diff options
| author |  Jan Tattermusch <jtattermusch@users.noreply.github.com> | 2016-04-26 15:24:35 -0700 |
|---|---|---|
| committer | Jan Tattermusch <jtattermusch@users.noreply.github.com> | 2016-04-26 15:24:35 -0700 |
| commit | e6077b86ad6a52d0643173f5cac99bc0432175f2 (patch) | |
| tree | 2cda142a715cc1945ca2b6bcd616d127a981a0a3 | |
| parent | 7d78ab20c8360a5049a7c2635eb1be70d9a0f3e9 (diff) | |
| parent | deadbcdab185e237990dbb2e1ac46f4f1cff3672 (diff) | |
Merge pull request #6233 from ewr/fetch-peer-cert-in-ruby
Add peer_cert method to Ruby call object
| -rw-r--r-- | src/ruby/ext/grpc/rb_call.c | 30 | ||||
| -rw-r--r-- | src/ruby/lib/grpc/generic/active_call.rb | 5 |
2 files changed, 33 insertions, 2 deletions
diff --git a/src/ruby/ext/grpc/rb_call.c b/src/ruby/ext/grpc/rb_call.c index f5fdbb2ffd..48c49a21e9 100644 --- a/src/ruby/ext/grpc/rb_call.c +++ b/src/ruby/ext/grpc/rb_call.c @@ -214,6 +214,35 @@ static VALUE grpc_rb_call_get_peer(VALUE self) { return res; } +/* Called to obtain the x509 cert of an authenticated peer. */ +static VALUE grpc_rb_call_get_peer_cert(VALUE self) { + grpc_call *call = NULL; + VALUE res = Qnil; + grpc_auth_context *ctx = NULL; + TypedData_Get_Struct(self, grpc_call, &grpc_call_data_type, call); + + ctx = grpc_call_auth_context(call); + + if (!ctx || !grpc_auth_context_peer_is_authenticated(ctx)) { + return Qnil; + } + + { + grpc_auth_property_iterator it = + grpc_auth_context_find_properties_by_name(ctx, GRPC_X509_PEM_CERT_PROPERTY_NAME); + const grpc_auth_property *prop = grpc_auth_property_iterator_next(&it); + if (prop == NULL) { + return Qnil; + } + + res = rb_str_new2(prop->value); + } + + grpc_auth_context_release(ctx); + + return res; +} + /* call-seq: status = call.status @@ -861,6 +890,7 @@ void Init_grpc_call() { rb_define_method(grpc_rb_cCall, "run_batch", grpc_rb_call_run_batch, 4); rb_define_method(grpc_rb_cCall, "cancel", grpc_rb_call_cancel, 0); rb_define_method(grpc_rb_cCall, "peer", grpc_rb_call_get_peer, 0); + rb_define_method(grpc_rb_cCall, "peer_cert", grpc_rb_call_get_peer_cert, 0); rb_define_method(grpc_rb_cCall, "status", grpc_rb_call_get_status, 0); rb_define_method(grpc_rb_cCall, "status=", grpc_rb_call_set_status, 1); rb_define_method(grpc_rb_cCall, "metadata", grpc_rb_call_get_metadata, 0); diff --git a/src/ruby/lib/grpc/generic/active_call.rb b/src/ruby/lib/grpc/generic/active_call.rb index 24cab950a7..ecf3cc3293 100644 --- a/src/ruby/lib/grpc/generic/active_call.rb +++ b/src/ruby/lib/grpc/generic/active_call.rb @@ -59,7 +59,8 @@ module GRPC include Core::CallOps extend Forwardable attr_reader(:deadline) - def_delegators :@call, :cancel, :metadata, :write_flag, :write_flag= + def_delegators :@call, :cancel, :metadata, :write_flag, :write_flag=, + :peer, :peer_cert # client_invoke begins a client invocation. # @@ -472,7 +473,7 @@ module GRPC # SingleReqView limits access to an ActiveCall's methods for use in server # handlers that receive just one request. SingleReqView = view_class(:cancelled, :deadline, :metadata, - :output_metadata) + :output_metadata, :peer, :peer_cert) # MultiReqView limits access to an ActiveCall's methods for use in # server client_streamer handlers. |