials* grpc_insecure_credentials_create(); /** * EXPERIMENTAL API - Subject to change * * This method creates an insecure server credentials object. */ -grpc_server_credentials* grpc_insecure_server_credentials_create(); +GRPCAPI grpc_server_credentials* grpc_insecure_server_credentials_create(); /** * EXPERIMENTAL API - Subject to change diff --git a/include/grpcpp/security/authorization_policy_provider.h b/include/grpcpp/security/authorization_policy_provider.h index 883dc1a03c7d5..1718db4a41259 100644 --- a/include/grpcpp/security/authorization_policy_provider.h +++ b/include/grpcpp/security/authorization_policy_provider.h @@ -17,14 +17,10 @@ #include +#include #include #include -// TODO(yihuazhang): remove the forward declarations here and include -// directly once the insecure builds are cleaned up. -typedef struct grpc_authorization_policy_provider - grpc_authorization_policy_provider; - namespace grpc { namespace experimental { diff --git a/include/grpcpp/security/tls_certificate_provider.h b/include/grpcpp/security/tls_certificate_provider.h index 6569650751edc..bbef455f74028 100644 --- a/include/grpcpp/security/tls_certificate_provider.h +++ b/include/grpcpp/security/tls_certificate_provider.h @@ -20,16 +20,13 @@ #include #include +#include #include #include #include #include #include -// TODO(yihuazhang): remove the forward declaration here and include -// directly once the insecure builds are cleaned up. -typedef struct grpc_tls_certificate_provider grpc_tls_certificate_provider; - namespace grpc { namespace experimental { diff --git a/include/grpcpp/security/tls_credentials_options.h b/include/grpcpp/security/tls_credentials_options.h index 9e60c1b80341a..220c9533f6713 100644 --- a/include/grpcpp/security/tls_credentials_options.h +++ b/include/grpcpp/security/tls_credentials_options.h @@ -22,6 +22,7 @@ #include #include +#include #include #include #include @@ -29,16 +30,6 @@ #include #include -// TODO(yihuazhang): remove the forward declaration here and include -// directly once the insecure builds are cleaned up. -typedef struct grpc_tls_server_authorization_check_arg - grpc_tls_server_authorization_check_arg; -typedef struct grpc_tls_server_authorization_check_config - grpc_tls_server_authorization_check_config; -typedef struct grpc_tls_credentials_options grpc_tls_credentials_options; -typedef struct grpc_tls_certificate_provider grpc_tls_certificate_provider; -typedef struct grpc_tls_certificate_verifier grpc_tls_certificate_verifier; - namespace grpc { namespace experimental { diff --git a/package.xml b/package.xml index 0583f76621c6b..8e803c3f91e65 100644 --- a/package.xml +++ b/package.xml @@ -128,8 +128,6 @@ - - @@ -226,14 +224,8 @@ - - - - - - @@ -1389,7 +1381,6 @@ - @@ -1423,6 +1414,7 @@ + diff --git a/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc b/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc index fa4c6b154942c..69c33fcf993c4 100644 --- a/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +++ b/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc @@ -66,6 +66,7 @@ #include #include +#include #include #include #include @@ -74,7 +75,6 @@ #include "src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h" #include "src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.h" #include "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h" -#include "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h" #include "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h" #include "src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h" #include "src/core/ext/filters/client_channel/lb_policy_factory.h" @@ -96,6 +96,7 @@ #include "src/core/lib/iomgr/socket_utils.h" #include "src/core/lib/iomgr/timer.h" #include "src/core/lib/resolver/server_address.h" +#include "src/core/lib/security/credentials/credentials.h" #include "src/core/lib/slice/slice_internal.h" #include "src/core/lib/slice/slice_string_helpers.h" #include "src/core/lib/surface/call.h" @@ -1313,9 +1314,21 @@ grpc_channel_args* BuildBalancerChannelArgs( // Don't want to pass down channelz node from parent; the balancer // channel will get its own. GRPC_ARG_CHANNELZ_CHANNEL_NODE, + // Remove the channel args for channel credentials and replace it + // with a version that does not contain call credentials. The loadbalancer + // is not necessarily trusted to handle bearer token credentials. + GRPC_ARG_CHANNEL_CREDENTIALS, }; + // Create channel args for channel credentials that does not contain bearer + // token credentials. + grpc_channel_credentials* channel_credentials = + grpc_channel_credentials_find_in_args(args); + GPR_ASSERT(channel_credentials != nullptr); + RefCountedPtr creds_sans_call_creds = + channel_credentials->duplicate_without_call_credentials(); + GPR_ASSERT(creds_sans_call_creds != nullptr); // Channel args to add. - absl::InlinedVector args_to_add = { + absl::InlinedVector args_to_add = { // The fake resolver response generator, which we use to inject // address updates into the LB channel. FakeResolverResponseGenerator::MakeChannelArg(response_generator), @@ -1325,13 +1338,13 @@ grpc_channel_args* BuildBalancerChannelArgs( // Tells channelz that this is an internal channel. grpc_channel_arg_integer_create( const_cast(GRPC_ARG_CHANNELZ_IS_INTERNAL_CHANNEL), 1), + // A channel args for new channel credentials that does not contain bearer + // tokens. + grpc_channel_credentials_to_arg(creds_sans_call_creds.get()), }; - // Construct channel args. - grpc_channel_args* new_args = grpc_channel_args_copy_and_add_and_remove( + return grpc_channel_args_copy_and_add_and_remove( args, args_to_remove, GPR_ARRAY_SIZE(args_to_remove), args_to_add.data(), args_to_add.size()); - // Make any necessary modifications for security. - return ModifyGrpclbBalancerChannelArgs(new_args); } // @@ -1495,9 +1508,15 @@ void GrpcLb::UpdateBalancerChannelLocked(const grpc_channel_args& args) { // Create balancer channel if needed. if (lb_channel_ == nullptr) { std::string uri_str = absl::StrCat("fake:///", server_name_); - lb_channel_ = - CreateGrpclbBalancerChannel(uri_str.c_str(), *lb_channel_args); + grpc_channel_credentials* creds = + grpc_channel_credentials_find_in_args(lb_channel_args); + GPR_ASSERT(creds != nullptr); + const char* arg_to_remove = GRPC_ARG_CHANNEL_CREDENTIALS; + grpc_channel_args* new_args = + grpc_channel_args_copy_and_remove(lb_channel_args, &arg_to_remove, 1); + lb_channel_ = grpc_channel_create(uri_str.c_str(), creds, new_args); GPR_ASSERT(lb_channel_ != nullptr); + grpc_channel_args_destroy(new_args); // Set up channelz linkage. channelz::ChannelNode* child_channelz_node = grpc_channel_get_channelz_node(lb_channel_); diff --git a/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.cc b/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.cc deleted file mode 100644 index b8b4889ee4706..0000000000000 --- a/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.cc +++ /dev/null @@ -1,36 +0,0 @@ -/* - * - * Copyright 2017 gRPC authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#include - -#include "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h" - -#include - -namespace grpc_core { - -grpc_channel_args* ModifyGrpclbBalancerChannelArgs(grpc_channel_args* args) { - return args; -} - -grpc_channel* CreateGrpclbBalancerChannel(const char* target_uri, - const grpc_channel_args& args) { - return grpc_insecure_channel_create(target_uri, &args, nullptr); -} - -} // namespace grpc_core diff --git a/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h b/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h deleted file mode 100644 index d737b9ecb4b52..0000000000000 --- a/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +++ /dev/null @@ -1,44 +0,0 @@ -/* - * - * Copyright 2017 gRPC authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#ifndef GRPC_CORE_EXT_FILTERS_CLIENT_CHANNEL_LB_POLICY_GRPCLB_GRPCLB_CHANNEL_H -#define GRPC_CORE_EXT_FILTERS_CLIENT_CHANNEL_LB_POLICY_GRPCLB_GRPCLB_CHANNEL_H - -#include - -#include - -#include "src/core/lib/resolver/server_address.h" - -namespace grpc_core { - -/// Makes any necessary modifications to \a args for use in the grpclb -/// balancer channel. -/// -/// Takes ownership of \a args. -/// -/// Caller takes ownership of the returned args. -grpc_channel_args* ModifyGrpclbBalancerChannelArgs(grpc_channel_args* args); - -grpc_channel* CreateGrpclbBalancerChannel(const char* target_uri, - const grpc_channel_args& args); - -} // namespace grpc_core - -#endif /* GRPC_CORE_EXT_FILTERS_CLIENT_CHANNEL_LB_POLICY_GRPCLB_GRPCLB_CHANNEL_H \ - */ diff --git a/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc b/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc deleted file mode 100644 index 2707eead7b922..0000000000000 --- a/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +++ /dev/null @@ -1,83 +0,0 @@ -/* - * - * Copyright 2017 gRPC authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#include - -#include - -#include "absl/container/inlined_vector.h" - -#include -#include -#include - -#include "src/core/ext/filters/client_channel/client_channel.h" -#include "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h" -#include "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h" -#include "src/core/lib/address_utils/sockaddr_utils.h" -#include "src/core/lib/channel/channel_args.h" -#include "src/core/lib/gpr/string.h" -#include "src/core/lib/resolver/server_address.h" -#include "src/core/lib/security/credentials/credentials.h" -#include "src/core/lib/slice/slice_internal.h" - -namespace grpc_core { - -grpc_channel_args* ModifyGrpclbBalancerChannelArgs(grpc_channel_args* args) { - absl::InlinedVector args_to_remove; - absl::InlinedVector args_to_add; - // Substitute the channel credentials with a version without call - // credentials: the load balancer is not necessarily trusted to handle - // bearer token credentials. - grpc_channel_credentials* channel_credentials = - grpc_channel_credentials_find_in_args(args); - RefCountedPtr creds_sans_call_creds; - if (channel_credentials != nullptr) { - creds_sans_call_creds = - channel_credentials->duplicate_without_call_credentials(); - GPR_ASSERT(creds_sans_call_creds != nullptr); - args_to_remove.emplace_back(GRPC_ARG_CHANNEL_CREDENTIALS); - args_to_add.emplace_back( - grpc_channel_credentials_to_arg(creds_sans_call_creds.get())); - } - grpc_channel_args* result = grpc_channel_args_copy_and_add_and_remove( - args, args_to_remove.data(), args_to_remove.size(), args_to_add.data(), - args_to_add.size()); - // Clean up. - grpc_channel_args_destroy(args); - return result; -} - -grpc_channel* CreateGrpclbBalancerChannel(const char* target_uri, - const grpc_channel_args& args) { - grpc_channel_credentials* creds = - grpc_channel_credentials_find_in_args(&args); - if (creds == nullptr) { - // Build with security but parent channel is insecure. - return grpc_insecure_channel_create(target_uri, &args, nullptr); - } - const char* arg_to_remove = GRPC_ARG_CHANNEL_CREDENTIALS; - grpc_channel_args* new_args = - grpc_channel_args_copy_and_remove(&args, &arg_to_remove, 1); - grpc_channel* channel = - grpc_secure_channel_create(creds, target_uri, new_args, nullptr); - grpc_channel_args_destroy(new_args); - return channel; -} - -} // namespace grpc_core diff --git a/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc b/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc index 72879a877661d..08f090fdfe47e 100644 --- a/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +++ b/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc @@ -43,6 +43,7 @@ #include "absl/strings/strip.h" #include "upb/upb.hpp" +#include #include #include #include @@ -1548,9 +1549,8 @@ RlsLb::RlsChannel::RlsChannel(RefCountedPtr lb_policy) const_cast(GRPC_ARG_SERVICE_CONFIG_DISABLE_RESOLUTION), 1)); } grpc_channel_args rls_channel_args = {args.size(), args.data()}; - channel_ = grpc_secure_channel_create( - creds, lb_policy_->config_->lookup_service().c_str(), &rls_channel_args, - nullptr); + channel_ = grpc_channel_create(lb_policy_->config_->lookup_service().c_str(), + creds, &rls_channel_args); if (GRPC_TRACE_FLAG_ENABLED(grpc_lb_rls_trace)) { gpr_log(GPR_INFO, "[rlslb %p] RlsChannel=%p: created channel %p for %s", lb_policy_.get(), this, channel_, diff --git a/src/core/ext/transport/binder/client/channel_create_impl.cc b/src/core/ext/transport/binder/client/channel_create_impl.cc index 4a6d609484790..843e3113d8e6f 100644 --- a/src/core/ext/transport/binder/client/channel_create_impl.cc +++ b/src/core/ext/transport/binder/client/channel_create_impl.cc @@ -60,9 +60,9 @@ grpc_channel* CreateDirectBinderChannelImplForTesting( grpc_channel_args* final_args = grpc_channel_args_copy_and_add(args, &default_authority_arg, 1); grpc_error_handle error = GRPC_ERROR_NONE; - grpc_channel* channel = - grpc_channel_create("binder_target_placeholder", final_args, - GRPC_CLIENT_DIRECT_CHANNEL, transport, &error); + grpc_channel* channel = grpc_channel_create_internal( + "binder_target_placeholder", final_args, GRPC_CLIENT_DIRECT_CHANNEL, + transport, &error); // TODO(mingcl): Handle error properly GPR_ASSERT(error == GRPC_ERROR_NONE); grpc_channel_args_destroy(args); @@ -87,10 +87,9 @@ grpc_channel* CreateClientBinderChannelImpl(const grpc_channel_args* args) { args, &arg_to_remove, 1, &channel_factory_arg, 1); grpc_error_handle error = GRPC_ERROR_NONE; - - grpc_channel* channel = - grpc_channel_create("binder_channel_target_placeholder", new_args, - GRPC_CLIENT_CHANNEL, nullptr, &error); + grpc_channel* channel = grpc_channel_create_internal( + "binder_channel_target_placeholder", new_args, GRPC_CLIENT_CHANNEL, + nullptr, &error); // Clean up. grpc_channel_args_destroy(new_args); diff --git a/src/core/ext/transport/chttp2/client/chttp2_connector.cc b/src/core/ext/transport/chttp2/client/chttp2_connector.cc index d2c55ff1263f0..46c4f377faa65 100644 --- a/src/core/ext/transport/chttp2/client/chttp2_connector.cc +++ b/src/core/ext/transport/chttp2/client/chttp2_connector.cc @@ -23,18 +23,39 @@ #include #include +#include #include #include #include +#include "src/core/ext/filters/client_channel/client_channel.h" #include "src/core/ext/filters/client_channel/connector.h" #include "src/core/ext/transport/chttp2/transport/chttp2_transport.h" #include "src/core/lib/address_utils/sockaddr_utils.h" #include "src/core/lib/channel/channel_args.h" #include "src/core/lib/channel/handshaker.h" #include "src/core/lib/config/core_configuration.h" +#include "src/core/lib/gprpp/memory.h" +#include "src/core/lib/iomgr/endpoint.h" #include "src/core/lib/iomgr/tcp_client.h" +#include "src/core/lib/resolver/resolver_registry.h" +#include "src/core/lib/resource_quota/api.h" +#include "src/core/lib/security/credentials/credentials.h" +#include "src/core/lib/security/security_connector/security_connector.h" #include "src/core/lib/slice/slice_internal.h" +#include "src/core/lib/surface/api_trace.h" +#include "src/core/lib/surface/channel.h" +#include "src/core/lib/transport/transport.h" +#include "src/core/lib/uri/uri_parser.h" + +#ifdef GPR_SUPPORT_CHANNELS_FROM_FD + +#include + +#include "src/core/lib/iomgr/tcp_client_posix.h" +#include "src/core/lib/iomgr/tcp_posix.h" + +#endif // GPR_SUPPORT_CHANNELS_FROM_FD namespace grpc_core { @@ -257,4 +278,215 @@ void Chttp2Connector::MaybeNotify(grpc_error_handle error) { } } +namespace { + +class Chttp2SecureClientChannelFactory : public ClientChannelFactory { + public: + RefCountedPtr CreateSubchannel( + const grpc_resolved_address& address, + const grpc_channel_args* args) override { + grpc_channel_args* new_args = GetSecureNamingChannelArgs(args); + if (new_args == nullptr) { + gpr_log(GPR_ERROR, + "Failed to create channel args during subchannel creation."); + return nullptr; + } + RefCountedPtr s = Subchannel::Create( + MakeOrphanable(), address, new_args); + grpc_channel_args_destroy(new_args); + return s; + } + + private: + static grpc_channel_args* GetSecureNamingChannelArgs( + const grpc_channel_args* args) { + grpc_channel_credentials* channel_credentials = + grpc_channel_credentials_find_in_args(args); + if (channel_credentials == nullptr) { + gpr_log(GPR_ERROR, + "Can't create subchannel: channel credentials missing for secure " + "channel."); + return nullptr; + } + // Make sure security connector does not already exist in args. + if (grpc_security_connector_find_in_args(args) != nullptr) { + gpr_log(GPR_ERROR, + "Can't create subchannel: security connector already present in " + "channel args."); + return nullptr; + } + // Find the authority to use in the security connector. + const char* authority = + grpc_channel_args_find_string(args, GRPC_ARG_DEFAULT_AUTHORITY); + GPR_ASSERT(authority != nullptr); + // Create the security connector using the credentials and target name. + grpc_channel_args* new_args_from_connector = nullptr; + RefCountedPtr + subchannel_security_connector = + channel_credentials->create_security_connector( + /*call_creds=*/nullptr, authority, args, + &new_args_from_connector); + if (subchannel_security_connector == nullptr) { + gpr_log(GPR_ERROR, + "Failed to create secure subchannel for secure name '%s'", + authority); + return nullptr; + } + grpc_arg new_security_connector_arg = + grpc_security_connector_to_arg(subchannel_security_connector.get()); + grpc_channel_args* new_args = grpc_channel_args_copy_and_add( + new_args_from_connector != nullptr ? new_args_from_connector : args, + &new_security_connector_arg, 1); + subchannel_security_connector.reset(DEBUG_LOCATION, "lb_channel_create"); + grpc_channel_args_destroy(new_args_from_connector); + return new_args; + } +}; + +grpc_channel* CreateChannel(const char* target, const grpc_channel_args* args, + grpc_error_handle* error) { + if (target == nullptr) { + gpr_log(GPR_ERROR, "cannot create channel with NULL target name"); + if (error != nullptr) { + *error = GRPC_ERROR_CREATE_FROM_STATIC_STRING("channel target is NULL"); + } + return nullptr; + } + // Add channel arg containing the server URI. + UniquePtr canonical_target = + ResolverRegistry::AddDefaultPrefixIfNeeded(target); + grpc_arg arg = grpc_channel_arg_string_create( + const_cast(GRPC_ARG_SERVER_URI), canonical_target.get()); + const char* to_remove[] = {GRPC_ARG_SERVER_URI}; + grpc_channel_args* new_args = + grpc_channel_args_copy_and_add_and_remove(args, to_remove, 1, &arg, 1); + grpc_channel* channel = grpc_channel_create_internal( + target, new_args, GRPC_CLIENT_CHANNEL, nullptr, error); + grpc_channel_args_destroy(new_args); + return channel; +} + +} // namespace } // namespace grpc_core + +namespace { + +grpc_core::Chttp2SecureClientChannelFactory* g_factory; +gpr_once g_factory_once = GPR_ONCE_INIT; + +void FactoryInit() { + g_factory = new grpc_core::Chttp2SecureClientChannelFactory(); +} + +} // namespace + +// Create a secure client channel: +// Asynchronously: - resolve target +// - connect to it (trying alternatives as presented) +// - perform handshakes +grpc_channel* grpc_channel_create(const char* target, + grpc_channel_credentials* creds, + const grpc_channel_args* args) { + grpc_core::ExecCtx exec_ctx; + GRPC_API_TRACE("grpc_secure_channel_create(target=%s, creds=%p, args=%p)", 3, + (target, (void*)creds, (void*)args)); + args = grpc_core::CoreConfiguration::Get() + .channel_args_preconditioning() + .PreconditionChannelArgs(args); + grpc_channel* channel = nullptr; + grpc_error_handle error = GRPC_ERROR_NONE; + if (creds != nullptr) { + // Add channel args containing the client channel factory and channel + // credentials. + gpr_once_init(&g_factory_once, FactoryInit); + grpc_arg channel_factory_arg = + grpc_core::ClientChannelFactory::CreateChannelArg(g_factory); + grpc_arg args_to_add[] = {channel_factory_arg, + grpc_channel_credentials_to_arg(creds)}; + const char* arg_to_remove = channel_factory_arg.key; + grpc_channel_args* new_args = grpc_channel_args_copy_and_add_and_remove( + args, &arg_to_remove, 1, args_to_add, GPR_ARRAY_SIZE(args_to_add)); + new_args = creds->update_arguments(new_args); + // Create channel. + channel = grpc_core::CreateChannel(target, new_args, &error); + // Clean up. + grpc_channel_args_destroy(new_args); + } + grpc_channel_args_destroy(args); + if (channel == nullptr) { + intptr_t integer; + grpc_status_code status = GRPC_STATUS_INTERNAL; + if (grpc_error_get_int(error, GRPC_ERROR_INT_GRPC_STATUS, &integer)) { + status = static_cast(integer); + } + GRPC_ERROR_UNREF(error); + channel = grpc_lame_client_channel_create( + target, status, "Failed to create secure client channel"); + } + return channel; +} + +#ifdef GPR_SUPPORT_CHANNELS_FROM_FD +grpc_channel* grpc_channel_create_from_fd(const char* target, int fd, + grpc_channel_credentials* creds, + const grpc_channel_args* args) { + grpc_core::ExecCtx exec_ctx; + GRPC_API_TRACE( + "grpc_channel_create_from_fd(target=%p, fd=%d, creds=%p, args=%p)", 4, + (target, fd, creds, args)); + // For now, we only support insecure channel credentials. + if (creds == nullptr || + strcmp(creds->type(), GRPC_CREDENTIALS_TYPE_INSECURE) != 0) { + return grpc_lame_client_channel_create( + target, GRPC_STATUS_INTERNAL, + "Failed to create client channel due to invalid creds"); + } + grpc_arg default_authority_arg = grpc_channel_arg_string_create( + const_cast(GRPC_ARG_DEFAULT_AUTHORITY), + const_cast("test.authority")); + args = grpc_channel_args_copy_and_add(args, &default_authority_arg, 1); + const grpc_channel_args* final_args = grpc_core::CoreConfiguration::Get() + .channel_args_preconditioning() + .PreconditionChannelArgs(args); + grpc_channel_args_destroy(args); + + int flags = fcntl(fd, F_GETFL, 0); + GPR_ASSERT(fcntl(fd, F_SETFL, flags | O_NONBLOCK) == 0); + grpc_endpoint* client = grpc_tcp_client_create_from_fd( + grpc_fd_create(fd, "client", true), final_args, "fd-client"); + grpc_transport* transport = + grpc_create_chttp2_transport(final_args, client, true); + GPR_ASSERT(transport); + grpc_error_handle error = GRPC_ERROR_NONE; + grpc_channel* channel = grpc_channel_create_internal( + target, final_args, GRPC_CLIENT_DIRECT_CHANNEL, transport, &error); + grpc_channel_args_destroy(final_args); + if (channel != nullptr) { + grpc_chttp2_transport_start_reading(transport, nullptr, nullptr, nullptr); + grpc_core::ExecCtx::Get()->Flush(); + } else { + intptr_t integer; + grpc_status_code status = GRPC_STATUS_INTERNAL; + if (grpc_error_get_int(error, GRPC_ERROR_INT_GRPC_STATUS, &integer)) { + status = static_cast(integer); + } + GRPC_ERROR_UNREF(error); + grpc_transport_destroy(transport); + channel = grpc_lame_client_channel_create( + target, status, "Failed to create client channel"); + } + + return channel; +} + +#else // !GPR_SUPPORT_CHANNELS_FROM_FD + +grpc_channel* grpc_channel_create_from_fd(const char* /* target */, + int /* fd */, + grpc_channel_credentials* /* creds*/, + const grpc_channel_args* /* args */) { + GPR_ASSERT(0); + return nullptr; +} + +#endif // GPR_SUPPORT_CHANNELS_FROM_FD diff --git a/src/core/ext/transport/chttp2/client/insecure/README.md b/src/core/ext/transport/chttp2/client/insecure/README.md deleted file mode 100644 index fa114633889c8..0000000000000 --- a/src/core/ext/transport/chttp2/client/insecure/README.md +++ /dev/null @@ -1 +0,0 @@ -Plugin for creating insecure channels using chttp2 diff --git a/src/core/ext/transport/chttp2/client/insecure/channel_create.cc b/src/core/ext/transport/chttp2/client/insecure/channel_create.cc deleted file mode 100644 index 575a2b12bb74f..0000000000000 --- a/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +++ /dev/null @@ -1,122 +0,0 @@ -// -// Copyright 2015 gRPC authors. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// - -#include - -#include - -#include -#include -#include - -#include "src/core/ext/filters/client_channel/client_channel.h" -#include "src/core/ext/transport/chttp2/client/chttp2_connector.h" -#include "src/core/lib/channel/channel_args.h" -#include "src/core/lib/resolver/resolver_registry.h" -#include "src/core/lib/resource_quota/api.h" -#include "src/core/lib/surface/api_trace.h" -#include "src/core/lib/surface/channel.h" - -namespace grpc_core { - -class Chttp2InsecureClientChannelFactory : public ClientChannelFactory { - public: - RefCountedPtr CreateSubchannel( - const grpc_resolved_address& address, - const grpc_channel_args* args) override { - return Subchannel::Create(MakeOrphanable(), address, args); - } -}; - -namespace { - -grpc_channel* CreateChannel(const char* target, const grpc_channel_args* args, - grpc_error_handle* error) { - if (target == nullptr) { - gpr_log(GPR_ERROR, "cannot create channel with NULL target name"); - if (error != nullptr) { - *error = GRPC_ERROR_CREATE_FROM_STATIC_STRING("channel target is NULL"); - } - return nullptr; - } - // Add channel arg containing the server URI. - UniquePtr canonical_target = - ResolverRegistry::AddDefaultPrefixIfNeeded(target); - grpc_arg arg = grpc_channel_arg_string_create( - const_cast(GRPC_ARG_SERVER_URI), canonical_target.get()); - const char* to_remove[] = {GRPC_ARG_SERVER_URI}; - grpc_channel_args* new_args0 = - grpc_channel_args_copy_and_add_and_remove(args, to_remove, 1, &arg, 1); - const grpc_channel_args* new_args = CoreConfiguration::Get() - .channel_args_preconditioning() - .PreconditionChannelArgs(new_args0); - grpc_channel_args_destroy(new_args0); - grpc_channel* channel = grpc_channel_create( - target, new_args, GRPC_CLIENT_CHANNEL, nullptr, error); - grpc_channel_args_destroy(new_args); - return channel; -} - -} // namespace - -} // namespace grpc_core - -namespace { - -grpc_core::Chttp2InsecureClientChannelFactory* g_factory; -gpr_once g_factory_once = GPR_ONCE_INIT; - -void FactoryInit() { - g_factory = new grpc_core::Chttp2InsecureClientChannelFactory(); -} - -} // namespace - -/* Create a client channel: - Asynchronously: - resolve target - - connect to it (trying alternatives as presented) - - perform handshakes */ -grpc_channel* grpc_insecure_channel_create(const char* target, - const grpc_channel_args* args, - void* reserved) { - grpc_core::ExecCtx exec_ctx; - GRPC_API_TRACE( - "grpc_insecure_channel_create(target=%s, args=%p, reserved=%p)", 3, - (target, args, reserved)); - GPR_ASSERT(reserved == nullptr); - // Add channel arg containing the client channel factory. - gpr_once_init(&g_factory_once, FactoryInit); - grpc_arg arg = grpc_core::ClientChannelFactory::CreateChannelArg(g_factory); - const char* arg_to_remove = arg.key; - grpc_channel_args* new_args = grpc_channel_args_copy_and_add_and_remove( - args, &arg_to_remove, 1, &arg, 1); - grpc_error_handle error = GRPC_ERROR_NONE; - // Create channel. - grpc_channel* channel = grpc_core::CreateChannel(target, new_args, &error); - // Clean up. - grpc_channel_args_destroy(new_args); - if (channel == nullptr) { - intptr_t integer; - grpc_status_code status = GRPC_STATUS_INTERNAL; - if (grpc_error_get_int(error, GRPC_ERROR_INT_GRPC_STATUS, &integer)) { - status = static_cast(integer); - } - GRPC_ERROR_UNREF(error); - channel = grpc_lame_client_channel_create( - target, status, "Failed to create client channel"); - } - return channel; -} diff --git a/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc b/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc deleted file mode 100644 index ba821d049e76b..0000000000000 --- a/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +++ /dev/null @@ -1,92 +0,0 @@ -/* - * - * Copyright 2016 gRPC authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#include - -#include -#include -#include - -#ifdef GPR_SUPPORT_CHANNELS_FROM_FD - -#include - -#include "src/core/ext/transport/chttp2/transport/chttp2_transport.h" -#include "src/core/lib/channel/channel_args.h" -#include "src/core/lib/iomgr/endpoint.h" -#include "src/core/lib/iomgr/tcp_client_posix.h" -#include "src/core/lib/iomgr/tcp_posix.h" -#include "src/core/lib/resource_quota/api.h" -#include "src/core/lib/surface/api_trace.h" -#include "src/core/lib/surface/channel.h" -#include "src/core/lib/transport/transport.h" - -grpc_channel* grpc_insecure_channel_create_from_fd( - const char* target, int fd, const grpc_channel_args* args) { - grpc_core::ExecCtx exec_ctx; - GRPC_API_TRACE("grpc_insecure_channel_create(target=%p, fd=%d, args=%p)", 3, - (target, fd, args)); - - grpc_arg default_authority_arg = grpc_channel_arg_string_create( - const_cast(GRPC_ARG_DEFAULT_AUTHORITY), - const_cast("test.authority")); - args = grpc_channel_args_copy_and_add(args, &default_authority_arg, 1); - const grpc_channel_args* final_args = grpc_core::CoreConfiguration::Get() - .channel_args_preconditioning() - .PreconditionChannelArgs(args); - grpc_channel_args_destroy(args); - - int flags = fcntl(fd, F_GETFL, 0); - GPR_ASSERT(fcntl(fd, F_SETFL, flags | O_NONBLOCK) == 0); - grpc_endpoint* client = grpc_tcp_client_create_from_fd( - grpc_fd_create(fd, "client", true), final_args, "fd-client"); - grpc_transport* transport = - grpc_create_chttp2_transport(final_args, client, true); - GPR_ASSERT(transport); - grpc_error_handle error = GRPC_ERROR_NONE; - grpc_channel* channel = grpc_channel_create( - target, final_args, GRPC_CLIENT_DIRECT_CHANNEL, transport, &error); - grpc_channel_args_destroy(final_args); - if (channel != nullptr) { - grpc_chttp2_transport_start_reading(transport, nullptr, nullptr, nullptr); - grpc_core::ExecCtx::Get()->Flush(); - } else { - intptr_t integer; - grpc_status_code status = GRPC_STATUS_INTERNAL; - if (grpc_error_get_int(error, GRPC_ERROR_INT_GRPC_STATUS, &integer)) { - status = static_cast(integer); - } - GRPC_ERROR_UNREF(error); - grpc_transport_destroy(transport); - channel = grpc_lame_client_channel_create( - target, status, "Failed to create client channel"); - } - - return channel; -} - -#else // !GPR_SUPPORT_CHANNELS_FROM_FD - -grpc_channel* grpc_insecure_channel_create_from_fd( - const char* /* target */, int /* fd */, - const grpc_channel_args* /* args */) { - GPR_ASSERT(0); - return nullptr; -} - -#endif // GPR_SUPPORT_CHANNELS_FROM_FD diff --git a/src/core/ext/transport/chttp2/client/secure/README.md b/src/core/ext/transport/chttp2/client/secure/README.md deleted file mode 100644 index 405a86e5db1ed..0000000000000 --- a/src/core/ext/transport/chttp2/client/secure/README.md +++ /dev/null @@ -1 +0,0 @@ -Plugin for creating secure channels using chttp2 diff --git a/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc b/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc deleted file mode 100644 index 9f42561669c21..0000000000000 --- a/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +++ /dev/null @@ -1,192 +0,0 @@ -// -// Copyright 2015 gRPC authors. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// - -#include - -#include - -#include -#include -#include - -#include "src/core/ext/filters/client_channel/client_channel.h" -#include "src/core/ext/transport/chttp2/client/chttp2_connector.h" -#include "src/core/lib/address_utils/sockaddr_utils.h" -#include "src/core/lib/channel/channel_args.h" -#include "src/core/lib/gprpp/memory.h" -#include "src/core/lib/resolver/resolver_registry.h" -#include "src/core/lib/resource_quota/api.h" -#include "src/core/lib/security/credentials/credentials.h" -#include "src/core/lib/security/security_connector/security_connector.h" -#include "src/core/lib/slice/slice_internal.h" -#include "src/core/lib/surface/api_trace.h" -#include "src/core/lib/surface/channel.h" -#include "src/core/lib/uri/uri_parser.h" - -namespace grpc_core { - -class Chttp2SecureClientChannelFactory : public ClientChannelFactory { - public: - RefCountedPtr CreateSubchannel( - const grpc_resolved_address& address, - const grpc_channel_args* args) override { - grpc_channel_args* new_args = GetSecureNamingChannelArgs(args); - if (new_args == nullptr) { - gpr_log(GPR_ERROR, - "Failed to create channel args during subchannel creation."); - return nullptr; - } - RefCountedPtr s = Subchannel::Create( - MakeOrphanable(), address, new_args); - grpc_channel_args_destroy(new_args); - return s; - } - - private: - static grpc_channel_args* GetSecureNamingChannelArgs( - const grpc_channel_args* args) { - grpc_channel_credentials* channel_credentials = - grpc_channel_credentials_find_in_args(args); - if (channel_credentials == nullptr) { - gpr_log(GPR_ERROR, - "Can't create subchannel: channel credentials missing for secure " - "channel."); - return nullptr; - } - // Make sure security connector does not already exist in args. - if (grpc_security_connector_find_in_args(args) != nullptr) { - gpr_log(GPR_ERROR, - "Can't create subchannel: security connector already present in " - "channel args."); - return nullptr; - } - // Find the authority to use in the security connector. - const char* authority = - grpc_channel_args_find_string(args, GRPC_ARG_DEFAULT_AUTHORITY); - GPR_ASSERT(authority != nullptr); - // Create the security connector using the credentials and target name. - grpc_channel_args* new_args_from_connector = nullptr; - RefCountedPtr - subchannel_security_connector = - channel_credentials->create_security_connector( - /*call_creds=*/nullptr, authority, args, - &new_args_from_connector); - if (subchannel_security_connector == nullptr) { - gpr_log(GPR_ERROR, - "Failed to create secure subchannel for secure name '%s'", - authority); - return nullptr; - } - grpc_arg new_security_connector_arg = - grpc_security_connector_to_arg(subchannel_security_connector.get()); - grpc_channel_args* new_args = grpc_channel_args_copy_and_add( - new_args_from_connector != nullptr ? new_args_from_connector : args, - &new_security_connector_arg, 1); - subchannel_security_connector.reset(DEBUG_LOCATION, "lb_channel_create"); - grpc_channel_args_destroy(new_args_from_connector); - return new_args; - } -}; - -namespace { - -grpc_channel* CreateChannel(const char* target, const grpc_channel_args* args, - grpc_error_handle* error) { - if (target == nullptr) { - gpr_log(GPR_ERROR, "cannot create channel with NULL target name"); - if (error != nullptr) { - *error = GRPC_ERROR_CREATE_FROM_STATIC_STRING("channel target is NULL"); - } - return nullptr; - } - // Add channel arg containing the server URI. - UniquePtr canonical_target = - ResolverRegistry::AddDefaultPrefixIfNeeded(target); - grpc_arg arg = grpc_channel_arg_string_create( - const_cast(GRPC_ARG_SERVER_URI), canonical_target.get()); - const char* to_remove[] = {GRPC_ARG_SERVER_URI}; - grpc_channel_args* new_args = - grpc_channel_args_copy_and_add_and_remove(args, to_remove, 1, &arg, 1); - grpc_channel* channel = grpc_channel_create( - target, new_args, GRPC_CLIENT_CHANNEL, nullptr, error); - grpc_channel_args_destroy(new_args); - return channel; -} - -} // namespace - -} // namespace grpc_core - -namespace { - -grpc_core::Chttp2SecureClientChannelFactory* g_factory; -gpr_once g_factory_once = GPR_ONCE_INIT; - -void FactoryInit() { - g_factory = new grpc_core::Chttp2SecureClientChannelFactory(); -} - -} // namespace - -// Create a secure client channel: -// Asynchronously: - resolve target -// - connect to it (trying alternatives as presented) -// - perform handshakes -grpc_channel* grpc_secure_channel_create(grpc_channel_credentials* creds, - const char* target, - const grpc_channel_args* args, - void* reserved) { - grpc_core::ExecCtx exec_ctx; - GRPC_API_TRACE( - "grpc_secure_channel_create(creds=%p, target=%s, args=%p, " - "reserved=%p)", - 4, ((void*)creds, target, (void*)args, (void*)reserved)); - GPR_ASSERT(reserved == nullptr); - args = grpc_core::CoreConfiguration::Get() - .channel_args_preconditioning() - .PreconditionChannelArgs(args); - grpc_channel* channel = nullptr; - grpc_error_handle error = GRPC_ERROR_NONE; - if (creds != nullptr) { - // Add channel args containing the client channel factory and channel - // credentials. - gpr_once_init(&g_factory_once, FactoryInit); - grpc_arg channel_factory_arg = - grpc_core::ClientChannelFactory::CreateChannelArg(g_factory); - grpc_arg args_to_add[] = {channel_factory_arg, - grpc_channel_credentials_to_arg(creds)}; - const char* arg_to_remove = channel_factory_arg.key; - grpc_channel_args* new_args = grpc_channel_args_copy_and_add_and_remove( - args, &arg_to_remove, 1, args_to_add, GPR_ARRAY_SIZE(args_to_add)); - new_args = creds->update_arguments(new_args); - // Create channel. - channel = grpc_core::CreateChannel(target, new_args, &error); - // Clean up. - grpc_channel_args_destroy(new_args); - } - grpc_channel_args_destroy(args); - if (channel == nullptr) { - intptr_t integer; - grpc_status_code status = GRPC_STATUS_INTERNAL; - if (grpc_error_get_int(error, GRPC_ERROR_INT_GRPC_STATUS, &integer)) { - status = static_cast(integer); - } - GRPC_ERROR_UNREF(error); - channel = grpc_lame_client_channel_create( - target, status, "Failed to create secure client channel"); - } - return channel; -} diff --git a/src/core/ext/transport/chttp2/server/chttp2_server.cc b/src/core/ext/transport/chttp2/server/chttp2_server.cc index 97b08d9d32257..8c064ddbe70e8 100644 --- a/src/core/ext/transport/chttp2/server/chttp2_server.cc +++ b/src/core/ext/transport/chttp2/server/chttp2_server.cc @@ -32,6 +32,7 @@ #include "absl/strings/strip.h" #include +#include #include #include #include @@ -52,12 +53,22 @@ #include "src/core/lib/iomgr/unix_sockets_posix.h" #include "src/core/lib/resource_quota/api.h" #include "src/core/lib/resource_quota/memory_quota.h" +#include "src/core/lib/security/context/security_context.h" +#include "src/core/lib/security/credentials/credentials.h" #include "src/core/lib/slice/slice_internal.h" #include "src/core/lib/surface/api_trace.h" #include "src/core/lib/surface/server.h" #include "src/core/lib/transport/error_utils.h" #include "src/core/lib/uri/uri_parser.h" +#ifdef GPR_SUPPORT_CHANNELS_FROM_FD + +#include "src/core/lib/iomgr/exec_ctx.h" +#include "src/core/lib/iomgr/tcp_posix.h" +#include "src/core/lib/surface/completion_queue.h" + +#endif // GPR_SUPPORT_CHANNELS_FROM_FD + namespace grpc_core { namespace { @@ -956,3 +967,134 @@ grpc_error_handle Chttp2ServerAddPort(Server* server, const char* addr, } } // namespace grpc_core + +namespace { + +grpc_channel_args* ModifyArgsForConnection(grpc_channel_args* args, + grpc_error_handle* error) { + grpc_server_credentials* server_credentials = + grpc_find_server_credentials_in_args(args); + if (server_credentials == nullptr) { + *error = GRPC_ERROR_CREATE_FROM_STATIC_STRING( + "Could not find server credentials"); + return args; + } + auto security_connector = server_credentials->create_security_connector(args); + if (security_connector == nullptr) { + *error = GRPC_ERROR_CREATE_FROM_CPP_STRING( + absl::StrCat("Unable to create secure server with credentials of type ", + server_credentials->type())); + return args; + } + grpc_arg arg_to_add = + grpc_security_connector_to_arg(security_connector.get()); + grpc_channel_args* new_args = + grpc_channel_args_copy_and_add(args, &arg_to_add, 1); + grpc_channel_args_destroy(args); + return new_args; +} + +} // namespace + +int grpc_server_add_http2_port(grpc_server* server, const char* addr, + grpc_server_credentials* creds) { + grpc_core::ExecCtx exec_ctx; + grpc_error_handle err = GRPC_ERROR_NONE; + grpc_core::RefCountedPtr sc; + int port_num = 0; + grpc_channel_args* args = nullptr; + grpc_core::Server* core_server = grpc_core::Server::FromC(server); + GRPC_API_TRACE("grpc_server_add_http2_port(server=%p, addr=%s, creds=%p)", 3, + (server, addr, creds)); + // Create security context. + if (creds == nullptr) { + err = GRPC_ERROR_CREATE_FROM_STATIC_STRING( + "No credentials specified for secure server port (creds==NULL)"); + goto done; + } + // TODO(yashykt): Ideally, we would not want to have different behavior here + // based on whether a config fetcher is configured or not. Currently, we have + // a feature for SSL credentials reloading with an application callback that + // assumes that there is a single security connector. If we delay the creation + // of the security connector to after the creation of the listener(s), we + // would have potentially multiple security connectors which breaks the + // assumption for SSL creds reloading. When the API for SSL creds reloading is + // rewritten, we would be able to make this workaround go away by removing + // that assumption. As an immediate drawback of this workaround, config + // fetchers need to be registered before adding ports to the server. + if (core_server->config_fetcher() != nullptr) { + // Create channel args. + grpc_arg arg_to_add = grpc_server_credentials_to_arg(creds); + args = grpc_channel_args_copy_and_add(core_server->channel_args(), + &arg_to_add, 1); + } else { + sc = creds->create_security_connector(nullptr); + if (sc == nullptr) { + err = GRPC_ERROR_CREATE_FROM_CPP_STRING(absl::StrCat( + "Unable to create secure server with credentials of type ", + creds->type())); + goto done; + } + grpc_arg args_to_add[2]; + args_to_add[0] = grpc_server_credentials_to_arg(creds); + args_to_add[1] = grpc_security_connector_to_arg(sc.get()); + args = grpc_channel_args_copy_and_add( + core_server->channel_args(), args_to_add, GPR_ARRAY_SIZE(args_to_add)); + } + // Add server port. + err = grpc_core::Chttp2ServerAddPort(core_server, addr, args, + ModifyArgsForConnection, &port_num); +done: + sc.reset(DEBUG_LOCATION, "server"); + if (err != GRPC_ERROR_NONE) { + gpr_log(GPR_ERROR, "%s", grpc_error_std_string(err).c_str()); + + GRPC_ERROR_UNREF(err); + } + return port_num; +} + +#ifdef GPR_SUPPORT_CHANNELS_FROM_FD +void grpc_server_add_channel_from_fd(grpc_server* server, int fd, + grpc_server_credentials* creds) { + // For now, we only support insecure server credentials + if (creds == nullptr || + strcmp(creds->type(), GRPC_CREDENTIALS_TYPE_INSECURE) != 0) { + gpr_log(GPR_ERROR, "Failed to create channel due to invalid creds"); + return; + } + grpc_core::ExecCtx exec_ctx; + grpc_core::Server* core_server = grpc_core::Server::FromC(server); + + const grpc_channel_args* server_args = core_server->channel_args(); + std::string name = absl::StrCat("fd:", fd); + auto memory_quota = + grpc_core::ResourceQuotaFromChannelArgs(server_args)->memory_quota(); + grpc_endpoint* server_endpoint = grpc_tcp_create( + grpc_fd_create(fd, name.c_str(), true), server_args, name); + grpc_transport* transport = grpc_create_chttp2_transport( + server_args, server_endpoint, false /* is_client */ + ); + grpc_error_handle error = + core_server->SetupTransport(transport, nullptr, server_args, nullptr); + if (error == GRPC_ERROR_NONE) { + for (grpc_pollset* pollset : core_server->pollsets()) { + grpc_endpoint_add_to_pollset(server_endpoint, pollset); + } + grpc_chttp2_transport_start_reading(transport, nullptr, nullptr, nullptr); + } else { + gpr_log(GPR_ERROR, "Failed to create channel: %s", + grpc_error_std_string(error).c_str()); + GRPC_ERROR_UNREF(error); + grpc_transport_destroy(transport); + } +} + +#else // !GPR_SUPPORT_CHANNELS_FROM_FD + +void grpc_server_add_channel_from_fd(grpc_server* /* server */, int /* fd */, + grpc_server_credentials* /* creds */) { + GPR_ASSERT(0); +} + +#endif // GPR_SUPPORT_CHANNELS_FROM_FD diff --git a/src/core/ext/transport/chttp2/server/insecure/README.md b/src/core/ext/transport/chttp2/server/insecure/README.md deleted file mode 100644 index fc0bc14ed7ac0..0000000000000 --- a/src/core/ext/transport/chttp2/server/insecure/README.md +++ /dev/null @@ -1 +0,0 @@ -Plugin for creating insecure servers using chttp2 diff --git a/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc b/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc deleted file mode 100644 index 39fa12345dac1..0000000000000 --- a/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +++ /dev/null @@ -1,52 +0,0 @@ -/* - * - * Copyright 2015 gRPC authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#include - -#include -#include - -#include "src/core/ext/transport/chttp2/server/chttp2_server.h" -#include "src/core/lib/channel/channel_args.h" -#include "src/core/lib/surface/api_trace.h" -#include "src/core/lib/surface/server.h" - -namespace { - -grpc_channel_args* ModifyArgsForConnection(grpc_channel_args* args, - grpc_error_handle* /*error*/) { - return args; -} - -} // namespace - -int grpc_server_add_insecure_http2_port(grpc_server* server, const char* addr) { - grpc_core::ExecCtx exec_ctx; - int port_num = 0; - GRPC_API_TRACE("grpc_server_add_insecure_http2_port(server=%p, addr=%s)", 2, - (server, addr)); - grpc_core::Server* core_server = grpc_core::Server::FromC(server); - grpc_error_handle err = grpc_core::Chttp2ServerAddPort( - core_server, addr, grpc_channel_args_copy(core_server->channel_args()), - ModifyArgsForConnection, &port_num); - if (err != GRPC_ERROR_NONE) { - gpr_log(GPR_ERROR, "%s", grpc_error_std_string(err).c_str()); - GRPC_ERROR_UNREF(err); - } - return port_num; -} diff --git a/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc b/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc deleted file mode 100644 index fe342506650e1..0000000000000 --- a/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +++ /dev/null @@ -1,79 +0,0 @@ -/* - * - * Copyright 2016 gRPC authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#include - -#include -#include -#include - -#ifdef GPR_SUPPORT_CHANNELS_FROM_FD - -#include "absl/strings/str_cat.h" - -#include - -#include "src/core/ext/transport/chttp2/transport/chttp2_transport.h" -#include "src/core/lib/channel/channel_args.h" -#include "src/core/lib/iomgr/endpoint.h" -#include "src/core/lib/iomgr/exec_ctx.h" -#include "src/core/lib/iomgr/tcp_posix.h" -#include "src/core/lib/resource_quota/api.h" -#include "src/core/lib/surface/completion_queue.h" -#include "src/core/lib/surface/server.h" - -void grpc_server_add_insecure_channel_from_fd(grpc_server* server, - void* reserved, int fd) { - GPR_ASSERT(reserved == nullptr); - - grpc_core::ExecCtx exec_ctx; - grpc_core::Server* core_server = grpc_core::Server::FromC(server); - - const grpc_channel_args* server_args = core_server->channel_args(); - std::string name = absl::StrCat("fd:", fd); - auto memory_quota = - grpc_core::ResourceQuotaFromChannelArgs(server_args)->memory_quota(); - grpc_endpoint* server_endpoint = grpc_tcp_create( - grpc_fd_create(fd, name.c_str(), true), server_args, name); - grpc_transport* transport = grpc_create_chttp2_transport( - server_args, server_endpoint, false /* is_client */ - ); - grpc_error_handle error = - core_server->SetupTransport(transport, nullptr, server_args, nullptr); - if (error == GRPC_ERROR_NONE) { - for (grpc_pollset* pollset : core_server->pollsets()) { - grpc_endpoint_add_to_pollset(server_endpoint, pollset); - } - grpc_chttp2_transport_start_reading(transport, nullptr, nullptr, nullptr); - } else { - gpr_log(GPR_ERROR, "Failed to create channel: %s", - grpc_error_std_string(error).c_str()); - GRPC_ERROR_UNREF(error); - grpc_transport_destroy(transport); - } -} - -#else // !GPR_SUPPORT_CHANNELS_FROM_FD - -void grpc_server_add_insecure_channel_from_fd(grpc_server* /* server */, - void* /* reserved */, - int /* fd */) { - GPR_ASSERT(0); -} - -#endif // GPR_SUPPORT_CHANNELS_FROM_FD diff --git a/src/core/ext/transport/chttp2/server/secure/README.md b/src/core/ext/transport/chttp2/server/secure/README.md deleted file mode 100644 index 6bda696a9a415..0000000000000 --- a/src/core/ext/transport/chttp2/server/secure/README.md +++ /dev/null @@ -1 +0,0 @@ -Plugin for creating secure servers using chttp2 diff --git a/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc b/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc deleted file mode 100644 index 5b96f5e2ab4a7..0000000000000 --- a/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +++ /dev/null @@ -1,125 +0,0 @@ -/* - * - * Copyright 2015 gRPC authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#include - -#include - -#include "absl/strings/str_cat.h" - -#include -#include -#include - -#include "src/core/ext/transport/chttp2/server/chttp2_server.h" -#include "src/core/ext/transport/chttp2/transport/chttp2_transport.h" -#include "src/core/lib/channel/channel_args.h" -#include "src/core/lib/channel/handshaker.h" -#include "src/core/lib/gprpp/ref_counted_ptr.h" -#include "src/core/lib/security/context/security_context.h" -#include "src/core/lib/security/credentials/credentials.h" -#include "src/core/lib/surface/api_trace.h" -#include "src/core/lib/surface/server.h" - -namespace { - -grpc_channel_args* ModifyArgsForConnection(grpc_channel_args* args, - grpc_error_handle* error) { - grpc_server_credentials* server_credentials = - grpc_find_server_credentials_in_args(args); - if (server_credentials == nullptr) { - *error = GRPC_ERROR_CREATE_FROM_STATIC_STRING( - "Could not find server credentials"); - return args; - } - auto security_connector = server_credentials->create_security_connector(args); - if (security_connector == nullptr) { - *error = GRPC_ERROR_CREATE_FROM_CPP_STRING( - absl::StrCat("Unable to create secure server with credentials of type ", - server_credentials->type())); - return args; - } - grpc_arg arg_to_add = - grpc_security_connector_to_arg(security_connector.get()); - grpc_channel_args* new_args = - grpc_channel_args_copy_and_add(args, &arg_to_add, 1); - grpc_channel_args_destroy(args); - return new_args; -} - -} // namespace - -int grpc_server_add_secure_http2_port(grpc_server* server, const char* addr, - grpc_server_credentials* creds) { - grpc_core::ExecCtx exec_ctx; - grpc_error_handle err = GRPC_ERROR_NONE; - grpc_core::RefCountedPtr sc; - int port_num = 0; - grpc_channel_args* args = nullptr; - GRPC_API_TRACE( - "grpc_server_add_secure_http2_port(" - "server=%p, addr=%s, creds=%p)", - 3, (server, addr, creds)); - grpc_core::Server* core_server = grpc_core::Server::FromC(server); - // Create security context. - if (creds == nullptr) { - err = GRPC_ERROR_CREATE_FROM_STATIC_STRING( - "No credentials specified for secure server port (creds==NULL)"); - goto done; - } - // TODO(yashykt): Ideally, we would not want to have different behavior here - // based on whether a config fetcher is configured or not. Currently, we have - // a feature for SSL credentials reloading with an application callback that - // assumes that there is a single security connector. If we delay the creation - // of the security connector to after the creation of the listener(s), we - // would have potentially multiple security connectors which breaks the - // assumption for SSL creds reloading. When the API for SSL creds reloading is - // rewritten, we would be able to make this workaround go away by removing - // that assumption. As an immediate drawback of this workaround, config - // fetchers need to be registered before adding ports to the server. - if (core_server->config_fetcher() != nullptr) { - // Create channel args. - grpc_arg arg_to_add = grpc_server_credentials_to_arg(creds); - args = grpc_channel_args_copy_and_add(core_server->channel_args(), - &arg_to_add, 1); - } else { - sc = creds->create_security_connector(nullptr); - if (sc == nullptr) { - err = GRPC_ERROR_CREATE_FROM_CPP_STRING(absl::StrCat( - "Unable to create secure server with credentials of type ", - creds->type())); - goto done; - } - grpc_arg args_to_add[2]; - args_to_add[0] = grpc_server_credentials_to_arg(creds); - args_to_add[1] = grpc_security_connector_to_arg(sc.get()); - args = grpc_channel_args_copy_and_add( - core_server->channel_args(), args_to_add, GPR_ARRAY_SIZE(args_to_add)); - } - // Add server port. - err = grpc_core::Chttp2ServerAddPort(core_server, addr, args, - ModifyArgsForConnection, &port_num); -done: - sc.reset(DEBUG_LOCATION, "server"); - if (err != GRPC_ERROR_NONE) { - gpr_log(GPR_ERROR, "%s", grpc_error_std_string(err).c_str()); - - GRPC_ERROR_UNREF(err); - } - return port_num; -} diff --git a/src/core/ext/transport/cronet/BUILD b/src/core/ext/transport/cronet/BUILD index 6ac15b3a22940..4b26895d387a4 100644 --- a/src/core/ext/transport/cronet/BUILD +++ b/src/core/ext/transport/cronet/BUILD @@ -62,6 +62,6 @@ grpc_cc_library( ":grpc_transport_cronet_client_secure", "//:grpc_base", "//:grpc_http_filters", - "//:grpc_transport_chttp2_client_secure", + "//:grpc_transport_chttp2_client_connector", ], ) diff --git a/src/core/ext/transport/cronet/client/secure/cronet_channel_create.cc b/src/core/ext/transport/cronet/client/secure/cronet_channel_create.cc index d027e16f604d6..171cee8846e7f 100644 --- a/src/core/ext/transport/cronet/client/secure/cronet_channel_create.cc +++ b/src/core/ext/transport/cronet/client/secure/cronet_channel_create.cc @@ -63,7 +63,7 @@ GRPCAPI grpc_channel* grpc_cronet_secure_channel_create( grpc_create_cronet_transport(engine, target, new_args, reserved); grpc_core::ExecCtx exec_ctx; - grpc_channel* channel = grpc_channel_create( + grpc_channel* channel = grpc_channel_create_internal( target, new_args, GRPC_CLIENT_DIRECT_CHANNEL, ct, nullptr); grpc_channel_args_destroy(new_args); grpc_channel_args_destroy(args); diff --git a/src/core/ext/transport/inproc/inproc_transport.cc b/src/core/ext/transport/inproc/inproc_transport.cc index af096d99bcab0..6ff1d43ccd839 100644 --- a/src/core/ext/transport/inproc/inproc_transport.cc +++ b/src/core/ext/transport/inproc/inproc_transport.cc @@ -1275,9 +1275,9 @@ grpc_channel* grpc_inproc_channel_create(grpc_server* server, server_transport, nullptr, server_args, nullptr); grpc_channel* channel = nullptr; if (error == GRPC_ERROR_NONE) { - channel = - grpc_channel_create("inproc", client_args, GRPC_CLIENT_DIRECT_CHANNEL, - client_transport, &error); + channel = grpc_channel_create_internal("inproc", client_args, + GRPC_CLIENT_DIRECT_CHANNEL, + client_transport, &error); if (error != GRPC_ERROR_NONE) { GPR_ASSERT(!channel); gpr_log(GPR_ERROR, "Failed to create client channel: %s", @@ -1288,7 +1288,8 @@ grpc_channel* grpc_inproc_channel_create(grpc_server* server, status = static_cast(integer); } GRPC_ERROR_UNREF(error); - // client_transport was destroyed when grpc_channel_create saw an error. + // client_transport was destroyed when grpc_channel_create_internal saw an + // error. grpc_transport_destroy(server_transport); channel = grpc_lame_client_channel_create( nullptr, status, "Failed to create client channel"); diff --git a/src/core/ext/xds/xds_client.cc b/src/core/ext/xds/xds_client.cc index 836b2dcf0eccb..a689de4e76203 100644 --- a/src/core/ext/xds/xds_client.cc +++ b/src/core/ext/xds/xds_client.cc @@ -516,8 +516,8 @@ grpc_channel* CreateXdsChannel(grpc_channel_args* args, RefCountedPtr channel_creds = CoreConfiguration::Get().channel_creds_registry().CreateChannelCreds( server.channel_creds_type, server.channel_creds_config); - return grpc_secure_channel_create(channel_creds.get(), - server.server_uri.c_str(), args, nullptr); + return grpc_channel_create(server.server_uri.c_str(), channel_creds.get(), + args); } } // namespace diff --git a/src/core/lib/security/credentials/credentials.h b/src/core/lib/security/credentials/credentials.h index 4a55938225533..6f1a9d4ade7fe 100644 --- a/src/core/lib/security/credentials/credentials.h +++ b/src/core/lib/security/credentials/credentials.h @@ -49,6 +49,7 @@ typedef enum { #define GRPC_CHANNEL_CREDENTIALS_TYPE_FAKE_TRANSPORT_SECURITY \ "FakeTransportSecurity" #define GRPC_CHANNEL_CREDENTIALS_TYPE_GOOGLE_DEFAULT "GoogleDefault" +#define GRPC_CREDENTIALS_TYPE_INSECURE "insecure" #define GRPC_CALL_CREDENTIALS_TYPE_OAUTH2 "Oauth2" #define GRPC_CALL_CREDENTIALS_TYPE_JWT "Jwt" diff --git a/src/core/lib/security/credentials/insecure/insecure_credentials.cc b/src/core/lib/security/credentials/insecure/insecure_credentials.cc index 03507444eb365..2cd5c079fe6d7 100644 --- a/src/core/lib/security/credentials/insecure/insecure_credentials.cc +++ b/src/core/lib/security/credentials/insecure/insecure_credentials.cc @@ -18,19 +18,16 @@ #include -#include - #include "src/core/lib/security/credentials/credentials.h" #include "src/core/lib/security/security_connector/insecure/insecure_security_connector.h" namespace grpc_core { namespace { -constexpr char kCredentialsTypeInsecure[] = "insecure"; - class InsecureCredentials final : public grpc_channel_credentials { public: - InsecureCredentials() : grpc_channel_credentials(kCredentialsTypeInsecure) {} + InsecureCredentials() + : grpc_channel_credentials(GRPC_CREDENTIALS_TYPE_INSECURE) {} RefCountedPtr create_security_connector( RefCountedPtr call_creds, @@ -44,7 +41,7 @@ class InsecureCredentials final : public grpc_channel_credentials { class InsecureServerCredentials final : public grpc_server_credentials { public: InsecureServerCredentials() - : grpc_server_credentials(kCredentialsTypeInsecure) {} + : grpc_server_credentials(GRPC_CREDENTIALS_TYPE_INSECURE) {} RefCountedPtr create_security_connector( const grpc_channel_args* /* args */) override { diff --git a/src/core/lib/security/credentials/ssl/ssl_credentials.h b/src/core/lib/security/credentials/ssl/ssl_credentials.h index 647d619ada7c0..2bd3b7eaf8a35 100644 --- a/src/core/lib/security/credentials/ssl/ssl_credentials.h +++ b/src/core/lib/security/credentials/ssl/ssl_credentials.h @@ -102,7 +102,4 @@ tsi_ssl_pem_key_cert_pair* grpc_convert_grpc_to_tsi_cert_pairs( const grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs, size_t num_key_cert_pairs); -void grpc_tsi_ssl_pem_key_cert_pairs_destroy(tsi_ssl_pem_key_cert_pair* kp, - size_t num_key_cert_pairs); - #endif /* GRPC_CORE_LIB_SECURITY_CREDENTIALS_SSL_SSL_CREDENTIALS_H */ diff --git a/src/core/lib/security/security_connector/alts/alts_security_connector.cc b/src/core/lib/security/security_connector/alts/alts_security_connector.cc index 2222991b22352..442dfe6cf94a2 100644 --- a/src/core/lib/security/security_connector/alts/alts_security_connector.cc +++ b/src/core/lib/security/security_connector/alts/alts_security_connector.cc @@ -69,7 +69,7 @@ class grpc_alts_channel_security_connector final grpc_core::RefCountedPtr channel_creds, grpc_core::RefCountedPtr request_metadata_creds, const char* target_name) - : grpc_channel_security_connector(GRPC_ALTS_URL_SCHEME, + : grpc_channel_security_connector(GRPC_SSL_URL_SCHEME, std::move(channel_creds), std::move(request_metadata_creds)), target_name_(gpr_strdup(target_name)) {} @@ -141,7 +141,7 @@ class grpc_alts_server_security_connector final public: explicit grpc_alts_server_security_connector( grpc_core::RefCountedPtr server_creds) - : grpc_server_security_connector(GRPC_ALTS_URL_SCHEME, + : grpc_server_security_connector(GRPC_SSL_URL_SCHEME, std::move(server_creds)) {} ~grpc_alts_server_security_connector() override = default; diff --git a/src/core/lib/security/security_connector/alts/alts_security_connector.h b/src/core/lib/security/security_connector/alts/alts_security_connector.h index a857196edc5ae..9fafca2d34a83 100644 --- a/src/core/lib/security/security_connector/alts/alts_security_connector.h +++ b/src/core/lib/security/security_connector/alts/alts_security_connector.h @@ -23,9 +23,9 @@ #include "src/core/lib/security/context/security_context.h" #include "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h" +#include "src/core/lib/security/security_connector/security_connector.h" #define GRPC_ALTS_TRANSPORT_SECURITY_TYPE "alts" -#define GRPC_ALTS_URL_SCHEME "https" /** * This method creates an ALTS channel security connector. diff --git a/src/core/lib/security/security_connector/fake/fake_security_connector.cc b/src/core/lib/security/security_connector/fake/fake_security_connector.cc index 93434bbfd1483..375cac4697231 100644 --- a/src/core/lib/security/security_connector/fake/fake_security_connector.cc +++ b/src/core/lib/security/security_connector/fake/fake_security_connector.cc @@ -29,8 +29,6 @@ #include #include "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h" -#include "src/core/ext/transport/chttp2/alpn/alpn.h" -#include "src/core/ext/xds/xds_channel_args.h" #include "src/core/lib/channel/channel_args.h" #include "src/core/lib/channel/handshaker.h" #include "src/core/lib/gpr/string.h" diff --git a/src/core/lib/security/security_connector/fake/fake_security_connector.h b/src/core/lib/security/security_connector/fake/fake_security_connector.h index 344a2349a49d7..c5cb51c3dc6be 100644 --- a/src/core/lib/security/security_connector/fake/fake_security_connector.h +++ b/src/core/lib/security/security_connector/fake/fake_security_connector.h @@ -27,8 +27,6 @@ #include "src/core/lib/gprpp/ref_counted_ptr.h" #include "src/core/lib/security/security_connector/security_connector.h" -#define GRPC_FAKE_SECURITY_URL_SCHEME "http+fake_security" - /* Creates a fake connector that emulates real channel security. */ grpc_core::RefCountedPtr grpc_fake_channel_security_connector_create( diff --git a/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc b/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc index 858d9f5429361..3118092c0a3f1 100644 --- a/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +++ b/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc @@ -70,8 +70,7 @@ void InsecureChannelSecurityConnector::add_handshakers( HandshakeManager* handshake_manager) { tsi_handshaker* handshaker = nullptr; // Re-use local_tsi_handshaker_create as a minimalist handshaker. - GPR_ASSERT(tsi_local_handshaker_create(true /* is_client */, &handshaker) == - TSI_OK); + GPR_ASSERT(tsi_local_handshaker_create(&handshaker) == TSI_OK); handshake_manager->Add(SecurityHandshakerCreate(handshaker, this, args)); } @@ -98,8 +97,7 @@ void InsecureServerSecurityConnector::add_handshakers( HandshakeManager* handshake_manager) { tsi_handshaker* handshaker = nullptr; // Re-use local_tsi_handshaker_create as a minimalist handshaker. - GPR_ASSERT(tsi_local_handshaker_create(false /* is_client */, &handshaker) == - TSI_OK); + GPR_ASSERT(tsi_local_handshaker_create(&handshaker) == TSI_OK); handshake_manager->Add(SecurityHandshakerCreate(handshaker, this, args)); } diff --git a/src/core/lib/security/security_connector/local/local_security_connector.cc b/src/core/lib/security/security_connector/local/local_security_connector.cc index 3ed95301bfe4a..23296f7782eef 100644 --- a/src/core/lib/security/security_connector/local/local_security_connector.cc +++ b/src/core/lib/security/security_connector/local/local_security_connector.cc @@ -161,8 +161,7 @@ class grpc_local_channel_security_connector final const grpc_channel_args* args, grpc_pollset_set* /*interested_parties*/, grpc_core::HandshakeManager* handshake_manager) override { tsi_handshaker* handshaker = nullptr; - GPR_ASSERT(tsi_local_handshaker_create(true /* is_client */, &handshaker) == - TSI_OK); + GPR_ASSERT(tsi_local_handshaker_create(&handshaker) == TSI_OK); handshake_manager->Add( grpc_core::SecurityHandshakerCreate(handshaker, this, args)); } @@ -224,8 +223,7 @@ class grpc_local_server_security_connector final const grpc_channel_args* args, grpc_pollset_set* /*interested_parties*/, grpc_core::HandshakeManager* handshake_manager) override { tsi_handshaker* handshaker = nullptr; - GPR_ASSERT(tsi_local_handshaker_create(false /* is_client */, - &handshaker) == TSI_OK); + GPR_ASSERT(tsi_local_handshaker_create(&handshaker) == TSI_OK); handshake_manager->Add( grpc_core::SecurityHandshakerCreate(handshaker, this, args)); } diff --git a/src/core/lib/security/transport/security_handshaker.cc b/src/core/lib/security/transport/security_handshaker.cc index c95f7cb24305f..0d3ff8ea59c48 100644 --- a/src/core/lib/security/transport/security_handshaker.cc +++ b/src/core/lib/security/transport/security_handshaker.cc @@ -287,8 +287,10 @@ void SecurityHandshaker::OnPeerCheckedInner(grpc_error_handle error) { case TSI_FRAME_PROTECTOR_NONE: break; } + bool has_frame_protector = + zero_copy_protector != nullptr || protector != nullptr; // If we have a frame protector, create a secure endpoint. - if (zero_copy_protector != nullptr || protector != nullptr) { + if (has_frame_protector) { if (unused_bytes_size > 0) { grpc_slice slice = grpc_slice_from_copied_buffer( reinterpret_cast(unused_bytes), unused_bytes_size); @@ -308,11 +310,17 @@ void SecurityHandshaker::OnPeerCheckedInner(grpc_error_handle error) { // Done with handshaker result. tsi_handshaker_result_destroy(handshaker_result_); handshaker_result_ = nullptr; - // Add auth context to channel args. - absl::InlinedVector args_to_add; - args_to_add.push_back(grpc_auth_context_to_arg(auth_context_.get())); - auto security = MakeChannelzSecurityFromAuthContext(auth_context_.get()); - args_to_add.push_back(security->MakeChannelArg()); + absl::InlinedVector args_to_add = { + // Add auth context to channel args. + grpc_auth_context_to_arg(auth_context_.get()), + }; + RefCountedPtr channelz_security; + // Add channelz channel args only if frame protector is created. + if (has_frame_protector) { + channelz_security = + MakeChannelzSecurityFromAuthContext(auth_context_.get()); + args_to_add.push_back(channelz_security->MakeChannelArg()); + } grpc_channel_args* tmp_args = args_->args; args_->args = grpc_channel_args_copy_and_add(tmp_args, args_to_add.data(), args_to_add.size()); diff --git a/src/core/lib/surface/channel.cc b/src/core/lib/surface/channel.cc index c6a75ccf2aa0d..3ed9c542dfe25 100644 --- a/src/core/lib/surface/channel.cc +++ b/src/core/lib/surface/channel.cc @@ -220,11 +220,10 @@ void CreateChannelzNode(grpc_core::ChannelStackBuilder* builder) { } // namespace -grpc_channel* grpc_channel_create(const char* target, - const grpc_channel_args* input_args, - grpc_channel_stack_type channel_stack_type, - grpc_transport* optional_transport, - grpc_error_handle* error) { +grpc_channel* grpc_channel_create_internal( + const char* target, const grpc_channel_args* input_args, + grpc_channel_stack_type channel_stack_type, + grpc_transport* optional_transport, grpc_error_handle* error) { // We need to make sure that grpc_shutdown() does not shut things down // until after the channel is destroyed. However, the channel may not // actually be destroyed by the time grpc_channel_destroy() returns, @@ -482,7 +481,7 @@ static void destroy_channel(void* arg, grpc_error_handle /*error*/) { channel->allocator.Destroy(); channel->target.Destroy(); gpr_free(channel); - // See comment in grpc_channel_create() for why we do this. + // See comment in grpc_channel_create_internal() for why we do this. grpc_shutdown(); } diff --git a/src/core/lib/surface/channel.h b/src/core/lib/surface/channel.h index 37b35f96e1b6f..15bf81770f80b 100644 --- a/src/core/lib/surface/channel.h +++ b/src/core/lib/surface/channel.h @@ -31,11 +31,10 @@ #include "src/core/lib/surface/channel_stack_type.h" /// Creates a grpc_channel. -grpc_channel* grpc_channel_create(const char* target, - const grpc_channel_args* args, - grpc_channel_stack_type channel_stack_type, - grpc_transport* optional_transport, - grpc_error_handle* error); +grpc_channel* grpc_channel_create_internal( + const char* target, const grpc_channel_args* args, + grpc_channel_stack_type channel_stack_type, + grpc_transport* optional_transport, grpc_error_handle* error); /** The same as grpc_channel_destroy, but doesn't create an ExecCtx, and so * is safe to use from within core. */ diff --git a/src/core/lib/surface/init.cc b/src/core/lib/surface/init.cc index b1fe8e2e709c8..27481d5f9ac40 100644 --- a/src/core/lib/surface/init.cc +++ b/src/core/lib/surface/init.cc @@ -22,6 +22,7 @@ #include #include +#include #include #include @@ -30,8 +31,10 @@ #include #include "src/core/lib/channel/channel_stack.h" +#include "src/core/lib/channel/channel_stack_builder.h" #include "src/core/lib/channel/channelz_registry.h" #include "src/core/lib/channel/connected_channel.h" +#include "src/core/lib/config/core_configuration.h" #include "src/core/lib/debug/stats.h" #include "src/core/lib/debug/trace.h" #include "src/core/lib/gprpp/fork.h" @@ -43,8 +46,17 @@ #include "src/core/lib/iomgr/iomgr.h" #include "src/core/lib/iomgr/timer_manager.h" #include "src/core/lib/profiling/timers.h" +#include "src/core/lib/security/authorization/sdk_server_authz_filter.h" +#include "src/core/lib/security/context/security_context.h" +#include "src/core/lib/security/credentials/credentials.h" +#include "src/core/lib/security/credentials/plugin/plugin_credentials.h" +#include "src/core/lib/security/security_connector/security_connector.h" +#include "src/core/lib/security/transport/auth_filters.h" +#include "src/core/lib/security/transport/secure_endpoint.h" +#include "src/core/lib/security/transport/security_handshaker.h" #include "src/core/lib/slice/slice_internal.h" #include "src/core/lib/surface/api_trace.h" +#include "src/core/lib/surface/builtins.h" #include "src/core/lib/surface/call.h" #include "src/core/lib/surface/completion_queue.h" #include "src/core/lib/surface/lame_client.h" @@ -64,6 +76,67 @@ static int g_initializations ABSL_GUARDED_BY(g_init_mu) = 0; static grpc_core::CondVar* g_shutting_down_cv; static bool g_shutting_down ABSL_GUARDED_BY(g_init_mu) = false; +static bool maybe_prepend_client_auth_filter( + grpc_core::ChannelStackBuilder* builder) { + const grpc_channel_args* args = builder->channel_args(); + if (args) { + for (size_t i = 0; i < args->num_args; i++) { + if (0 == strcmp(GRPC_ARG_SECURITY_CONNECTOR, args->args[i].key)) { + builder->PrependFilter(&grpc_client_auth_filter, nullptr); + break; + } + } + } + return true; +} + +static bool maybe_prepend_server_auth_filter( + grpc_core::ChannelStackBuilder* builder) { + const grpc_channel_args* args = builder->channel_args(); + if (args) { + for (size_t i = 0; i < args->num_args; i++) { + if (0 == strcmp(GRPC_SERVER_CREDENTIALS_ARG, args->args[i].key)) { + builder->PrependFilter(&grpc_server_auth_filter, nullptr); + break; + } + } + } + return true; +} + +static bool maybe_prepend_sdk_server_authz_filter( + grpc_core::ChannelStackBuilder* builder) { + const grpc_channel_args* args = builder->channel_args(); + const auto* provider = + grpc_channel_args_find_pointer( + args, GRPC_ARG_AUTHORIZATION_POLICY_PROVIDER); + if (provider != nullptr) { + builder->PrependFilter(&grpc_core::SdkServerAuthzFilter::kFilterVtable, + nullptr); + } + return true; +} + +namespace grpc_core { +void RegisterSecurityFilters(CoreConfiguration::Builder* builder) { + // Register the auth client with a priority < INT_MAX to allow the authority + // filter -on which the auth filter depends- to be higher on the channel + // stack. + builder->channel_init()->RegisterStage(GRPC_CLIENT_SUBCHANNEL, INT_MAX - 1, + maybe_prepend_client_auth_filter); + builder->channel_init()->RegisterStage(GRPC_CLIENT_DIRECT_CHANNEL, + INT_MAX - 1, + maybe_prepend_client_auth_filter); + builder->channel_init()->RegisterStage(GRPC_SERVER_CHANNEL, INT_MAX - 1, + maybe_prepend_server_auth_filter); + // Register the SdkServerAuthzFilter with a priority less than + // server_auth_filter to allow server_auth_filter on which the sdk filter + // depends on to be higher on the channel stack. + builder->channel_init()->RegisterStage(GRPC_SERVER_CHANNEL, INT_MAX - 2, + maybe_prepend_sdk_server_authz_filter); +} +} // namespace grpc_core + static void do_basic_init(void) { gpr_log_verbosity_init(); g_init_mu = new grpc_core::Mutex(); @@ -104,7 +177,6 @@ void grpc_init(void) { grpc_fork_handlers_auto_register(); grpc_stats_init(); grpc_core::channelz::ChannelzRegistry::Init(); - grpc_security_pre_init(); grpc_core::ApplicationCallbackExecCtx::GlobalInit(); grpc_core::ExecCtx::GlobalInit(); grpc_iomgr_init(); diff --git a/src/core/lib/surface/init.h b/src/core/lib/surface/init.h index 8982e28aae7d5..092c892eaa800 100644 --- a/src/core/lib/surface/init.h +++ b/src/core/lib/surface/init.h @@ -28,8 +28,6 @@ class EventEngine; } } // namespace grpc_event_engine -void grpc_register_security_filters(void); -void grpc_security_pre_init(void); void grpc_maybe_wait_for_async_shutdown(void); #endif /* GRPC_CORE_LIB_SURFACE_INIT_H */ diff --git a/src/core/lib/surface/init_secure.cc b/src/core/lib/surface/init_secure.cc deleted file mode 100644 index d86a5511028ab..0000000000000 --- a/src/core/lib/surface/init_secure.cc +++ /dev/null @@ -1,99 +0,0 @@ -/* - * - * Copyright 2015 gRPC authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#include - -#include -#include - -#include "src/core/lib/channel/channel_stack_builder.h" -#include "src/core/lib/config/core_configuration.h" -#include "src/core/lib/debug/trace.h" -#include "src/core/lib/security/authorization/sdk_server_authz_filter.h" -#include "src/core/lib/security/context/security_context.h" -#include "src/core/lib/security/credentials/credentials.h" -#include "src/core/lib/security/credentials/plugin/plugin_credentials.h" -#include "src/core/lib/security/security_connector/security_connector.h" -#include "src/core/lib/security/transport/auth_filters.h" -#include "src/core/lib/security/transport/secure_endpoint.h" -#include "src/core/lib/security/transport/security_handshaker.h" -#include "src/core/lib/surface/init.h" -#include "src/core/tsi/transport_security_interface.h" - -void grpc_security_pre_init(void) {} - -static bool maybe_prepend_client_auth_filter( - grpc_core::ChannelStackBuilder* builder) { - const grpc_channel_args* args = builder->channel_args(); - if (args) { - for (size_t i = 0; i < args->num_args; i++) { - if (0 == strcmp(GRPC_ARG_SECURITY_CONNECTOR, args->args[i].key)) { - builder->PrependFilter(&grpc_client_auth_filter, nullptr); - break; - } - } - } - return true; -} - -static bool maybe_prepend_server_auth_filter( - grpc_core::ChannelStackBuilder* builder) { - const grpc_channel_args* args = builder->channel_args(); - if (args) { - for (size_t i = 0; i < args->num_args; i++) { - if (0 == strcmp(GRPC_SERVER_CREDENTIALS_ARG, args->args[i].key)) { - builder->PrependFilter(&grpc_server_auth_filter, nullptr); - break; - } - } - } - return true; -} - -static bool maybe_prepend_sdk_server_authz_filter( - grpc_core::ChannelStackBuilder* builder) { - const grpc_channel_args* args = builder->channel_args(); - const auto* provider = - grpc_channel_args_find_pointer( - args, GRPC_ARG_AUTHORIZATION_POLICY_PROVIDER); - if (provider != nullptr) { - builder->PrependFilter(&grpc_core::SdkServerAuthzFilter::kFilterVtable, - nullptr); - } - return true; -} - -namespace grpc_core { -void RegisterSecurityFilters(CoreConfiguration::Builder* builder) { - // Register the auth client with a priority < INT_MAX to allow the authority - // filter -on which the auth filter depends- to be higher on the channel - // stack. - builder->channel_init()->RegisterStage(GRPC_CLIENT_SUBCHANNEL, INT_MAX - 1, - maybe_prepend_client_auth_filter); - builder->channel_init()->RegisterStage(GRPC_CLIENT_DIRECT_CHANNEL, - INT_MAX - 1, - maybe_prepend_client_auth_filter); - builder->channel_init()->RegisterStage(GRPC_SERVER_CHANNEL, INT_MAX - 1, - maybe_prepend_server_auth_filter); - // Register the SdkServerAuthzFilter with a priority less than - // server_auth_filter to allow server_auth_filter on which the sdk filter - // depends on to be higher on the channel stack. - builder->channel_init()->RegisterStage(GRPC_SERVER_CHANNEL, INT_MAX - 2, - maybe_prepend_sdk_server_authz_filter); -} -} // namespace grpc_core diff --git a/src/core/lib/surface/init_unsecure.cc b/src/core/lib/surface/init_unsecure.cc deleted file mode 100644 index c9e1688d42a15..0000000000000 --- a/src/core/lib/surface/init_unsecure.cc +++ /dev/null @@ -1,27 +0,0 @@ -/* - * - * Copyright 2015 gRPC authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#include - -#include - -#include "src/core/lib/surface/init.h" - -void grpc_security_pre_init(void) {} - -void grpc_register_security_filters(void) {} diff --git a/src/core/lib/surface/lame_client.cc b/src/core/lib/surface/lame_client.cc index 9436bf91d252d..35f7eba853db8 100644 --- a/src/core/lib/surface/lame_client.cc +++ b/src/core/lib/surface/lame_client.cc @@ -191,7 +191,7 @@ grpc_channel* grpc_lame_client_channel_create(const char* target, .channel_args_preconditioning() .PreconditionChannelArgs(args0); grpc_channel_args_destroy(args0); - grpc_channel* channel = grpc_channel_create( + grpc_channel* channel = grpc_channel_create_internal( target, args, GRPC_CLIENT_LAME_CHANNEL, nullptr, nullptr); grpc_channel_args_destroy(args); GRPC_ERROR_UNREF(error); diff --git a/src/core/lib/surface/server.cc b/src/core/lib/surface/server.cc index 26fe43f0f587f..c1b0010102416 100644 --- a/src/core/lib/surface/server.cc +++ b/src/core/lib/surface/server.cc @@ -603,7 +603,7 @@ grpc_error_handle Server::SetupTransport( const RefCountedPtr& socket_node) { // Create channel. grpc_error_handle error = GRPC_ERROR_NONE; - grpc_channel* channel = grpc_channel_create( + grpc_channel* channel = grpc_channel_create_internal( nullptr, args, GRPC_SERVER_CHANNEL, transport, &error); if (channel == nullptr) { return error; diff --git a/src/core/plugin_registry/grpc_plugin_registry.cc b/src/core/plugin_registry/grpc_plugin_registry.cc index 0109263150c74..bd243856c2733 100644 --- a/src/core/plugin_registry/grpc_plugin_registry.cc +++ b/src/core/plugin_registry/grpc_plugin_registry.cc @@ -23,6 +23,8 @@ #include "src/core/lib/config/core_configuration.h" #include "src/core/lib/surface/builtins.h" +extern void grpc_register_extra_plugins(void); + void grpc_chttp2_plugin_init(void); void grpc_chttp2_plugin_shutdown(void); void grpc_client_channel_init(void); @@ -60,35 +62,6 @@ void ServiceConfigParserInit(void); void ServiceConfigParserShutdown(void); } // namespace grpc_core -#ifndef GRPC_NO_XDS -namespace grpc_core { -void RbacFilterInit(void); -void RbacFilterShutdown(void); -void XdsClientGlobalInit(); -void XdsClientGlobalShutdown(); -} // namespace grpc_core -void grpc_certificate_provider_registry_init(void); -void grpc_certificate_provider_registry_shutdown(void); -namespace grpc_core { -void FileWatcherCertificateProviderInit(); -void FileWatcherCertificateProviderShutdown(); -} // namespace grpc_core -void grpc_lb_policy_cds_init(void); -void grpc_lb_policy_cds_shutdown(void); -void grpc_lb_policy_xds_cluster_impl_init(void); -void grpc_lb_policy_xds_cluster_impl_shutdown(void); -void grpc_lb_policy_xds_cluster_resolver_init(void); -void grpc_lb_policy_xds_cluster_resolver_shutdown(void); -void grpc_lb_policy_xds_cluster_manager_init(void); -void grpc_lb_policy_xds_cluster_manager_shutdown(void); -void grpc_resolver_xds_init(void); -void grpc_resolver_xds_shutdown(void); -namespace grpc_core { -void GoogleCloud2ProdResolverInit(); -void GoogleCloud2ProdResolverShutdown(); -} // namespace grpc_core -#endif - #ifdef GPR_SUPPORT_BINDER_TRANSPORT void grpc_resolver_binder_init(void); void grpc_resolver_binder_shutdown(void); @@ -126,31 +99,11 @@ void grpc_register_built_in_plugins(void) { grpc_message_size_filter_shutdown); grpc_register_plugin(grpc_core::FaultInjectionFilterInit, grpc_core::FaultInjectionFilterShutdown); -#ifndef GRPC_NO_XDS - // rbac_filter is being guarded with GRPC_NO_XDS to avoid a dependency on the re2 library by default - grpc_register_plugin(grpc_core::RbacFilterInit, grpc_core::RbacFilterShutdown); - grpc_register_plugin(grpc_core::XdsClientGlobalInit, - grpc_core::XdsClientGlobalShutdown); - grpc_register_plugin(grpc_certificate_provider_registry_init, - grpc_certificate_provider_registry_shutdown); - grpc_register_plugin(grpc_core::FileWatcherCertificateProviderInit, - grpc_core::FileWatcherCertificateProviderShutdown); - grpc_register_plugin(grpc_lb_policy_cds_init, grpc_lb_policy_cds_shutdown); - grpc_register_plugin(grpc_lb_policy_xds_cluster_impl_init, - grpc_lb_policy_xds_cluster_impl_shutdown); - grpc_register_plugin(grpc_lb_policy_xds_cluster_resolver_init, - grpc_lb_policy_xds_cluster_resolver_shutdown); - grpc_register_plugin(grpc_lb_policy_xds_cluster_manager_init, - grpc_lb_policy_xds_cluster_manager_shutdown); - grpc_register_plugin(grpc_resolver_xds_init, grpc_resolver_xds_shutdown); - grpc_register_plugin(grpc_core::GoogleCloud2ProdResolverInit, - grpc_core::GoogleCloud2ProdResolverShutdown); -#endif - #ifdef GPR_SUPPORT_BINDER_TRANSPORT grpc_register_plugin(grpc_resolver_binder_init, grpc_resolver_binder_shutdown); #endif + grpc_register_extra_plugins(); } namespace grpc_core { @@ -170,12 +123,8 @@ extern void RegisterMessageSizeFilter(CoreConfiguration::Builder* builder); extern void RegisterSecurityFilters(CoreConfiguration::Builder* builder); extern void RegisterServiceConfigChannelArgFilter( CoreConfiguration::Builder* builder); +extern void RegisterExtraFilters(CoreConfiguration::Builder* builder); extern void RegisterResourceQuota(CoreConfiguration::Builder* builder); -#ifndef GRPC_NO_XDS -extern void RegisterXdsChannelStackModifier( - CoreConfiguration::Builder* builder); -extern void RegisterChannelDefaultCreds(CoreConfiguration::Builder* builder); -#endif void BuildCoreConfiguration(CoreConfiguration::Builder* builder) { BuildClientChannelConfiguration(builder); @@ -189,13 +138,10 @@ void BuildCoreConfiguration(CoreConfiguration::Builder* builder) { RegisterMessageSizeFilter(builder); RegisterServiceConfigChannelArgFilter(builder); RegisterResourceQuota(builder); -#ifndef GRPC_NO_XDS - RegisterXdsChannelStackModifier(builder); - RegisterChannelDefaultCreds(builder); -#endif // Run last so it gets a consistent location. // TODO(ctiller): Is this actually necessary? RegisterSecurityFilters(builder); + RegisterExtraFilters(builder); RegisterBuiltins(builder); } diff --git a/src/core/plugin_registry/grpc_plugin_registry_extra.cc b/src/core/plugin_registry/grpc_plugin_registry_extra.cc new file mode 100644 index 0000000000000..1d5adf9a5903b --- /dev/null +++ b/src/core/plugin_registry/grpc_plugin_registry_extra.cc @@ -0,0 +1,91 @@ +// +// Copyright 2021 gRPC authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +#include + +#include + +#include "src/core/lib/config/core_configuration.h" +#include "src/core/lib/surface/builtins.h" + +#ifndef GRPC_NO_XDS +namespace grpc_core { +void RbacFilterInit(void); +void RbacFilterShutdown(void); +void XdsClientGlobalInit(); +void XdsClientGlobalShutdown(); +} // namespace grpc_core +void grpc_certificate_provider_registry_init(void); +void grpc_certificate_provider_registry_shutdown(void); +namespace grpc_core { +void FileWatcherCertificateProviderInit(); +void FileWatcherCertificateProviderShutdown(); +} // namespace grpc_core +void grpc_lb_policy_cds_init(void); +void grpc_lb_policy_cds_shutdown(void); +void grpc_lb_policy_xds_cluster_impl_init(void); +void grpc_lb_policy_xds_cluster_impl_shutdown(void); +void grpc_lb_policy_xds_cluster_resolver_init(void); +void grpc_lb_policy_xds_cluster_resolver_shutdown(void); +void grpc_lb_policy_xds_cluster_manager_init(void); +void grpc_lb_policy_xds_cluster_manager_shutdown(void); +void grpc_resolver_xds_init(void); +void grpc_resolver_xds_shutdown(void); +namespace grpc_core { +void GoogleCloud2ProdResolverInit(); +void GoogleCloud2ProdResolverShutdown(); +} // namespace grpc_core +#endif + +void grpc_register_extra_plugins() { +#ifndef GRPC_NO_XDS + // rbac_filter is being guarded with GRPC_NO_XDS to avoid a dependency on the re2 library by default + grpc_register_plugin(grpc_core::RbacFilterInit, grpc_core::RbacFilterShutdown); + grpc_register_plugin(grpc_core::XdsClientGlobalInit, + grpc_core::XdsClientGlobalShutdown); + grpc_register_plugin(grpc_certificate_provider_registry_init, + grpc_certificate_provider_registry_shutdown); + grpc_register_plugin(grpc_core::FileWatcherCertificateProviderInit, + grpc_core::FileWatcherCertificateProviderShutdown); + grpc_register_plugin(grpc_lb_policy_cds_init, grpc_lb_policy_cds_shutdown); + grpc_register_plugin(grpc_lb_policy_xds_cluster_impl_init, + grpc_lb_policy_xds_cluster_impl_shutdown); + grpc_register_plugin(grpc_lb_policy_xds_cluster_resolver_init, + grpc_lb_policy_xds_cluster_resolver_shutdown); + grpc_register_plugin(grpc_lb_policy_xds_cluster_manager_init, + grpc_lb_policy_xds_cluster_manager_shutdown); + grpc_register_plugin(grpc_resolver_xds_init, grpc_resolver_xds_shutdown); + grpc_register_plugin(grpc_core::GoogleCloud2ProdResolverInit, + grpc_core::GoogleCloud2ProdResolverShutdown); +#endif +} + +namespace grpc_core { +#ifndef GRPC_NO_XDS +extern void RegisterXdsChannelStackModifier( + CoreConfiguration::Builder* builder); +extern void RegisterChannelDefaultCreds(CoreConfiguration::Builder* builder); +#endif +void RegisterExtraFilters(CoreConfiguration::Builder* builder) { + // Use builder to avoid unused-parameter warning. + (void)builder; +#ifndef GRPC_NO_XDS + RegisterXdsChannelStackModifier(builder); + RegisterChannelDefaultCreds(builder); +#endif +} +} // namespace grpc_core + diff --git a/src/core/lib/security/authorization/authorization_policy_provider_null_vtable.cc b/src/core/plugin_registry/grpc_plugin_registry_noextra.cc similarity index 71% rename from src/core/lib/security/authorization/authorization_policy_provider_null_vtable.cc rename to src/core/plugin_registry/grpc_plugin_registry_noextra.cc index 1f1ccc984bb21..8ed172ed0075d 100644 --- a/src/core/lib/security/authorization/authorization_policy_provider_null_vtable.cc +++ b/src/core/plugin_registry/grpc_plugin_registry_noextra.cc @@ -1,3 +1,4 @@ +// // Copyright 2021 gRPC authors. // // Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,14 +12,17 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. +// #include #include -// Wrapper API declared in grpc.h +#include "src/core/lib/config/core_configuration.h" +#include "src/core/lib/surface/builtins.h" + +void grpc_register_extra_plugins(void) {} -// Required only for insecure build targets. -const grpc_arg_pointer_vtable* grpc_authorization_policy_provider_arg_vtable() { - return nullptr; -} +namespace grpc_core { +void RegisterExtraFilters(CoreConfiguration::Builder* /* builder */){} +} // namespace grpc_core diff --git a/src/core/plugin_registry/grpc_unsecure_plugin_registry.cc b/src/core/plugin_registry/grpc_unsecure_plugin_registry.cc deleted file mode 100644 index 191f1470c7f99..0000000000000 --- a/src/core/plugin_registry/grpc_unsecure_plugin_registry.cc +++ /dev/null @@ -1,122 +0,0 @@ -/* - * - * Copyright 2016 gRPC authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#include - -#include - -#include "src/core/lib/config/core_configuration.h" -#include "src/core/lib/surface/builtins.h" - -void grpc_chttp2_plugin_init(void); -void grpc_chttp2_plugin_shutdown(void); -void grpc_client_channel_init(void); -void grpc_client_channel_shutdown(void); -void grpc_resolver_dns_ares_init(void); -void grpc_resolver_dns_ares_shutdown(void); -void grpc_resolver_dns_native_init(void); -void grpc_resolver_dns_native_shutdown(void); -void grpc_resolver_sockaddr_init(void); -void grpc_resolver_sockaddr_shutdown(void); -void grpc_resolver_fake_init(void); -void grpc_resolver_fake_shutdown(void); -void grpc_lb_policy_grpclb_init(void); -void grpc_lb_policy_grpclb_shutdown(void); -void grpc_lb_policy_priority_init(void); -void grpc_lb_policy_priority_shutdown(void); -void grpc_lb_policy_weighted_target_init(void); -void grpc_lb_policy_weighted_target_shutdown(void); -void grpc_lb_policy_pick_first_init(void); -void grpc_lb_policy_pick_first_shutdown(void); -void grpc_lb_policy_round_robin_init(void); -void grpc_lb_policy_round_robin_shutdown(void); -void grpc_message_size_filter_init(void); -void grpc_message_size_filter_shutdown(void); -namespace grpc_core { -void FaultInjectionFilterInit(void); -void FaultInjectionFilterShutdown(void); -void GrpcLbPolicyRingHashInit(void); -void GrpcLbPolicyRingHashShutdown(void); -void ServiceConfigParserInit(void); -void ServiceConfigParserShutdown(void); -} // namespace grpc_core - -void grpc_register_built_in_plugins(void) { - grpc_register_plugin(grpc_chttp2_plugin_init, grpc_chttp2_plugin_shutdown); - grpc_register_plugin(grpc_core::ServiceConfigParserInit, - grpc_core::ServiceConfigParserShutdown); - grpc_register_plugin(grpc_client_channel_init, grpc_client_channel_shutdown); - grpc_register_plugin(grpc_resolver_dns_ares_init, - grpc_resolver_dns_ares_shutdown); - grpc_register_plugin(grpc_resolver_dns_native_init, - grpc_resolver_dns_native_shutdown); - grpc_register_plugin(grpc_resolver_sockaddr_init, - grpc_resolver_sockaddr_shutdown); - grpc_register_plugin(grpc_resolver_fake_init, grpc_resolver_fake_shutdown); - grpc_register_plugin(grpc_lb_policy_grpclb_init, - grpc_lb_policy_grpclb_shutdown); - grpc_register_plugin(grpc_lb_policy_priority_init, - grpc_lb_policy_priority_shutdown); - grpc_register_plugin(grpc_lb_policy_weighted_target_init, - grpc_lb_policy_weighted_target_shutdown); - grpc_register_plugin(grpc_lb_policy_pick_first_init, - grpc_lb_policy_pick_first_shutdown); - grpc_register_plugin(grpc_lb_policy_round_robin_init, - grpc_lb_policy_round_robin_shutdown); - grpc_register_plugin(grpc_core::GrpcLbPolicyRingHashInit, - grpc_core::GrpcLbPolicyRingHashShutdown); - grpc_register_plugin(grpc_message_size_filter_init, - grpc_message_size_filter_shutdown); - grpc_register_plugin(grpc_core::FaultInjectionFilterInit, - grpc_core::FaultInjectionFilterShutdown); -} - -namespace grpc_core { - -extern void BuildClientChannelConfiguration( - CoreConfiguration::Builder* builder); -extern void RegisterClientAuthorityFilter(CoreConfiguration::Builder* builder); -extern void RegisterClientIdleFilter(CoreConfiguration::Builder* builder); -extern void RegisterDeadlineFilter(CoreConfiguration::Builder* builder); -extern void RegisterGrpcLbLoadReportingFilter( - CoreConfiguration::Builder* builder); -extern void RegisterHttpFilters(CoreConfiguration::Builder* builder); -extern void RegisterMaxAgeFilter(CoreConfiguration::Builder* builder); -extern void RegisterMessageSizeFilter(CoreConfiguration::Builder* builder); -extern void RegisterSecurityFilters(CoreConfiguration::Builder* builder); -extern void RegisterServiceConfigChannelArgFilter( - CoreConfiguration::Builder* builder); -extern void RegisterResourceQuota(CoreConfiguration::Builder* builder); - -void BuildCoreConfiguration(CoreConfiguration::Builder* builder) { - BuildClientChannelConfiguration(builder); - RegisterClientAuthorityFilter(builder); - RegisterClientIdleFilter(builder); - RegisterGrpcLbLoadReportingFilter(builder); - RegisterHttpFilters(builder); - RegisterMaxAgeFilter(builder); - RegisterDeadlineFilter(builder); - RegisterMessageSizeFilter(builder); - RegisterServiceConfigChannelArgFilter(builder); - RegisterResourceQuota(builder); - // Run last so it gets a consistent location. - // TODO(ctiller): Is this actually necessary? - RegisterBuiltins(builder); -} - -} // namespace grpc_core diff --git a/src/core/tsi/alts/handshaker/alts_shared_resource.cc b/src/core/tsi/alts/handshaker/alts_shared_resource.cc index 255eda5df3127..33f6fc0073d6c 100644 --- a/src/core/tsi/alts/handshaker/alts_shared_resource.cc +++ b/src/core/tsi/alts/handshaker/alts_shared_resource.cc @@ -55,8 +55,10 @@ void grpc_alts_shared_resource_dedicated_start( const char* handshaker_service_url) { gpr_mu_lock(&g_alts_resource_dedicated.mu); if (g_alts_resource_dedicated.cq == nullptr) { + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); g_alts_resource_dedicated.channel = - grpc_insecure_channel_create(handshaker_service_url, nullptr, nullptr); + grpc_channel_create(handshaker_service_url, creds, nullptr); + grpc_channel_credentials_release(creds); g_alts_resource_dedicated.cq = grpc_completion_queue_create_for_next(nullptr); g_alts_resource_dedicated.thread = diff --git a/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc b/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc index aac64452f401e..f6e2451606ac5 100644 --- a/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +++ b/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc @@ -26,6 +26,7 @@ #include "upb/upb.hpp" +#include #include #include #include @@ -497,8 +498,10 @@ static void alts_tsi_handshaker_create_channel( static_cast(arg); alts_tsi_handshaker* handshaker = next_args->handshaker; GPR_ASSERT(handshaker->channel == nullptr); - handshaker->channel = grpc_insecure_channel_create( - next_args->handshaker->handshaker_service_url, nullptr, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + handshaker->channel = grpc_channel_create( + next_args->handshaker->handshaker_service_url, creds, nullptr); + grpc_channel_credentials_release(creds); tsi_result continue_next_result = alts_tsi_handshaker_continue_handshaker_next( handshaker, next_args->received_bytes.get(), diff --git a/src/core/tsi/local_transport_security.cc b/src/core/tsi/local_transport_security.cc index 6067a4b49afd6..e563d45a3d785 100644 --- a/src/core/tsi/local_transport_security.cc +++ b/src/core/tsi/local_transport_security.cc @@ -41,7 +41,6 @@ typedef struct local_zero_copy_grpc_protector { /* Main struct for local TSI handshaker result. */ typedef struct local_tsi_handshaker_result { tsi_handshaker_result base; - bool is_client; unsigned char* unused_bytes; size_t unused_bytes_size; } local_tsi_handshaker_result; @@ -49,7 +48,6 @@ typedef struct local_tsi_handshaker_result { /* Main struct for local TSI handshaker. */ typedef struct local_tsi_handshaker { tsi_handshaker base; - bool is_client; } local_tsi_handshaker; /* --- tsi_handshaker_result methods implementation. --- */ @@ -99,8 +97,7 @@ const tsi_handshaker_result_vtable result_vtable = { handshaker_result_get_unused_bytes, handshaker_result_destroy}; -tsi_result create_handshaker_result(bool is_client, - const unsigned char* received_bytes, +tsi_result create_handshaker_result(const unsigned char* received_bytes, size_t received_bytes_size, tsi_handshaker_result** self) { if (self == nullptr) { @@ -109,7 +106,6 @@ tsi_result create_handshaker_result(bool is_client, } local_tsi_handshaker_result* result = grpc_core::Zalloc(); - result->is_client = is_client; if (received_bytes_size > 0) { result->unused_bytes = static_cast(gpr_malloc(received_bytes_size)); @@ -135,11 +131,8 @@ tsi_result handshaker_next( /* Note that there is no interaction between TSI peers, and all operations are * local. */ - local_tsi_handshaker* handshaker = - reinterpret_cast(self); *bytes_to_send_size = 0; - create_handshaker_result(handshaker->is_client, received_bytes, - received_bytes_size, result); + create_handshaker_result(received_bytes, received_bytes_size, result); return TSI_OK; } @@ -165,13 +158,12 @@ const tsi_handshaker_vtable handshaker_vtable = { } // namespace -tsi_result tsi_local_handshaker_create(bool is_client, tsi_handshaker** self) { +tsi_result tsi_local_handshaker_create(tsi_handshaker** self) { if (self == nullptr) { gpr_log(GPR_ERROR, "Invalid arguments to local_tsi_handshaker_create()"); return TSI_INVALID_ARGUMENT; } local_tsi_handshaker* handshaker = grpc_core::Zalloc(); - handshaker->is_client = is_client; handshaker->base.vtable = &handshaker_vtable; *self = &handshaker->base; return TSI_OK; diff --git a/src/core/tsi/local_transport_security.h b/src/core/tsi/local_transport_security.h index fb46c1ea89299..79ed8f9c086b2 100644 --- a/src/core/tsi/local_transport_security.h +++ b/src/core/tsi/local_transport_security.h @@ -32,9 +32,6 @@ /** * This method creates a local TSI handshaker instance. * - * - is_client: boolean value indicating if the handshaker is used at the client - * (is_client = true) or server (is_client = false) side. The parameter is - * added for future extension. * - self: address of local TSI handshaker instance to be returned from the * method. * @@ -45,6 +42,6 @@ * does not fit with an insecure connector, we would need to add a separate * handshaker for insecure connectors. */ -tsi_result tsi_local_handshaker_create(bool is_client, tsi_handshaker** self); +tsi_result tsi_local_handshaker_create(tsi_handshaker** self); #endif /* GRPC_CORE_TSI_LOCAL_TRANSPORT_SECURITY_H */ diff --git a/src/cpp/client/create_channel_posix.cc b/src/cpp/client/create_channel_posix.cc index a89df0a365b94..87a28054b0113 100644 --- a/src/cpp/client/create_channel_posix.cc +++ b/src/cpp/client/create_channel_posix.cc @@ -18,8 +18,10 @@ #include #include +#include #include #include +#include #include #include "src/cpp/client/create_channel_internal.h" @@ -34,10 +36,13 @@ std::shared_ptr CreateInsecureChannelFromFd(const std::string& target, int fd) { grpc::internal::GrpcLibrary init_lib; init_lib.init(); - return CreateChannelInternal( - "", grpc_insecure_channel_create_from_fd(target.c_str(), fd, nullptr), + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + auto channel = CreateChannelInternal( + "", grpc_channel_create_from_fd(target.c_str(), fd, creds, nullptr), std::vector< std::unique_ptr>()); + grpc_channel_credentials_release(creds); + return channel; } std::shared_ptr CreateCustomInsecureChannelFromFd( @@ -46,11 +51,13 @@ std::shared_ptr CreateCustomInsecureChannelFromFd( init_lib.init(); grpc_channel_args channel_args; args.SetChannelArgs(&channel_args); - return CreateChannelInternal( - "", - grpc_insecure_channel_create_from_fd(target.c_str(), fd, &channel_args), + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + auto channel = CreateChannelInternal( + "", grpc_channel_create_from_fd(target.c_str(), fd, creds, &channel_args), std::vector< std::unique_ptr>()); + grpc_channel_credentials_release(creds); + return channel; } namespace experimental { @@ -64,10 +71,12 @@ std::shared_ptr CreateCustomInsecureChannelWithInterceptorsFromFd( init_lib.init(); grpc_channel_args channel_args; args.SetChannelArgs(&channel_args); - return CreateChannelInternal( - "", - grpc_insecure_channel_create_from_fd(target.c_str(), fd, &channel_args), + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + auto channel = CreateChannelInternal( + "", grpc_channel_create_from_fd(target.c_str(), fd, creds, &channel_args), std::move(interceptor_creators)); + grpc_channel_credentials_release(creds); + return channel; } } // namespace experimental diff --git a/src/cpp/client/insecure_credentials.cc b/src/cpp/client/insecure_credentials.cc index 57c0e77fff6a2..e2df1ac29f69e 100644 --- a/src/cpp/client/insecure_credentials.cc +++ b/src/cpp/client/insecure_credentials.cc @@ -16,6 +16,7 @@ * */ #include +#include #include #include #include @@ -44,10 +45,12 @@ class InsecureChannelCredentialsImpl final : public ChannelCredentials { interceptor_creators) override { grpc_channel_args channel_args; args.SetChannelArgs(&channel_args); - return ::grpc::CreateChannelInternal( - "", - grpc_insecure_channel_create(target.c_str(), &channel_args, nullptr), + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + std::shared_ptr channel = ::grpc::CreateChannelInternal( + "", grpc_channel_create(target.c_str(), creds, &channel_args), std::move(interceptor_creators)); + grpc_channel_credentials_release(creds); + return channel; } SecureChannelCredentials* AsSecureCredentials() override { return nullptr; } diff --git a/src/cpp/client/secure_credentials.cc b/src/cpp/client/secure_credentials.cc index d5bdd3107f3ed..b6dacba36feda 100644 --- a/src/cpp/client/secure_credentials.cc +++ b/src/cpp/client/secure_credentials.cc @@ -68,8 +68,7 @@ SecureChannelCredentials::CreateChannelWithInterceptors( args.SetChannelArgs(&channel_args); return ::grpc::CreateChannelInternal( args.GetSslTargetNameOverride(), - grpc_secure_channel_create(c_creds_, target.c_str(), &channel_args, - nullptr), + grpc_channel_create(target.c_str(), c_creds_, &channel_args), std::move(interceptor_creators)); } diff --git a/src/cpp/server/insecure_server_credentials.cc b/src/cpp/server/insecure_server_credentials.cc index 10da4b9e366cf..bafd60ded8b95 100644 --- a/src/cpp/server/insecure_server_credentials.cc +++ b/src/cpp/server/insecure_server_credentials.cc @@ -17,6 +17,7 @@ */ #include +#include #include #include @@ -25,7 +26,11 @@ namespace { class InsecureServerCredentialsImpl final : public ServerCredentials { public: int AddPortToServer(const std::string& addr, grpc_server* server) override { - return grpc_server_add_insecure_http2_port(server, addr.c_str()); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + int result = grpc_server_add_http2_port(server, addr.c_str(), server_creds); + grpc_server_credentials_release(server_creds); + return result; } void SetAuthMetadataProcessor( const std::shared_ptr& processor) override { diff --git a/src/cpp/server/secure_server_credentials.cc b/src/cpp/server/secure_server_credentials.cc index b69ee5226f469..412b7931fc483 100644 --- a/src/cpp/server/secure_server_credentials.cc +++ b/src/cpp/server/secure_server_credentials.cc @@ -93,7 +93,7 @@ void AuthMetadataProcessorAyncWrapper::InvokeProcessor( int SecureServerCredentials::AddPortToServer(const std::string& addr, grpc_server* server) { - return grpc_server_add_secure_http2_port(server, addr.c_str(), creds_); + return grpc_server_add_http2_port(server, addr.c_str(), creds_); } void SecureServerCredentials::SetAuthMetadataProcessor( diff --git a/src/cpp/server/server_posix.cc b/src/cpp/server/server_posix.cc index f2452cc32616b..5854242176a15 100644 --- a/src/cpp/server/server_posix.cc +++ b/src/cpp/server/server_posix.cc @@ -17,6 +17,7 @@ */ #include +#include #include namespace grpc { @@ -24,7 +25,9 @@ namespace grpc { #ifdef GPR_SUPPORT_CHANNELS_FROM_FD void AddInsecureChannelFromFd(grpc::Server* server, int fd) { - grpc_server_add_insecure_channel_from_fd(server->c_server(), nullptr, fd); + grpc_server_credentials* creds = grpc_insecure_server_credentials_create(); + grpc_server_add_channel_from_fd(server->c_server(), fd, creds); + grpc_server_credentials_release(creds); } #endif // GPR_SUPPORT_CHANNELS_FROM_FD diff --git a/src/csharp/Grpc.Core.Tests/ClientServerTest.cs b/src/csharp/Grpc.Core.Tests/ClientServerTest.cs index 4567bcc789a59..9880549a21665 100644 --- a/src/csharp/Grpc.Core.Tests/ClientServerTest.cs +++ b/src/csharp/Grpc.Core.Tests/ClientServerTest.cs @@ -399,7 +399,9 @@ public void ServerCallContext_AuthContextNotPopulated() helper.UnaryHandler = new UnaryServerMethod((request, context) => { Assert.IsFalse(context.AuthContext.IsPeerAuthenticated); - Assert.AreEqual(0, context.AuthContext.Properties.Count()); + // 1) security_level: TSI_SECURITY_NONE + // 2) transport_security_type: 'insecure' + Assert.AreEqual(2, context.AuthContext.Properties.Count()); return Task.FromResult("PASS"); }); Assert.AreEqual("PASS", Calls.BlockingUnaryCall(helper.CreateUnaryCall(), "abc")); diff --git a/src/csharp/ext/grpc_csharp_ext.c b/src/csharp/ext/grpc_csharp_ext.c index 2133a6a79c67a..61f3b9d15f826 100644 --- a/src/csharp/ext/grpc_csharp_ext.c +++ b/src/csharp/ext/grpc_csharp_ext.c @@ -423,7 +423,10 @@ GPR_EXPORT grpc_channel* GPR_CALLTYPE grpcsharp_insecure_channel_create(const char* target, const grpc_channel_args* args) { - return grpc_insecure_channel_create(target, args, NULL); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + grpc_channel* channel = grpc_channel_create(target, creds, args); + grpc_channel_credentials_release(creds); + return channel; } GPR_EXPORT void GPR_CALLTYPE grpcsharp_channel_destroy(grpc_channel* channel) { @@ -947,7 +950,10 @@ GPR_EXPORT void GPR_CALLTYPE grpcsharp_server_register_completion_queue( GPR_EXPORT int32_t GPR_CALLTYPE grpcsharp_server_add_insecure_http2_port( grpc_server* server, const char* addr) { - return grpc_server_add_insecure_http2_port(server, addr); + grpc_server_credentials* creds = grpc_insecure_server_credentials_create(); + int result = grpc_server_add_http2_port(server, addr, creds); + grpc_server_credentials_release(creds); + return result; } GPR_EXPORT void GPR_CALLTYPE grpcsharp_server_start(grpc_server* server) { @@ -1073,7 +1079,7 @@ grpcsharp_call_credentials_release(grpc_call_credentials* creds) { GPR_EXPORT grpc_channel* GPR_CALLTYPE grpcsharp_secure_channel_create( grpc_channel_credentials* creds, const char* target, const grpc_channel_args* args) { - return grpc_secure_channel_create(creds, target, args, NULL); + return grpc_channel_create(target, creds, args); } GPR_EXPORT grpc_server_credentials* GPR_CALLTYPE @@ -1109,7 +1115,7 @@ grpcsharp_server_credentials_release(grpc_server_credentials* creds) { GPR_EXPORT int32_t GPR_CALLTYPE grpcsharp_server_add_secure_http2_port( grpc_server* server, const char* addr, grpc_server_credentials* creds) { - return grpc_server_add_secure_http2_port(server, addr, creds); + return grpc_server_add_http2_port(server, addr, creds); } GPR_EXPORT grpc_channel_credentials* GPR_CALLTYPE diff --git a/src/objective-c/GRPCClient/private/GRPCCore/GRPCInsecureChannelFactory.m b/src/objective-c/GRPCClient/private/GRPCCore/GRPCInsecureChannelFactory.m index 8ad1e848f55fa..89679ba298910 100644 --- a/src/objective-c/GRPCClient/private/GRPCCore/GRPCInsecureChannelFactory.m +++ b/src/objective-c/GRPCClient/private/GRPCCore/GRPCInsecureChannelFactory.m @@ -18,6 +18,8 @@ #import "GRPCInsecureChannelFactory.h" +#include + #import "ChannelArgsUtil.h" #import "GRPCChannel.h" @@ -34,8 +36,9 @@ + (instancetype)sharedInstance { - (grpc_channel *)createChannelWithHost:(NSString *)host channelArgs:(NSDictionary *)args { grpc_channel_args *coreChannelArgs = GRPCBuildChannelArgs(args); - grpc_channel *unmanagedChannel = - grpc_insecure_channel_create(host.UTF8String, coreChannelArgs, NULL); + grpc_channel_credentials *creds = grpc_insecure_credentials_create(); + grpc_channel *unmanagedChannel = grpc_channel_create(host.UTF8String, creds, coreChannelArgs); + grpc_channel_credentials_release(creds); GRPCFreeChannelArgs(coreChannelArgs); return unmanagedChannel; } diff --git a/src/objective-c/GRPCClient/private/GRPCCore/GRPCSecureChannelFactory.m b/src/objective-c/GRPCClient/private/GRPCCore/GRPCSecureChannelFactory.m index b718a52982baf..64cbf2297bf71 100644 --- a/src/objective-c/GRPCClient/private/GRPCCore/GRPCSecureChannelFactory.m +++ b/src/objective-c/GRPCClient/private/GRPCCore/GRPCSecureChannelFactory.m @@ -113,7 +113,7 @@ - (grpc_channel *)createChannelWithHost:(NSString *)host channelArgs:(NSDictiona } grpc_channel_args *coreChannelArgs = GRPCBuildChannelArgs(args); grpc_channel *unmanagedChannel = - grpc_secure_channel_create(_channelCreds, host.UTF8String, coreChannelArgs, NULL); + grpc_channel_create(host.UTF8String, _channelCreds, coreChannelArgs); GRPCFreeChannelArgs(coreChannelArgs); return unmanagedChannel; } diff --git a/src/objective-c/tests/CronetTests/CoreCronetEnd2EndTests.mm b/src/objective-c/tests/CronetTests/CoreCronetEnd2EndTests.mm index 9adbef5261a68..d0f21baf404de 100644 --- a/src/objective-c/tests/CronetTests/CoreCronetEnd2EndTests.mm +++ b/src/objective-c/tests/CronetTests/CoreCronetEnd2EndTests.mm @@ -96,7 +96,7 @@ static void chttp2_init_server_secure_fullstack(grpc_end2end_test_fixture *f, } f->server = grpc_server_create(server_args, NULL); grpc_server_register_completion_queue(f->server, f->cq, NULL); - GPR_ASSERT(grpc_server_add_secure_http2_port(f->server, ffd->localaddr.c_str(), server_creds)); + GPR_ASSERT(grpc_server_add_http2_port(f->server, ffd->localaddr.c_str(), server_creds)); grpc_server_credentials_release(server_creds); grpc_server_start(f->server); } diff --git a/src/php/ext/grpc/channel.c b/src/php/ext/grpc/channel.c index b308e3b566046..8cac73ffd7d58 100644 --- a/src/php/ext/grpc/channel.c +++ b/src/php/ext/grpc/channel.c @@ -241,11 +241,12 @@ void create_channel( grpc_channel_args args, wrapped_grpc_channel_credentials *creds) { if (creds == NULL) { - channel->wrapper->wrapped = grpc_insecure_channel_create(target, &args, - NULL); + grpc_channel_credentials* insecure_creds = grpc_insecure_credentials_create(); + channel->wrapper->wrapped = grpc_channel_create(target, insecure_creds, &args); + grpc_channel_credentials_release(insecure_creds); } else { channel->wrapper->wrapped = - grpc_secure_channel_create(creds->wrapped, target, &args, NULL); + grpc_channel_create(target, creds->wrapped, &args); } // There is an Grpc\Channel object refer to it. php_grpc_channel_ref(channel->wrapper); diff --git a/src/php/ext/grpc/php_grpc.c b/src/php/ext/grpc/php_grpc.c index 62033ec990a06..8a0aa075fdf24 100644 --- a/src/php/ext/grpc/php_grpc.c +++ b/src/php/ext/grpc/php_grpc.c @@ -28,6 +28,7 @@ #include "server_credentials.h" #include "completion_queue.h" #include +#include #include #include #include @@ -110,11 +111,12 @@ void create_new_channel( grpc_channel_args args, wrapped_grpc_channel_credentials *creds) { if (creds == NULL) { - channel->wrapper->wrapped = grpc_insecure_channel_create(target, &args, - NULL); + grpc_channel_credentials *insecure_creds = grpc_insecure_credentials_create(); + channel->wrapper->wrapped = grpc_channel_create(target, insecure_creds, &args); + grpc_channel_credentials_release(insecure_creds); } else { channel->wrapper->wrapped = - grpc_secure_channel_create(creds->wrapped, target, &args, NULL); + grpc_channel_create(target, creds->wrapped, &args); } } diff --git a/src/php/ext/grpc/server.c b/src/php/ext/grpc/server.c index 7f3c3b8e3bb64..2001760e34993 100644 --- a/src/php/ext/grpc/server.c +++ b/src/php/ext/grpc/server.c @@ -164,7 +164,10 @@ PHP_METHOD(Server, addHttp2Port) { "add_http2_port expects a string", 1 TSRMLS_CC); return; } - RETURN_LONG(grpc_server_add_insecure_http2_port(server->wrapped, addr)); + grpc_server_credentials *creds = grpc_insecure_server_credentials_create(); + int result = grpc_server_add_http2_port(server->wrapped, addr, creds); + grpc_server_credentials_release(creds); + RETURN_LONG(result); } /** @@ -191,7 +194,7 @@ PHP_METHOD(Server, addSecureHttp2Port) { } wrapped_grpc_server_credentials *creds = PHP_GRPC_GET_WRAPPED_OBJECT(wrapped_grpc_server_credentials, creds_obj); - RETURN_LONG(grpc_server_add_secure_http2_port(server->wrapped, addr, + RETURN_LONG(grpc_server_add_http2_port(server->wrapped, addr, creds->wrapped)); } diff --git a/src/python/grpcio/grpc/_cython/_cygrpc/aio/channel.pyx.pxi b/src/python/grpcio/grpc/_cython/_cygrpc/aio/channel.pyx.pxi index beadce67b4a37..0b97c2ba370b8 100644 --- a/src/python/grpcio/grpc/_cython/_cygrpc/aio/channel.pyx.pxi +++ b/src/python/grpcio/grpc/_cython/_cygrpc/aio/channel.pyx.pxi @@ -37,17 +37,16 @@ cdef class AioChannel: if credentials is None: self._is_secure = False - self.channel = grpc_insecure_channel_create( - target, - channel_args.c_args(), - NULL) + creds = grpc_insecure_credentials_create(); + self.channel = grpc_channel_create(target, + creds, + channel_args.c_args()) + grpc_channel_credentials_release(creds) else: self._is_secure = True - self.channel = grpc_secure_channel_create( + self.channel = grpc_channel_create(target, credentials.c(), - target, - channel_args.c_args(), - NULL) + channel_args.c_args()) def __dealloc__(self): shutdown_grpc_aio() diff --git a/src/python/grpcio/grpc/_cython/_cygrpc/channel.pyx.pxi b/src/python/grpcio/grpc/_cython/_cygrpc/channel.pyx.pxi index ebffb7b0a25c4..1422eaa34961e 100644 --- a/src/python/grpcio/grpc/_cython/_cygrpc/channel.pyx.pxi +++ b/src/python/grpcio/grpc/_cython/_cygrpc/channel.pyx.pxi @@ -452,14 +452,12 @@ cdef class Channel: grpc_completion_queue_create_for_next(NULL)) self._arguments = arguments cdef _ChannelArgs channel_args = _ChannelArgs(arguments) - if channel_credentials is None: - self._state.c_channel = grpc_insecure_channel_create( - target, channel_args.c_args(), NULL) - else: - c_channel_credentials = channel_credentials.c() - self._state.c_channel = grpc_secure_channel_create( - c_channel_credentials, target, channel_args.c_args(), NULL) - grpc_channel_credentials_release(c_channel_credentials) + c_channel_credentials = ( + channel_credentials.c() if channel_credentials is not None + else grpc_insecure_credentials_create()) + self._state.c_channel = grpc_channel_create( + target, c_channel_credentials, channel_args.c_args()) + grpc_channel_credentials_release(c_channel_credentials) def target(self): cdef char *c_target diff --git a/src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxi b/src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxi index 684e0a3e399ec..7fde61d7dd2d9 100644 --- a/src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxi +++ b/src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxi @@ -373,9 +373,6 @@ cdef extern from "grpc/grpc.h": char *grpc_call_get_peer(grpc_call *call) nogil void grpc_call_unref(grpc_call *call) nogil - grpc_channel *grpc_insecure_channel_create(const char *target, - const grpc_channel_args *args, - void *reserved) nogil grpc_call *grpc_channel_create_call( grpc_channel *channel, grpc_call *parent_call, uint32_t propagation_mask, grpc_completion_queue *completion_queue, grpc_slice method, @@ -416,8 +413,6 @@ cdef extern from "grpc/grpc.h": const grpc_channel_args* args) nogil - int grpc_server_add_insecure_http2_port( - grpc_server *server, const char *addr) nogil void grpc_server_start(grpc_server *server) nogil void grpc_server_shutdown_and_notify( grpc_server *server, grpc_completion_queue *cq, void *tag) nogil @@ -560,9 +555,9 @@ cdef extern from "grpc/grpc_security.h": void *reserved) nogil void grpc_call_credentials_release(grpc_call_credentials *creds) nogil - grpc_channel *grpc_secure_channel_create( - grpc_channel_credentials *creds, const char *target, - const grpc_channel_args *args, void *reserved) nogil + grpc_channel *grpc_channel_create( + const char *target, grpc_channel_credentials *creds, + const grpc_channel_args *args) nogil ctypedef struct grpc_server_credentials: # We don't care about the internals (and in fact don't know them) @@ -570,7 +565,7 @@ cdef extern from "grpc/grpc_security.h": void grpc_server_credentials_release(grpc_server_credentials *creds) nogil - int grpc_server_add_secure_http2_port(grpc_server *server, const char *addr, + int grpc_server_add_http2_port(grpc_server *server, const char *addr, grpc_server_credentials *creds) nogil grpc_call_error grpc_call_set_credentials(grpc_call *call, diff --git a/src/python/grpcio/grpc/_cython/_cygrpc/server.pyx.pxi b/src/python/grpcio/grpc/_cython/_cygrpc/server.pyx.pxi index d3caf3a5b843f..29dabec61d917 100644 --- a/src/python/grpcio/grpc/_cython/_cygrpc/server.pyx.pxi +++ b/src/python/grpcio/grpc/_cython/_cygrpc/server.pyx.pxi @@ -88,12 +88,14 @@ cdef class Server: if server_credentials is not None: self.references.append(server_credentials) with nogil: - result = grpc_server_add_secure_http2_port( + result = grpc_server_add_http2_port( self.c_server, address_c_string, server_credentials.c_credentials) else: with nogil: - result = grpc_server_add_insecure_http2_port(self.c_server, - address_c_string) + creds = grpc_insecure_server_credentials_create() + result = grpc_server_add_http2_port(self.c_server, + address_c_string, creds) + grpc_server_credentials_release(creds) return result cdef _c_shutdown(self, CompletionQueue queue, tag): diff --git a/src/python/grpcio/grpc_core_dependencies.py b/src/python/grpcio/grpc_core_dependencies.py index 5c34468b14cc5..009ed4a483ec9 100644 --- a/src/python/grpcio/grpc_core_dependencies.py +++ b/src/python/grpcio/grpc_core_dependencies.py @@ -35,7 +35,6 @@ 'src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc', - 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc', 'src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc', 'src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc', @@ -92,13 +91,7 @@ 'src/core/ext/filters/server_config_selector/server_config_selector_filter.cc', 'src/core/ext/transport/chttp2/alpn/alpn.cc', 'src/core/ext/transport/chttp2/client/chttp2_connector.cc', - 'src/core/ext/transport/chttp2/client/insecure/channel_create.cc', - 'src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc', - 'src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc', 'src/core/ext/transport/chttp2/server/chttp2_server.cc', - 'src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc', - 'src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc', - 'src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc', 'src/core/ext/transport/chttp2/transport/bin_decoder.cc', 'src/core/ext/transport/chttp2/transport/bin_encoder.cc', 'src/core/ext/transport/chttp2/transport/chttp2_plugin.cc', @@ -684,7 +677,6 @@ 'src/core/lib/surface/completion_queue_factory.cc', 'src/core/lib/surface/event_string.cc', 'src/core/lib/surface/init.cc', - 'src/core/lib/surface/init_secure.cc', 'src/core/lib/surface/lame_client.cc', 'src/core/lib/surface/metadata_array.cc', 'src/core/lib/surface/server.cc', @@ -702,6 +694,7 @@ 'src/core/lib/transport/transport_op_string.cc', 'src/core/lib/uri/uri_parser.cc', 'src/core/plugin_registry/grpc_plugin_registry.cc', + 'src/core/plugin_registry/grpc_plugin_registry_extra.cc', 'src/core/tsi/alts/crypt/aes_gcm.cc', 'src/core/tsi/alts/crypt/gsec.cc', 'src/core/tsi/alts/frame_protector/alts_counter.cc', diff --git a/src/python/grpcio_tests/tests/unit/_auth_context_test.py b/src/python/grpcio_tests/tests/unit/_auth_context_test.py index 97a13085748c2..abacc8ba82d68 100644 --- a/src/python/grpcio_tests/tests/unit/_auth_context_test.py +++ b/src/python/grpcio_tests/tests/unit/_auth_context_test.py @@ -78,7 +78,11 @@ def testInsecure(self): auth_data = pickle.loads(response) self.assertIsNone(auth_data[_ID]) self.assertIsNone(auth_data[_ID_KEY]) - self.assertDictEqual({}, auth_data[_AUTH_CTX]) + self.assertDictEqual( + { + 'security_level': [b'TSI_SECURITY_NONE'], + 'transport_security_type': [b'insecure'], + }, auth_data[_AUTH_CTX]) def testSecureNoCert(self): handler = grpc.method_handlers_generic_handler('test', { diff --git a/src/python/grpcio_tests/tests_aio/unit/auth_context_test.py b/src/python/grpcio_tests/tests_aio/unit/auth_context_test.py index 698f94b48ea32..d4f015ceeb92c 100644 --- a/src/python/grpcio_tests/tests_aio/unit/auth_context_test.py +++ b/src/python/grpcio_tests/tests_aio/unit/auth_context_test.py @@ -79,7 +79,11 @@ async def test_insecure(self): auth_data = pickle.loads(response) self.assertIsNone(auth_data[_ID]) self.assertIsNone(auth_data[_ID_KEY]) - self.assertDictEqual({}, auth_data[_AUTH_CTX]) + self.assertDictEqual( + { + 'security_level': [b'TSI_SECURITY_NONE'], + 'transport_security_type': [b'insecure'], + }, auth_data[_AUTH_CTX]) async def test_secure_no_cert(self): handler = grpc.method_handlers_generic_handler('test', { diff --git a/src/ruby/ext/grpc/rb_channel.c b/src/ruby/ext/grpc/rb_channel.c index dc833f4781580..e48e2b109f67d 100644 --- a/src/ruby/ext/grpc/rb_channel.c +++ b/src/ruby/ext/grpc/rb_channel.c @@ -242,7 +242,10 @@ static VALUE grpc_rb_channel_init(int argc, VALUE* argv, VALUE self) { "bad creds symbol, want :this_channel_is_insecure"); return Qnil; } - ch = grpc_insecure_channel_create(target_chars, &args, NULL); + grpc_channel_credentials* insecure_creds = + grpc_insecure_credentials_create(); + ch = grpc_channel_create(target_chars, insecure_creds, &args); + grpc_channel_credentials_release(insecure_creds); } else { wrapper->credentials = credentials; if (grpc_rb_is_channel_credentials(credentials)) { @@ -254,7 +257,7 @@ static VALUE grpc_rb_channel_init(int argc, VALUE* argv, VALUE self) { "bad creds, want ChannelCredentials or XdsChannelCredentials"); return Qnil; } - ch = grpc_secure_channel_create(creds, target_chars, &args, NULL); + ch = grpc_channel_create(target_chars, creds, &args); } GPR_ASSERT(ch); diff --git a/src/ruby/ext/grpc/rb_grpc_imports.generated.c b/src/ruby/ext/grpc/rb_grpc_imports.generated.c index d54a5b76519e3..9410782858048 100644 --- a/src/ruby/ext/grpc/rb_grpc_imports.generated.c +++ b/src/ruby/ext/grpc/rb_grpc_imports.generated.c @@ -68,7 +68,9 @@ grpc_census_call_get_context_type grpc_census_call_get_context_import; grpc_channel_get_target_type grpc_channel_get_target_import; grpc_channel_get_info_type grpc_channel_get_info_import; grpc_channel_reset_connect_backoff_type grpc_channel_reset_connect_backoff_import; -grpc_insecure_channel_create_type grpc_insecure_channel_create_import; +grpc_channel_credentials_release_type grpc_channel_credentials_release_import; +grpc_server_credentials_release_type grpc_server_credentials_release_import; +grpc_channel_create_type grpc_channel_create_import; grpc_lame_client_channel_create_type grpc_lame_client_channel_create_import; grpc_channel_destroy_type grpc_channel_destroy_import; grpc_call_cancel_type grpc_call_cancel_import; @@ -84,7 +86,7 @@ grpc_server_register_completion_queue_type grpc_server_register_completion_queue grpc_server_config_fetcher_xds_create_type grpc_server_config_fetcher_xds_create_import; grpc_server_config_fetcher_destroy_type grpc_server_config_fetcher_destroy_import; grpc_server_set_config_fetcher_type grpc_server_set_config_fetcher_import; -grpc_server_add_insecure_http2_port_type grpc_server_add_insecure_http2_port_import; +grpc_server_add_http2_port_type grpc_server_add_http2_port_import; grpc_server_start_type grpc_server_start_import; grpc_server_shutdown_and_notify_type grpc_server_shutdown_and_notify_import; grpc_server_cancel_all_calls_type grpc_server_cancel_all_calls_import; @@ -109,8 +111,8 @@ grpc_channelz_get_channel_type grpc_channelz_get_channel_import; grpc_channelz_get_subchannel_type grpc_channelz_get_subchannel_import; grpc_channelz_get_socket_type grpc_channelz_get_socket_import; grpc_authorization_policy_provider_arg_vtable_type grpc_authorization_policy_provider_arg_vtable_import; -grpc_insecure_channel_create_from_fd_type grpc_insecure_channel_create_from_fd_import; -grpc_server_add_insecure_channel_from_fd_type grpc_server_add_insecure_channel_from_fd_import; +grpc_channel_create_from_fd_type grpc_channel_create_from_fd_import; +grpc_server_add_channel_from_fd_type grpc_server_add_channel_from_fd_import; grpc_auth_property_iterator_next_type grpc_auth_property_iterator_next_import; grpc_auth_context_property_iterator_type grpc_auth_context_property_iterator_import; grpc_auth_context_peer_identity_type grpc_auth_context_peer_identity_import; @@ -126,7 +128,6 @@ grpc_ssl_session_cache_create_lru_type grpc_ssl_session_cache_create_lru_import; grpc_ssl_session_cache_destroy_type grpc_ssl_session_cache_destroy_import; grpc_ssl_session_cache_create_channel_arg_type grpc_ssl_session_cache_create_channel_arg_import; grpc_call_credentials_release_type grpc_call_credentials_release_import; -grpc_channel_credentials_release_type grpc_channel_credentials_release_import; grpc_google_default_credentials_create_type grpc_google_default_credentials_create_import; grpc_set_ssl_roots_override_callback_type grpc_set_ssl_roots_override_callback_import; grpc_ssl_credentials_create_type grpc_ssl_credentials_create_import; @@ -144,8 +145,6 @@ grpc_sts_credentials_create_type grpc_sts_credentials_create_import; grpc_auth_metadata_context_copy_type grpc_auth_metadata_context_copy_import; grpc_auth_metadata_context_reset_type grpc_auth_metadata_context_reset_import; grpc_metadata_credentials_create_from_plugin_type grpc_metadata_credentials_create_from_plugin_import; -grpc_secure_channel_create_type grpc_secure_channel_create_import; -grpc_server_credentials_release_type grpc_server_credentials_release_import; grpc_ssl_server_certificate_config_create_type grpc_ssl_server_certificate_config_create_import; grpc_ssl_server_certificate_config_destroy_type grpc_ssl_server_certificate_config_destroy_import; grpc_ssl_server_credentials_create_type grpc_ssl_server_credentials_create_import; @@ -154,7 +153,6 @@ grpc_ssl_server_credentials_create_options_using_config_type grpc_ssl_server_cre grpc_ssl_server_credentials_create_options_using_config_fetcher_type grpc_ssl_server_credentials_create_options_using_config_fetcher_import; grpc_ssl_server_credentials_options_destroy_type grpc_ssl_server_credentials_options_destroy_import; grpc_ssl_server_credentials_create_with_options_type grpc_ssl_server_credentials_create_with_options_import; -grpc_server_add_secure_http2_port_type grpc_server_add_secure_http2_port_import; grpc_call_set_credentials_type grpc_call_set_credentials_import; grpc_server_credentials_set_auth_metadata_processor_type grpc_server_credentials_set_auth_metadata_processor_import; grpc_alts_credentials_client_options_create_type grpc_alts_credentials_client_options_create_import; @@ -181,6 +179,8 @@ grpc_tls_credentials_options_set_cert_request_type_type grpc_tls_credentials_opt grpc_tls_credentials_options_set_crl_directory_type grpc_tls_credentials_options_set_crl_directory_import; grpc_tls_credentials_options_set_verify_server_cert_type grpc_tls_credentials_options_set_verify_server_cert_import; grpc_tls_credentials_options_set_check_call_host_type grpc_tls_credentials_options_set_check_call_host_import; +grpc_insecure_credentials_create_type grpc_insecure_credentials_create_import; +grpc_insecure_server_credentials_create_type grpc_insecure_server_credentials_create_import; grpc_xds_credentials_create_type grpc_xds_credentials_create_import; grpc_xds_server_credentials_create_type grpc_xds_server_credentials_create_import; grpc_authorization_policy_provider_static_data_create_type grpc_authorization_policy_provider_static_data_create_import; @@ -354,7 +354,9 @@ void grpc_rb_load_imports(HMODULE library) { grpc_channel_get_target_import = (grpc_channel_get_target_type) GetProcAddress(library, "grpc_channel_get_target"); grpc_channel_get_info_import = (grpc_channel_get_info_type) GetProcAddress(library, "grpc_channel_get_info"); grpc_channel_reset_connect_backoff_import = (grpc_channel_reset_connect_backoff_type) GetProcAddress(library, "grpc_channel_reset_connect_backoff"); - grpc_insecure_channel_create_import = (grpc_insecure_channel_create_type) GetProcAddress(library, "grpc_insecure_channel_create"); + grpc_channel_credentials_release_import = (grpc_channel_credentials_release_type) GetProcAddress(library, "grpc_channel_credentials_release"); + grpc_server_credentials_release_import = (grpc_server_credentials_release_type) GetProcAddress(library, "grpc_server_credentials_release"); + grpc_channel_create_import = (grpc_channel_create_type) GetProcAddress(library, "grpc_channel_create"); grpc_lame_client_channel_create_import = (grpc_lame_client_channel_create_type) GetProcAddress(library, "grpc_lame_client_channel_create"); grpc_channel_destroy_import = (grpc_channel_destroy_type) GetProcAddress(library, "grpc_channel_destroy"); grpc_call_cancel_import = (grpc_call_cancel_type) GetProcAddress(library, "grpc_call_cancel"); @@ -370,7 +372,7 @@ void grpc_rb_load_imports(HMODULE library) { grpc_server_config_fetcher_xds_create_import = (grpc_server_config_fetcher_xds_create_type) GetProcAddress(library, "grpc_server_config_fetcher_xds_create"); grpc_server_config_fetcher_destroy_import = (grpc_server_config_fetcher_destroy_type) GetProcAddress(library, "grpc_server_config_fetcher_destroy"); grpc_server_set_config_fetcher_import = (grpc_server_set_config_fetcher_type) GetProcAddress(library, "grpc_server_set_config_fetcher"); - grpc_server_add_insecure_http2_port_import = (grpc_server_add_insecure_http2_port_type) GetProcAddress(library, "grpc_server_add_insecure_http2_port"); + grpc_server_add_http2_port_import = (grpc_server_add_http2_port_type) GetProcAddress(library, "grpc_server_add_http2_port"); grpc_server_start_import = (grpc_server_start_type) GetProcAddress(library, "grpc_server_start"); grpc_server_shutdown_and_notify_import = (grpc_server_shutdown_and_notify_type) GetProcAddress(library, "grpc_server_shutdown_and_notify"); grpc_server_cancel_all_calls_import = (grpc_server_cancel_all_calls_type) GetProcAddress(library, "grpc_server_cancel_all_calls"); @@ -395,8 +397,8 @@ void grpc_rb_load_imports(HMODULE library) { grpc_channelz_get_subchannel_import = (grpc_channelz_get_subchannel_type) GetProcAddress(library, "grpc_channelz_get_subchannel"); grpc_channelz_get_socket_import = (grpc_channelz_get_socket_type) GetProcAddress(library, "grpc_channelz_get_socket"); grpc_authorization_policy_provider_arg_vtable_import = (grpc_authorization_policy_provider_arg_vtable_type) GetProcAddress(library, "grpc_authorization_policy_provider_arg_vtable"); - grpc_insecure_channel_create_from_fd_import = (grpc_insecure_channel_create_from_fd_type) GetProcAddress(library, "grpc_insecure_channel_create_from_fd"); - grpc_server_add_insecure_channel_from_fd_import = (grpc_server_add_insecure_channel_from_fd_type) GetProcAddress(library, "grpc_server_add_insecure_channel_from_fd"); + grpc_channel_create_from_fd_import = (grpc_channel_create_from_fd_type) GetProcAddress(library, "grpc_channel_create_from_fd"); + grpc_server_add_channel_from_fd_import = (grpc_server_add_channel_from_fd_type) GetProcAddress(library, "grpc_server_add_channel_from_fd"); grpc_auth_property_iterator_next_import = (grpc_auth_property_iterator_next_type) GetProcAddress(library, "grpc_auth_property_iterator_next"); grpc_auth_context_property_iterator_import = (grpc_auth_context_property_iterator_type) GetProcAddress(library, "grpc_auth_context_property_iterator"); grpc_auth_context_peer_identity_import = (grpc_auth_context_peer_identity_type) GetProcAddress(library, "grpc_auth_context_peer_identity"); @@ -412,7 +414,6 @@ void grpc_rb_load_imports(HMODULE library) { grpc_ssl_session_cache_destroy_import = (grpc_ssl_session_cache_destroy_type) GetProcAddress(library, "grpc_ssl_session_cache_destroy"); grpc_ssl_session_cache_create_channel_arg_import = (grpc_ssl_session_cache_create_channel_arg_type) GetProcAddress(library, "grpc_ssl_session_cache_create_channel_arg"); grpc_call_credentials_release_import = (grpc_call_credentials_release_type) GetProcAddress(library, "grpc_call_credentials_release"); - grpc_channel_credentials_release_import = (grpc_channel_credentials_release_type) GetProcAddress(library, "grpc_channel_credentials_release"); grpc_google_default_credentials_create_import = (grpc_google_default_credentials_create_type) GetProcAddress(library, "grpc_google_default_credentials_create"); grpc_set_ssl_roots_override_callback_import = (grpc_set_ssl_roots_override_callback_type) GetProcAddress(library, "grpc_set_ssl_roots_override_callback"); grpc_ssl_credentials_create_import = (grpc_ssl_credentials_create_type) GetProcAddress(library, "grpc_ssl_credentials_create"); @@ -430,8 +431,6 @@ void grpc_rb_load_imports(HMODULE library) { grpc_auth_metadata_context_copy_import = (grpc_auth_metadata_context_copy_type) GetProcAddress(library, "grpc_auth_metadata_context_copy"); grpc_auth_metadata_context_reset_import = (grpc_auth_metadata_context_reset_type) GetProcAddress(library, "grpc_auth_metadata_context_reset"); grpc_metadata_credentials_create_from_plugin_import = (grpc_metadata_credentials_create_from_plugin_type) GetProcAddress(library, "grpc_metadata_credentials_create_from_plugin"); - grpc_secure_channel_create_import = (grpc_secure_channel_create_type) GetProcAddress(library, "grpc_secure_channel_create"); - grpc_server_credentials_release_import = (grpc_server_credentials_release_type) GetProcAddress(library, "grpc_server_credentials_release"); grpc_ssl_server_certificate_config_create_import = (grpc_ssl_server_certificate_config_create_type) GetProcAddress(library, "grpc_ssl_server_certificate_config_create"); grpc_ssl_server_certificate_config_destroy_import = (grpc_ssl_server_certificate_config_destroy_type) GetProcAddress(library, "grpc_ssl_server_certificate_config_destroy"); grpc_ssl_server_credentials_create_import = (grpc_ssl_server_credentials_create_type) GetProcAddress(library, "grpc_ssl_server_credentials_create"); @@ -440,7 +439,6 @@ void grpc_rb_load_imports(HMODULE library) { grpc_ssl_server_credentials_create_options_using_config_fetcher_import = (grpc_ssl_server_credentials_create_options_using_config_fetcher_type) GetProcAddress(library, "grpc_ssl_server_credentials_create_options_using_config_fetcher"); grpc_ssl_server_credentials_options_destroy_import = (grpc_ssl_server_credentials_options_destroy_type) GetProcAddress(library, "grpc_ssl_server_credentials_options_destroy"); grpc_ssl_server_credentials_create_with_options_import = (grpc_ssl_server_credentials_create_with_options_type) GetProcAddress(library, "grpc_ssl_server_credentials_create_with_options"); - grpc_server_add_secure_http2_port_import = (grpc_server_add_secure_http2_port_type) GetProcAddress(library, "grpc_server_add_secure_http2_port"); grpc_call_set_credentials_import = (grpc_call_set_credentials_type) GetProcAddress(library, "grpc_call_set_credentials"); grpc_server_credentials_set_auth_metadata_processor_import = (grpc_server_credentials_set_auth_metadata_processor_type) GetProcAddress(library, "grpc_server_credentials_set_auth_metadata_processor"); grpc_alts_credentials_client_options_create_import = (grpc_alts_credentials_client_options_create_type) GetProcAddress(library, "grpc_alts_credentials_client_options_create"); @@ -467,6 +465,8 @@ void grpc_rb_load_imports(HMODULE library) { grpc_tls_credentials_options_set_crl_directory_import = (grpc_tls_credentials_options_set_crl_directory_type) GetProcAddress(library, "grpc_tls_credentials_options_set_crl_directory"); grpc_tls_credentials_options_set_verify_server_cert_import = (grpc_tls_credentials_options_set_verify_server_cert_type) GetProcAddress(library, "grpc_tls_credentials_options_set_verify_server_cert"); grpc_tls_credentials_options_set_check_call_host_import = (grpc_tls_credentials_options_set_check_call_host_type) GetProcAddress(library, "grpc_tls_credentials_options_set_check_call_host"); + grpc_insecure_credentials_create_import = (grpc_insecure_credentials_create_type) GetProcAddress(library, "grpc_insecure_credentials_create"); + grpc_insecure_server_credentials_create_import = (grpc_insecure_server_credentials_create_type) GetProcAddress(library, "grpc_insecure_server_credentials_create"); grpc_xds_credentials_create_import = (grpc_xds_credentials_create_type) GetProcAddress(library, "grpc_xds_credentials_create"); grpc_xds_server_credentials_create_import = (grpc_xds_server_credentials_create_type) GetProcAddress(library, "grpc_xds_server_credentials_create"); grpc_authorization_policy_provider_static_data_create_import = (grpc_authorization_policy_provider_static_data_create_type) GetProcAddress(library, "grpc_authorization_policy_provider_static_data_create"); diff --git a/src/ruby/ext/grpc/rb_grpc_imports.generated.h b/src/ruby/ext/grpc/rb_grpc_imports.generated.h index 30f1a2e601fde..27f2cd84bac58 100644 --- a/src/ruby/ext/grpc/rb_grpc_imports.generated.h +++ b/src/ruby/ext/grpc/rb_grpc_imports.generated.h @@ -179,9 +179,15 @@ extern grpc_channel_get_info_type grpc_channel_get_info_import; typedef void(*grpc_channel_reset_connect_backoff_type)(grpc_channel* channel); extern grpc_channel_reset_connect_backoff_type grpc_channel_reset_connect_backoff_import; #define grpc_channel_reset_connect_backoff grpc_channel_reset_connect_backoff_import -typedef grpc_channel*(*grpc_insecure_channel_create_type)(const char* target, const grpc_channel_args* args, void* reserved); -extern grpc_insecure_channel_create_type grpc_insecure_channel_create_import; -#define grpc_insecure_channel_create grpc_insecure_channel_create_import +typedef void(*grpc_channel_credentials_release_type)(grpc_channel_credentials* creds); +extern grpc_channel_credentials_release_type grpc_channel_credentials_release_import; +#define grpc_channel_credentials_release grpc_channel_credentials_release_import +typedef void(*grpc_server_credentials_release_type)(grpc_server_credentials* creds); +extern grpc_server_credentials_release_type grpc_server_credentials_release_import; +#define grpc_server_credentials_release grpc_server_credentials_release_import +typedef grpc_channel*(*grpc_channel_create_type)(const char* target, grpc_channel_credentials* creds, const grpc_channel_args* args); +extern grpc_channel_create_type grpc_channel_create_import; +#define grpc_channel_create grpc_channel_create_import typedef grpc_channel*(*grpc_lame_client_channel_create_type)(const char* target, grpc_status_code error_code, const char* error_message); extern grpc_lame_client_channel_create_type grpc_lame_client_channel_create_import; #define grpc_lame_client_channel_create grpc_lame_client_channel_create_import @@ -227,9 +233,9 @@ extern grpc_server_config_fetcher_destroy_type grpc_server_config_fetcher_destro typedef void(*grpc_server_set_config_fetcher_type)(grpc_server* server, grpc_server_config_fetcher* config_fetcher); extern grpc_server_set_config_fetcher_type grpc_server_set_config_fetcher_import; #define grpc_server_set_config_fetcher grpc_server_set_config_fetcher_import -typedef int(*grpc_server_add_insecure_http2_port_type)(grpc_server* server, const char* addr); -extern grpc_server_add_insecure_http2_port_type grpc_server_add_insecure_http2_port_import; -#define grpc_server_add_insecure_http2_port grpc_server_add_insecure_http2_port_import +typedef int(*grpc_server_add_http2_port_type)(grpc_server* server, const char* addr, grpc_server_credentials* creds); +extern grpc_server_add_http2_port_type grpc_server_add_http2_port_import; +#define grpc_server_add_http2_port grpc_server_add_http2_port_import typedef void(*grpc_server_start_type)(grpc_server* server); extern grpc_server_start_type grpc_server_start_import; #define grpc_server_start grpc_server_start_import @@ -302,12 +308,12 @@ extern grpc_channelz_get_socket_type grpc_channelz_get_socket_import; typedef const grpc_arg_pointer_vtable*(*grpc_authorization_policy_provider_arg_vtable_type)(void); extern grpc_authorization_policy_provider_arg_vtable_type grpc_authorization_policy_provider_arg_vtable_import; #define grpc_authorization_policy_provider_arg_vtable grpc_authorization_policy_provider_arg_vtable_import -typedef grpc_channel*(*grpc_insecure_channel_create_from_fd_type)(const char* target, int fd, const grpc_channel_args* args); -extern grpc_insecure_channel_create_from_fd_type grpc_insecure_channel_create_from_fd_import; -#define grpc_insecure_channel_create_from_fd grpc_insecure_channel_create_from_fd_import -typedef void(*grpc_server_add_insecure_channel_from_fd_type)(grpc_server* server, void* reserved, int fd); -extern grpc_server_add_insecure_channel_from_fd_type grpc_server_add_insecure_channel_from_fd_import; -#define grpc_server_add_insecure_channel_from_fd grpc_server_add_insecure_channel_from_fd_import +typedef grpc_channel*(*grpc_channel_create_from_fd_type)(const char* target, int fd, grpc_channel_credentials* creds, const grpc_channel_args* args); +extern grpc_channel_create_from_fd_type grpc_channel_create_from_fd_import; +#define grpc_channel_create_from_fd grpc_channel_create_from_fd_import +typedef void(*grpc_server_add_channel_from_fd_type)(grpc_server* server, int fd, grpc_server_credentials* creds); +extern grpc_server_add_channel_from_fd_type grpc_server_add_channel_from_fd_import; +#define grpc_server_add_channel_from_fd grpc_server_add_channel_from_fd_import typedef const grpc_auth_property*(*grpc_auth_property_iterator_next_type)(grpc_auth_property_iterator* it); extern grpc_auth_property_iterator_next_type grpc_auth_property_iterator_next_import; #define grpc_auth_property_iterator_next grpc_auth_property_iterator_next_import @@ -353,9 +359,6 @@ extern grpc_ssl_session_cache_create_channel_arg_type grpc_ssl_session_cache_cre typedef void(*grpc_call_credentials_release_type)(grpc_call_credentials* creds); extern grpc_call_credentials_release_type grpc_call_credentials_release_import; #define grpc_call_credentials_release grpc_call_credentials_release_import -typedef void(*grpc_channel_credentials_release_type)(grpc_channel_credentials* creds); -extern grpc_channel_credentials_release_type grpc_channel_credentials_release_import; -#define grpc_channel_credentials_release grpc_channel_credentials_release_import typedef grpc_channel_credentials*(*grpc_google_default_credentials_create_type)(grpc_call_credentials* call_credentials); extern grpc_google_default_credentials_create_type grpc_google_default_credentials_create_import; #define grpc_google_default_credentials_create grpc_google_default_credentials_create_import @@ -407,12 +410,6 @@ extern grpc_auth_metadata_context_reset_type grpc_auth_metadata_context_reset_im typedef grpc_call_credentials*(*grpc_metadata_credentials_create_from_plugin_type)(grpc_metadata_credentials_plugin plugin, grpc_security_level min_security_level, void* reserved); extern grpc_metadata_credentials_create_from_plugin_type grpc_metadata_credentials_create_from_plugin_import; #define grpc_metadata_credentials_create_from_plugin grpc_metadata_credentials_create_from_plugin_import -typedef grpc_channel*(*grpc_secure_channel_create_type)(grpc_channel_credentials* creds, const char* target, const grpc_channel_args* args, void* reserved); -extern grpc_secure_channel_create_type grpc_secure_channel_create_import; -#define grpc_secure_channel_create grpc_secure_channel_create_import -typedef void(*grpc_server_credentials_release_type)(grpc_server_credentials* creds); -extern grpc_server_credentials_release_type grpc_server_credentials_release_import; -#define grpc_server_credentials_release grpc_server_credentials_release_import typedef grpc_ssl_server_certificate_config*(*grpc_ssl_server_certificate_config_create_type)(const char* pem_root_certs, const grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs, size_t num_key_cert_pairs); extern grpc_ssl_server_certificate_config_create_type grpc_ssl_server_certificate_config_create_import; #define grpc_ssl_server_certificate_config_create grpc_ssl_server_certificate_config_create_import @@ -437,9 +434,6 @@ extern grpc_ssl_server_credentials_options_destroy_type grpc_ssl_server_credenti typedef grpc_server_credentials*(*grpc_ssl_server_credentials_create_with_options_type)(grpc_ssl_server_credentials_options* options); extern grpc_ssl_server_credentials_create_with_options_type grpc_ssl_server_credentials_create_with_options_import; #define grpc_ssl_server_credentials_create_with_options grpc_ssl_server_credentials_create_with_options_import -typedef int(*grpc_server_add_secure_http2_port_type)(grpc_server* server, const char* addr, grpc_server_credentials* creds); -extern grpc_server_add_secure_http2_port_type grpc_server_add_secure_http2_port_import; -#define grpc_server_add_secure_http2_port grpc_server_add_secure_http2_port_import typedef grpc_call_error(*grpc_call_set_credentials_type)(grpc_call* call, grpc_call_credentials* creds); extern grpc_call_set_credentials_type grpc_call_set_credentials_import; #define grpc_call_set_credentials grpc_call_set_credentials_import @@ -518,6 +512,12 @@ extern grpc_tls_credentials_options_set_verify_server_cert_type grpc_tls_credent typedef void(*grpc_tls_credentials_options_set_check_call_host_type)(grpc_tls_credentials_options* options, int check_call_host); extern grpc_tls_credentials_options_set_check_call_host_type grpc_tls_credentials_options_set_check_call_host_import; #define grpc_tls_credentials_options_set_check_call_host grpc_tls_credentials_options_set_check_call_host_import +typedef grpc_channel_credentials*(*grpc_insecure_credentials_create_type)(); +extern grpc_insecure_credentials_create_type grpc_insecure_credentials_create_import; +#define grpc_insecure_credentials_create grpc_insecure_credentials_create_import +typedef grpc_server_credentials*(*grpc_insecure_server_credentials_create_type)(); +extern grpc_insecure_server_credentials_create_type grpc_insecure_server_credentials_create_import; +#define grpc_insecure_server_credentials_create grpc_insecure_server_credentials_create_import typedef grpc_channel_credentials*(*grpc_xds_credentials_create_type)(grpc_channel_credentials* fallback_credentials); extern grpc_xds_credentials_create_type grpc_xds_credentials_create_import; #define grpc_xds_credentials_create grpc_xds_credentials_create_import diff --git a/src/ruby/ext/grpc/rb_server.c b/src/ruby/ext/grpc/rb_server.c index 0b19328129f7d..f41a2c9e92c5b 100644 --- a/src/ruby/ext/grpc/rb_server.c +++ b/src/ruby/ext/grpc/rb_server.c @@ -320,8 +320,11 @@ static VALUE grpc_rb_server_add_http2_port(VALUE self, VALUE port, rb_raise(rb_eTypeError, "bad creds symbol, want :this_port_is_insecure"); return Qnil; } - recvd_port = - grpc_server_add_insecure_http2_port(s->wrapped, StringValueCStr(port)); + grpc_server_credentials* insecure_creds = + grpc_insecure_server_credentials_create(); + recvd_port = grpc_server_add_http2_port(s->wrapped, StringValueCStr(port), + insecure_creds); + grpc_server_credentials_release(insecure_creds); if (recvd_port == 0) { rb_raise(rb_eRuntimeError, "could not add port %s to server, not sure why", @@ -340,8 +343,8 @@ static VALUE grpc_rb_server_add_http2_port(VALUE self, VALUE port, "failed to create server because credentials parameter has an " "invalid type, want ServerCredentials or XdsServerCredentials"); } - recvd_port = grpc_server_add_secure_http2_port( - s->wrapped, StringValueCStr(port), creds); + recvd_port = + grpc_server_add_http2_port(s->wrapped, StringValueCStr(port), creds); if (recvd_port == 0) { rb_raise(rb_eRuntimeError, "could not add secure port %s to server, not sure why", diff --git a/test/core/bad_connection/close_fd_test.cc b/test/core/bad_connection/close_fd_test.cc index 71d290a4e02e5..7312d40973077 100644 --- a/test/core/bad_connection/close_fd_test.cc +++ b/test/core/bad_connection/close_fd_test.cc @@ -91,9 +91,9 @@ static void client_setup_transport(grpc_transport* transport) { grpc_channel_args_copy_and_add(nullptr, &authority_arg, 1); /* TODO (pjaikumar): use GRPC_CLIENT_CHANNEL instead of * GRPC_CLIENT_DIRECT_CHANNEL */ - g_ctx.client = - grpc_channel_create("socketpair-target", args, GRPC_CLIENT_DIRECT_CHANNEL, - transport, nullptr); + g_ctx.client = grpc_channel_create_internal("socketpair-target", args, + GRPC_CLIENT_DIRECT_CHANNEL, + transport, nullptr); grpc_channel_args_destroy(args); } diff --git a/test/core/bad_ssl/bad_ssl_test.cc b/test/core/bad_ssl/bad_ssl_test.cc index 8fbf52b5cc090..2c8808841f786 100644 --- a/test/core/bad_ssl/bad_ssl_test.cc +++ b/test/core/bad_ssl/bad_ssl_test.cc @@ -66,7 +66,7 @@ static void run_test(const char* target, size_t nops) { grpc_metadata_array_init(&initial_metadata_recv); grpc_metadata_array_init(&trailing_metadata_recv); - channel = grpc_secure_channel_create(ssl_creds, target, &args, nullptr); + channel = grpc_channel_create(target, ssl_creds, &args); grpc_slice host = grpc_slice_from_static_string("foo.test.google.fr:1234"); c = grpc_channel_create_call(channel, nullptr, GRPC_PROPAGATE_DEFAULTS, cq, grpc_slice_from_static_string("/foo"), &host, diff --git a/test/core/bad_ssl/servers/alpn.cc b/test/core/bad_ssl/servers/alpn.cc index 27a9aa46e5267..975065d58557c 100644 --- a/test/core/bad_ssl/servers/alpn.cc +++ b/test/core/bad_ssl/servers/alpn.cc @@ -74,7 +74,7 @@ int main(int argc, char** argv) { ssl_creds = grpc_ssl_server_credentials_create(nullptr, &pem_key_cert_pair, 1, 0, nullptr); server = grpc_server_create(nullptr, nullptr); - GPR_ASSERT(grpc_server_add_secure_http2_port(server, addr, ssl_creds)); + GPR_ASSERT(grpc_server_add_http2_port(server, addr, ssl_creds)); grpc_server_credentials_release(ssl_creds); bad_ssl_run(server); diff --git a/test/core/bad_ssl/servers/cert.cc b/test/core/bad_ssl/servers/cert.cc index 7b95eb34b98f3..3951aabe8d67e 100644 --- a/test/core/bad_ssl/servers/cert.cc +++ b/test/core/bad_ssl/servers/cert.cc @@ -51,7 +51,7 @@ int main(int argc, char** argv) { ssl_creds = grpc_ssl_server_credentials_create(nullptr, &pem_key_cert_pair, 1, 0, nullptr); server = grpc_server_create(nullptr, nullptr); - GPR_ASSERT(grpc_server_add_secure_http2_port(server, addr, ssl_creds)); + GPR_ASSERT(grpc_server_add_http2_port(server, addr, ssl_creds)); grpc_server_credentials_release(ssl_creds); grpc_slice_unref(cert_slice); diff --git a/test/core/channel/channel_args_test.cc b/test/core/channel/channel_args_test.cc index d683f5152abcd..efcf5047cc1b2 100644 --- a/test/core/channel/channel_args_test.cc +++ b/test/core/channel/channel_args_test.cc @@ -20,6 +20,7 @@ #include +#include #include #include #include @@ -94,8 +95,9 @@ static void test_channel_create_with_args(void) { // creates channel grpc_channel_args client_args = {GPR_ARRAY_SIZE(client_a), client_a}; - grpc_channel* c = - grpc_insecure_channel_create("fake_target", &client_args, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + grpc_channel* c = grpc_channel_create("fake_target", creds, &client_args); + grpc_channel_credentials_release(creds); // user is can free the memory they allocated here gpr_free(fc); grpc_channel_destroy(c); @@ -158,13 +160,15 @@ static void test_channel_create_with_global_mutator(void) { // creates channels grpc_channel_args client_args = {GPR_ARRAY_SIZE(client_a), client_a}; - grpc_channel* c = - grpc_insecure_channel_create("no_op_mutator", &client_args, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + grpc_channel* c = grpc_channel_create("no_op_mutator", creds, &client_args); + grpc_channel_credentials_release(creds); GPR_ASSERT(channel_has_client_idle_filter(c)); grpc_channel_destroy(c); - c = grpc_insecure_channel_create("minimal_stack_mutator", &client_args, - nullptr); + grpc_channel_credentials* another_creds = grpc_insecure_credentials_create(); + c = grpc_channel_create("minimal_stack_mutator", another_creds, &client_args); + grpc_channel_credentials_release(another_creds); GPR_ASSERT(channel_has_client_idle_filter(c) == false); grpc_channel_destroy(c); diff --git a/test/core/channel/channel_stack_builder_test.cc b/test/core/channel/channel_stack_builder_test.cc index 39aaaa3ebece6..d4b0dd956ebc7 100644 --- a/test/core/channel/channel_stack_builder_test.cc +++ b/test/core/channel/channel_stack_builder_test.cc @@ -23,6 +23,7 @@ #include +#include #include #include #include @@ -56,8 +57,10 @@ bool g_replacement_fn_called = false; bool g_original_fn_called = false; TEST(ChannelStackBuilderTest, ReplaceFilter) { + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); grpc_channel* channel = - grpc_insecure_channel_create("target name isn't used", nullptr, nullptr); + grpc_channel_create("target name isn't used", creds, nullptr); + grpc_channel_credentials_release(creds); GPR_ASSERT(channel != nullptr); // Make sure the high priority filter has been created. GPR_ASSERT(g_replacement_fn_called); diff --git a/test/core/channel/channel_trace_test.cc b/test/core/channel/channel_trace_test.cc index 254e8f5c85ebe..b3bc1981fddee 100644 --- a/test/core/channel/channel_trace_test.cc +++ b/test/core/channel/channel_trace_test.cc @@ -23,6 +23,7 @@ #include +#include #include #include #include @@ -104,8 +105,9 @@ class ChannelFixture { const_cast(GRPC_ARG_MAX_CHANNEL_TRACE_EVENT_MEMORY_PER_NODE), max_tracer_event_memory); grpc_channel_args client_args = {1, &client_a}; - channel_ = - grpc_insecure_channel_create("fake_target", &client_args, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + channel_ = grpc_channel_create("fake_target", creds, &client_args); + grpc_channel_credentials_release(creds); } ~ChannelFixture() { grpc_channel_destroy(channel_); } diff --git a/test/core/channel/channelz_test.cc b/test/core/channel/channelz_test.cc index 2e68a6dfe4591..2d33015d1e821 100644 --- a/test/core/channel/channelz_test.cc +++ b/test/core/channel/channelz_test.cc @@ -23,6 +23,7 @@ #include +#include #include #include #include @@ -148,8 +149,9 @@ class ChannelFixture { grpc_channel_arg_integer_create( const_cast(GRPC_ARG_ENABLE_CHANNELZ), true)}; grpc_channel_args client_args = {GPR_ARRAY_SIZE(client_a), client_a}; - channel_ = - grpc_insecure_channel_create("fake_target", &client_args, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + channel_ = grpc_channel_create("fake_target", creds, &client_args); + grpc_channel_credentials_release(creds); } ~ChannelFixture() { grpc_channel_destroy(channel_); } @@ -273,8 +275,9 @@ TEST(ChannelzChannelTest, ChannelzDisabled) { grpc_channel_arg_integer_create( const_cast(GRPC_ARG_ENABLE_CHANNELZ), false)}; grpc_channel_args args = {GPR_ARRAY_SIZE(arg), arg}; - grpc_channel* channel = - grpc_insecure_channel_create("fake_target", &args, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + grpc_channel* channel = grpc_channel_create("fake_target", creds, &args); + grpc_channel_credentials_release(creds); ChannelNode* channelz_channel = grpc_channel_get_channelz_node(channel); ASSERT_EQ(channelz_channel, nullptr); grpc_channel_destroy(channel); @@ -508,8 +511,10 @@ TEST_F(ChannelzRegistryBasedTest, InternalChannelTest) { const_cast(GRPC_ARG_ENABLE_CHANNELZ), true), }; grpc_channel_args client_args = {GPR_ARRAY_SIZE(client_a), client_a}; + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); grpc_channel* internal_channel = - grpc_insecure_channel_create("fake_target", &client_args, nullptr); + grpc_channel_create("fake_target", creds, &client_args); + grpc_channel_credentials_release(creds); // The internal channel should not be returned from the request ValidateGetTopChannels(10); grpc_channel_destroy(internal_channel); diff --git a/test/core/end2end/BUILD b/test/core/end2end/BUILD index bc19df9cf75f0..1a2c31966a26c 100644 --- a/test/core/end2end/BUILD +++ b/test/core/end2end/BUILD @@ -204,7 +204,6 @@ grpc_cc_test( ":end2end_tests", "//:gpr", "//:grpc", - "//:tsi", "//test/core/util:grpc_test_util", ], ) diff --git a/test/core/end2end/bad_server_response_test.cc b/test/core/end2end/bad_server_response_test.cc index c906ad5a7a090..22c4ad7b8e882 100644 --- a/test/core/end2end/bad_server_response_test.cc +++ b/test/core/end2end/bad_server_response_test.cc @@ -19,6 +19,7 @@ #include #include +#include #include #include #include @@ -189,8 +190,9 @@ static void start_rpc(int target_port, grpc_status_code expected_status, cqv = cq_verifier_create(state.cq); state.target = grpc_core::JoinHostPort("127.0.0.1", target_port); - state.channel = - grpc_insecure_channel_create(state.target.c_str(), nullptr, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + state.channel = grpc_channel_create(state.target.c_str(), creds, nullptr); + grpc_channel_credentials_release(creds); grpc_slice host = grpc_slice_from_static_string("localhost"); // The default connect deadline is 20 seconds, so reduce the RPC deadline to 1 // second. This helps us verify - a) If the server responded with a non-HTTP2 diff --git a/test/core/end2end/connection_refused_test.cc b/test/core/end2end/connection_refused_test.cc index fdc363d5a8060..51bc49d45ea22 100644 --- a/test/core/end2end/connection_refused_test.cc +++ b/test/core/end2end/connection_refused_test.cc @@ -19,6 +19,7 @@ #include #include +#include #include #include #include @@ -77,7 +78,9 @@ static void run_test(bool wait_for_ready, bool use_service_config) { int port = grpc_pick_unused_port_or_die(); std::string addr = grpc_core::JoinHostPort("127.0.0.1", port); gpr_log(GPR_INFO, "server: %s", addr.c_str()); - chan = grpc_insecure_channel_create(addr.c_str(), args, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + chan = grpc_channel_create(addr.c_str(), creds, args); + grpc_channel_credentials_release(creds); grpc_slice host = grpc_slice_from_static_string("nonexistant"); gpr_timespec deadline = grpc_timeout_seconds_to_deadline(2); call = diff --git a/test/core/end2end/dualstack_socket_test.cc b/test/core/end2end/dualstack_socket_test.cc index a56989b785bfb..ba85e61081fc1 100644 --- a/test/core/end2end/dualstack_socket_test.cc +++ b/test/core/end2end/dualstack_socket_test.cc @@ -31,6 +31,7 @@ #include "absl/strings/string_view.h" #include +#include #include #include #include @@ -112,8 +113,11 @@ void test_connect(const char* server_host, const char* client_host, int port, cq = grpc_completion_queue_create_for_next(nullptr); server = grpc_server_create(nullptr, nullptr); grpc_server_register_completion_queue(server, cq, nullptr); - GPR_ASSERT((got_port = grpc_server_add_insecure_http2_port( - server, server_hostport.c_str())) > 0); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + GPR_ASSERT((got_port = grpc_server_add_http2_port( + server, server_hostport.c_str(), server_creds)) > 0); + grpc_server_credentials_release(server_creds); if (port == 0) { port = got_port; } else { @@ -137,8 +141,9 @@ void test_connect(const char* server_host, const char* client_host, int port, } else { client_hostport = grpc_core::JoinHostPort(client_host, port); } - client = - grpc_insecure_channel_create(client_hostport.c_str(), nullptr, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + client = grpc_channel_create(client_hostport.c_str(), creds, nullptr); + grpc_channel_credentials_release(creds); gpr_log(GPR_INFO, "Testing with server=%s client=%s (expecting %s)", server_hostport.c_str(), client_hostport.c_str(), diff --git a/test/core/end2end/fixtures/h2_census.cc b/test/core/end2end/fixtures/h2_census.cc index 47a88506ae3c7..47c407ac9c60c 100644 --- a/test/core/end2end/fixtures/h2_census.cc +++ b/test/core/end2end/fixtures/h2_census.cc @@ -18,6 +18,7 @@ #include +#include #include #include #include @@ -67,14 +68,15 @@ void chttp2_init_client_fullstack(grpc_end2end_test_fixture* f, fullstack_fixture_data* ffd = static_cast(f->fixture_data); grpc_arg arg = make_census_enable_arg(); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); client_args = grpc_channel_args_copy_and_add(client_args, &arg, 1); - f->client = grpc_insecure_channel_create(ffd->localaddr.c_str(), client_args, - nullptr); + f->client = grpc_channel_create(ffd->localaddr.c_str(), creds, client_args); GPR_ASSERT(f->client); { grpc_core::ExecCtx exec_ctx; grpc_channel_args_destroy(client_args); } + grpc_channel_credentials_release(creds); } void chttp2_init_server_fullstack(grpc_end2end_test_fixture* f, @@ -82,6 +84,8 @@ void chttp2_init_server_fullstack(grpc_end2end_test_fixture* f, fullstack_fixture_data* ffd = static_cast(f->fixture_data); grpc_arg arg = make_census_enable_arg(); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); if (f->server) { grpc_server_destroy(f->server); } @@ -92,8 +96,9 @@ void chttp2_init_server_fullstack(grpc_end2end_test_fixture* f, grpc_channel_args_destroy(server_args); } grpc_server_register_completion_queue(f->server, f->cq, nullptr); - GPR_ASSERT( - grpc_server_add_insecure_http2_port(f->server, ffd->localaddr.c_str())); + GPR_ASSERT(grpc_server_add_http2_port(f->server, ffd->localaddr.c_str(), + server_creds)); + grpc_server_credentials_release(server_creds); grpc_server_start(f->server); } diff --git a/test/core/end2end/fixtures/h2_compress.cc b/test/core/end2end/fixtures/h2_compress.cc index 2e02a984c45d2..c91cfe9868547 100644 --- a/test/core/end2end/fixtures/h2_compress.cc +++ b/test/core/end2end/fixtures/h2_compress.cc @@ -18,6 +18,7 @@ #include +#include #include #include #include @@ -73,8 +74,10 @@ void chttp2_init_client_fullstack_compression( ffd->client_args_compression = grpc_channel_args_set_channel_default_compression_algorithm( client_args, GRPC_COMPRESS_GZIP); - f->client = grpc_insecure_channel_create( - ffd->localaddr.c_str(), ffd->client_args_compression, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + f->client = grpc_channel_create(ffd->localaddr.c_str(), creds, + ffd->client_args_compression); + grpc_channel_credentials_release(creds); } void chttp2_init_server_fullstack_compression( @@ -93,8 +96,11 @@ void chttp2_init_server_fullstack_compression( } f->server = grpc_server_create(ffd->server_args_compression, nullptr); grpc_server_register_completion_queue(f->server, f->cq, nullptr); - GPR_ASSERT( - grpc_server_add_insecure_http2_port(f->server, ffd->localaddr.c_str())); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + GPR_ASSERT(grpc_server_add_http2_port(f->server, ffd->localaddr.c_str(), + server_creds)); + grpc_server_credentials_release(server_creds); grpc_server_start(f->server); } diff --git a/test/core/end2end/fixtures/h2_fakesec.cc b/test/core/end2end/fixtures/h2_fakesec.cc index 1415619083221..72000e4b8ed6a 100644 --- a/test/core/end2end/fixtures/h2_fakesec.cc +++ b/test/core/end2end/fixtures/h2_fakesec.cc @@ -63,8 +63,7 @@ static void chttp2_init_client_secure_fullstack( grpc_channel_credentials* creds) { fullstack_secure_fixture_data* ffd = static_cast(f->fixture_data); - f->client = grpc_secure_channel_create(creds, ffd->localaddr.c_str(), - client_args, nullptr); + f->client = grpc_channel_create(ffd->localaddr.c_str(), creds, client_args); GPR_ASSERT(f->client != nullptr); grpc_channel_credentials_release(creds); } @@ -79,8 +78,8 @@ static void chttp2_init_server_secure_fullstack( } f->server = grpc_server_create(server_args, nullptr); grpc_server_register_completion_queue(f->server, f->cq, nullptr); - GPR_ASSERT(grpc_server_add_secure_http2_port( - f->server, ffd->localaddr.c_str(), server_creds)); + GPR_ASSERT(grpc_server_add_http2_port(f->server, ffd->localaddr.c_str(), + server_creds)); grpc_server_credentials_release(server_creds); grpc_server_start(f->server); } diff --git a/test/core/end2end/fixtures/h2_fd.cc b/test/core/end2end/fixtures/h2_fd.cc index 8a460d5e62b79..d08e816837d74 100644 --- a/test/core/end2end/fixtures/h2_fd.cc +++ b/test/core/end2end/fixtures/h2_fd.cc @@ -26,6 +26,7 @@ #include #include +#include #include #include @@ -73,8 +74,10 @@ static void chttp2_init_client_socketpair( sp_fixture_data* sfd = static_cast(f->fixture_data); GPR_ASSERT(!f->client); - f->client = grpc_insecure_channel_create_from_fd( - "fixture_client", sfd->fd_pair[0], client_args); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + f->client = grpc_channel_create_from_fd("fixture_client", sfd->fd_pair[0], + creds, client_args); + grpc_channel_credentials_release(creds); GPR_ASSERT(f->client); } @@ -87,8 +90,9 @@ static void chttp2_init_server_socketpair( GPR_ASSERT(f->server); grpc_server_register_completion_queue(f->server, f->cq, nullptr); grpc_server_start(f->server); - - grpc_server_add_insecure_channel_from_fd(f->server, nullptr, sfd->fd_pair[1]); + grpc_server_credentials* creds = grpc_insecure_server_credentials_create(); + grpc_server_add_channel_from_fd(f->server, sfd->fd_pair[1], creds); + grpc_server_credentials_release(creds); } static void chttp2_tear_down_socketpair(grpc_end2end_test_fixture* f) { diff --git a/test/core/end2end/fixtures/h2_full+pipe.cc b/test/core/end2end/fixtures/h2_full+pipe.cc index a07c8f54c28bf..64f36a5f93da6 100644 --- a/test/core/end2end/fixtures/h2_full+pipe.cc +++ b/test/core/end2end/fixtures/h2_full+pipe.cc @@ -23,6 +23,7 @@ #include +#include #include #include #include @@ -64,8 +65,9 @@ void chttp2_init_client_fullstack(grpc_end2end_test_fixture* f, const grpc_channel_args* client_args) { fullstack_fixture_data* ffd = static_cast(f->fixture_data); - f->client = grpc_insecure_channel_create(ffd->localaddr.c_str(), client_args, - nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + f->client = grpc_channel_create(ffd->localaddr.c_str(), creds, client_args); + grpc_channel_credentials_release(creds); GPR_ASSERT(f->client); } @@ -78,8 +80,11 @@ void chttp2_init_server_fullstack(grpc_end2end_test_fixture* f, } f->server = grpc_server_create(server_args, nullptr); grpc_server_register_completion_queue(f->server, f->cq, nullptr); - GPR_ASSERT( - grpc_server_add_insecure_http2_port(f->server, ffd->localaddr.c_str())); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + GPR_ASSERT(grpc_server_add_http2_port(f->server, ffd->localaddr.c_str(), + server_creds)); + grpc_server_credentials_release(server_creds); grpc_server_start(f->server); } diff --git a/test/core/end2end/fixtures/h2_full+trace.cc b/test/core/end2end/fixtures/h2_full+trace.cc index 7dfd84db83f56..54cfe1b1b0707 100644 --- a/test/core/end2end/fixtures/h2_full+trace.cc +++ b/test/core/end2end/fixtures/h2_full+trace.cc @@ -21,6 +21,7 @@ #include #endif +#include #include #include #include @@ -63,8 +64,9 @@ void chttp2_init_client_fullstack(grpc_end2end_test_fixture* f, const grpc_channel_args* client_args) { fullstack_fixture_data* ffd = static_cast(f->fixture_data); - f->client = grpc_insecure_channel_create(ffd->localaddr.c_str(), client_args, - nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + f->client = grpc_channel_create(ffd->localaddr.c_str(), creds, client_args); + grpc_channel_credentials_release(creds); GPR_ASSERT(f->client); } @@ -77,8 +79,11 @@ void chttp2_init_server_fullstack(grpc_end2end_test_fixture* f, } f->server = grpc_server_create(server_args, nullptr); grpc_server_register_completion_queue(f->server, f->cq, nullptr); - GPR_ASSERT( - grpc_server_add_insecure_http2_port(f->server, ffd->localaddr.c_str())); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + GPR_ASSERT(grpc_server_add_http2_port(f->server, ffd->localaddr.c_str(), + server_creds)); + grpc_server_credentials_release(server_creds); grpc_server_start(f->server); } diff --git a/test/core/end2end/fixtures/h2_full.cc b/test/core/end2end/fixtures/h2_full.cc index a141908b6480f..89951e5f0c6b1 100644 --- a/test/core/end2end/fixtures/h2_full.cc +++ b/test/core/end2end/fixtures/h2_full.cc @@ -18,6 +18,7 @@ #include +#include #include #include #include @@ -58,8 +59,9 @@ void chttp2_init_client_fullstack(grpc_end2end_test_fixture* f, const grpc_channel_args* client_args) { fullstack_fixture_data* ffd = static_cast(f->fixture_data); - f->client = grpc_insecure_channel_create(ffd->localaddr.c_str(), client_args, - nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + f->client = grpc_channel_create(ffd->localaddr.c_str(), creds, client_args); + grpc_channel_credentials_release(creds); GPR_ASSERT(f->client); } @@ -72,8 +74,11 @@ void chttp2_init_server_fullstack(grpc_end2end_test_fixture* f, } f->server = grpc_server_create(server_args, nullptr); grpc_server_register_completion_queue(f->server, f->cq, nullptr); - GPR_ASSERT( - grpc_server_add_insecure_http2_port(f->server, ffd->localaddr.c_str())); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + GPR_ASSERT(grpc_server_add_http2_port(f->server, ffd->localaddr.c_str(), + server_creds)); + grpc_server_credentials_release(server_creds); grpc_server_start(f->server); } diff --git a/test/core/end2end/fixtures/h2_http_proxy.cc b/test/core/end2end/fixtures/h2_http_proxy.cc index 681a67fd797ff..3e1f93661991e 100644 --- a/test/core/end2end/fixtures/h2_http_proxy.cc +++ b/test/core/end2end/fixtures/h2_http_proxy.cc @@ -84,8 +84,7 @@ void chttp2_init_client_fullstack(grpc_end2end_test_fixture* f, } gpr_setenv("http_proxy", proxy_uri.c_str()); grpc_channel_credentials* creds = grpc_insecure_credentials_create(); - f->client = grpc_secure_channel_create(creds, ffd->server_addr.c_str(), - client_args, nullptr); + f->client = grpc_channel_create(ffd->server_addr.c_str(), creds, client_args); grpc_channel_credentials_release(creds); GPR_ASSERT(f->client); } @@ -99,8 +98,11 @@ void chttp2_init_server_fullstack(grpc_end2end_test_fixture* f, } f->server = grpc_server_create(server_args, nullptr); grpc_server_register_completion_queue(f->server, f->cq, nullptr); - GPR_ASSERT( - grpc_server_add_insecure_http2_port(f->server, ffd->server_addr.c_str())); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + GPR_ASSERT(grpc_server_add_http2_port(f->server, ffd->server_addr.c_str(), + server_creds)); + grpc_server_credentials_release(server_creds); grpc_server_start(f->server); } diff --git a/test/core/end2end/fixtures/h2_insecure.cc b/test/core/end2end/fixtures/h2_insecure.cc index 3e9c4f8958ff3..2d5bbafbecef2 100644 --- a/test/core/end2end/fixtures/h2_insecure.cc +++ b/test/core/end2end/fixtures/h2_insecure.cc @@ -55,8 +55,7 @@ void Chttp2InitClientInsecureFullstack(grpc_end2end_test_fixture* f, Chttp2InsecureFullstackFixtureData* ffd = static_cast(f->fixture_data); grpc_channel_credentials* creds = grpc_insecure_credentials_create(); - f->client = grpc_secure_channel_create(creds, ffd->localaddr.c_str(), - client_args, nullptr); + f->client = grpc_channel_create(ffd->localaddr.c_str(), creds, client_args); grpc_channel_credentials_release(creds); GPR_ASSERT(f->client); } @@ -87,8 +86,8 @@ void Chttp2InitServerInsecureFullstack(grpc_end2end_test_fixture* f, grpc_server_credentials_set_auth_metadata_processor(server_creds, processor); } - GPR_ASSERT(grpc_server_add_secure_http2_port( - f->server, ffd->localaddr.c_str(), server_creds)); + GPR_ASSERT(grpc_server_add_http2_port(f->server, ffd->localaddr.c_str(), + server_creds)); grpc_server_credentials_release(server_creds); grpc_server_start(f->server); } diff --git a/test/core/end2end/fixtures/h2_oauth2.cc b/test/core/end2end/fixtures/h2_oauth2.cc index 68cee3baec6c2..f0f72f3a540e5 100644 --- a/test/core/end2end/fixtures/h2_oauth2.cc +++ b/test/core/end2end/fixtures/h2_oauth2.cc @@ -129,8 +129,7 @@ static void chttp2_init_client_secure_fullstack( grpc_channel_credentials* creds) { fullstack_secure_fixture_data* ffd = static_cast(f->fixture_data); - f->client = grpc_secure_channel_create(creds, ffd->localaddr.c_str(), - client_args, nullptr); + f->client = grpc_channel_create(ffd->localaddr.c_str(), creds, client_args); GPR_ASSERT(f->client != nullptr); grpc_channel_credentials_release(creds); } @@ -145,8 +144,8 @@ static void chttp2_init_server_secure_fullstack( } f->server = grpc_server_create(server_args, nullptr); grpc_server_register_completion_queue(f->server, f->cq, nullptr); - GPR_ASSERT(grpc_server_add_secure_http2_port( - f->server, ffd->localaddr.c_str(), server_creds)); + GPR_ASSERT(grpc_server_add_http2_port(f->server, ffd->localaddr.c_str(), + server_creds)); grpc_server_credentials_release(server_creds); grpc_server_start(f->server); } diff --git a/test/core/end2end/fixtures/h2_proxy.cc b/test/core/end2end/fixtures/h2_proxy.cc index 8b3f96a07f5ca..d2042b5ce97a0 100644 --- a/test/core/end2end/fixtures/h2_proxy.cc +++ b/test/core/end2end/fixtures/h2_proxy.cc @@ -18,6 +18,7 @@ #include +#include #include #include #include @@ -40,13 +41,19 @@ typedef struct fullstack_fixture_data { static grpc_server* create_proxy_server(const char* port, const grpc_channel_args* server_args) { grpc_server* s = grpc_server_create(server_args, nullptr); - GPR_ASSERT(grpc_server_add_insecure_http2_port(s, port)); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + GPR_ASSERT(grpc_server_add_http2_port(s, port, server_creds)); + grpc_server_credentials_release(server_creds); return s; } static grpc_channel* create_proxy_client(const char* target, const grpc_channel_args* client_args) { - return grpc_insecure_channel_create(target, client_args, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + grpc_channel* channel = grpc_channel_create(target, creds, client_args); + grpc_channel_credentials_release(creds); + return channel; } static const grpc_end2end_proxy_def proxy_def = {create_proxy_server, @@ -73,8 +80,10 @@ void chttp2_init_client_fullstack(grpc_end2end_test_fixture* f, const grpc_channel_args* client_args) { fullstack_fixture_data* ffd = static_cast(f->fixture_data); - f->client = grpc_insecure_channel_create( - grpc_end2end_proxy_get_client_target(ffd->proxy), client_args, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + f->client = grpc_channel_create( + grpc_end2end_proxy_get_client_target(ffd->proxy), creds, client_args); + grpc_channel_credentials_release(creds); GPR_ASSERT(f->client); } @@ -87,8 +96,11 @@ void chttp2_init_server_fullstack(grpc_end2end_test_fixture* f, } f->server = grpc_server_create(server_args, nullptr); grpc_server_register_completion_queue(f->server, f->cq, nullptr); - GPR_ASSERT(grpc_server_add_insecure_http2_port( - f->server, grpc_end2end_proxy_get_server_port(ffd->proxy))); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + GPR_ASSERT(grpc_server_add_http2_port( + f->server, grpc_end2end_proxy_get_server_port(ffd->proxy), server_creds)); + grpc_server_credentials_release(server_creds); grpc_server_start(f->server); } diff --git a/test/core/end2end/fixtures/h2_sockpair+trace.cc b/test/core/end2end/fixtures/h2_sockpair+trace.cc index 07b8ec466224e..65cc3c14f2fec 100644 --- a/test/core/end2end/fixtures/h2_sockpair+trace.cc +++ b/test/core/end2end/fixtures/h2_sockpair+trace.cc @@ -80,7 +80,7 @@ static void client_setup_transport(void* ts, grpc_transport* transport) { const grpc_channel_args* args = grpc_channel_args_copy_and_add(cs->client_args, &authority_arg, 1); grpc_error_handle error = GRPC_ERROR_NONE; - cs->f->client = grpc_channel_create( + cs->f->client = grpc_channel_create_internal( "socketpair-target", args, GRPC_CLIENT_DIRECT_CHANNEL, transport, &error); grpc_channel_args_destroy(args); if (cs->f->client != nullptr) { diff --git a/test/core/end2end/fixtures/h2_sockpair.cc b/test/core/end2end/fixtures/h2_sockpair.cc index d9b02fa80f7d8..6e91c209dd160 100644 --- a/test/core/end2end/fixtures/h2_sockpair.cc +++ b/test/core/end2end/fixtures/h2_sockpair.cc @@ -76,7 +76,7 @@ static void client_setup_transport(void* ts, grpc_transport* transport) { const grpc_channel_args* args = grpc_channel_args_copy_and_add(cs->client_args, &authority_arg, 1); grpc_error_handle error = GRPC_ERROR_NONE; - cs->f->client = grpc_channel_create( + cs->f->client = grpc_channel_create_internal( "socketpair-target", args, GRPC_CLIENT_DIRECT_CHANNEL, transport, &error); grpc_channel_args_destroy(args); if (cs->f->client != nullptr) { diff --git a/test/core/end2end/fixtures/h2_sockpair_1byte.cc b/test/core/end2end/fixtures/h2_sockpair_1byte.cc index 95f51af46e480..404454c86fc57 100644 --- a/test/core/end2end/fixtures/h2_sockpair_1byte.cc +++ b/test/core/end2end/fixtures/h2_sockpair_1byte.cc @@ -76,7 +76,7 @@ static void client_setup_transport(void* ts, grpc_transport* transport) { const grpc_channel_args* args = grpc_channel_args_copy_and_add(cs->client_args, &authority_arg, 1); grpc_error_handle error = GRPC_ERROR_NONE; - cs->f->client = grpc_channel_create( + cs->f->client = grpc_channel_create_internal( "socketpair-target", args, GRPC_CLIENT_DIRECT_CHANNEL, transport, &error); grpc_channel_args_destroy(args); if (cs->f->client != nullptr) { diff --git a/test/core/end2end/fixtures/h2_ssl.cc b/test/core/end2end/fixtures/h2_ssl.cc index 83a7132fd3a6b..39d9a94f211a1 100644 --- a/test/core/end2end/fixtures/h2_ssl.cc +++ b/test/core/end2end/fixtures/h2_ssl.cc @@ -89,8 +89,7 @@ static void chttp2_init_client_secure_fullstack( grpc_channel_credentials* creds) { fullstack_secure_fixture_data* ffd = static_cast(f->fixture_data); - f->client = grpc_secure_channel_create(creds, ffd->localaddr.c_str(), - client_args, nullptr); + f->client = grpc_channel_create(ffd->localaddr.c_str(), creds, client_args); GPR_ASSERT(f->client != nullptr); grpc_channel_credentials_release(creds); } @@ -105,8 +104,8 @@ static void chttp2_init_server_secure_fullstack( } f->server = grpc_server_create(server_args, nullptr); grpc_server_register_completion_queue(f->server, f->cq, nullptr); - GPR_ASSERT(grpc_server_add_secure_http2_port( - f->server, ffd->localaddr.c_str(), server_creds)); + GPR_ASSERT(grpc_server_add_http2_port(f->server, ffd->localaddr.c_str(), + server_creds)); grpc_server_credentials_release(server_creds); grpc_server_start(f->server); } diff --git a/test/core/end2end/fixtures/h2_ssl_cred_reload.cc b/test/core/end2end/fixtures/h2_ssl_cred_reload.cc index 8580e87f0cd0f..b59c6df58f964 100644 --- a/test/core/end2end/fixtures/h2_ssl_cred_reload.cc +++ b/test/core/end2end/fixtures/h2_ssl_cred_reload.cc @@ -124,8 +124,7 @@ static void chttp2_init_client_secure_fullstack( grpc_channel_credentials* creds) { fullstack_secure_fixture_data* ffd = static_cast(f->fixture_data); - f->client = grpc_secure_channel_create(creds, ffd->localaddr.c_str(), - client_args, nullptr); + f->client = grpc_channel_create(ffd->localaddr.c_str(), creds, client_args); GPR_ASSERT(f->client != nullptr); grpc_channel_credentials_release(creds); } @@ -141,8 +140,8 @@ static void chttp2_init_server_secure_fullstack( ffd->server_credential_reloaded = false; f->server = grpc_server_create(server_args, nullptr); grpc_server_register_completion_queue(f->server, f->cq, nullptr); - GPR_ASSERT(grpc_server_add_secure_http2_port( - f->server, ffd->localaddr.c_str(), server_creds)); + GPR_ASSERT(grpc_server_add_http2_port(f->server, ffd->localaddr.c_str(), + server_creds)); grpc_server_credentials_release(server_creds); grpc_server_start(f->server); } diff --git a/test/core/end2end/fixtures/h2_ssl_proxy.cc b/test/core/end2end/fixtures/h2_ssl_proxy.cc index 45516aec04c56..76a4e9eb220f4 100644 --- a/test/core/end2end/fixtures/h2_ssl_proxy.cc +++ b/test/core/end2end/fixtures/h2_ssl_proxy.cc @@ -58,7 +58,7 @@ static grpc_server* create_proxy_server(const char* port, nullptr, &pem_key_cert_pair, 1, 0, nullptr); grpc_slice_unref(cert_slice); grpc_slice_unref(key_slice); - GPR_ASSERT(grpc_server_add_secure_http2_port(s, port, ssl_creds)); + GPR_ASSERT(grpc_server_add_http2_port(s, port, ssl_creds)); grpc_server_credentials_release(ssl_creds); return s; } @@ -74,8 +74,7 @@ static grpc_channel* create_proxy_client(const char* target, {const_cast("foo.test.google.fr")}}; const grpc_channel_args* new_client_args = grpc_channel_args_copy_and_add(client_args, &ssl_name_override, 1); - channel = - grpc_secure_channel_create(ssl_creds, target, new_client_args, nullptr); + channel = grpc_channel_create(target, ssl_creds, new_client_args); grpc_channel_credentials_release(ssl_creds); { grpc_core::ExecCtx exec_ctx; @@ -119,9 +118,8 @@ static void chttp2_init_client_secure_fullstack( grpc_channel_credentials* creds) { fullstack_secure_fixture_data* ffd = static_cast(f->fixture_data); - f->client = grpc_secure_channel_create( - creds, grpc_end2end_proxy_get_client_target(ffd->proxy), client_args, - nullptr); + f->client = grpc_channel_create( + grpc_end2end_proxy_get_client_target(ffd->proxy), creds, client_args); GPR_ASSERT(f->client != nullptr); grpc_channel_credentials_release(creds); } @@ -136,7 +134,7 @@ static void chttp2_init_server_secure_fullstack( } f->server = grpc_server_create(server_args, nullptr); grpc_server_register_completion_queue(f->server, f->cq, nullptr); - GPR_ASSERT(grpc_server_add_secure_http2_port( + GPR_ASSERT(grpc_server_add_http2_port( f->server, grpc_end2end_proxy_get_server_port(ffd->proxy), server_creds)); grpc_server_credentials_release(server_creds); grpc_server_start(f->server); diff --git a/test/core/end2end/fixtures/h2_tls.cc b/test/core/end2end/fixtures/h2_tls.cc index 3c1af73e90903..020d8cd44c476 100644 --- a/test/core/end2end/fixtures/h2_tls.cc +++ b/test/core/end2end/fixtures/h2_tls.cc @@ -258,8 +258,7 @@ static void chttp2_init_client_secure_fullstack( grpc_channel_credentials* creds) { fullstack_secure_fixture_data* ffd = static_cast(f->fixture_data); - f->client = grpc_secure_channel_create(creds, ffd->localaddr.c_str(), - client_args, nullptr); + f->client = grpc_channel_create(ffd->localaddr.c_str(), creds, client_args); GPR_ASSERT(f->client != nullptr); grpc_channel_credentials_release(creds); } @@ -274,8 +273,8 @@ static void chttp2_init_server_secure_fullstack( } f->server = grpc_server_create(server_args, nullptr); grpc_server_register_completion_queue(f->server, f->cq, nullptr); - GPR_ASSERT(grpc_server_add_secure_http2_port( - f->server, ffd->localaddr.c_str(), server_creds)); + GPR_ASSERT(grpc_server_add_http2_port(f->server, ffd->localaddr.c_str(), + server_creds)); grpc_server_credentials_release(server_creds); grpc_server_start(f->server); } diff --git a/test/core/end2end/fixtures/h2_uds.cc b/test/core/end2end/fixtures/h2_uds.cc index a2231a6bdaf34..5a14e11058c9a 100644 --- a/test/core/end2end/fixtures/h2_uds.cc +++ b/test/core/end2end/fixtures/h2_uds.cc @@ -25,6 +25,7 @@ #include "absl/strings/str_format.h" +#include #include #include #include @@ -85,8 +86,9 @@ void chttp2_init_client_fullstack(grpc_end2end_test_fixture* f, const grpc_channel_args* client_args) { fullstack_fixture_data* ffd = static_cast(f->fixture_data); - f->client = grpc_insecure_channel_create(ffd->localaddr.c_str(), client_args, - nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + f->client = grpc_channel_create(ffd->localaddr.c_str(), creds, client_args); + grpc_channel_credentials_release(creds); } void chttp2_init_server_fullstack(grpc_end2end_test_fixture* f, @@ -98,8 +100,11 @@ void chttp2_init_server_fullstack(grpc_end2end_test_fixture* f, } f->server = grpc_server_create(server_args, nullptr); grpc_server_register_completion_queue(f->server, f->cq, nullptr); - GPR_ASSERT( - grpc_server_add_insecure_http2_port(f->server, ffd->localaddr.c_str())); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + GPR_ASSERT(grpc_server_add_http2_port(f->server, ffd->localaddr.c_str(), + server_creds)); + grpc_server_credentials_release(server_creds); grpc_server_start(f->server); } diff --git a/test/core/end2end/fixtures/local_util.cc b/test/core/end2end/fixtures/local_util.cc index 23dcc752e79eb..0ecf4b1165c96 100644 --- a/test/core/end2end/fixtures/local_util.cc +++ b/test/core/end2end/fixtures/local_util.cc @@ -50,8 +50,7 @@ void grpc_end2end_local_chttp2_init_client_fullstack( grpc_channel_credentials* creds = grpc_local_credentials_create(type); grpc_end2end_local_fullstack_fixture_data* ffd = static_cast(f->fixture_data); - f->client = grpc_secure_channel_create(creds, ffd->localaddr.c_str(), - client_args, nullptr); + f->client = grpc_channel_create(ffd->localaddr.c_str(), creds, client_args); GPR_ASSERT(f->client != nullptr); grpc_channel_credentials_release(creds); } @@ -98,8 +97,8 @@ void grpc_end2end_local_chttp2_init_server_fullstack( nullptr}; grpc_server_credentials_set_auth_metadata_processor(creds, processor); } - GPR_ASSERT(grpc_server_add_secure_http2_port(f->server, - ffd->localaddr.c_str(), creds)); + GPR_ASSERT( + grpc_server_add_http2_port(f->server, ffd->localaddr.c_str(), creds)); grpc_server_credentials_release(creds); grpc_server_start(f->server); } diff --git a/test/core/end2end/fuzzers/api_fuzzer.cc b/test/core/end2end/fuzzers/api_fuzzer.cc index e1c357596f10f..c3ddd23f4c402 100644 --- a/test/core/end2end/fuzzers/api_fuzzer.cc +++ b/test/core/end2end/fuzzers/api_fuzzer.cc @@ -868,16 +868,13 @@ DEFINE_PROTO_FUZZER(const api_fuzzer::Msg& msg) { } else { grpc_channel_args* args = ReadArgs(action.create_channel().channel_args()); - if (action.create_channel().has_channel_creds()) { - grpc_channel_credentials* creds = - ReadChannelCreds(action.create_channel().channel_creds()); - g_channel = grpc_secure_channel_create( - creds, action.create_channel().target().c_str(), args, nullptr); - grpc_channel_credentials_release(creds); - } else { - g_channel = grpc_insecure_channel_create( - action.create_channel().target().c_str(), args, nullptr); - } + grpc_channel_credentials* creds = + action.create_channel().has_channel_creds() + ? ReadChannelCreds(action.create_channel().channel_creds()) + : grpc_insecure_credentials_create(); + g_channel = grpc_channel_create( + action.create_channel().target().c_str(), creds, args); + grpc_channel_credentials_release(creds); g_channel_actions.clear(); for (int i = 0; i < action.create_channel().channel_actions_size(); i++) { diff --git a/test/core/end2end/fuzzers/client_fuzzer.cc b/test/core/end2end/fuzzers/client_fuzzer.cc index 6db3b3b19e482..872e54dacba58 100644 --- a/test/core/end2end/fuzzers/client_fuzzer.cc +++ b/test/core/end2end/fuzzers/client_fuzzer.cc @@ -65,9 +65,9 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { const grpc_channel_args* channel_args = grpc_core::CoreConfiguration::Get() .channel_args_preconditioning() .PreconditionChannelArgs(args); - grpc_channel* channel = - grpc_channel_create("test-target", channel_args, - GRPC_CLIENT_DIRECT_CHANNEL, transport, nullptr); + grpc_channel* channel = grpc_channel_create_internal( + "test-target", channel_args, GRPC_CLIENT_DIRECT_CHANNEL, transport, + nullptr); grpc_channel_args_destroy(args); grpc_channel_args_destroy(channel_args); grpc_slice host = grpc_slice_from_static_string("localhost"); diff --git a/test/core/end2end/goaway_server_test.cc b/test/core/end2end/goaway_server_test.cc index d9afa350fc8a9..f4e1d7f607953 100644 --- a/test/core/end2end/goaway_server_test.cc +++ b/test/core/end2end/goaway_server_test.cc @@ -23,6 +23,7 @@ #include "absl/strings/str_cat.h" #include +#include #include #include @@ -222,8 +223,9 @@ int main(int argc, char** argv) { client_args.num_args = 2; /* create a channel that picks first amongst the servers */ - grpc_channel* chan = - grpc_insecure_channel_create("test", &client_args, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + grpc_channel* chan = grpc_channel_create("test", creds, &client_args); + grpc_channel_credentials_release(creds); /* and an initial call to them */ grpc_slice host = grpc_slice_from_static_string("127.0.0.1"); grpc_call* call1 = @@ -258,7 +260,10 @@ int main(int argc, char** argv) { /* bring a server up on the first port */ grpc_server* server1 = grpc_server_create(nullptr, nullptr); addr = absl::StrCat("127.0.0.1:", port1); - grpc_server_add_insecure_http2_port(server1, addr.c_str()); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + grpc_server_add_http2_port(server1, addr.c_str(), server_creds); + grpc_server_credentials_release(server_creds); grpc_server_register_completion_queue(server1, cq, nullptr); grpc_server_start(server1); @@ -334,7 +339,10 @@ int main(int argc, char** argv) { set_resolve_port(port2); grpc_server* server2 = grpc_server_create(nullptr, nullptr); addr = absl::StrCat("127.0.0.1:", port2); - grpc_server_add_insecure_http2_port(server2, addr.c_str()); + grpc_server_credentials* another_server_creds = + grpc_insecure_server_credentials_create(); + grpc_server_add_http2_port(server2, addr.c_str(), another_server_creds); + grpc_server_credentials_release(another_server_creds); grpc_server_register_completion_queue(server2, cq, nullptr); grpc_server_start(server2); diff --git a/test/core/end2end/h2_ssl_cert_test.cc b/test/core/end2end/h2_ssl_cert_test.cc index a3fb4001e7ad8..6b47626f607df 100644 --- a/test/core/end2end/h2_ssl_cert_test.cc +++ b/test/core/end2end/h2_ssl_cert_test.cc @@ -75,8 +75,7 @@ static void chttp2_init_client_secure_fullstack( grpc_channel_credentials* creds) { fullstack_secure_fixture_data* ffd = static_cast(f->fixture_data); - f->client = grpc_secure_channel_create(creds, ffd->localaddr.c_str(), - client_args, nullptr); + f->client = grpc_channel_create(ffd->localaddr.c_str(), creds, client_args); GPR_ASSERT(f->client != nullptr); grpc_channel_credentials_release(creds); } @@ -91,8 +90,8 @@ static void chttp2_init_server_secure_fullstack( } f->server = grpc_server_create(server_args, nullptr); grpc_server_register_completion_queue(f->server, f->cq, nullptr); - GPR_ASSERT(grpc_server_add_secure_http2_port( - f->server, ffd->localaddr.c_str(), server_creds)); + GPR_ASSERT(grpc_server_add_http2_port(f->server, ffd->localaddr.c_str(), + server_creds)); grpc_server_credentials_release(server_creds); grpc_server_start(f->server); } diff --git a/test/core/end2end/h2_ssl_session_reuse_test.cc b/test/core/end2end/h2_ssl_session_reuse_test.cc index 6b88a1d8a5867..c3907665832f8 100644 --- a/test/core/end2end/h2_ssl_session_reuse_test.cc +++ b/test/core/end2end/h2_ssl_session_reuse_test.cc @@ -71,8 +71,7 @@ grpc_server* server_create(grpc_completion_queue* cq, const char* server_addr) { grpc_server* server = grpc_server_create(nullptr, nullptr); grpc_server_register_completion_queue(server, cq, nullptr); - GPR_ASSERT( - grpc_server_add_secure_http2_port(server, server_addr, server_creds)); + GPR_ASSERT(grpc_server_add_http2_port(server, server_addr, server_creds)); grpc_server_credentials_release(server_creds); grpc_server_start(server); @@ -112,8 +111,8 @@ grpc_channel* client_create(const char* server_addr, grpc_channel_args* client_args = grpc_channel_args_copy_and_add(nullptr, args, GPR_ARRAY_SIZE(args)); - grpc_channel* client = grpc_secure_channel_create(client_creds, server_addr, - client_args, nullptr); + grpc_channel* client = + grpc_channel_create(server_addr, client_creds, client_args); GPR_ASSERT(client != nullptr); grpc_channel_credentials_release(client_creds); diff --git a/test/core/end2end/invalid_call_argument_test.cc b/test/core/end2end/invalid_call_argument_test.cc index 238f841bb2773..cfec589a4dc81 100644 --- a/test/core/end2end/invalid_call_argument_test.cc +++ b/test/core/end2end/invalid_call_argument_test.cc @@ -22,6 +22,7 @@ #include #include +#include #include #include @@ -67,8 +68,9 @@ static void prepare_test(int is_client) { if (is_client) { /* create a call, channel to a non existant server */ - g_state.chan = - grpc_insecure_channel_create("nonexistant:54321", nullptr, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + g_state.chan = grpc_channel_create("nonexistant:54321", creds, nullptr); + grpc_channel_credentials_release(creds); grpc_slice host = grpc_slice_from_static_string("nonexistant"); g_state.call = grpc_channel_create_call( g_state.chan, nullptr, GRPC_PROPAGATE_DEFAULTS, g_state.cq, @@ -78,12 +80,16 @@ static void prepare_test(int is_client) { g_state.server = grpc_server_create(nullptr, nullptr); grpc_server_register_completion_queue(g_state.server, g_state.cq, nullptr); std::string server_hostport = grpc_core::JoinHostPort("0.0.0.0", port); - grpc_server_add_insecure_http2_port(g_state.server, - server_hostport.c_str()); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + grpc_server_add_http2_port(g_state.server, server_hostport.c_str(), + server_creds); + grpc_server_credentials_release(server_creds); grpc_server_start(g_state.server); server_hostport = grpc_core::JoinHostPort("localhost", port); - g_state.chan = - grpc_insecure_channel_create(server_hostport.c_str(), nullptr, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + g_state.chan = grpc_channel_create(server_hostport.c_str(), creds, nullptr); + grpc_channel_credentials_release(creds); grpc_slice host = grpc_slice_from_static_string("bar"); g_state.call = grpc_channel_create_call( g_state.chan, nullptr, GRPC_PROPAGATE_DEFAULTS, g_state.cq, diff --git a/test/core/end2end/multiple_server_queues_test.cc b/test/core/end2end/multiple_server_queues_test.cc index 987383765cee4..e4e02f0d69fc6 100644 --- a/test/core/end2end/multiple_server_queues_test.cc +++ b/test/core/end2end/multiple_server_queues_test.cc @@ -17,6 +17,7 @@ */ #include +#include #include "test/core/util/test_config.h" @@ -47,7 +48,10 @@ int main(int argc, char** argv) { server = grpc_server_create(nullptr, nullptr); grpc_server_register_completion_queue(server, cq1, nullptr); - grpc_server_add_insecure_http2_port(server, "[::]:0"); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + grpc_server_add_http2_port(server, "[::]:0", server_creds); + grpc_server_credentials_release(server_creds); grpc_server_register_completion_queue(server, cq2, nullptr); grpc_server_register_completion_queue(server, cq3, nullptr); diff --git a/test/core/end2end/no_server_test.cc b/test/core/end2end/no_server_test.cc index e69d92c640e74..d008a3a0c9034 100644 --- a/test/core/end2end/no_server_test.cc +++ b/test/core/end2end/no_server_test.cc @@ -19,6 +19,7 @@ #include #include +#include #include #include @@ -45,8 +46,9 @@ void run_test(bool wait_for_ready) { grpc_channel_args args = {1, &arg}; /* create a call, channel to a non existant server */ - grpc_channel* chan = - grpc_insecure_channel_create("fake:nonexistant", &args, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + grpc_channel* chan = grpc_channel_create("fake:nonexistant", creds, &args); + grpc_channel_credentials_release(creds); gpr_timespec deadline = grpc_timeout_seconds_to_deadline(2); grpc_call* call = grpc_channel_create_call( chan, nullptr, GRPC_PROPAGATE_DEFAULTS, cq, diff --git a/test/core/fling/client.cc b/test/core/fling/client.cc index 5fa5ecc3b350d..f534172f382ec 100644 --- a/test/core/fling/client.cc +++ b/test/core/fling/client.cc @@ -20,6 +20,7 @@ #include #include +#include #include #include @@ -194,7 +195,9 @@ int main(int argc, char** argv) { return 1; } - channel = grpc_insecure_channel_create(target, nullptr, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + channel = grpc_channel_create(target, creds, nullptr); + grpc_channel_credentials_release(creds); cq = grpc_completion_queue_create_for_next(nullptr); the_buffer = grpc_raw_byte_buffer_create(&slice, static_cast(payload_size)); diff --git a/test/core/fling/server.cc b/test/core/fling/server.cc index 441cf0024b9e8..fe4b1d7c8799e 100644 --- a/test/core/fling/server.cc +++ b/test/core/fling/server.cc @@ -205,18 +205,18 @@ int main(int argc, char** argv) { gpr_log(GPR_INFO, "creating server on: %s", addr); cq = grpc_completion_queue_create_for_next(nullptr); + grpc_server_credentials* creds; if (secure) { grpc_ssl_pem_key_cert_pair pem_key_cert_pair = {test_server1_key, test_server1_cert}; - grpc_server_credentials* ssl_creds = grpc_ssl_server_credentials_create( - nullptr, &pem_key_cert_pair, 1, 0, nullptr); - server = grpc_server_create(nullptr, nullptr); - GPR_ASSERT(grpc_server_add_secure_http2_port(server, addr, ssl_creds)); - grpc_server_credentials_release(ssl_creds); + creds = grpc_ssl_server_credentials_create(nullptr, &pem_key_cert_pair, 1, + 0, nullptr); } else { - server = grpc_server_create(nullptr, nullptr); - GPR_ASSERT(grpc_server_add_insecure_http2_port(server, addr)); + creds = grpc_insecure_server_credentials_create(); } + server = grpc_server_create(nullptr, nullptr); + GPR_ASSERT(grpc_server_add_http2_port(server, addr, creds)); + grpc_server_credentials_release(creds); grpc_server_register_completion_queue(server, cq, nullptr); grpc_server_start(server); diff --git a/test/core/handshake/client_ssl.cc b/test/core/handshake/client_ssl.cc index a18e971e4d5ce..0e8d700ec69fb 100644 --- a/test/core/handshake/client_ssl.cc +++ b/test/core/handshake/client_ssl.cc @@ -341,8 +341,8 @@ static bool client_ssl_test(char* server_alpn_preferred) { grpc_channel_args grpc_args; grpc_args.num_args = 1; grpc_args.args = &ssl_name_override; - grpc_channel* channel = grpc_secure_channel_create(ssl_creds, target.c_str(), - &grpc_args, nullptr); + grpc_channel* channel = + grpc_channel_create(target.c_str(), ssl_creds, &grpc_args); GPR_ASSERT(channel); // Initially the channel will be idle, the diff --git a/test/core/handshake/server_ssl_common.cc b/test/core/handshake/server_ssl_common.cc index 7b8914677b4d2..49a9315708461 100644 --- a/test/core/handshake/server_ssl_common.cc +++ b/test/core/handshake/server_ssl_common.cc @@ -125,8 +125,7 @@ void server_thread(void* arg) { // Start server listening on local port. std::string addr = absl::StrCat("127.0.0.1:", port); grpc_server* server = grpc_server_create(nullptr, nullptr); - GPR_ASSERT( - grpc_server_add_secure_http2_port(server, addr.c_str(), ssl_creds)); + GPR_ASSERT(grpc_server_add_http2_port(server, addr.c_str(), ssl_creds)); grpc_completion_queue* cq = grpc_completion_queue_create_for_next(nullptr); diff --git a/test/core/handshake/verify_peer_options.cc b/test/core/handshake/verify_peer_options.cc index 606fb2ccb2da8..3b96f370b3f0f 100644 --- a/test/core/handshake/verify_peer_options.cc +++ b/test/core/handshake/verify_peer_options.cc @@ -75,8 +75,7 @@ static void server_thread(void* arg) { // Start server listening on local port. std::string addr = absl::StrCat("127.0.0.1:", port); grpc_server* server = grpc_server_create(nullptr, nullptr); - GPR_ASSERT( - grpc_server_add_secure_http2_port(server, addr.c_str(), ssl_creds)); + GPR_ASSERT(grpc_server_add_http2_port(server, addr.c_str(), ssl_creds)); grpc_completion_queue* cq = grpc_completion_queue_create_for_next(nullptr); @@ -160,8 +159,8 @@ static bool verify_peer_options_test(verify_peer_options* verify_options) { grpc_channel_args grpc_args; grpc_args.num_args = 1; grpc_args.args = &ssl_name_override; - grpc_channel* channel = grpc_secure_channel_create(ssl_creds, target.c_str(), - &grpc_args, nullptr); + grpc_channel* channel = + grpc_channel_create(target.c_str(), ssl_creds, &grpc_args); GPR_ASSERT(channel); // Initially the channel will be idle, the diff --git a/test/core/iomgr/stranded_event_test.cc b/test/core/iomgr/stranded_event_test.cc index 6766297209e14..61fe02947207f 100644 --- a/test/core/iomgr/stranded_event_test.cc +++ b/test/core/iomgr/stranded_event_test.cc @@ -216,7 +216,11 @@ class TestServer { address_ = grpc_core::JoinHostPort("127.0.0.1", grpc_pick_unused_port_or_die()); grpc_server_register_completion_queue(server_, cq_, nullptr); - GPR_ASSERT(grpc_server_add_insecure_http2_port(server_, address_.c_str())); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + GPR_ASSERT( + grpc_server_add_http2_port(server_, address_.c_str(), server_creds)); + grpc_server_credentials_release(server_creds); grpc_server_start(server_); thread_ = std::thread(std::bind(&TestServer::AcceptThread, this)); } @@ -362,8 +366,10 @@ TEST(Pollers, TestReadabilityNotificationsDontGetStrandedOnOneCq) { fake_resolver_response_generator.get())); grpc_channel_args* channel_args = grpc_channel_args_copy_and_add(nullptr, args.data(), args.size()); - grpc_channel* channel = grpc_insecure_channel_create( - "fake:///test.server.com", channel_args, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + grpc_channel* channel = + grpc_channel_create("fake:///test.server.com", creds, channel_args); + grpc_channel_credentials_release(creds); grpc_channel_args_destroy(channel_args); grpc_completion_queue* cq = grpc_completion_queue_create_for_next(nullptr); diff --git a/test/core/security/BUILD b/test/core/security/BUILD index 2d17629bac7b4..e5ac29bbb7768 100644 --- a/test/core/security/BUILD +++ b/test/core/security/BUILD @@ -116,6 +116,7 @@ grpc_cc_test( deps = [ "//:gpr", "//:grpc", + "//:grpc_authorization_base", "//:grpc_secure", "//test/core/util:grpc_test_util", ], @@ -239,7 +240,6 @@ grpc_cc_test( srcs = ["check_gcp_environment_linux_test.cc"], language = "C++", deps = [ - "//:alts_util", "//:gpr", "//:gpr_base", "//:grpc", @@ -252,7 +252,6 @@ grpc_cc_test( srcs = ["check_gcp_environment_windows_test.cc"], language = "C++", deps = [ - "//:alts_util", "//:gpr", "//:gpr_base", "//:grpc", @@ -265,7 +264,6 @@ grpc_cc_test( srcs = ["grpc_alts_credentials_options_test.cc"], language = "C++", deps = [ - "//:alts_util", "//:gpr", "//:grpc", "//test/core/util:grpc_test_util", @@ -281,8 +279,6 @@ grpc_cc_test( "//:grpc", "//:grpc_base", "//:grpc_secure", - "//:tsi", - "//:tsi_interface", "//test/core/util:grpc_test_util", ], ) @@ -307,8 +303,6 @@ grpc_cc_test( "//:gpr", "//:grpc", "//:grpc_secure", - "//:tsi", - "//:tsi_interface", "//test/core/util:grpc_test_util", ], ) diff --git a/test/core/surface/channel_create_test.cc b/test/core/surface/channel_create_test.cc index 776f4c9dd592e..ae75463337169 100644 --- a/test/core/surface/channel_create_test.cc +++ b/test/core/surface/channel_create_test.cc @@ -19,6 +19,7 @@ #include #include +#include #include #include "src/core/lib/channel/channel_stack.h" @@ -32,7 +33,9 @@ void test_unknown_scheme_target(void) { grpc_core::ResolverRegistry::Builder::ShutdownRegistry(); grpc_core::ResolverRegistry::Builder::InitRegistry(); - chan = grpc_insecure_channel_create("blah://blah", nullptr, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + chan = grpc_channel_create("blah://blah", creds, nullptr); + grpc_channel_credentials_release(creds); GPR_ASSERT(chan != nullptr); grpc_core::ExecCtx exec_ctx; diff --git a/test/core/surface/concurrent_connectivity_test.cc b/test/core/surface/concurrent_connectivity_test.cc index 17dd195a7dded..ad1d5c37f7442 100644 --- a/test/core/surface/concurrent_connectivity_test.cc +++ b/test/core/surface/concurrent_connectivity_test.cc @@ -25,6 +25,7 @@ #include "absl/strings/str_cat.h" #include +#include #include #include @@ -66,8 +67,10 @@ static void* tag(int n) { return reinterpret_cast(n); } void create_loop_destroy(void* addr) { for (int i = 0; i < NUM_OUTER_LOOPS; ++i) { grpc_completion_queue* cq = grpc_completion_queue_create_for_next(nullptr); - grpc_channel* chan = grpc_insecure_channel_create(static_cast(addr), - nullptr, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + grpc_channel* chan = + grpc_channel_create(static_cast(addr), creds, nullptr); + grpc_channel_credentials_release(creds); for (int j = 0; j < NUM_INNER_LOOPS; ++j) { gpr_timespec later_time = @@ -198,7 +201,10 @@ int run_concurrent_connectivity_test() { int port = grpc_pick_unused_port_or_die(); args.addr = absl::StrCat("localhost:", port); args.server = grpc_server_create(nullptr, nullptr); - grpc_server_add_insecure_http2_port(args.server, args.addr.c_str()); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + grpc_server_add_http2_port(args.server, args.addr.c_str(), server_creds); + grpc_server_credentials_release(server_creds); args.cq = grpc_completion_queue_create_for_next(nullptr); grpc_server_register_completion_queue(args.server, args.cq, nullptr); grpc_server_start(args.server); @@ -260,8 +266,10 @@ int run_concurrent_connectivity_test() { void watches_with_short_timeouts(void* addr) { for (int i = 0; i < NUM_OUTER_LOOPS_SHORT_TIMEOUTS; ++i) { grpc_completion_queue* cq = grpc_completion_queue_create_for_next(nullptr); - grpc_channel* chan = grpc_insecure_channel_create(static_cast(addr), - nullptr, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + grpc_channel* chan = + grpc_channel_create(static_cast(addr), creds, nullptr); + grpc_channel_credentials_release(creds); for (int j = 0; j < NUM_INNER_LOOPS_SHORT_TIMEOUTS; ++j) { gpr_timespec later_time = diff --git a/test/core/surface/num_external_connectivity_watchers_test.cc b/test/core/surface/num_external_connectivity_watchers_test.cc index 2a348daeaa57e..45f5f1512544a 100644 --- a/test/core/surface/num_external_connectivity_watchers_test.cc +++ b/test/core/surface/num_external_connectivity_watchers_test.cc @@ -157,7 +157,10 @@ static void run_channel_shutdown_before_timeout_test( } static grpc_channel* insecure_test_create_channel(const char* addr) { - return grpc_insecure_channel_create(addr, nullptr, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + grpc_channel* channel = grpc_channel_create(addr, creds, nullptr); + grpc_channel_credentials_release(creds); + return channel; } static const test_fixture insecure_test = { @@ -180,8 +183,7 @@ static grpc_channel* secure_test_create_channel(const char* addr) { {const_cast("foo.test.google.fr")}}; grpc_channel_args* new_client_args = grpc_channel_args_copy_and_add(nullptr, &ssl_name_override, 1); - grpc_channel* channel = - grpc_secure_channel_create(ssl_creds, addr, new_client_args, nullptr); + grpc_channel* channel = grpc_channel_create(addr, ssl_creds, new_client_args); { grpc_core::ExecCtx exec_ctx; grpc_channel_args_destroy(new_client_args); diff --git a/test/core/surface/public_headers_must_be_c89.c b/test/core/surface/public_headers_must_be_c89.c index 2a28a1f704fbd..4b04ea7bd6891 100644 --- a/test/core/surface/public_headers_must_be_c89.c +++ b/test/core/surface/public_headers_must_be_c89.c @@ -114,7 +114,9 @@ int main(int argc, char **argv) { printf("%lx", (unsigned long) grpc_channel_get_target); printf("%lx", (unsigned long) grpc_channel_get_info); printf("%lx", (unsigned long) grpc_channel_reset_connect_backoff); - printf("%lx", (unsigned long) grpc_insecure_channel_create); + printf("%lx", (unsigned long) grpc_channel_credentials_release); + printf("%lx", (unsigned long) grpc_server_credentials_release); + printf("%lx", (unsigned long) grpc_channel_create); printf("%lx", (unsigned long) grpc_lame_client_channel_create); printf("%lx", (unsigned long) grpc_channel_destroy); printf("%lx", (unsigned long) grpc_call_cancel); @@ -130,7 +132,7 @@ int main(int argc, char **argv) { printf("%lx", (unsigned long) grpc_server_config_fetcher_xds_create); printf("%lx", (unsigned long) grpc_server_config_fetcher_destroy); printf("%lx", (unsigned long) grpc_server_set_config_fetcher); - printf("%lx", (unsigned long) grpc_server_add_insecure_http2_port); + printf("%lx", (unsigned long) grpc_server_add_http2_port); printf("%lx", (unsigned long) grpc_server_start); printf("%lx", (unsigned long) grpc_server_shutdown_and_notify); printf("%lx", (unsigned long) grpc_server_cancel_all_calls); @@ -170,7 +172,6 @@ int main(int argc, char **argv) { printf("%lx", (unsigned long) grpc_ssl_session_cache_destroy); printf("%lx", (unsigned long) grpc_ssl_session_cache_create_channel_arg); printf("%lx", (unsigned long) grpc_call_credentials_release); - printf("%lx", (unsigned long) grpc_channel_credentials_release); printf("%lx", (unsigned long) grpc_google_default_credentials_create); printf("%lx", (unsigned long) grpc_set_ssl_roots_override_callback); printf("%lx", (unsigned long) grpc_ssl_credentials_create); @@ -188,8 +189,6 @@ int main(int argc, char **argv) { printf("%lx", (unsigned long) grpc_auth_metadata_context_copy); printf("%lx", (unsigned long) grpc_auth_metadata_context_reset); printf("%lx", (unsigned long) grpc_metadata_credentials_create_from_plugin); - printf("%lx", (unsigned long) grpc_secure_channel_create); - printf("%lx", (unsigned long) grpc_server_credentials_release); printf("%lx", (unsigned long) grpc_ssl_server_certificate_config_create); printf("%lx", (unsigned long) grpc_ssl_server_certificate_config_destroy); printf("%lx", (unsigned long) grpc_ssl_server_credentials_create); @@ -198,7 +197,6 @@ int main(int argc, char **argv) { printf("%lx", (unsigned long) grpc_ssl_server_credentials_create_options_using_config_fetcher); printf("%lx", (unsigned long) grpc_ssl_server_credentials_options_destroy); printf("%lx", (unsigned long) grpc_ssl_server_credentials_create_with_options); - printf("%lx", (unsigned long) grpc_server_add_secure_http2_port); printf("%lx", (unsigned long) grpc_call_set_credentials); printf("%lx", (unsigned long) grpc_server_credentials_set_auth_metadata_processor); printf("%lx", (unsigned long) grpc_alts_credentials_client_options_create); @@ -225,6 +223,8 @@ int main(int argc, char **argv) { printf("%lx", (unsigned long) grpc_tls_credentials_options_set_crl_directory); printf("%lx", (unsigned long) grpc_tls_credentials_options_set_verify_server_cert); printf("%lx", (unsigned long) grpc_tls_credentials_options_set_check_call_host); + printf("%lx", (unsigned long) grpc_insecure_credentials_create); + printf("%lx", (unsigned long) grpc_insecure_server_credentials_create); printf("%lx", (unsigned long) grpc_xds_credentials_create); printf("%lx", (unsigned long) grpc_xds_server_credentials_create); printf("%lx", (unsigned long) grpc_authorization_policy_provider_static_data_create); diff --git a/test/core/surface/secure_channel_create_test.cc b/test/core/surface/secure_channel_create_test.cc index 54e3aee5d9bc6..8c7d396169579 100644 --- a/test/core/surface/secure_channel_create_test.cc +++ b/test/core/surface/secure_channel_create_test.cc @@ -33,8 +33,7 @@ void test_unknown_scheme_target(void) { grpc_core::ResolverRegistry::Builder::InitRegistry(); grpc_channel_credentials* creds = grpc_fake_transport_security_credentials_create(); - grpc_channel* chan = - grpc_secure_channel_create(creds, "blah://blah", nullptr, nullptr); + grpc_channel* chan = grpc_channel_create("blah://blah", creds, nullptr); grpc_channel_element* elem = grpc_channel_stack_element(grpc_channel_get_channel_stack(chan), 0); GPR_ASSERT(0 == strcmp(elem->filter->name, "lame-client")); @@ -48,8 +47,7 @@ void test_security_connector_already_in_arg(void) { grpc_channel_args args; args.num_args = 1; args.args = &arg; - grpc_channel* chan = - grpc_secure_channel_create(nullptr, nullptr, &args, nullptr); + grpc_channel* chan = grpc_channel_create(nullptr, nullptr, &args); grpc_channel_element* elem = grpc_channel_stack_element(grpc_channel_get_channel_stack(chan), 0); GPR_ASSERT(0 == strcmp(elem->filter->name, "lame-client")); @@ -58,8 +56,7 @@ void test_security_connector_already_in_arg(void) { } void test_null_creds(void) { - grpc_channel* chan = - grpc_secure_channel_create(nullptr, nullptr, nullptr, nullptr); + grpc_channel* chan = grpc_channel_create(nullptr, nullptr, nullptr); grpc_channel_element* elem = grpc_channel_stack_element(grpc_channel_get_channel_stack(chan), 0); GPR_ASSERT(0 == strcmp(elem->filter->name, "lame-client")); diff --git a/test/core/surface/sequential_connectivity_test.cc b/test/core/surface/sequential_connectivity_test.cc index 01d9a85c33214..61732dc640008 100644 --- a/test/core/surface/sequential_connectivity_test.cc +++ b/test/core/surface/sequential_connectivity_test.cc @@ -75,9 +75,12 @@ static grpc_channel* create_test_channel(const char* addr, } grpc_channel_args channel_args = {args.size(), args.data()}; if (creds != nullptr) { - channel = grpc_secure_channel_create(creds, addr, &channel_args, nullptr); + channel = grpc_channel_create(addr, creds, &channel_args); } else { - channel = grpc_insecure_channel_create(addr, &channel_args, nullptr); + grpc_channel_credentials* insecure_creds = + grpc_insecure_credentials_create(); + channel = grpc_channel_create(addr, insecure_creds, &channel_args); + grpc_channel_credentials_release(insecure_creds); } return channel; } @@ -148,7 +151,10 @@ static void run_test(const test_fixture* fixture, bool share_subchannel) { } static void insecure_test_add_port(grpc_server* server, const char* addr) { - grpc_server_add_insecure_http2_port(server, addr); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + grpc_server_add_http2_port(server, addr, server_creds); + grpc_server_credentials_release(server_creds); } static void secure_test_add_port(grpc_server* server, const char* addr) { @@ -166,7 +172,7 @@ static void secure_test_add_port(grpc_server* server, const char* addr) { nullptr, &pem_key_cert_pair, 1, 0, nullptr); grpc_slice_unref(cert_slice); grpc_slice_unref(key_slice); - grpc_server_add_secure_http2_port(server, addr, ssl_creds); + grpc_server_add_http2_port(server, addr, ssl_creds); grpc_server_credentials_release(ssl_creds); } diff --git a/test/core/surface/server_chttp2_test.cc b/test/core/surface/server_chttp2_test.cc index e85c1d5894966..ce0d84ce8e159 100644 --- a/test/core/surface/server_chttp2_test.cc +++ b/test/core/surface/server_chttp2_test.cc @@ -34,7 +34,10 @@ TEST(ServerChttp2, UnparseableTarget) { grpc_channel_args args = {0, nullptr}; grpc_server* server = grpc_server_create(&args, nullptr); - int port = grpc_server_add_insecure_http2_port(server, "["); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + int port = grpc_server_add_http2_port(server, "[", server_creds); + grpc_server_credentials_release(server_creds); EXPECT_EQ(port, 0); grpc_server_destroy(server); } @@ -50,10 +53,8 @@ TEST(ServerChttp2, AddSamePortTwice) { grpc_server_credentials* fake_creds = grpc_fake_transport_security_server_credentials_create(); std::string addr = grpc_core::JoinHostPort("localhost", port); - EXPECT_EQ(grpc_server_add_secure_http2_port(server, addr.c_str(), fake_creds), - port); - EXPECT_EQ(grpc_server_add_secure_http2_port(server, addr.c_str(), fake_creds), - 0); + EXPECT_EQ(grpc_server_add_http2_port(server, addr.c_str(), fake_creds), port); + EXPECT_EQ(grpc_server_add_http2_port(server, addr.c_str(), fake_creds), 0); grpc_server_credentials_release(fake_creds); grpc_server_shutdown_and_notify(server, cq, nullptr); diff --git a/test/core/surface/server_test.cc b/test/core/surface/server_test.cc index 1c2677947678f..393bd827a07cf 100644 --- a/test/core/surface/server_test.cc +++ b/test/core/surface/server_test.cc @@ -84,15 +84,21 @@ void test_bind_server_twice(void) { std::string addr = absl::StrCat("[::]:", port); grpc_server_register_completion_queue(server1, cq, nullptr); grpc_server_register_completion_queue(server2, cq, nullptr); - GPR_ASSERT(0 == - grpc_server_add_secure_http2_port(server2, addr.c_str(), nullptr)); + GPR_ASSERT(0 == grpc_server_add_http2_port(server2, addr.c_str(), nullptr)); + grpc_server_credentials* insecure_creds = + grpc_insecure_server_credentials_create(); GPR_ASSERT(port == - grpc_server_add_insecure_http2_port(server1, addr.c_str())); - GPR_ASSERT(0 == grpc_server_add_insecure_http2_port(server2, addr.c_str())); + grpc_server_add_http2_port(server1, addr.c_str(), insecure_creds)); + grpc_server_credentials_release(insecure_creds); + grpc_server_credentials* another_insecure_creds = + grpc_insecure_server_credentials_create(); + GPR_ASSERT(0 == grpc_server_add_http2_port(server2, addr.c_str(), + another_insecure_creds)); + grpc_server_credentials_release(another_insecure_creds); grpc_server_credentials* fake_creds = grpc_fake_transport_security_server_credentials_create(); - GPR_ASSERT(0 == grpc_server_add_secure_http2_port(server2, addr.c_str(), - fake_creds)); + GPR_ASSERT(0 == + grpc_server_add_http2_port(server2, addr.c_str(), fake_creds)); grpc_server_credentials_release(fake_creds); grpc_server_shutdown_and_notify(server1, cq, nullptr); grpc_server_shutdown_and_notify(server2, cq, nullptr); @@ -112,11 +118,14 @@ void test_bind_server_to_addr(const char* host, bool secure) { if (secure) { grpc_server_credentials* fake_creds = grpc_fake_transport_security_server_credentials_create(); - GPR_ASSERT( - grpc_server_add_secure_http2_port(server, addr.c_str(), fake_creds)); + GPR_ASSERT(grpc_server_add_http2_port(server, addr.c_str(), fake_creds)); grpc_server_credentials_release(fake_creds); } else { - GPR_ASSERT(grpc_server_add_insecure_http2_port(server, addr.c_str())); + grpc_server_credentials* insecure_creds = + grpc_insecure_server_credentials_create(); + GPR_ASSERT( + grpc_server_add_http2_port(server, addr.c_str(), insecure_creds)); + grpc_server_credentials_release(insecure_creds); } grpc_completion_queue* cq = grpc_completion_queue_create_for_next(nullptr); grpc_server_register_completion_queue(server, cq, nullptr); diff --git a/test/core/transport/binder/end2end/fuzzers/client_fuzzer.cc b/test/core/transport/binder/end2end/fuzzers/client_fuzzer.cc index 41908c16e9bb8..def61d94bdbb5 100644 --- a/test/core/transport/binder/end2end/fuzzers/client_fuzzer.cc +++ b/test/core/transport/binder/end2end/fuzzers/client_fuzzer.cc @@ -58,9 +58,9 @@ DEFINE_PROTO_FUZZER(const binder_transport_fuzzer::Input& input) { const grpc_channel_args* channel_args = grpc_core::CoreConfiguration::Get() .channel_args_preconditioning() .PreconditionChannelArgs(args); - grpc_channel* channel = grpc_channel_create("test-target", channel_args, - GRPC_CLIENT_DIRECT_CHANNEL, - client_transport, nullptr); + grpc_channel* channel = grpc_channel_create_internal( + "test-target", channel_args, GRPC_CLIENT_DIRECT_CHANNEL, + client_transport, nullptr); grpc_channel_args_destroy(channel_args); grpc_channel_args_destroy(args); grpc_slice host = grpc_slice_from_static_string("localhost"); diff --git a/test/core/transport/binder/end2end/testing_channel_create.cc b/test/core/transport/binder/end2end/testing_channel_create.cc index 485a1d0e706d2..c24f54231f9f9 100644 --- a/test/core/transport/binder/end2end/testing_channel_create.cc +++ b/test/core/transport/binder/end2end/testing_channel_create.cc @@ -127,9 +127,9 @@ grpc_channel* grpc_binder_channel_create_for_testing( grpc_error_handle error = grpc_core::Server::FromC(server)->SetupTransport( server_transport, nullptr, args, nullptr); GPR_ASSERT(error == GRPC_ERROR_NONE); - grpc_channel* channel = - grpc_channel_create("binder", client_args, GRPC_CLIENT_DIRECT_CHANNEL, - client_transport, &error); + grpc_channel* channel = grpc_channel_create_internal( + "binder", client_args, GRPC_CLIENT_DIRECT_CHANNEL, client_transport, + &error); GPR_ASSERT(error == GRPC_ERROR_NONE); grpc_channel_args_destroy(args); grpc_channel_args_destroy(client_args); diff --git a/test/core/transport/chttp2/flow_control_test.cc b/test/core/transport/chttp2/flow_control_test.cc index a28c135f0fa50..64259ed4d6a86 100644 --- a/test/core/transport/chttp2/flow_control_test.cc +++ b/test/core/transport/chttp2/flow_control_test.cc @@ -30,6 +30,7 @@ #include #include +#include #include #include #include @@ -300,8 +301,11 @@ class FlowControlTest : public ::testing::Test { server_args}; server_ = grpc_server_create(&server_channel_args, nullptr); grpc_server_register_completion_queue(server_, cq_, nullptr); - GPR_ASSERT( - grpc_server_add_insecure_http2_port(server_, server_address.c_str())); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + GPR_ASSERT(grpc_server_add_http2_port(server_, server_address.c_str(), + server_creds)); + grpc_server_credentials_release(server_creds); grpc_server_start(server_); // create the channel (bdp pings are enabled by default) grpc_arg client_args[] = { @@ -315,8 +319,10 @@ class FlowControlTest : public ::testing::Test { const_cast(GRPC_ARG_MAX_SEND_MESSAGE_LENGTH), -1)}; grpc_channel_args client_channel_args = {GPR_ARRAY_SIZE(client_args), client_args}; - channel_ = grpc_insecure_channel_create(server_address.c_str(), - &client_channel_args, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + channel_ = grpc_channel_create(server_address.c_str(), creds, + &client_channel_args); + grpc_channel_credentials_release(creds); VerifyChannelReady(channel_, cq_); g_target_initial_window_size_mocker->Reset(); } diff --git a/test/core/transport/chttp2/remove_stream_from_stalled_lists_test.cc b/test/core/transport/chttp2/remove_stream_from_stalled_lists_test.cc index 8de38613743cf..c8ccdca3ef4e1 100644 --- a/test/core/transport/chttp2/remove_stream_from_stalled_lists_test.cc +++ b/test/core/transport/chttp2/remove_stream_from_stalled_lists_test.cc @@ -28,6 +28,7 @@ #include #include +#include #include #include #include @@ -145,7 +146,11 @@ class TestServer { server_ = grpc_server_create(nullptr, nullptr); address_ = grpc_core::JoinHostPort("[::1]", grpc_pick_unused_port_or_die()); grpc_server_register_completion_queue(server_, cq_, nullptr); - GPR_ASSERT(grpc_server_add_insecure_http2_port(server_, address_.c_str())); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + GPR_ASSERT( + grpc_server_add_http2_port(server_, address_.c_str(), server_creds)); + grpc_server_credentials_release(server_creds); grpc_server_start(server_); accept_thread_ = std::thread(std::bind(&TestServer::AcceptThread, this)); } @@ -296,8 +301,10 @@ TEST(Pollers, TestDontCrashWhenTryingToReproIssueFixedBy23984) { const_cast(GRPC_ARG_USE_LOCAL_SUBCHANNEL_POOL), true)); grpc_channel_args* channel_args = grpc_channel_args_copy_and_add(nullptr, args.data(), args.size()); - grpc_channel* channel = grpc_insecure_channel_create( - std::string("ipv6:" + server_address).c_str(), channel_args, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + grpc_channel* channel = grpc_channel_create( + std::string("ipv6:" + server_address).c_str(), creds, channel_args); + grpc_channel_credentials_release(creds); grpc_channel_args_destroy(channel_args); grpc_completion_queue* cq = grpc_completion_queue_create_for_next(nullptr); diff --git a/test/core/transport/chttp2/settings_timeout_test.cc b/test/core/transport/chttp2/settings_timeout_test.cc index 4fc8e70b31a4a..6a80a90e3e87b 100644 --- a/test/core/transport/chttp2/settings_timeout_test.cc +++ b/test/core/transport/chttp2/settings_timeout_test.cc @@ -27,6 +27,7 @@ #include "absl/strings/str_cat.h" #include +#include #include #include @@ -62,7 +63,10 @@ class ServerThread { a[1].value.pointer.vtable = grpc_resource_quota_arg_vtable(); grpc_channel_args args = {2, a}; server_ = grpc_server_create(&args, nullptr); - ASSERT_TRUE(grpc_server_add_insecure_http2_port(server_, address_)); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + ASSERT_TRUE(grpc_server_add_http2_port(server_, address_, server_creds)); + grpc_server_credentials_release(server_creds); cq_ = grpc_completion_queue_create_for_next(nullptr); grpc_server_register_completion_queue(server_, cq_, nullptr); grpc_server_start(server_); diff --git a/test/core/transport/chttp2/streams_not_seen_test.cc b/test/core/transport/chttp2/streams_not_seen_test.cc index d559a03e9d66a..0f280114e420e 100644 --- a/test/core/transport/chttp2/streams_not_seen_test.cc +++ b/test/core/transport/chttp2/streams_not_seen_test.cc @@ -29,6 +29,7 @@ #include "absl/synchronization/notification.h" #include +#include #include "src/core/ext/transport/chttp2/transport/chttp2_transport.h" #include "src/core/ext/transport/chttp2/transport/frame_goaway.h" @@ -124,9 +125,10 @@ class StreamsNotSeenTest : public ::testing::Test { const_cast(GRPC_ARG_HTTP2_BDP_PROBE), 0)}; grpc_channel_args client_channel_args = {GPR_ARRAY_SIZE(client_args), client_args}; - channel_ = - grpc_insecure_channel_create(JoinHostPort("127.0.0.1", port_).c_str(), - &client_channel_args, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + channel_ = grpc_channel_create(JoinHostPort("127.0.0.1", port_).c_str(), + creds, &client_channel_args); + grpc_channel_credentials_release(creds); // Wait for the channel to connect grpc_connectivity_state state = grpc_channel_check_connectivity_state( channel_, /*try_to_connect=*/true); diff --git a/test/core/transport/chttp2/too_many_pings_test.cc b/test/core/transport/chttp2/too_many_pings_test.cc index c469badbb1a23..66bf93605a049 100644 --- a/test/core/transport/chttp2/too_many_pings_test.cc +++ b/test/core/transport/chttp2/too_many_pings_test.cc @@ -174,12 +174,17 @@ TEST(TooManyPings, TestLotsOfServerCancelledRpcsDoesntGiveTooManyPings) { std::string server_address = grpc_core::JoinHostPort("localhost", grpc_pick_unused_port_or_die()); grpc_server_register_completion_queue(server, cq, nullptr); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); GPR_ASSERT( - grpc_server_add_insecure_http2_port(server, server_address.c_str())); + grpc_server_add_http2_port(server, server_address.c_str(), server_creds)); + grpc_server_credentials_release(server_creds); grpc_server_start(server); // create the channel (bdp pings are enabled by default) - grpc_channel* channel = grpc_insecure_channel_create( - server_address.c_str(), nullptr /* channel args */, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + grpc_channel* channel = grpc_channel_create(server_address.c_str(), creds, + nullptr /* channel args */); + grpc_channel_credentials_release(creds); std::map statuses_and_counts; const int kNumTotalRpcs = 1e5; // perform an RPC @@ -343,7 +348,10 @@ class KeepaliveThrottlingTest : public ::testing::Test { // Create server grpc_server* server = grpc_server_create(&server_channel_args, nullptr); grpc_server_register_completion_queue(server, cq, nullptr); - GPR_ASSERT(grpc_server_add_insecure_http2_port(server, addr)); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); + GPR_ASSERT(grpc_server_add_http2_port(server, addr, server_creds)); + grpc_server_credentials_release(server_creds); grpc_server_start(server); return server; } @@ -364,10 +372,12 @@ TEST_F(KeepaliveThrottlingTest, KeepaliveThrottlingMultipleChannels) { const_cast(GRPC_ARG_HTTP2_BDP_PROBE), 0)}; grpc_channel_args client_channel_args = {GPR_ARRAY_SIZE(client_args), client_args}; - grpc_channel* channel = grpc_insecure_channel_create( - server_address.c_str(), &client_channel_args, nullptr); - grpc_channel* channel_dup = grpc_insecure_channel_create( - server_address.c_str(), &client_channel_args, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + grpc_channel* channel = + grpc_channel_create(server_address.c_str(), creds, &client_channel_args); + grpc_channel* channel_dup = + grpc_channel_create(server_address.c_str(), creds, &client_channel_args); + grpc_channel_credentials_release(creds); int expected_keepalive_time_sec = 1; // We need 3 GOAWAY frames to throttle the keepalive time from 1 second to 8 // seconds (> 5sec). @@ -448,8 +458,10 @@ TEST_F(KeepaliveThrottlingTest, NewSubchannelsUseUpdatedKeepaliveTime) { response_generator.get())}; grpc_channel_args client_channel_args = {GPR_ARRAY_SIZE(client_args), client_args}; + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); grpc_channel* channel = - grpc_insecure_channel_create("fake:///", &client_channel_args, nullptr); + grpc_channel_create("fake:///", creds, &client_channel_args); + grpc_channel_credentials_release(creds); // For a single subchannel 3 GOAWAYs would be sufficient to increase the // keepalive time from 1 second to beyond 5 seconds. Even though we are // alternating between two subchannels, 3 GOAWAYs should still be enough since @@ -517,8 +529,10 @@ TEST_F(KeepaliveThrottlingTest, response_generator.get())}; grpc_channel_args client_channel_args = {GPR_ARRAY_SIZE(client_args), client_args}; + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); grpc_channel* channel = - grpc_insecure_channel_create("fake:///", &client_channel_args, nullptr); + grpc_channel_create("fake:///", creds, &client_channel_args); + grpc_channel_credentials_release(creds); response_generator->SetResponse( BuildResolverResult({absl::StrCat("ipv4:", server_address1), absl::StrCat("ipv4:", server_address2)})); @@ -710,8 +724,11 @@ TEST(TooManyPings, BdpPingNotSentWithoutReceiveSideActivity) { server_args}; grpc_server* server = grpc_server_create(&server_channel_args, nullptr); grpc_server_register_completion_queue(server, cq, nullptr); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); GPR_ASSERT( - grpc_server_add_insecure_http2_port(server, server_address.c_str())); + grpc_server_add_http2_port(server, server_address.c_str(), server_creds)); + grpc_server_credentials_release(server_creds); grpc_server_start(server); // create the channel (bdp pings are enabled by default) grpc_arg client_args[] = { @@ -721,8 +738,10 @@ TEST(TooManyPings, BdpPingNotSentWithoutReceiveSideActivity) { const_cast(GRPC_ARG_KEEPALIVE_PERMIT_WITHOUT_CALLS), 1)}; grpc_channel_args client_channel_args = {GPR_ARRAY_SIZE(client_args), client_args}; - grpc_channel* channel = grpc_insecure_channel_create( - server_address.c_str(), &client_channel_args, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + grpc_channel* channel = + grpc_channel_create(server_address.c_str(), creds, &client_channel_args); + grpc_channel_credentials_release(creds); VerifyChannelReady(channel, cq); EXPECT_EQ(TransportCounter::count(), 2 /* one each for server and client */); cq_verifier* cqv = cq_verifier_create(cq); @@ -781,8 +800,11 @@ TEST(TooManyPings, TransportsGetCleanedUpOnDisconnect) { server_args}; grpc_server* server = grpc_server_create(&server_channel_args, nullptr); grpc_server_register_completion_queue(server, cq, nullptr); + grpc_server_credentials* server_creds = + grpc_insecure_server_credentials_create(); GPR_ASSERT( - grpc_server_add_insecure_http2_port(server, server_address.c_str())); + grpc_server_add_http2_port(server, server_address.c_str(), server_creds)); + grpc_server_credentials_release(server_creds); grpc_server_start(server); grpc_arg client_args[] = { grpc_channel_arg_integer_create( @@ -791,8 +813,10 @@ TEST(TooManyPings, TransportsGetCleanedUpOnDisconnect) { const_cast(GRPC_ARG_KEEPALIVE_PERMIT_WITHOUT_CALLS), 1)}; grpc_channel_args client_channel_args = {GPR_ARRAY_SIZE(client_args), client_args}; - grpc_channel* channel = grpc_insecure_channel_create( - server_address.c_str(), &client_channel_args, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + grpc_channel* channel = + grpc_channel_create(server_address.c_str(), creds, &client_channel_args); + grpc_channel_credentials_release(creds); VerifyChannelReady(channel, cq); EXPECT_EQ(TransportCounter::count(), 2 /* one each for server and client */); cq_verifier* cqv = cq_verifier_create(cq); diff --git a/test/core/tsi/BUILD b/test/core/tsi/BUILD index 5b3415709147d..37d742075f89a 100644 --- a/test/core/tsi/BUILD +++ b/test/core/tsi/BUILD @@ -27,7 +27,6 @@ grpc_cc_library( hdrs = ["transport_security_test_lib.h"], deps = [ "//:grpc", - "//:tsi", ], ) @@ -39,7 +38,6 @@ grpc_cc_test( ":transport_security_test_lib", "//:gpr", "//:grpc", - "//:tsi", "//test/core/util:grpc_test_util", ], ) @@ -54,7 +52,6 @@ grpc_cc_test( deps = [ "//:gpr", "//:grpc", - "//:tsi", "//test/core/util:grpc_test_util", ], ) @@ -83,7 +80,6 @@ grpc_cc_test( ":transport_security_test_lib", "//:gpr", "//:grpc", - "//:tsi", "//test/core/util:grpc_test_util", ], ) diff --git a/test/core/tsi/alts/handshaker/alts_concurrent_connectivity_test.cc b/test/core/tsi/alts/handshaker/alts_concurrent_connectivity_test.cc index 6fe291b09aaf4..7ac7daaae7401 100644 --- a/test/core/tsi/alts/handshaker/alts_concurrent_connectivity_test.cc +++ b/test/core/tsi/alts/handshaker/alts_concurrent_connectivity_test.cc @@ -95,8 +95,8 @@ grpc_channel* create_secure_channel_for_test( } grpc_channel_args* channel_args = grpc_channel_args_copy_and_add(nullptr, new_args.data(), new_args.size()); - grpc_channel* channel = grpc_secure_channel_create(channel_creds, server_addr, - channel_args, nullptr); + grpc_channel* channel = + grpc_channel_create(server_addr, channel_creds, channel_args); grpc_channel_args_destroy(channel_args); grpc_channel_credentials_release(channel_creds); return channel; @@ -153,8 +153,8 @@ class TestServer { grpc_server_register_completion_queue(server_, server_cq_, nullptr); int port = grpc_pick_unused_port_or_die(); server_addr_ = grpc_core::JoinHostPort("localhost", port); - GPR_ASSERT(grpc_server_add_secure_http2_port(server_, server_addr_.c_str(), - server_creds)); + GPR_ASSERT(grpc_server_add_http2_port(server_, server_addr_.c_str(), + server_creds)); grpc_server_credentials_release(server_creds); grpc_server_start(server_); gpr_log(GPR_DEBUG, "Start TestServer %p. listen on %s", this, diff --git a/test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc b/test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc index 2a36f0aa368a2..d9795e680f397 100644 --- a/test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc +++ b/test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc @@ -21,6 +21,7 @@ #include "upb/upb.hpp" #include +#include #include "src/core/tsi/alts/handshaker/alts_shared_resource.h" #include "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h" @@ -308,8 +309,10 @@ static alts_handshaker_client_test_config* create_config() { alts_handshaker_client_test_config* config = static_cast( gpr_zalloc(sizeof(*config))); - config->channel = grpc_insecure_channel_create( - ALTS_HANDSHAKER_SERVICE_URL_FOR_TESTING, nullptr, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + config->channel = grpc_channel_create(ALTS_HANDSHAKER_SERVICE_URL_FOR_TESTING, + creds, nullptr); + grpc_channel_credentials_release(creds); config->cq = grpc_completion_queue_create_for_next(nullptr); grpc_alts_credentials_options* client_options = create_credentials_options(true /* is_client */); diff --git a/test/cpp/end2end/grpclb_end2end_test.cc b/test/cpp/end2end/grpclb_end2end_test.cc index 036e08b449343..add33394c809e 100644 --- a/test/cpp/end2end/grpclb_end2end_test.cc +++ b/test/cpp/end2end/grpclb_end2end_test.cc @@ -415,7 +415,7 @@ class GrpclbEnd2endTest : public ::testing::Test { } if (subchannel_cache_delay_ms > 0) { args.SetInt(GRPC_ARG_GRPCLB_SUBCHANNEL_CACHE_INTERVAL_MS, - subchannel_cache_delay_ms); + subchannel_cache_delay_ms * grpc_test_slowdown_factor()); } std::ostringstream uri; uri << "fake:///" << kApplicationTargetName_; diff --git a/test/cpp/microbenchmarks/bm_call_create.cc b/test/cpp/microbenchmarks/bm_call_create.cc index a7e43f4997ee3..7c9bcf4a1a455 100644 --- a/test/cpp/microbenchmarks/bm_call_create.cc +++ b/test/cpp/microbenchmarks/bm_call_create.cc @@ -26,6 +26,7 @@ #include #include +#include #include #include #include @@ -93,11 +94,16 @@ class BaseChannelFixture { grpc_channel* const channel_; }; +static grpc_channel* CreateChannel() { + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + grpc_channel* channel = grpc_channel_create("localhost:1234", creds, nullptr); + grpc_channel_credentials_release(creds); + return channel; +} + class InsecureChannel : public BaseChannelFixture { public: - InsecureChannel() - : BaseChannelFixture( - grpc_insecure_channel_create("localhost:1234", nullptr, nullptr)) {} + InsecureChannel() : BaseChannelFixture(CreateChannel()) {} }; class LameChannel : public BaseChannelFixture { diff --git a/test/cpp/microbenchmarks/bm_channel.cc b/test/cpp/microbenchmarks/bm_channel.cc index b3e9b77b810da..22edd3c1857cc 100644 --- a/test/cpp/microbenchmarks/bm_channel.cc +++ b/test/cpp/microbenchmarks/bm_channel.cc @@ -21,6 +21,7 @@ #include #include +#include #include "test/core/util/test_config.h" #include "test/cpp/microbenchmarks/helpers.h" @@ -44,7 +45,9 @@ class InsecureChannelFixture : public ChannelDestroyerFixture { public: InsecureChannelFixture() {} void Init() override { - channel_ = grpc_insecure_channel_create("localhost:1234", nullptr, nullptr); + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); + channel_ = grpc_channel_create("localhost:1234", creds, nullptr); + grpc_channel_credentials_release(creds); } }; diff --git a/test/cpp/microbenchmarks/fullstack_fixtures.h b/test/cpp/microbenchmarks/fullstack_fixtures.h index ecb399d6968f8..85277d93c6ba7 100644 --- a/test/cpp/microbenchmarks/fullstack_fixtures.h +++ b/test/cpp/microbenchmarks/fullstack_fixtures.h @@ -200,9 +200,9 @@ class EndpointPairFixture : public BaseFixture { client_transport_ = grpc_create_chttp2_transport(&c_args, endpoints.client, true); GPR_ASSERT(client_transport_); - grpc_channel* channel = - grpc_channel_create("target", &c_args, GRPC_CLIENT_DIRECT_CHANNEL, - client_transport_, nullptr); + grpc_channel* channel = grpc_channel_create_internal( + "target", &c_args, GRPC_CLIENT_DIRECT_CHANNEL, client_transport_, + nullptr); grpc_chttp2_transport_start_reading(client_transport_, nullptr, nullptr, nullptr); diff --git a/test/cpp/naming/cancel_ares_query_test.cc b/test/cpp/naming/cancel_ares_query_test.cc index 7cd95d8301fdb..ecd37774792f0 100644 --- a/test/cpp/naming/cancel_ares_query_test.cc +++ b/test/cpp/naming/cancel_ares_query_test.cc @@ -28,6 +28,7 @@ #include #include +#include #include #include #include @@ -328,8 +329,10 @@ void TestCancelDuringActiveQuery( } else { abort(); } + grpc_channel_credentials* creds = grpc_insecure_credentials_create(); grpc_channel* client = - grpc_insecure_channel_create(client_target.c_str(), client_args, nullptr); + grpc_channel_create(client_target.c_str(), creds, client_args); + grpc_channel_credentials_release(creds); grpc_completion_queue* cq = grpc_completion_queue_create_for_next(nullptr); cq_verifier* cqv = cq_verifier_create(cq); grpc_call* call = grpc_channel_create_call( diff --git a/test/cpp/performance/writes_per_rpc_test.cc b/test/cpp/performance/writes_per_rpc_test.cc index f35a568027a4d..65916a9e5a3ee 100644 --- a/test/cpp/performance/writes_per_rpc_test.cc +++ b/test/cpp/performance/writes_per_rpc_test.cc @@ -96,7 +96,7 @@ class EndpointPairFixture { grpc_transport* transport = grpc_create_chttp2_transport(&c_args, endpoints.client, true); GPR_ASSERT(transport); - grpc_channel* channel = grpc_channel_create( + grpc_channel* channel = grpc_channel_create_internal( "target", &c_args, GRPC_CLIENT_DIRECT_CHANNEL, transport, nullptr); grpc_chttp2_transport_start_reading(transport, nullptr, nullptr, nullptr); diff --git a/tools/doxygen/Doxyfile.c++.internal b/tools/doxygen/Doxyfile.c++.internal index 826c7809308d7..1216558759f82 100644 --- a/tools/doxygen/Doxyfile.c++.internal +++ b/tools/doxygen/Doxyfile.c++.internal @@ -1089,8 +1089,6 @@ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h \ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h \ -src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h \ -src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h \ src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc \ @@ -1225,14 +1223,8 @@ src/core/ext/transport/chttp2/alpn/alpn.cc \ src/core/ext/transport/chttp2/alpn/alpn.h \ src/core/ext/transport/chttp2/client/chttp2_connector.cc \ src/core/ext/transport/chttp2/client/chttp2_connector.h \ -src/core/ext/transport/chttp2/client/insecure/channel_create.cc \ -src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc \ -src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc \ src/core/ext/transport/chttp2/server/chttp2_server.cc \ src/core/ext/transport/chttp2/server/chttp2_server.h \ -src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc \ -src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc \ -src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc \ src/core/ext/transport/chttp2/transport/bin_decoder.cc \ src/core/ext/transport/chttp2/transport/bin_decoder.h \ src/core/ext/transport/chttp2/transport/bin_encoder.cc \ @@ -2388,7 +2380,6 @@ src/core/lib/surface/event_string.cc \ src/core/lib/surface/event_string.h \ src/core/lib/surface/init.cc \ src/core/lib/surface/init.h \ -src/core/lib/surface/init_secure.cc \ src/core/lib/surface/lame_client.cc \ src/core/lib/surface/lame_client.h \ src/core/lib/surface/metadata_array.cc \ @@ -2422,6 +2413,7 @@ src/core/lib/transport/transport_op_string.cc \ src/core/lib/uri/uri_parser.cc \ src/core/lib/uri/uri_parser.h \ src/core/plugin_registry/grpc_plugin_registry.cc \ +src/core/plugin_registry/grpc_plugin_registry_extra.cc \ src/core/tsi/alts/crypt/aes_gcm.cc \ src/core/tsi/alts/crypt/gsec.cc \ src/core/tsi/alts/crypt/gsec.h \ diff --git a/tools/doxygen/Doxyfile.core.internal b/tools/doxygen/Doxyfile.core.internal index 5f9278b9f9c3e..b6b86c76d7626 100644 --- a/tools/doxygen/Doxyfile.core.internal +++ b/tools/doxygen/Doxyfile.core.internal @@ -909,8 +909,6 @@ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h \ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h \ -src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h \ -src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc \ src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h \ src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc \ @@ -1014,18 +1012,8 @@ src/core/ext/transport/chttp2/alpn/alpn.cc \ src/core/ext/transport/chttp2/alpn/alpn.h \ src/core/ext/transport/chttp2/client/chttp2_connector.cc \ src/core/ext/transport/chttp2/client/chttp2_connector.h \ -src/core/ext/transport/chttp2/client/insecure/README.md \ -src/core/ext/transport/chttp2/client/insecure/channel_create.cc \ -src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc \ -src/core/ext/transport/chttp2/client/secure/README.md \ -src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc \ src/core/ext/transport/chttp2/server/chttp2_server.cc \ src/core/ext/transport/chttp2/server/chttp2_server.h \ -src/core/ext/transport/chttp2/server/insecure/README.md \ -src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc \ -src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc \ -src/core/ext/transport/chttp2/server/secure/README.md \ -src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc \ src/core/ext/transport/chttp2/transport/README.md \ src/core/ext/transport/chttp2/transport/bin_decoder.cc \ src/core/ext/transport/chttp2/transport/bin_decoder.h \ @@ -2188,7 +2176,6 @@ src/core/lib/surface/event_string.cc \ src/core/lib/surface/event_string.h \ src/core/lib/surface/init.cc \ src/core/lib/surface/init.h \ -src/core/lib/surface/init_secure.cc \ src/core/lib/surface/lame_client.cc \ src/core/lib/surface/lame_client.h \ src/core/lib/surface/metadata_array.cc \ @@ -2223,6 +2210,7 @@ src/core/lib/transport/transport_op_string.cc \ src/core/lib/uri/uri_parser.cc \ src/core/lib/uri/uri_parser.h \ src/core/plugin_registry/grpc_plugin_registry.cc \ +src/core/plugin_registry/grpc_plugin_registry_extra.cc \ src/core/tsi/README.md \ src/core/tsi/alts/crypt/aes_gcm.cc \ src/core/tsi/alts/crypt/gsec.cc \