diff options
| author |  Craig Tiller <ctiller@google.com> | 2015-08-27 12:43:25 -0700 |
|---|---|---|
| committer | Craig Tiller <ctiller@google.com> | 2015-08-27 12:43:25 -0700 |
| commit | 08348334e53a299934626b29d97f829917a811f0 (patch) | |
| tree | 6821ecf54a1c0782a45bd8f6089e0372fb1d6aa5 | |
| parent | 1c3b21330632a12e14f6d3130db99b03940075fc (diff) | |
| parent | 5cc1e2ec4b0e6a100dab285c74aed8233add8776 (diff) | |
Merge pull request #2947 from jboeuf/grpc_security_abi
First draft at addressing #1799 for grpc_security.
32 files changed, 158 insertions, 128 deletions
diff --git a/include/grpc/grpc.h b/include/grpc/grpc.h index 145052b6d3..a75f356312 100644 --- a/include/grpc/grpc.h +++ b/include/grpc/grpc.h @@ -214,8 +214,7 @@ typedef struct grpc_metadata { /** The following fields are reserved for grpc internal use. There is no need to initialize them, and they will be set to garbage - during - calls to grpc. */ + during calls to grpc. */ struct { void *obfuscated[4]; } internal_data; diff --git a/include/grpc/grpc_security.h b/include/grpc/grpc_security.h index de565b2d2f..6ee6933207 100644 --- a/include/grpc/grpc_security.h +++ b/include/grpc/grpc_security.h @@ -89,16 +89,18 @@ typedef struct { key and certificate chain. This parameter can be NULL if the client does not have such a key/cert pair. */ grpc_credentials *grpc_ssl_credentials_create( - const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pair); + const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pair, + void *reserved); /* Creates a composite credentials object. */ grpc_credentials *grpc_composite_credentials_create(grpc_credentials *creds1, - grpc_credentials *creds2); + grpc_credentials *creds2, + void *reserved); /* Creates a compute engine credentials object. WARNING: Do NOT use this credentials to connect to a non-google service as this could result in an oauth2 token leak. */ -grpc_credentials *grpc_compute_engine_credentials_create(void); +grpc_credentials *grpc_compute_engine_credentials_create(void *reserved); extern const gpr_timespec grpc_max_auth_token_lifetime; @@ -112,7 +114,8 @@ extern const gpr_timespec grpc_max_auth_token_lifetime; account credentials. It should not exceed grpc_max_auth_token_lifetime or will be cropped to this value. */ grpc_credentials *grpc_service_account_credentials_create( - const char *json_key, const char *scope, gpr_timespec token_lifetime); + const char *json_key, const char *scope, gpr_timespec token_lifetime, + void *reserved); /* Creates a JWT credentials object. May return NULL if the input is invalid. - json_key is the JSON key string containing the client's private key. @@ -120,7 +123,7 @@ grpc_credentials *grpc_service_account_credentials_create( this credentials. It should not exceed grpc_max_auth_token_lifetime or will be cropped to this value. */ grpc_credentials *grpc_service_account_jwt_access_credentials_create( - const char *json_key, gpr_timespec token_lifetime); + const char *json_key, gpr_timespec token_lifetime, void *reserved); /* Creates an Oauth2 Refresh Token credentials object. May return NULL if the input is invalid. @@ -129,23 +132,25 @@ grpc_credentials *grpc_service_account_jwt_access_credentials_create( - json_refresh_token is the JSON string containing the refresh token itself along with a client_id and client_secret. */ grpc_credentials *grpc_refresh_token_credentials_create( - const char *json_refresh_token); + const char *json_refresh_token, void *reserved); /* Creates an Oauth2 Access Token credentials with an access token that was aquired by an out of band mechanism. */ grpc_credentials *grpc_access_token_credentials_create( - const char *access_token); + const char *access_token, void *reserved); /* Creates an IAM credentials object. */ grpc_credentials *grpc_iam_credentials_create(const char *authorization_token, - const char *authority_selector); + const char *authority_selector, + void *reserved); /* --- Secure channel creation. --- */ /* Creates a secure channel using the passed-in credentials. */ grpc_channel *grpc_secure_channel_create(grpc_credentials *creds, const char *target, - const grpc_channel_args *args); + const grpc_channel_args *args, + void *reserved); /* --- grpc_server_credentials object. --- @@ -171,7 +176,7 @@ void grpc_server_credentials_release(grpc_server_credentials *creds); NULL. */ grpc_server_credentials *grpc_ssl_server_credentials_create( const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs, - size_t num_key_cert_pairs, int force_client_auth); + size_t num_key_cert_pairs, int force_client_auth, void *reserved); /* --- Server-side secure ports. --- */ diff --git a/src/core/security/client_auth_filter.c b/src/core/security/client_auth_filter.c index 8e63978b82..f3ecfd0e60 100644 --- a/src/core/security/client_auth_filter.c +++ b/src/core/security/client_auth_filter.c @@ -153,7 +153,8 @@ static void send_security_metadata(grpc_call_element *elem, } if (channel_creds_has_md && call_creds_has_md) { - calld->creds = grpc_composite_credentials_create(channel_creds, ctx->creds); + calld->creds = + grpc_composite_credentials_create(channel_creds, ctx->creds, NULL); if (calld->creds == NULL) { bubble_up_error(elem, GRPC_STATUS_INVALID_ARGUMENT, "Incompatible credentials set on channel and call."); diff --git a/src/core/security/credentials.c b/src/core/security/credentials.c index 8852cab3e7..362d5f4b6f 100644 --- a/src/core/security/credentials.c +++ b/src/core/security/credentials.c @@ -298,8 +298,10 @@ static void ssl_build_server_config( } grpc_credentials *grpc_ssl_credentials_create( - const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pair) { + const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pair, + void *reserved) { grpc_ssl_credentials *c = gpr_malloc(sizeof(grpc_ssl_credentials)); + GPR_ASSERT(reserved == NULL); memset(c, 0, sizeof(grpc_ssl_credentials)); c->base.type = GRPC_CREDENTIALS_TYPE_SSL; c->base.vtable = &ssl_vtable; @@ -310,9 +312,11 @@ grpc_credentials *grpc_ssl_credentials_create( grpc_server_credentials *grpc_ssl_server_credentials_create( const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs, - size_t num_key_cert_pairs, int force_client_auth) { + size_t num_key_cert_pairs, int force_client_auth, void *reserved) { grpc_ssl_server_credentials *c = gpr_malloc(sizeof(grpc_ssl_server_credentials)); + GPR_ASSERT(reserved == NULL); + memset(c, 0, sizeof(grpc_ssl_credentials)); memset(c, 0, sizeof(grpc_ssl_server_credentials)); c->base.type = GRPC_CREDENTIALS_TYPE_SSL; c->base.vtable = &ssl_server_vtable; @@ -430,7 +434,8 @@ grpc_service_account_jwt_access_credentials_create_from_auth_json_key( } grpc_credentials *grpc_service_account_jwt_access_credentials_create( - const char *json_key, gpr_timespec token_lifetime) { + const char *json_key, gpr_timespec token_lifetime, void *reserved) { + GPR_ASSERT(reserved == NULL); return grpc_service_account_jwt_access_credentials_create_from_auth_json_key( grpc_auth_json_key_create_from_string(json_key), token_lifetime); } @@ -635,9 +640,10 @@ static void compute_engine_fetch_oauth2( metadata_req); } -grpc_credentials *grpc_compute_engine_credentials_create(void) { +grpc_credentials *grpc_compute_engine_credentials_create(void *reserved) { grpc_oauth2_token_fetcher_credentials *c = gpr_malloc(sizeof(grpc_oauth2_token_fetcher_credentials)); + GPR_ASSERT(reserved == NULL); init_oauth2_token_fetcher(c, compute_engine_fetch_oauth2); c->base.vtable = &compute_engine_vtable; return &c->base; @@ -693,10 +699,11 @@ static void service_account_fetch_oauth2( } grpc_credentials *grpc_service_account_credentials_create( - const char *json_key, const char *scope, gpr_timespec token_lifetime) { + const char *json_key, const char *scope, gpr_timespec token_lifetime, + void *reserved) { grpc_service_account_credentials *c; grpc_auth_json_key key = grpc_auth_json_key_create_from_string(json_key); - + GPR_ASSERT(reserved == NULL); if (scope == NULL || (strlen(scope) == 0) || !grpc_auth_json_key_is_valid(&key)) { gpr_log(GPR_ERROR, @@ -766,7 +773,8 @@ grpc_credentials *grpc_refresh_token_credentials_create_from_auth_refresh_token( } grpc_credentials *grpc_refresh_token_credentials_create( - const char *json_refresh_token) { + const char *json_refresh_token, void *reserved) { + GPR_ASSERT(reserved == NULL); return grpc_refresh_token_credentials_create_from_auth_refresh_token( grpc_auth_refresh_token_create_from_string(json_refresh_token)); } @@ -867,11 +875,12 @@ static grpc_credentials_vtable access_token_vtable = { access_token_has_request_metadata_only, access_token_get_request_metadata, NULL}; -grpc_credentials *grpc_access_token_credentials_create( - const char *access_token) { +grpc_credentials *grpc_access_token_credentials_create(const char *access_token, + void *reserved) { grpc_access_token_credentials *c = gpr_malloc(sizeof(grpc_access_token_credentials)); char *token_md_value; + GPR_ASSERT(reserved == NULL); memset(c, 0, sizeof(grpc_access_token_credentials)); c->base.type = GRPC_CREDENTIALS_TYPE_OAUTH2; c->base.vtable = &access_token_vtable; @@ -1101,12 +1110,14 @@ static grpc_credentials_array get_creds_array(grpc_credentials **creds_addr) { } grpc_credentials *grpc_composite_credentials_create(grpc_credentials *creds1, - grpc_credentials *creds2) { + grpc_credentials *creds2, + void *reserved) { size_t i; size_t creds_array_byte_size; grpc_credentials_array creds1_array; grpc_credentials_array creds2_array; grpc_composite_credentials *c; + GPR_ASSERT(reserved == NULL); GPR_ASSERT(creds1 != NULL); GPR_ASSERT(creds2 != NULL); c = gpr_malloc(sizeof(grpc_composite_credentials)); @@ -1209,8 +1220,10 @@ static grpc_credentials_vtable iam_vtable = { iam_get_request_metadata, NULL}; grpc_credentials *grpc_iam_credentials_create(const char *token, - const char *authority_selector) { + const char *authority_selector, + void *reserved) { grpc_iam_credentials *c; + GPR_ASSERT(reserved == NULL); GPR_ASSERT(token != NULL); GPR_ASSERT(authority_selector != NULL); c = gpr_malloc(sizeof(grpc_iam_credentials)); diff --git a/src/core/security/google_default_credentials.c b/src/core/security/google_default_credentials.c index 3631de867a..f9aa5187ce 100644 --- a/src/core/security/google_default_credentials.c +++ b/src/core/security/google_default_credentials.c @@ -194,7 +194,7 @@ grpc_credentials *grpc_google_default_credentials_create(void) { int need_compute_engine_creds = is_stack_running_on_compute_engine(); compute_engine_detection_done = 1; if (need_compute_engine_creds) { - result = grpc_compute_engine_credentials_create(); + result = grpc_compute_engine_credentials_create(NULL); } } @@ -202,9 +202,9 @@ end: if (!serving_cached_credentials && result != NULL) { /* Blend with default ssl credentials and add a global reference so that it can be cached and re-served. */ - grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL); + grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL, NULL); default_credentials = grpc_credentials_ref( - grpc_composite_credentials_create(ssl_creds, result)); + grpc_composite_credentials_create(ssl_creds, result, NULL)); GPR_ASSERT(default_credentials != NULL); grpc_credentials_unref(ssl_creds); grpc_credentials_unref(result); diff --git a/src/core/surface/secure_channel_create.c b/src/core/surface/secure_channel_create.c index eccee24698..35b60bdbef 100644 --- a/src/core/surface/secure_channel_create.c +++ b/src/core/surface/secure_channel_create.c @@ -185,7 +185,8 @@ static const grpc_subchannel_factory_vtable subchannel_factory_vtable = { - perform handshakes */ grpc_channel *grpc_secure_channel_create(grpc_credentials *creds, const char *target, - const grpc_channel_args *args) { + const grpc_channel_args *args, + void *reserved) { grpc_channel *channel; grpc_arg connector_arg; grpc_channel_args *args_copy; @@ -198,6 +199,7 @@ grpc_channel *grpc_secure_channel_create(grpc_credentials *creds, const grpc_channel_filter *filters[MAX_FILTERS]; int n = 0; + GPR_ASSERT(reserved == NULL); if (grpc_find_security_connector_in_args(args) != NULL) { gpr_log(GPR_ERROR, "Cannot set security context in channel args."); return grpc_lame_client_channel_create( diff --git a/src/cpp/client/secure_credentials.cc b/src/cpp/client/secure_credentials.cc index f368f2590a..e0642469b4 100644 --- a/src/cpp/client/secure_credentials.cc +++ b/src/cpp/client/secure_credentials.cc @@ -46,7 +46,8 @@ std::shared_ptr<grpc::Channel> SecureCredentials::CreateChannel( args.SetChannelArgs(&channel_args); return CreateChannelInternal( args.GetSslTargetNameOverride(), - grpc_secure_channel_create(c_creds_, target.c_str(), &channel_args)); + grpc_secure_channel_create(c_creds_, target.c_str(), &channel_args, + nullptr)); } bool SecureCredentials::ApplyToCall(grpc_call* call) { @@ -75,14 +76,14 @@ std::shared_ptr<Credentials> SslCredentials( grpc_credentials* c_creds = grpc_ssl_credentials_create( options.pem_root_certs.empty() ? nullptr : options.pem_root_certs.c_str(), - options.pem_private_key.empty() ? nullptr : &pem_key_cert_pair); + options.pem_private_key.empty() ? nullptr : &pem_key_cert_pair, nullptr); return WrapCredentials(c_creds); } // Builds credentials for use when running in GCE std::shared_ptr<Credentials> ComputeEngineCredentials() { GrpcLibrary init; // To call grpc_init(). - return WrapCredentials(grpc_compute_engine_credentials_create()); + return WrapCredentials(grpc_compute_engine_credentials_create(nullptr)); } // Builds service account credentials. @@ -99,7 +100,7 @@ std::shared_ptr<Credentials> ServiceAccountCredentials( gpr_timespec lifetime = gpr_time_from_seconds(token_lifetime_seconds, GPR_TIMESPAN); return WrapCredentials(grpc_service_account_credentials_create( - json_key.c_str(), scope.c_str(), lifetime)); + json_key.c_str(), scope.c_str(), lifetime, nullptr)); } // Builds JWT credentials. @@ -114,15 +115,15 @@ std::shared_ptr<Credentials> ServiceAccountJWTAccessCredentials( gpr_timespec lifetime = gpr_time_from_seconds(token_lifetime_seconds, GPR_TIMESPAN); return WrapCredentials(grpc_service_account_jwt_access_credentials_create( - json_key.c_str(), lifetime)); + json_key.c_str(), lifetime, nullptr)); } // Builds refresh token credentials. std::shared_ptr<Credentials> RefreshTokenCredentials( const grpc::string& json_refresh_token) { GrpcLibrary init; // To call grpc_init(). - return WrapCredentials( - grpc_refresh_token_credentials_create(json_refresh_token.c_str())); + return WrapCredentials(grpc_refresh_token_credentials_create( + json_refresh_token.c_str(), nullptr)); } // Builds access token credentials. @@ -130,7 +131,7 @@ std::shared_ptr<Credentials> AccessTokenCredentials( const grpc::string& access_token) { GrpcLibrary init; // To call grpc_init(). return WrapCredentials( - grpc_access_token_credentials_create(access_token.c_str())); + grpc_access_token_credentials_create(access_token.c_str(), nullptr)); } // Builds IAM credentials. @@ -139,7 +140,7 @@ std::shared_ptr<Credentials> IAMCredentials( const grpc::string& authority_selector) { GrpcLibrary init; // To call grpc_init(). return WrapCredentials(grpc_iam_credentials_create( - authorization_token.c_str(), authority_selector.c_str())); + authorization_token.c_str(), authority_selector.c_str(), nullptr)); } // Combines two credentials objects into a composite credentials. @@ -154,7 +155,7 @@ std::shared_ptr<Credentials> CompositeCredentials( SecureCredentials* s2 = creds2->AsSecureCredentials(); if (s1 && s2) { return WrapCredentials(grpc_composite_credentials_create( - s1->GetRawCreds(), s2->GetRawCreds())); + s1->GetRawCreds(), s2->GetRawCreds(), nullptr)); } return nullptr; } diff --git a/src/cpp/server/secure_server_credentials.cc b/src/cpp/server/secure_server_credentials.cc index f203cf7f49..5bce9ca8b2 100644 --- a/src/cpp/server/secure_server_credentials.cc +++ b/src/cpp/server/secure_server_credentials.cc @@ -52,7 +52,7 @@ std::shared_ptr<ServerCredentials> SslServerCredentials( grpc_server_credentials* c_creds = grpc_ssl_server_credentials_create( options.pem_root_certs.empty() ? nullptr : options.pem_root_certs.c_str(), &pem_key_cert_pairs[0], pem_key_cert_pairs.size(), - options.force_client_auth); + options.force_client_auth, nullptr); return std::shared_ptr<ServerCredentials>( new SecureServerCredentials(c_creds)); } diff --git a/src/csharp/ext/grpc_csharp_ext.c b/src/csharp/ext/grpc_csharp_ext.c index 489e219c49..70c0fbcc50 100644 --- a/src/csharp/ext/grpc_csharp_ext.c +++ b/src/csharp/ext/grpc_csharp_ext.c @@ -837,11 +837,11 @@ grpcsharp_ssl_credentials_create(const char *pem_root_certs, if (key_cert_pair_cert_chain || key_cert_pair_private_key) { key_cert_pair.cert_chain = key_cert_pair_cert_chain; key_cert_pair.private_key = key_cert_pair_private_key; - return grpc_ssl_credentials_create(pem_root_certs, &key_cert_pair); + return grpc_ssl_credentials_create(pem_root_certs, &key_cert_pair, NULL); } else { GPR_ASSERT(!key_cert_pair_cert_chain); GPR_ASSERT(!key_cert_pair_private_key); - return grpc_ssl_credentials_create(pem_root_certs, NULL); + return grpc_ssl_credentials_create(pem_root_certs, NULL, NULL); } } @@ -852,7 +852,7 @@ GPR_EXPORT void GPR_CALLTYPE grpcsharp_credentials_release(grpc_credentials *cre GPR_EXPORT grpc_channel *GPR_CALLTYPE grpcsharp_secure_channel_create(grpc_credentials *creds, const char *target, const grpc_channel_args *args) { - return grpc_secure_channel_create(creds, target, args); + return grpc_secure_channel_create(creds, target, args, NULL); } GPR_EXPORT grpc_server_credentials *GPR_CALLTYPE @@ -876,7 +876,7 @@ grpcsharp_ssl_server_credentials_create( } creds = grpc_ssl_server_credentials_create(pem_root_certs, key_cert_pairs, num_key_cert_pairs, - force_client_auth); + force_client_auth, NULL); gpr_free(key_cert_pairs); return creds; } diff --git a/src/node/ext/channel.cc b/src/node/ext/channel.cc index a61c830099..9aed96bbf5 100644 --- a/src/node/ext/channel.cc +++ b/src/node/ext/channel.cc @@ -161,7 +161,7 @@ NAN_METHOD(Channel::New) { NULL); } else { wrapped_channel = - grpc_secure_channel_create(creds, *host, channel_args_ptr); + grpc_secure_channel_create(creds, *host, channel_args_ptr, NULL); } if (channel_args_ptr != NULL) { free(channel_args_ptr->args); diff --git a/src/node/ext/credentials.cc b/src/node/ext/credentials.cc index 21d61f1a7f..85a823a108 100644 --- a/src/node/ext/credentials.cc +++ b/src/node/ext/credentials.cc @@ -156,7 +156,8 @@ NAN_METHOD(Credentials::CreateSsl) { "createSSl's third argument must be a Buffer if provided"); } grpc_credentials *creds = grpc_ssl_credentials_create( - root_certs, key_cert_pair.private_key == NULL ? NULL : &key_cert_pair); + root_certs, key_cert_pair.private_key == NULL ? NULL : &key_cert_pair, + NULL); if (creds == NULL) { NanReturnNull(); } @@ -176,7 +177,7 @@ NAN_METHOD(Credentials::CreateComposite) { Credentials *creds1 = ObjectWrap::Unwrap<Credentials>(args[0]->ToObject()); Credentials *creds2 = ObjectWrap::Unwrap<Credentials>(args[1]->ToObject()); grpc_credentials *creds = grpc_composite_credentials_create( - creds1->wrapped_credentials, creds2->wrapped_credentials); + creds1->wrapped_credentials, creds2->wrapped_credentials, NULL); if (creds == NULL) { NanReturnNull(); } @@ -185,7 +186,7 @@ NAN_METHOD(Credentials::CreateComposite) { NAN_METHOD(Credentials::CreateGce) { NanScope(); - grpc_credentials *creds = grpc_compute_engine_credentials_create(); + grpc_credentials *creds = grpc_compute_engine_credentials_create(NULL); if (creds == NULL) { NanReturnNull(); } @@ -202,8 +203,8 @@ NAN_METHOD(Credentials::CreateIam) { } NanUtf8String auth_token(args[0]); NanUtf8String auth_selector(args[1]); - grpc_credentials *creds = grpc_iam_credentials_create(*auth_token, - *auth_selector); + grpc_credentials *creds = + grpc_iam_credentials_create(*auth_token, *auth_selector, NULL); if (creds == NULL) { NanReturnNull(); } diff --git a/src/node/ext/server_credentials.cc b/src/node/ext/server_credentials.cc index 6e17197e16..b1201eb664 100644 --- a/src/node/ext/server_credentials.cc +++ b/src/node/ext/server_credentials.cc @@ -178,11 +178,8 @@ NAN_METHOD(ServerCredentials::CreateSsl) { key_cert_pairs[i].cert_chain = ::node::Buffer::Data( pair_obj->Get(cert_key)); } - grpc_server_credentials *creds = - grpc_ssl_server_credentials_create(root_certs, - key_cert_pairs, - key_cert_pair_count, - force_client_auth); + grpc_server_credentials *creds = grpc_ssl_server_credentials_create( + root_certs, key_cert_pairs, key_cert_pair_count, force_client_auth, NULL); delete key_cert_pairs; if (creds == NULL) { NanReturnNull(); diff --git a/src/objective-c/GRPCClient/private/GRPCSecureChannel.m b/src/objective-c/GRPCClient/private/GRPCSecureChannel.m index 0a54804bb2..ce16655330 100644 --- a/src/objective-c/GRPCClient/private/GRPCSecureChannel.m +++ b/src/objective-c/GRPCClient/private/GRPCSecureChannel.m @@ -49,7 +49,7 @@ static grpc_credentials *CertificatesAtPath(NSString *path, NSError **errorPtr) // Passing NULL to grpc_ssl_credentials_create produces behavior we don't want, so return. return NULL; } - return grpc_ssl_credentials_create(contentInASCII.bytes, NULL); + return grpc_ssl_credentials_create(contentInASCII.bytes, NULL, NULL); } @implementation GRPCSecureChannel @@ -101,8 +101,9 @@ static grpc_credentials *CertificatesAtPath(NSString *path, NSError **errorPtr) - (instancetype)initWithHost:(NSString *)host credentials:(grpc_credentials *)credentials args:(grpc_channel_args *)args { - return (self = - [super initWithChannel:grpc_secure_channel_create(credentials, host.UTF8String, args)]); + return (self = [super + initWithChannel:grpc_secure_channel_create( + credentials, host.UTF8String, args, NULL)]); } // TODO(jcanizales): GRPCSecureChannel and GRPCUnsecuredChannel are just convenience initializers diff --git a/src/php/ext/grpc/channel.c b/src/php/ext/grpc/channel.c index 7a981675de..a4313b6bd4 100644 --- a/src/php/ext/grpc/channel.c +++ b/src/php/ext/grpc/channel.c @@ -169,7 +169,7 @@ PHP_METHOD(Channel, __construct) { } else { gpr_log(GPR_DEBUG, "Initialized secure channel"); channel->wrapped = - grpc_secure_channel_create(creds->wrapped, target, &args); + grpc_secure_channel_create(creds->wrapped, target, &args, NULL); } efree(args.args); } diff --git a/src/php/ext/grpc/credentials.c b/src/php/ext/grpc/credentials.c index 01cb94e3aa..0eba6608bb 100644 --- a/src/php/ext/grpc/credentials.c +++ b/src/php/ext/grpc/credentials.c @@ -130,7 +130,7 @@ PHP_METHOD(Credentials, createSsl) { } grpc_credentials *creds = grpc_ssl_credentials_create( pem_root_certs, - pem_key_cert_pair.private_key == NULL ? NULL : &pem_key_cert_pair); + pem_key_cert_pair.private_key == NULL ? NULL : &pem_key_cert_pair, NULL); zval *creds_object = grpc_php_wrap_credentials(creds); RETURN_DESTROY_ZVAL(creds_object); } @@ -160,7 +160,7 @@ PHP_METHOD(Credentials, createComposite) { (wrapped_grpc_credentials *)zend_object_store_get_object( cred2_obj TSRMLS_CC); grpc_credentials *creds = - grpc_composite_credentials_create(cred1->wrapped, cred2->wrapped); + grpc_composite_credentials_create(cred1->wrapped, cred2->wrapped, NULL); zval *creds_object = grpc_php_wrap_credentials(creds); RETURN_DESTROY_ZVAL(creds_object); } @@ -170,7 +170,7 @@ PHP_METHOD(Credentials, createComposite) { * @return Credentials The new GCE credentials object */ PHP_METHOD(Credentials, createGce) { - grpc_credentials *creds = grpc_compute_engine_credentials_create(); + grpc_credentials *creds = grpc_compute_engine_credentials_create(NULL); zval *creds_object = grpc_php_wrap_credentials(creds); RETURN_DESTROY_ZVAL(creds_object); } diff --git a/src/php/ext/grpc/server_credentials.c b/src/php/ext/grpc/server_credentials.c index e9183c4598..79188246bc 100644 --- a/src/php/ext/grpc/server_credentials.c +++ b/src/php/ext/grpc/server_credentials.c @@ -118,7 +118,7 @@ PHP_METHOD(ServerCredentials, createSsl) { /* TODO: add a force_client_auth field in ServerCredentials and pass it as * the last parameter. */ grpc_server_credentials *creds = grpc_ssl_server_credentials_create( - pem_root_certs, &pem_key_cert_pair, 1, 0); + pem_root_certs, &pem_key_cert_pair, 1, 0, NULL); zval *creds_object = grpc_php_wrap_server_credentials(creds); RETURN_DESTROY_ZVAL(creds_object); } diff --git a/src/python/grpcio/grpc/_adapter/_c/types/channel.c b/src/python/grpcio/grpc/_adapter/_c/types/channel.c index cf866dd80c..79d39c4391 100644 --- a/src/python/grpcio/grpc/_adapter/_c/types/channel.c +++ b/src/python/grpcio/grpc/_adapter/_c/types/channel.c @@ -106,7 +106,8 @@ Channel *pygrpc_Channel_new( } self = (Channel *)type->tp_alloc(type, 0); if (creds) { - self->c_chan = grpc_secure_channel_create(creds->c_creds, target, &c_args); + self->c_chan = + grpc_secure_channel_create(creds->c_creds, target, &c_args, NULL); } else { self->c_chan = grpc_insecure_channel_create(target, &c_args, NULL); } diff --git a/src/python/grpcio/grpc/_adapter/_c/types/client_credentials.c b/src/python/grpcio/grpc/_adapter/_c/types/client_credentials.c index e314c15324..36fd207464 100644 --- a/src/python/grpcio/grpc/_adapter/_c/types/client_credentials.c +++ b/src/python/grpcio/grpc/_adapter/_c/types/client_credentials.c @@ -135,9 +135,10 @@ ClientCredentials *pygrpc_ClientCredentials_ssl( if (private_key && cert_chain) { key_cert_pair.private_key = private_key; key_cert_pair.cert_chain = cert_chain; - self->c_creds = grpc_ssl_credentials_create(root_certs, &key_cert_pair); + self->c_creds = + grpc_ssl_credentials_create(root_certs, &key_cert_pair, NULL); } else { - self->c_creds = grpc_ssl_credentials_create(root_certs, NULL); + self->c_creds = grpc_ssl_credentials_create(root_certs, NULL, NULL); } if (!self->c_creds) { Py_DECREF(self); @@ -159,8 +160,8 @@ ClientCredentials *pygrpc_ClientCredentials_composite( return NULL; } self = (ClientCredentials *)type->tp_alloc(type, 0); - self->c_creds = grpc_composite_credentials_create( - creds1->c_creds, creds2->c_creds); + self->c_creds = + grpc_composite_credentials_create(creds1->c_creds, creds2->c_creds, NULL); if (!self->c_creds) { Py_DECREF(self); PyErr_SetString(PyExc_RuntimeError, "couldn't create composite credentials"); @@ -172,7 +173,7 @@ ClientCredentials *pygrpc_ClientCredentials_composite( ClientCredentials *pygrpc_ClientCredentials_compute_engine( PyTypeObject *type, PyObject *ignored) { ClientCredentials *self = (ClientCredentials *)type->tp_alloc(type, 0); - self->c_creds = grpc_compute_engine_credentials_create(); + self->c_creds = grpc_compute_engine_credentials_create(NULL); if (!self->c_creds) { Py_DECREF(self); PyErr_SetString(PyExc_RuntimeError, @@ -195,7 +196,7 @@ ClientCredentials *pygrpc_ClientCredentials_service_account( } self = (ClientCredentials *)type->tp_alloc(type, 0); self->c_creds = grpc_service_account_credentials_create( - json_key, scope, pygrpc_cast_double_to_gpr_timespec(lifetime)); + json_key, scope, pygrpc_cast_double_to_gpr_timespec(lifetime), NULL); if (!self->c_creds) { Py_DECREF(self); PyErr_SetString(PyExc_RuntimeError, @@ -218,7 +219,7 @@ ClientCredentials *pygrpc_ClientCredentials_jwt( } self = (ClientCredentials *)type->tp_alloc(type, 0); self->c_creds = grpc_service_account_jwt_access_credentials_create( - json_key, pygrpc_cast_double_to_gpr_timespec(lifetime)); + json_key, pygrpc_cast_double_to_gpr_timespec(lifetime), NULL); if (!self->c_creds) { Py_DECREF(self); PyErr_SetString(PyExc_RuntimeError, "couldn't create JWT credentials"); @@ -237,7 +238,8 @@ ClientCredentials *pygrpc_ClientCredentials_refresh_token( return NULL; } self = (ClientCredentials *)type->tp_alloc(type, 0); - self->c_creds = grpc_refresh_token_credentials_create(json_refresh_token); + self->c_creds = + grpc_refresh_token_credentials_create(json_refresh_token, NULL); if (!self->c_creds) { Py_DECREF(self); PyErr_SetString(PyExc_RuntimeError, @@ -259,7 +261,7 @@ ClientCredentials *pygrpc_ClientCredentials_iam( } self = (ClientCredentials *)type->tp_alloc(type, 0); self->c_creds = grpc_iam_credentials_create(authorization_token, - authority_selector); + authority_selector, NULL); if (!self->c_creds) { Py_DECREF(self); PyErr_SetString(PyExc_RuntimeError, "couldn't create IAM credentials"); diff --git a/src/python/grpcio/grpc/_adapter/_c/types/server_credentials.c b/src/python/grpcio/grpc/_adapter/_c/types/server_credentials.c index f6859b79d7..2ba855e76c 100644 --- a/src/python/grpcio/grpc/_adapter/_c/types/server_credentials.c +++ b/src/python/grpcio/grpc/_adapter/_c/types/server_credentials.c @@ -131,7 +131,7 @@ ServerCredentials *pygrpc_ServerCredentials_ssl( /* TODO: Add a force_client_auth parameter in the python object and pass it here as the last arg. */ self->c_creds = grpc_ssl_server_credentials_create( - root_certs, key_cert_pairs, num_key_cert_pairs, 0); + root_certs, key_cert_pairs, num_key_cert_pairs, 0, NULL); gpr_free(key_cert_pairs); return self; } diff --git a/src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxd b/src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxd index d065383587..c793774c8d 100644 --- a/src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxd +++ b/src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxd @@ -332,7 +332,7 @@ cdef extern from "grpc/grpc_security.h": grpc_server_credentials *grpc_ssl_server_credentials_create( const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs, - size_t num_key_cert_pairs); + size_t num_key_cert_pairs) void grpc_server_credentials_release(grpc_server_credentials *creds) int grpc_server_add_secure_http2_port(grpc_server *server, const char *addr, diff --git a/src/ruby/ext/grpc/rb_channel.c b/src/ruby/ext/grpc/rb_channel.c index 6491aa4fb4..90afdc3fe1 100644 --- a/src/ruby/ext/grpc/rb_channel.c +++ b/src/ruby/ext/grpc/rb_channel.c @@ -150,7 +150,7 @@ static VALUE grpc_rb_channel_init(int argc, VALUE *argv, VALUE self) { ch = grpc_insecure_channel_create(target_chars, &args, NULL); } else { creds = grpc_rb_get_wrapped_credentials(credentials); - ch = grpc_secure_channel_create(creds, target_chars, &args); + ch = grpc_secure_channel_create(creds, target_chars, &args, NULL); } if (args.args != NULL) { xfree(args.args); /* Allocated by grpc_rb_hash_convert_to_channel_args */ diff --git a/src/ruby/ext/grpc/rb_credentials.c b/src/ruby/ext/grpc/rb_credentials.c index a9dcdbce9f..ac3804df6f 100644 --- a/src/ruby/ext/grpc/rb_credentials.c +++ b/src/ruby/ext/grpc/rb_credentials.c @@ -154,7 +154,7 @@ static VALUE grpc_rb_default_credentials_create(VALUE cls) { Creates the default credential instances. */ static VALUE grpc_rb_compute_engine_credentials_create(VALUE cls) { grpc_rb_credentials *wrapper = ALLOC(grpc_rb_credentials); - wrapper->wrapped = grpc_compute_engine_credentials_create(); + wrapper->wrapped = grpc_compute_engine_credentials_create(NULL); if (wrapper->wrapped == NULL) { rb_raise(rb_eRuntimeError, "could not create composite engine credentials, not sure why"); @@ -181,8 +181,8 @@ static VALUE grpc_rb_composite_credentials_create(VALUE self, VALUE other) { TypedData_Get_Struct(other, grpc_rb_credentials, &grpc_rb_credentials_data_type, other_wrapper); wrapper = ALLOC(grpc_rb_credentials); - wrapper->wrapped = grpc_composite_credentials_create(self_wrapper->wrapped, - other_wrapper->wrapped); + wrapper->wrapped = grpc_composite_credentials_create( + self_wrapper->wrapped, other_wrapper->wrapped, NULL); if (wrapper->wrapped == NULL) { rb_raise(rb_eRuntimeError, "could not create composite credentials, not sure why"); @@ -234,12 +234,13 @@ static VALUE grpc_rb_credentials_init(int argc, VALUE *argv, VALUE self) { return Qnil; } if (pem_private_key == Qnil && pem_cert_chain == Qnil) { - creds = grpc_ssl_credentials_create(RSTRING_PTR(pem_root_certs), NULL); + creds = + grpc_ssl_credentials_create(RSTRING_PTR(pem_root_certs), NULL, NULL); } else { key_cert_pair.private_key = RSTRING_PTR(pem_private_key); key_cert_pair.cert_chain = RSTRING_PTR(pem_cert_chain); creds = grpc_ssl_credentials_create(RSTRING_PTR(pem_root_certs), - &key_cert_pair); + &key_cert_pair, NULL); } if (creds == NULL) { rb_raise(rb_eRuntimeError, "could not create a credentials, not sure why"); diff --git a/src/ruby/ext/grpc/rb_server_credentials.c b/src/ruby/ext/grpc/rb_server_credentials.c index 62c211d769..6af4c86c45 100644 --- a/src/ruby/ext/grpc/rb_server_credentials.c +++ b/src/ruby/ext/grpc/rb_server_credentials.c @@ -178,10 +178,11 @@ static VALUE grpc_rb_server_credentials_init(VALUE self, VALUE pem_root_certs, key_cert_pair.cert_chain = RSTRING_PTR(pem_cert_chain); /* TODO Add a force_client_auth parameter and pass it here. */ if (pem_root_certs == Qnil) { - creds = grpc_ssl_server_credentials_create(NULL, &key_cert_pair, 1, 0); + creds = + grpc_ssl_server_credentials_create(NULL, &key_cert_pair, 1, 0, NULL); } else { creds = grpc_ssl_server_credentials_create(RSTRING_PTR(pem_root_certs), - &key_cert_pair, 1, 0); + &key_cert_pair, 1, 0, NULL); } if (creds == NULL) { rb_raise(rb_eRuntimeError, "could not create a credentials, not sure why"); diff --git a/test/core/end2end/fixtures/chttp2_fake_security.c b/test/core/end2end/fixtures/chttp2_fake_security.c index a0a67939a2..b4a248fb52 100644 --- a/test/core/end2end/fixtures/chttp2_fake_security.c +++ b/test/core/end2end/fixtures/chttp2_fake_security.c @@ -77,7 +77,8 @@ static void chttp2_init_client_secure_fullstack(grpc_end2end_test_fixture *f, grpc_channel_args *client_args, grpc_credentials *creds) { fullstack_secure_fixture_data *ffd = f->fixture_data; - f->client = grpc_secure_channel_create(creds, ffd->localaddr, client_args); + f->client = + grpc_secure_channel_create(creds, ffd->localaddr, client_args, NULL); GPR_ASSERT(f->client != NULL); grpc_credentials_release(creds); } diff --git a/test/core/end2end/fixtures/chttp2_simple_ssl_fullstack.c b/test/core/end2end/fixtures/chttp2_simple_ssl_fullstack.c index beae24136c..201d202dff 100644 --- a/test/core/end2end/fixtures/chttp2_simple_ssl_fullstack.c +++ b/test/core/end2end/fixtures/chttp2_simple_ssl_fullstack.c @@ -80,7 +80,8 @@ static void chttp2_init_client_secure_fullstack(grpc_end2end_test_fixture *f, grpc_channel_args *client_args, grpc_credentials *creds) { fullstack_secure_fixture_data *ffd = f->fixture_data; - f->client = grpc_secure_channel_create(creds, ffd->localaddr, client_args); + f->client = + grpc_secure_channel_create(creds, ffd->localaddr, client_args, NULL); GPR_ASSERT(f->client != NULL); grpc_credentials_release(creds); } @@ -108,7 +109,7 @@ void chttp2_tear_down_secure_fullstack(grpc_end2end_test_fixture *f) { static void chttp2_init_client_simple_ssl_secure_fullstack( grpc_end2end_test_fixture *f, grpc_channel_args *client_args) { - grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL); + grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL, NULL); grpc_arg ssl_name_override = {GRPC_ARG_STRING, GRPC_SSL_TARGET_NAME_OVERRIDE_ARG, {"foo.test.google.fr"}}; @@ -135,7 +136,7 @@ static void chttp2_init_server_simple_ssl_secure_fullstack( grpc_ssl_pem_key_cert_pair pem_cert_key_pair = {test_server1_key, test_server1_cert}; grpc_server_credentials *ssl_creds = - grpc_ssl_server_credentials_create(NULL, &pem_cert_key_pair, 1, 0); + grpc_ssl_server_credentials_create(NULL, &pem_cert_key_pair, 1, 0, NULL); if (fail_server_auth_check(server_args)) { grpc_auth_metadata_processor processor = {process_auth_failure, NULL}; grpc_server_credentials_set_auth_metadata_processor(ssl_creds, processor); diff --git a/test/core/end2end/fixtures/chttp2_simple_ssl_fullstack_with_poll.c b/test/core/end2end/fixtures/chttp2_simple_ssl_fullstack_with_poll.c index c8971be596..e7375f15e6 100644 --- a/test/core/end2end/fixtures/chttp2_simple_ssl_fullstack_with_poll.c +++ b/test/core/end2end/fixtures/chttp2_simple_ssl_fullstack_with_poll.c @@ -80,7 +80,8 @@ static void chttp2_init_client_secure_fullstack(grpc_end2end_test_fixture *f, grpc_channel_args *client_args, grpc_credentials *creds) { fullstack_secure_fixture_data *ffd = f->fixture_data; - f->client = grpc_secure_channel_create(creds, ffd->localaddr, client_args); + f->client = + grpc_secure_channel_create(creds, ffd->localaddr, client_args, NULL); GPR_ASSERT(f->client != NULL); grpc_credentials_release(creds); } @@ -108,7 +109,7 @@ void chttp2_tear_down_secure_fullstack(grpc_end2end_test_fixture *f) { static void chttp2_init_client_simple_ssl_secure_fullstack( grpc_end2end_test_fixture *f, grpc_channel_args *client_args) { - grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL); + grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL, NULL); grpc_arg ssl_name_override = {GRPC_ARG_STRING, GRPC_SSL_TARGET_NAME_OVERRIDE_ARG, {"foo.test.google.fr"}}; @@ -135,7 +136,7 @@ static void chttp2_init_server_simple_ssl_secure_fullstack( grpc_ssl_pem_key_cert_pair pem_cert_key_pair = {test_server1_key, test_server1_cert}; grpc_server_credentials *ssl_creds = - grpc_ssl_server_credentials_create(NULL, &pem_cert_key_pair, 1, 0); + grpc_ssl_server_credentials_create(NULL, &pem_cert_key_pair, 1, 0, NULL); if (fail_server_auth_check(server_args)) { grpc_auth_metadata_processor processor = {process_auth_failure, NULL}; grpc_server_credentials_set_auth_metadata_processor(ssl_creds, processor); diff --git a/test/core/end2end/fixtures/chttp2_simple_ssl_fullstack_with_proxy.c b/test/core/end2end/fixtures/chttp2_simple_ssl_fullstack_with_proxy.c index a518a7da15..be0dda25a6 100644 --- a/test/core/end2end/fixtures/chttp2_simple_ssl_fullstack_with_proxy.c +++ b/test/core/end2end/fixtures/chttp2_simple_ssl_fullstack_with_proxy.c @@ -58,7 +58,7 @@ static grpc_server *create_proxy_server(const char *port) { grpc_ssl_pem_key_cert_pair pem_cert_key_pair = {test_server1_key, test_server1_cert}; grpc_server_credentials *ssl_creds = - grpc_ssl_server_credentials_create(NULL, &pem_cert_key_pair, 1, 0); + grpc_ssl_server_credentials_create(NULL, &pem_cert_key_pair, 1, 0, NULL); GPR_ASSERT(grpc_server_add_secure_http2_port(s, port, ssl_creds)); grpc_server_credentials_release(ssl_creds); return s; @@ -66,14 +66,14 @@ static grpc_server *create_proxy_server(const char *port) { static grpc_channel *create_proxy_client(const char *target) { grpc_channel *channel; - grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL); + grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL, NULL); grpc_arg ssl_name_override = {GRPC_ARG_STRING, GRPC_SSL_TARGET_NAME_OVERRIDE_ARG, {"foo.test.google.fr"}}; grpc_channel_args client_args; client_args.num_args = 1; client_args.args = &ssl_name_override; - channel = grpc_secure_channel_create(ssl_creds, target, &client_args); + channel = grpc_secure_channel_create(ssl_creds, target, &client_args, NULL); grpc_credentials_release(ssl_creds); return channel; } @@ -109,7 +109,8 @@ static void chttp2_init_client_secure_fullstack(grpc_end2end_test_fixture *f, grpc_credentials *creds) { fullstack_secure_fixture_data *ffd = f->fixture_data; f->client = grpc_secure_channel_create( - creds, grpc_end2end_proxy_get_client_target(ffd->proxy), client_args); + creds, grpc_end2end_proxy_get_client_target(ffd->proxy), client_args, + NULL); GPR_ASSERT(f->client != NULL); grpc_credentials_release(creds); } @@ -137,7 +138,7 @@ void chttp2_tear_down_secure_fullstack(grpc_end2end_test_fixture *f) { static void chttp2_init_client_simple_ssl_secure_fullstack( grpc_end2end_test_fixture *f, grpc_channel_args *client_args) { - grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL); + grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL, NULL); grpc_arg ssl_name_override = {GRPC_ARG_STRING, GRPC_SSL_TARGET_NAME_OVERRIDE_ARG, {"foo.test.google.fr"}}; @@ -164,7 +165,7 @@ static void chttp2_init_server_simple_ssl_secure_fullstack( grpc_ssl_pem_key_cert_pair pem_cert_key_pair = {test_server1_key, test_server1_cert}; grpc_server_credentials *ssl_creds = - grpc_ssl_server_credentials_create(NULL, &pem_cert_key_pair, 1, 0); + grpc_ssl_server_credentials_create(NULL, &pem_cert_key_pair, 1, 0, NULL); if (fail_server_auth_check(server_args)) { grpc_auth_metadata_processor processor = {process_auth_failure, NULL}; grpc_server_credentials_set_auth_metadata_processor(ssl_creds, processor); diff --git a/test/core/end2end/fixtures/chttp2_simple_ssl_with_oauth2_fullstack.c b/test/core/end2end/fixtures/chttp2_simple_ssl_with_oauth2_fullstack.c index 7f11028cb5..9a545b1e3d 100644 --- a/test/core/end2end/fixtures/chttp2_simple_ssl_with_oauth2_fullstack.c +++ b/test/core/end2end/fixtures/chttp2_simple_ssl_with_oauth2_fullstack.c @@ -113,7 +113,8 @@ static void chttp2_init_client_secure_fullstack(grpc_end2end_test_fixture *f, grpc_channel_args *client_args, grpc_credentials *creds) { fullstack_secure_fixture_data *ffd = f->fixture_data; - f->client = grpc_secure_channel_create(creds, ffd->localaddr, client_args); + f->client = + grpc_secure_channel_create(creds, ffd->localaddr, client_args, NULL); GPR_ASSERT(f->client != NULL); grpc_credentials_release(creds); } @@ -142,11 +143,11 @@ void chttp2_tear_down_secure_fullstack(grpc_end2end_test_fixture *f) { static void chttp2_init_client_simple_ssl_with_oauth2_secure_fullstack( grpc_end2end_test_fixture *f, grpc_channel_args *client_args) { grpc_credentials *ssl_creds = - grpc_ssl_credentials_create(test_root_cert, NULL); + grpc_ssl_credentials_create(test_root_cert, NULL, NULL); grpc_credentials *oauth2_creds = grpc_md_only_test_credentials_create("Authorization", oauth2_md, 1); grpc_credentials *ssl_oauth2_creds = - grpc_composite_credentials_create(ssl_creds, oauth2_creds); + grpc_composite_credentials_create(ssl_creds, oauth2_creds, NULL); grpc_arg ssl_name_override = {GRPC_ARG_STRING, GRPC_SSL_TARGET_NAME_OVERRIDE_ARG, {"foo.test.google.fr"}}; @@ -175,7 +176,7 @@ static void chttp2_init_server_simple_ssl_secure_fullstack( grpc_ssl_pem_key_cert_pair pem_key_cert_pair = {test_server1_key, test_server1_cert}; grpc_server_credentials *ssl_creds = - grpc_ssl_server_credentials_create(NULL, &pem_key_cert_pair, 1, 0); + grpc_ssl_server_credentials_create(NULL, &pem_key_cert_pair, 1, 0, NULL); grpc_auth_metadata_processor processor; processor.state = NULL; if (fail_server_auth_check(server_args)) { diff --git a/test/core/end2end/tests/request_response_with_payload_and_call_creds.c b/test/core/end2end/tests/request_response_with_payload_and_call_creds.c index d862274fe3..48dd0aa2ce 100644 --- a/test/core/end2end/tests/request_response_with_payload_and_call_creds.c +++ b/test/core/end2end/tests/request_response_with_payload_and_call_creds.c @@ -190,7 +190,7 @@ static void request_response_with_payload_and_call_creds( c = grpc_channel_create_call(f.client, NULL, GRPC_PROPAGATE_DEFAULTS, f.cq, "/foo", "foo.test.google.fr", deadline, NULL); GPR_ASSERT(c); - creds = grpc_iam_credentials_create(iam_token, iam_selector); + creds = grpc_iam_credentials_create(iam_token, iam_selector, NULL); GPR_ASSERT(creds != NULL); GPR_ASSERT(grpc_call_set_credentials(c, creds) == GRPC_CALL_OK); switch (mode) { @@ -199,7 +199,7 @@ static void request_response_with_payload_and_call_creds( case OVERRIDE: grpc_credentials_release(creds); creds = grpc_iam_credentials_create(overridden_iam_token, - overridden_iam_selector); + overridden_iam_selector, NULL); GPR_ASSERT(creds != NULL); GPR_ASSERT(grpc_call_set_credentials(c, creds) == GRPC_CALL_OK); break; @@ -421,7 +421,7 @@ static void test_request_with_server_rejecting_client_creds( "/foo", "foo.test.google.fr", deadline, NULL); GPR_ASSERT(c); - creds = grpc_iam_credentials_create(iam_token, iam_selector); + creds = grpc_iam_credentials_create(iam_token, iam_selector, NULL); GPR_ASSERT(creds != NULL); GPR_ASSERT(grpc_call_set_credentials(c, creds) == GRPC_CALL_OK); grpc_credentials_release(creds); diff --git a/test/core/fling/server.c b/test/core/fling/server.c index 010217939d..0430ff9ab7 100644 --- a/test/core/fling/server.c +++ b/test/core/fling/server.c @@ -215,8 +215,8 @@ int main(int argc, char **argv) { if (secure) { grpc_ssl_pem_key_cert_pair pem_key_cert_pair = {test_server1_key, test_server1_cert}; - grpc_server_credentials *ssl_creds = - grpc_ssl_server_credentials_create(NULL, &pem_key_cert_pair, 1, 0); + grpc_server_credentials *ssl_creds = grpc_ssl_server_credentials_create( + NULL, &pem_key_cert_pair, 1, 0, NULL); server = grpc_server_create(NULL, NULL); GPR_ASSERT(grpc_server_add_secure_http2_port(server, addr, ssl_creds)); grpc_server_credentials_release(ssl_creds); diff --git a/test/core/security/credentials_test.c b/test/core/security/credentials_test.c index e4a8144eaf..880fc5da1e 100644 --- a/test/core/security/credentials_test.c +++ b/test/core/security/credentials_test.c @@ -329,7 +329,7 @@ static void check_iam_metadata(void *user_data, grpc_credentials_md *md_elems, static void test_iam_creds(void) { grpc_credentials *creds = grpc_iam_credentials_create( - test_iam_authorization_token, test_iam_authority_selector); + test_iam_authorization_token, test_iam_authority_selector, NULL); GPR_ASSERT(grpc_credentials_has_request_metadata(creds)); GPR_ASSERT(grpc_credentials_has_request_metadata_only(creds)); grpc_credentials_get_request_metadata(creds, NULL, test_service_url, @@ -349,7 +349,7 @@ static void check_access_token_metadata(void *user_data, } static void test_access_token_creds(void) { - grpc_credentials *creds = grpc_access_token_credentials_create("blah"); + grpc_credentials *creds = grpc_access_token_credentials_create("blah", NULL); GPR_ASSERT(grpc_credentials_has_request_metadata(creds)); GPR_ASSERT(grpc_credentials_has_request_metadata_only(creds)); GPR_ASSERT(strcmp(creds->type, GRPC_CREDENTIALS_TYPE_OAUTH2) == 0); @@ -371,12 +371,12 @@ static void check_ssl_oauth2_composite_metadata( static void test_ssl_oauth2_composite_creds(void) { grpc_credentials *ssl_creds = - grpc_ssl_credentials_create(test_root_cert, NULL); + grpc_ssl_credentials_create(test_root_cert, NULL, NULL); const grpc_credentials_array *creds_array; grpc_credentials *oauth2_creds = grpc_md_only_test_credentials_create( "Authorization", test_oauth2_bearer_token, 0); grpc_credentials *composite_creds = - grpc_composite_credentials_create(ssl_creds, oauth2_creds); + grpc_composite_credentials_create(ssl_creds, oauth2_creds, NULL); grpc_credentials_unref(ssl_creds); grpc_credentials_unref(oauth2_creds); GPR_ASSERT(strcmp(composite_creds->type, GRPC_CREDENTIALS_TYPE_COMPOSITE) == @@ -395,13 +395,13 @@ static void test_ssl_oauth2_composite_creds(void) { } void test_ssl_fake_transport_security_composite_creds_failure(void) { - grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL); + grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL, NULL); grpc_credentials *fake_transport_security_creds = grpc_fake_transport_security_credentials_create(); /* 2 connector credentials: should not work. */ GPR_ASSERT(grpc_composite_credentials_create( - ssl_creds, fake_transport_security_creds) == NULL); + ssl_creds, fake_transport_security_creds, NULL) == NULL); grpc_credentials_unref(ssl_creds); grpc_credentials_unref(fake_transport_security_creds); } @@ -422,16 +422,16 @@ static void check_ssl_oauth2_iam_composite_metadata( static void test_ssl_oauth2_iam_composite_creds(void) { grpc_credentials *ssl_creds = - grpc_ssl_credentials_create(test_root_cert, NULL); + grpc_ssl_credentials_create(test_root_cert, NULL, NULL); const grpc_credentials_array *creds_array; grpc_credentials *oauth2_creds = grpc_md_only_test_credentials_create( "Authorization", test_oauth2_bearer_token, 0); grpc_credentials *aux_creds = - grpc_composite_credentials_create(ssl_creds, oauth2_creds); + grpc_composite_credentials_create(ssl_creds, oauth2_creds, NULL); grpc_credentials *iam_creds = grpc_iam_credentials_create( - test_iam_authorization_token, test_iam_authority_selector); + test_iam_authorization_token, test_iam_authority_selector, NULL); grpc_credentials *composite_creds = - grpc_composite_credentials_create(aux_creds, iam_creds); + grpc_composite_credentials_create(aux_creds, iam_creds, NULL); grpc_credentials_unref(ssl_creds); grpc_credentials_unref(oauth2_creds); grpc_credentials_unref(aux_creds); @@ -524,7 +524,7 @@ static int httpcli_get_should_not_be_called( static void test_compute_engine_creds_success(void) { grpc_credentials *compute_engine_creds = - grpc_compute_engine_credentials_create(); + grpc_compute_engine_credentials_create(NULL); GPR_ASSERT(grpc_credentials_has_request_metadata(compute_engine_creds)); GPR_ASSERT(grpc_credentials_has_request_metadata_only(compute_engine_creds)); @@ -548,7 +548,7 @@ static void test_compute_engine_creds_success(void) { static void test_compute_engine_creds_failure(void) { grpc_credentials *compute_engine_creds = - grpc_compute_engine_credentials_create(); + grpc_compute_engine_credentials_create(NULL); grpc_httpcli_set_override(compute_engine_httpcli_get_failure_override, httpcli_post_should_not_be_called); GPR_ASSERT(grpc_credentials_has_request_metadata(compute_engine_creds)); @@ -605,7 +605,7 @@ static int refresh_token_httpcli_post_failure( static void test_refresh_token_creds_success(void) { grpc_credentials *refresh_token_creds = - grpc_refresh_token_credentials_create(test_refresh_token_str); + grpc_refresh_token_credentials_create(test_refresh_token_str, NULL); GPR_ASSERT(grpc_credentials_has_request_metadata(refresh_token_creds)); GPR_ASSERT(grpc_credentials_has_request_metadata_only(refresh_token_creds)); @@ -629,7 +629,7 @@ static void test_refresh_token_creds_success(void) { static void test_refresh_token_creds_failure(void) { grpc_credentials *refresh_token_creds = - grpc_refresh_token_credentials_create(test_refresh_token_str); + grpc_refresh_token_credentials_create(test_refresh_token_str, NULL); grpc_httpcli_set_override(httpcli_get_should_not_be_called, refresh_token_httpcli_post_failure); GPR_ASSERT(grpc_credentials_has_request_metadata(refresh_token_creds)); @@ -731,7 +731,7 @@ static void test_service_account_creds_success(void) { char *json_key_string = test_json_key_str(); grpc_credentials *service_account_creds = grpc_service_account_credentials_create(json_key_string, test_scope, - grpc_max_auth_token_lifetime); + grpc_max_auth_token_lifetime, NULL); GPR_ASSERT(grpc_credentials_has_request_metadata(service_account_creds)); GPR_ASSERT(grpc_credentials_has_request_metadata_only(service_account_creds)); @@ -761,8 +761,8 @@ static void test_service_account_creds_success(void) { static void test_service_account_creds_http_failure(void) { char *json_key_string = test_json_key_str(); grpc_credentials *service_account_creds = - grpc_service_account_credentials_create(json_key_string, test_scope, - grpc_max_auth_token_lifetime); + grpc_service_account_credentials_create( + json_key_string, test_scope, grpc_max_auth_token_lifetime, NULL); GPR_ASSERT(grpc_credentials_has_request_metadata(service_account_creds)); GPR_ASSERT(grpc_credentials_has_request_metadata_only(service_account_creds)); @@ -781,8 +781,8 @@ static void test_service_account_creds_http_failure(void) { static void test_service_account_creds_signing_failure(void) { char *json_key_string = test_json_key_str(); grpc_credentials *service_account_creds = - grpc_service_account_credentials_create(json_key_string, test_scope, - grpc_max_auth_token_lifetime); + grpc_service_account_credentials_create( + json_key_string, test_scope, grpc_max_auth_token_lifetime, NULL); GPR_ASSERT(grpc_credentials_has_request_metadata(service_account_creds)); GPR_ASSERT(grpc_credentials_has_request_metadata_only(service_account_creds)); @@ -828,7 +828,7 @@ static void test_jwt_creds_success(void) { char *json_key_string = test_json_key_str(); grpc_credentials *jwt_creds = grpc_service_account_jwt_access_credentials_create( - json_key_string, grpc_max_auth_token_lifetime); + json_key_string, grpc_max_auth_token_lifetime, NULL); GPR_ASSERT(grpc_credentials_has_request_metadata(jwt_creds)); GPR_ASSERT(grpc_credentials_has_request_metadata_only(jwt_creds)); @@ -861,7 +861,7 @@ static void test_jwt_creds_signing_failure(void) { char *json_key_string = test_json_key_str(); grpc_credentials *jwt_creds = grpc_service_account_jwt_access_credentials_create( - json_key_string, grpc_max_auth_token_lifetime); + json_key_string, grpc_max_auth_token_lifetime, NULL); GPR_ASSERT(grpc_credentials_has_request_metadata(jwt_creds)); GPR_ASSERT(grpc_credentials_has_request_metadata_only(jwt_creds)); diff --git a/test/core/security/fetch_oauth2.c b/test/core/security/fetch_oauth2.c index 64c4dde5d9..7354a9f8f7 100644 --- a/test/core/security/fetch_oauth2.c +++ b/test/core/security/fetch_oauth2.c @@ -56,7 +56,7 @@ static grpc_credentials *create_service_account_creds( } return grpc_service_account_credentials_create( (const char *)GPR_SLICE_START_PTR(json_key), scope, - grpc_max_auth_token_lifetime); + grpc_max_auth_token_lifetime, NULL); } static grpc_credentials *create_refresh_token_creds( @@ -69,7 +69,7 @@ static grpc_credentials *create_refresh_token_creds( exit(1); } return grpc_refresh_token_credentials_create( - (const char *)GPR_SLICE_START_PTR(refresh_token)); + (const char *)GPR_SLICE_START_PTR(refresh_token), NULL); } int main(int argc, char **argv) { @@ -112,7 +112,7 @@ int main(int argc, char **argv) { "Ignoring json key and scope to get a token from the GCE " "metadata server."); } - creds = grpc_compute_engine_credentials_create(); + creds = grpc_compute_engine_credentials_create(NULL); if (creds == NULL) { gpr_log(GPR_ERROR, "Could not create gce credentials."); exit(1); |