diff options
author | 2015-07-28 18:37:40 -0700 | |
---|---|---|
committer | 2015-07-28 18:37:40 -0700 | |
commit | 62b9080a1d1a7b0b7d463d7528b9150fc49d2c62 (patch) | |
tree | f82a564991f56ee6aa3a64bd86f5b4ae472f5600 /include | |
parent | aa2bef8453cf237c760b53b0fac82a304eebc619 (diff) | |
parent | 8e06c2e62e0be2606598dd1f2a6582b585364520 (diff) |
Merge branch 'master' of https://github.com/grpc/grpc into zookeeper
Diffstat (limited to 'include')
-rw-r--r-- | include/grpc++/server_credentials.h | 3 | ||||
-rw-r--r-- | include/grpc/grpc.h | 19 | ||||
-rw-r--r-- | include/grpc/grpc_security.h | 9 |
3 files changed, 27 insertions, 4 deletions
diff --git a/include/grpc++/server_credentials.h b/include/grpc++/server_credentials.h index 83ae9fd1eb..11acd67e8a 100644 --- a/include/grpc++/server_credentials.h +++ b/include/grpc++/server_credentials.h @@ -58,12 +58,15 @@ class ServerCredentials { // Options to create ServerCredentials with SSL struct SslServerCredentialsOptions { + SslServerCredentialsOptions() : force_client_auth(false) {} + struct PemKeyCertPair { grpc::string private_key; grpc::string cert_chain; }; grpc::string pem_root_certs; std::vector<PemKeyCertPair> pem_key_cert_pairs; + bool force_client_auth; }; // Builds SSL ServerCredentials given SSL specific options diff --git a/include/grpc/grpc.h b/include/grpc/grpc.h index 8ae8b728b9..901ec8f5b7 100644 --- a/include/grpc/grpc.h +++ b/include/grpc/grpc.h @@ -408,6 +408,23 @@ void grpc_completion_queue_shutdown(grpc_completion_queue *cq); drained and no threads are executing grpc_completion_queue_next */ void grpc_completion_queue_destroy(grpc_completion_queue *cq); +/** Check the connectivity state of a channel. */ +grpc_connectivity_state grpc_channel_check_connectivity_state( + grpc_channel *channel, int try_to_connect); + +/** Watch for a change in connectivity state. + Once the channel connectivity state is different from last_observed_state, + tag will be enqueued on cq with success=1. + If deadline expires BEFORE the state is changed, tag will be enqueued on cq + with success=0. + If optional_new_state is non-NULL, it will be set to the newly observed + connectivity state of the channel at the same point as tag is enqueued onto + the completion queue. */ +void grpc_channel_watch_connectivity_state( + grpc_channel *channel, grpc_connectivity_state last_observed_state, + grpc_connectivity_state *optional_new_state, gpr_timespec deadline, + grpc_completion_queue *cq, void *tag); + /** Create a call given a grpc_channel, in order to call 'method'. All completions are sent to 'completion_queue'. 'method' and 'host' need only live through the invocation of this function. */ @@ -442,7 +459,7 @@ grpc_call_error grpc_call_start_batch(grpc_call *call, const grpc_op *ops, /** Returns a newly allocated string representing the endpoint to which this call is communicating with. The string is in the uri format accepted by grpc_channel_create. - The returned string should be disposed of with gpr_free(). + The returned string should be disposed of with gpr_free(). WARNING: this value is never authenticated or subject to any security related code. It must not be used for any authentication related diff --git a/include/grpc/grpc_security.h b/include/grpc/grpc_security.h index 29eddc57a8..ff84050c6d 100644 --- a/include/grpc/grpc_security.h +++ b/include/grpc/grpc_security.h @@ -87,7 +87,7 @@ typedef struct { directory). - pem_key_cert_pair is a pointer on the object containing client's private key and certificate chain. This parameter can be NULL if the client does - not have such a key/cert pair. */ + not have such a key/cert pair. */ grpc_credentials *grpc_ssl_credentials_create( const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pair); @@ -174,10 +174,13 @@ void grpc_server_credentials_release(grpc_server_credentials *creds); - pem_key_cert_pairs is an array private key / certificate chains of the server. This parameter cannot be NULL. - num_key_cert_pairs indicates the number of items in the private_key_files - and cert_chain_files parameters. It should be at least 1. */ + and cert_chain_files parameters. It should be at least 1. + - force_client_auth, if set to non-zero will force the client to authenticate + with an SSL cert. Note that this option is ignored if pem_root_certs is + NULL. */ grpc_server_credentials *grpc_ssl_server_credentials_create( const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs, - size_t num_key_cert_pairs); + size_t num_key_cert_pairs, int force_client_auth); /* --- Server-side secure ports. --- */ |