Merge pull request #5592 from pquerna/objc_ssl_channel_creds

ObjC: Add ChannelCredentials to gRPC Call, to let specify a private key for the user

8 files changed, 224 insertions, 74 deletions

diff --git a/src/core/lib/iomgr/ev_posix.c b/src/core/lib/iomgr/ev_posix.c
index 0eb95a2e09..7df1751352 100644
--- a/src/core/lib/iomgr/ev_posix.c
+++ b/src/core/lib/iomgr/ev_posix.c
@@ -44,7 +44,6 @@
 static const grpc_event_engine_vtable *g_event_engine;
 
 grpc_poll_function_type grpc_poll_function = poll;
-grpc_wakeup_fd grpc_global_wakeup_fd;
 
 void grpc_event_engine_init(void) {
   if ((g_event_engine = grpc_init_poll_and_epoll_posix())) {
diff --git a/src/objective-c/GRPCClient/GRPCCall+ChannelCredentials.h b/src/objective-c/GRPCClient/GRPCCall+ChannelCredentials.h
new file mode 100644
index 0000000000..343dd48a14
--- /dev/null
+++ b/src/objective-c/GRPCClient/GRPCCall+ChannelCredentials.h
@@ -0,0 +1,56 @@
+/*
+ *
+ * Copyright 2016, Google Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ *     * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#import "GRPCCall.h"
+
+/** Helpers for setting TLS Trusted Roots, Client Certificates, and Private Key */
+@interface GRPCCall (ChannelCredentials)
+
+/**
+ * Use the provided @c pemRootCert as the set of trusted root Certificate Authorities for @c host.
+ */
++ (BOOL)setTLSPEMRootCerts:(nullable NSString *)pemRootCert
+                   forHost:(nonnull NSString *)host
+                     error:(NSError **)errorPtr;
+/**
+ * Configures @c host with TLS/SSL Client Credentials and optionally trusted root Certificate
+ * Authorities. If @c pemRootCerts is nil, the default CA Certificates bundled with gRPC will be
+ * used.
+ */
++ (BOOL)setTLSPEMRootCerts:(nullable NSString *)pemRootCerts
+            withPrivateKey:(nullable NSString *)pemPrivateKey
+             withCertChain:(nullable NSString *)pemCertChain
+                   forHost:(nonnull NSString *)host
+                     error:(NSError **)errorPtr;
+
+@end
diff --git a/src/objective-c/GRPCClient/GRPCCall+ChannelCredentials.m b/src/objective-c/GRPCClient/GRPCCall+ChannelCredentials.m
new file mode 100644
index 0000000000..a8bcd0aab4
--- /dev/null
+++ b/src/objective-c/GRPCClient/GRPCCall+ChannelCredentials.m
@@ -0,0 +1,66 @@
+/*
+ *
+ * Copyright 2016, Google Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ *     * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#import "GRPCCall+ChannelCredentials.h"
+
+#import "private/GRPCHost.h"
+
+@implementation GRPCCall (ChannelCredentials)
+
++ (BOOL)setTLSPEMRootCerts:(nullable NSString *)pemRootCerts
+            withPrivateKey:(nullable NSString *)pemPrivateKey
+             withCertChain:(nullable NSString *)pemCertChain
+                   forHost:(nonnull NSString *)host
+                     error:(NSError **)errorPtr {
+  if (!host) {
+    [NSException raise:NSInvalidArgumentException
+                format:@"host must be provided."];
+  }
+  GRPCHost *hostConfig = [GRPCHost hostWithAddress:host];
+  return [hostConfig setTLSPEMRootCerts:pemRootCerts
+                 withPrivateKey:pemPrivateKey
+                  withCertChain:pemCertChain
+                          error:errorPtr];
+}
+
++ (BOOL)setTLSPEMRootCerts:(nullable NSString *)pemRootCerts
+                   forHost:(nonnull NSString *)host
+                     error:(NSError **)errorPtr {
+  return [GRPCCall setTLSPEMRootCerts:pemRootCerts
+               withPrivateKey:nil
+                withCertChain:nil
+                      forHost:host
+                      error:errorPtr];
+}
+
+@end
diff --git a/src/objective-c/GRPCClient/GRPCCall+Tests.m b/src/objective-c/GRPCClient/GRPCCall+Tests.m
index c8e8133703..b9456691bd 100644
--- a/src/objective-c/GRPCClient/GRPCCall+Tests.m
+++ b/src/objective-c/GRPCClient/GRPCCall+Tests.m
@@ -1,6 +1,6 @@
 /*
  *
- * Copyright 2015, Google Inc.
+ * Copyright 2015-2016, Google Inc.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -43,8 +43,16 @@
   if (!host || !certsPath || !testName) {
     [NSException raise:NSInvalidArgumentException format:@"host, path and name must be provided."];
   }
+  NSError *error = nil;
+  NSString *certs = [NSString stringWithContentsOfFile:certsPath
+                                                      encoding:NSUTF8StringEncoding
+                                                      error:&error];
+  if (error != nil) {
+      [NSException raise:[error localizedDescription] format:@"failed to load certs"];
+  }
+
   GRPCHost *hostConfig = [GRPCHost hostWithAddress:host];
-  hostConfig.pathToCertificates = certsPath;
+  [hostConfig setTLSPEMRootCerts:certs withPrivateKey:nil withCertChain:nil error:nil];
   hostConfig.hostNameOverride = testName;
 }
 
diff --git a/src/objective-c/GRPCClient/private/GRPCChannel.h b/src/objective-c/GRPCClient/private/GRPCChannel.h
index 73bf8d95e7..70d1a9bd2f 100644
--- a/src/objective-c/GRPCClient/private/GRPCChannel.h
+++ b/src/objective-c/GRPCClient/private/GRPCChannel.h
@@ -56,18 +56,6 @@ struct grpc_channel_credentials;
 + (nullable GRPCChannel *)secureChannelWithHost:(nonnull NSString *)host;
 
 /**
- * Creates a secure channel to the specified @c host using the specified @c pathToCertificates and 
- * @c channelArgs. Only in tests should @c pathToCertificates be nil or
- * @c GRPC_SSL_TARGET_NAME_OVERRIDE_ARG channel arg be set. Passing nil for @c pathToCertificates
- * results in using the default root certificates distributed with the library. If certificates
- * could not be found in any case, then @c nil is returned.
- */
-+ (nullable GRPCChannel *)secureChannelWithHost:(nonnull NSString *)host
-                             pathToCertificates:(nullable NSString *)pathToCertificates
-                                    channelArgs:(nullable NSDictionary *)channelArgs;
-
-
-/**
  * Creates a secure channel to the specified @c host using the specified @c credentials and
  * @c channelArgs. Only in tests should @c GRPC_SSL_TARGET_NAME_OVERRIDE_ARG channel arg be set.
  */
diff --git a/src/objective-c/GRPCClient/private/GRPCChannel.m b/src/objective-c/GRPCClient/private/GRPCChannel.m
index 926f55048d..203ef58c0d 100644
--- a/src/objective-c/GRPCClient/private/GRPCChannel.m
+++ b/src/objective-c/GRPCClient/private/GRPCChannel.m
@@ -40,26 +40,6 @@
 
 #import "GRPCCompletionQueue.h"
 
-/**
- * Returns @c grpc_channel_credentials from the specified @c path. If the file at the path could not
- * be read then NULL is returned. If NULL is returned, @c errorPtr may not be NULL if there are
- * details available describing what went wrong.
- */
-static grpc_channel_credentials *CertificatesAtPath(NSString *path, NSError **errorPtr) {
-  // Files in PEM format can have non-ASCII characters in their comments (e.g. for the name of the
-  // issuer). Load them as UTF8 and produce an ASCII equivalent.
-  NSString *contentInUTF8 = [NSString stringWithContentsOfFile:path
-                                                      encoding:NSUTF8StringEncoding
-                                                         error:errorPtr];
-  NSData *contentInASCII = [contentInUTF8 dataUsingEncoding:NSASCIIStringEncoding
-                                       allowLossyConversion:YES];
-  if (!contentInASCII.bytes) {
-    // Passing NULL to grpc_ssl_credentials_create produces behavior we don't want, so return.
-    return NULL;
-  }
-  return grpc_ssl_credentials_create(contentInASCII.bytes, NULL, NULL);
-}
-
 void freeChannelArgs(grpc_channel_args *channel_args) {
   for (size_t i = 0; i < channel_args->num_args; ++i) {
     grpc_arg *arg = &channel_args->args[i];
@@ -158,38 +138,6 @@ grpc_channel_args * buildChannelArgs(NSDictionary *dictionary) {
 }
 
 + (GRPCChannel *)secureChannelWithHost:(NSString *)host
-                    pathToCertificates:(NSString *)path
-                           channelArgs:(NSDictionary *)channelArgs {
-  // Load default SSL certificates once.
-  static grpc_channel_credentials *kDefaultCertificates;
-  static dispatch_once_t loading;
-  dispatch_once(&loading, ^{
-    NSString *defaultPath = @"gRPCCertificates.bundle/roots"; // .pem
-    // Do not use NSBundle.mainBundle, as it's nil for tests of library projects.
-    NSBundle *bundle = [NSBundle bundleForClass:self.class];
-    NSString *path = [bundle pathForResource:defaultPath ofType:@"pem"];
-    NSError *error;
-    kDefaultCertificates = CertificatesAtPath(path, &error);
-    NSAssert(kDefaultCertificates, @"Could not read %@/%@.pem. This file, with the root "
-             "certificates, is needed to establish secure (TLS) connections. Because the file is "
-             "distributed with the gRPC library, this error is usually a sign that the library "
-             "wasn't configured correctly for your project. Error: %@",
-             bundle.bundlePath, defaultPath, error);
-  });
-
-  //TODO(jcanizales): Add NSError** parameter to the initializer.
-  grpc_channel_credentials *certificates = path
-      ? CertificatesAtPath(path, NULL)
-      : kDefaultCertificates;
-
-  return [[GRPCChannel alloc] initWithHost:host
-                                    secure:YES
-                               credentials:certificates
-                               channelArgs:channelArgs];
-}
-
-
-+ (GRPCChannel *)secureChannelWithHost:(NSString *)host
                            credentials:(struct grpc_channel_credentials *)credentials
                            channelArgs:(NSDictionary *)channelArgs {
   return [[GRPCChannel alloc] initWithHost:host
diff --git a/src/objective-c/GRPCClient/private/GRPCHost.h b/src/objective-c/GRPCClient/private/GRPCHost.h
index e58bb7a2d9..9220e2a33d 100644
--- a/src/objective-c/GRPCClient/private/GRPCHost.h
+++ b/src/objective-c/GRPCClient/private/GRPCHost.h
@@ -37,23 +37,28 @@ NS_ASSUME_NONNULL_BEGIN
 
 @class GRPCCompletionQueue;
 struct grpc_call;
+struct grpc_channel_credentials;
 
 @interface GRPCHost : NSObject
 
 @property(nonatomic, readonly) NSString *address;
 @property(nonatomic, copy, nullable) NSString *userAgentPrefix;
+@property(nonatomic, nullable) struct grpc_channel_credentials *channelCreds;
 
 /** The following properties should only be modified for testing: */
 
 @property(nonatomic, getter=isSecure) BOOL secure;
 
-@property(nonatomic, copy, nullable) NSString *pathToCertificates;
 @property(nonatomic, copy, nullable) NSString *hostNameOverride;
 
 - (nullable instancetype)init NS_UNAVAILABLE;
 /** Host objects initialized with the same address are the same. */
 + (nullable instancetype)hostWithAddress:(NSString *)address;
 - (nullable instancetype)initWithAddress:(NSString *)address NS_DESIGNATED_INITIALIZER;
+- (BOOL)setTLSPEMRootCerts:(nullable NSString *)pemRootCerts
+            withPrivateKey:(nullable NSString *)pemPrivateKey
+             withCertChain:(nullable NSString *)pemCertChain
+                     error:(NSError **)errorPtr;
 
 /** Create a grpc_call object to the provided path on this host. */
 - (nullable struct grpc_call *)unmanagedCallWithPath:(NSString *)path
diff --git a/src/objective-c/GRPCClient/private/GRPCHost.m b/src/objective-c/GRPCClient/private/GRPCHost.m
index 739d808c53..43166cbb52 100644
--- a/src/objective-c/GRPCClient/private/GRPCHost.m
+++ b/src/objective-c/GRPCClient/private/GRPCHost.m
@@ -34,6 +34,7 @@
 #import "GRPCHost.h"
 
 #include <grpc/grpc.h>
+#include <grpc/grpc_security.h>
 #import <GRPCClient/GRPCCall.h>
 #import <GRPCClient/GRPCCall+ChannelArg.h>
 
@@ -56,6 +57,12 @@ NS_ASSUME_NONNULL_BEGIN
   return [[self alloc] initWithAddress:address];
 }
 
+- (void)dealloc {
+  if (_channelCreds != nil) {
+    grpc_channel_credentials_release(_channelCreds);
+  }
+}
+
 // Default initializer.
 - (nullable instancetype)initWithAddress:(NSString *)address {
   if (!address) {
@@ -105,6 +112,75 @@ NS_ASSUME_NONNULL_BEGIN
   return [channel unmanagedCallWithPath:path completionQueue:queue];
 }
 
+- (BOOL)setTLSPEMRootCerts:(nullable NSString *)pemRootCerts
+            withPrivateKey:(nullable NSString *)pemPrivateKey
+             withCertChain:(nullable NSString *)pemCertChain
+                     error:(NSError **)errorPtr {
+  static NSData *kDefaultRootsASCII;
+  static NSError *kDefaultRootsError;
+  static dispatch_once_t loading;
+  dispatch_once(&loading, ^{
+    NSString *defaultPath = @"gRPCCertificates.bundle/roots"; // .pem
+    // Do not use NSBundle.mainBundle, as it's nil for tests of library projects.
+    NSBundle *bundle = [NSBundle bundleForClass:self.class];
+    NSString *path = [bundle pathForResource:defaultPath ofType:@"pem"];
+    NSError *error;
+    // Files in PEM format can have non-ASCII characters in their comments (e.g. for the name of the
+    // issuer). Load them as UTF8 and produce an ASCII equivalent.
+    NSString *contentInUTF8 = [NSString stringWithContentsOfFile:path
+                                                        encoding:NSUTF8StringEncoding
+                                                           error:&error];
+    if (contentInUTF8 == nil) {
+      kDefaultRootsError = error;
+      return;
+    }
+    kDefaultRootsASCII = [contentInUTF8 dataUsingEncoding:NSASCIIStringEncoding
+                                     allowLossyConversion:YES];
+  });
+
+  NSData *rootsASCII;
+  if (pemRootCerts != nil) {
+    rootsASCII = [pemRootCerts dataUsingEncoding:NSASCIIStringEncoding
+                     allowLossyConversion:YES];
+  } else {
+    if (kDefaultRootsASCII == nil) {
+      if (errorPtr) {
+        *errorPtr = kDefaultRootsError;
+      }
+      NSAssert(kDefaultRootsASCII, @"Could not read gRPCCertificates.bundle/roots.pem. This file, "
+               "with the root certificates, is needed to establish secure (TLS) connections. "
+               "Because the file is distributed with the gRPC library, this error is usually a sign "
+               "that the library wasn't configured correctly for your project. Error: %@",
+                kDefaultRootsError);
+      return NO;
+    }
+    rootsASCII = kDefaultRootsASCII;
+  }
+
+  grpc_channel_credentials *creds;
+  if (pemPrivateKey == nil && pemCertChain == nil) {
+    creds = grpc_ssl_credentials_create(rootsASCII.bytes, NULL, NULL);
+  } else {
+    grpc_ssl_pem_key_cert_pair key_cert_pair;
+    NSData *privateKeyASCII = [pemPrivateKey dataUsingEncoding:NSASCIIStringEncoding
+                                       allowLossyConversion:YES];
+    NSData *certChainASCII = [pemCertChain dataUsingEncoding:NSASCIIStringEncoding
+                                     allowLossyConversion:YES];
+    key_cert_pair.private_key = privateKeyASCII.bytes;
+    key_cert_pair.cert_chain = certChainASCII.bytes;
+    creds = grpc_ssl_credentials_create(rootsASCII.bytes, &key_cert_pair, NULL);
+  }
+
+  @synchronized(self) {
+    if (_channelCreds != nil) {
+      grpc_channel_credentials_release(_channelCreds);
+    }
+    _channelCreds = creds;
+  }
+
+  return YES;
+}
+
 - (NSDictionary *)channelArgs {
   NSMutableDictionary *args = [NSMutableDictionary dictionary];
 
@@ -125,9 +201,16 @@ NS_ASSUME_NONNULL_BEGIN
 - (GRPCChannel *)newChannel {
   NSDictionary *args = [self channelArgs];
   if (_secure) {
-    return [GRPCChannel secureChannelWithHost:_address
-                           pathToCertificates:_pathToCertificates
-                                  channelArgs:args];
+      GRPCChannel *channel;
+      @synchronized(self) {
+        if (_channelCreds == nil) {
+          [self setTLSPEMRootCerts:nil withPrivateKey:nil withCertChain:nil error:nil];
+        }
+        channel = [GRPCChannel secureChannelWithHost:_address
+                                          credentials:_channelCreds
+                                          channelArgs:args];
+      }
+      return channel;
   } else {
     return [GRPCChannel insecureChannelWithHost:_address channelArgs:args];
   }
@@ -145,9 +228,6 @@ NS_ASSUME_NONNULL_BEGIN
   }
 }
 
-// TODO(jcanizales): Don't let set |secure| to |NO| if |pathToCertificates| or |hostNameOverride|
-// have been set. Don't let set either of the latter if |secure| has been set to |NO|.
-
 @end
 
 NS_ASSUME_NONNULL_END