Merge pull request #2947 from jboeuf/grpc_security_abi

First draft at addressing #1799 for grpc_security.
author: Craig Tiller <ctiller@google.com> 2015-08-27 12:43:25 -0700
committer: Craig Tiller <ctiller@google.com> 2015-08-27 12:43:25 -0700
commit: 08348334e53a299934626b29d97f829917a811f0 (patch)
tree: 6821ecf54a1c0782a45bd8f6089e0372fb1d6aa5 /src/core
parent: 1c3b21330632a12e14f6d3130db99b03940075fc (diff)
parent: 5cc1e2ec4b0e6a100dab285c74aed8233add8776 (diff)
4 files changed, 32 insertions, 16 deletions
diff --git a/src/core/security/client_auth_filter.c b/src/core/security/client_auth_filter.c
index 8e63978b82..f3ecfd0e60 100644
--- a/src/core/security/client_auth_filter.c
+++ b/src/core/security/client_auth_filter.c
@@ -153,7 +153,8 @@ static void send_security_metadata(grpc_call_element *elem,
   }
 
   if (channel_creds_has_md && call_creds_has_md) {
-    calld->creds = grpc_composite_credentials_create(channel_creds, ctx->creds);
+    calld->creds =
+        grpc_composite_credentials_create(channel_creds, ctx->creds, NULL);
     if (calld->creds == NULL) {
       bubble_up_error(elem, GRPC_STATUS_INVALID_ARGUMENT,
                       "Incompatible credentials set on channel and call.");
diff --git a/src/core/security/credentials.c b/src/core/security/credentials.c
index 8852cab3e7..362d5f4b6f 100644
--- a/src/core/security/credentials.c
+++ b/src/core/security/credentials.c
@@ -298,8 +298,10 @@ static void ssl_build_server_config(
 }
 
 grpc_credentials *grpc_ssl_credentials_create(
-    const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pair) {
+    const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pair,
+    void *reserved) {
   grpc_ssl_credentials *c = gpr_malloc(sizeof(grpc_ssl_credentials));
+  GPR_ASSERT(reserved == NULL);
   memset(c, 0, sizeof(grpc_ssl_credentials));
   c->base.type = GRPC_CREDENTIALS_TYPE_SSL;
   c->base.vtable = &ssl_vtable;
@@ -310,9 +312,11 @@ grpc_credentials *grpc_ssl_credentials_create(
 
 grpc_server_credentials *grpc_ssl_server_credentials_create(
     const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs,
-    size_t num_key_cert_pairs, int force_client_auth) {
+    size_t num_key_cert_pairs, int force_client_auth, void *reserved) {
   grpc_ssl_server_credentials *c =
       gpr_malloc(sizeof(grpc_ssl_server_credentials));
+  GPR_ASSERT(reserved == NULL);
+  memset(c, 0, sizeof(grpc_ssl_credentials));
   memset(c, 0, sizeof(grpc_ssl_server_credentials));
   c->base.type = GRPC_CREDENTIALS_TYPE_SSL;
   c->base.vtable = &ssl_server_vtable;
@@ -430,7 +434,8 @@ grpc_service_account_jwt_access_credentials_create_from_auth_json_key(
 }
 
 grpc_credentials *grpc_service_account_jwt_access_credentials_create(
-    const char *json_key, gpr_timespec token_lifetime) {
+    const char *json_key, gpr_timespec token_lifetime, void *reserved) {
+  GPR_ASSERT(reserved == NULL);
   return grpc_service_account_jwt_access_credentials_create_from_auth_json_key(
       grpc_auth_json_key_create_from_string(json_key), token_lifetime);
 }
@@ -635,9 +640,10 @@ static void compute_engine_fetch_oauth2(
                    metadata_req);
 }
 
-grpc_credentials *grpc_compute_engine_credentials_create(void) {
+grpc_credentials *grpc_compute_engine_credentials_create(void *reserved) {
   grpc_oauth2_token_fetcher_credentials *c =
       gpr_malloc(sizeof(grpc_oauth2_token_fetcher_credentials));
+  GPR_ASSERT(reserved == NULL);
   init_oauth2_token_fetcher(c, compute_engine_fetch_oauth2);
   c->base.vtable = &compute_engine_vtable;
   return &c->base;
@@ -693,10 +699,11 @@ static void service_account_fetch_oauth2(
 }
 
 grpc_credentials *grpc_service_account_credentials_create(
-    const char *json_key, const char *scope, gpr_timespec token_lifetime) {
+    const char *json_key, const char *scope, gpr_timespec token_lifetime,
+    void *reserved) {
   grpc_service_account_credentials *c;
   grpc_auth_json_key key = grpc_auth_json_key_create_from_string(json_key);
-
+  GPR_ASSERT(reserved == NULL);
   if (scope == NULL || (strlen(scope) == 0) ||
       !grpc_auth_json_key_is_valid(&key)) {
     gpr_log(GPR_ERROR,
@@ -766,7 +773,8 @@ grpc_credentials *grpc_refresh_token_credentials_create_from_auth_refresh_token(
 }
 
 grpc_credentials *grpc_refresh_token_credentials_create(
-    const char *json_refresh_token) {
+    const char *json_refresh_token, void *reserved) {
+  GPR_ASSERT(reserved == NULL);
   return grpc_refresh_token_credentials_create_from_auth_refresh_token(
       grpc_auth_refresh_token_create_from_string(json_refresh_token));
 }
@@ -867,11 +875,12 @@ static grpc_credentials_vtable access_token_vtable = {
     access_token_has_request_metadata_only, access_token_get_request_metadata,
     NULL};
 
-grpc_credentials *grpc_access_token_credentials_create(
-    const char *access_token) {
+grpc_credentials *grpc_access_token_credentials_create(const char *access_token,
+                                                       void *reserved) {
   grpc_access_token_credentials *c =
       gpr_malloc(sizeof(grpc_access_token_credentials));
   char *token_md_value;
+  GPR_ASSERT(reserved == NULL);
   memset(c, 0, sizeof(grpc_access_token_credentials));
   c->base.type = GRPC_CREDENTIALS_TYPE_OAUTH2;
   c->base.vtable = &access_token_vtable;
@@ -1101,12 +1110,14 @@ static grpc_credentials_array get_creds_array(grpc_credentials **creds_addr) {
 }
 
 grpc_credentials *grpc_composite_credentials_create(grpc_credentials *creds1,
-                                                    grpc_credentials *creds2) {
+                                                    grpc_credentials *creds2,
+                                                    void *reserved) {
   size_t i;
   size_t creds_array_byte_size;
   grpc_credentials_array creds1_array;
   grpc_credentials_array creds2_array;
   grpc_composite_credentials *c;
+  GPR_ASSERT(reserved == NULL);
   GPR_ASSERT(creds1 != NULL);
   GPR_ASSERT(creds2 != NULL);
   c = gpr_malloc(sizeof(grpc_composite_credentials));
@@ -1209,8 +1220,10 @@ static grpc_credentials_vtable iam_vtable = {
     iam_get_request_metadata, NULL};
 
 grpc_credentials *grpc_iam_credentials_create(const char *token,
-                                              const char *authority_selector) {
+                                              const char *authority_selector,
+                                              void *reserved) {
   grpc_iam_credentials *c;
+  GPR_ASSERT(reserved == NULL);
   GPR_ASSERT(token != NULL);
   GPR_ASSERT(authority_selector != NULL);
   c = gpr_malloc(sizeof(grpc_iam_credentials));
diff --git a/src/core/security/google_default_credentials.c b/src/core/security/google_default_credentials.c
index 3631de867a..f9aa5187ce 100644
--- a/src/core/security/google_default_credentials.c
+++ b/src/core/security/google_default_credentials.c
@@ -194,7 +194,7 @@ grpc_credentials *grpc_google_default_credentials_create(void) {
     int need_compute_engine_creds = is_stack_running_on_compute_engine();
     compute_engine_detection_done = 1;
     if (need_compute_engine_creds) {
-      result = grpc_compute_engine_credentials_create();
+      result = grpc_compute_engine_credentials_create(NULL);
     }
   }
 
@@ -202,9 +202,9 @@ end:
   if (!serving_cached_credentials && result != NULL) {
     /* Blend with default ssl credentials and add a global reference so that it
        can be cached and re-served. */
-    grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL);
+    grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL, NULL);
     default_credentials = grpc_credentials_ref(
-        grpc_composite_credentials_create(ssl_creds, result));
+        grpc_composite_credentials_create(ssl_creds, result, NULL));
     GPR_ASSERT(default_credentials != NULL);
     grpc_credentials_unref(ssl_creds);
     grpc_credentials_unref(result);
diff --git a/src/core/surface/secure_channel_create.c b/src/core/surface/secure_channel_create.c
index eccee24698..35b60bdbef 100644
--- a/src/core/surface/secure_channel_create.c
+++ b/src/core/surface/secure_channel_create.c
@@ -185,7 +185,8 @@ static const grpc_subchannel_factory_vtable subchannel_factory_vtable = {
                    - perform handshakes */
 grpc_channel *grpc_secure_channel_create(grpc_credentials *creds,
                                          const char *target,
-                                         const grpc_channel_args *args) {
+                                         const grpc_channel_args *args,
+                                         void *reserved) {
   grpc_channel *channel;
   grpc_arg connector_arg;
   grpc_channel_args *args_copy;
@@ -198,6 +199,7 @@ grpc_channel *grpc_secure_channel_create(grpc_credentials *creds,
   const grpc_channel_filter *filters[MAX_FILTERS];
   int n = 0;
 
+  GPR_ASSERT(reserved == NULL);
   if (grpc_find_security_connector_in_args(args) != NULL) {
     gpr_log(GPR_ERROR, "Cannot set security context in channel args.");
     return grpc_lame_client_channel_create(
author	Craig Tiller <ctiller@google.com>	2015-08-27 12:43:25 -0700
committer	Craig Tiller <ctiller@google.com>	2015-08-27 12:43:25 -0700
commit	08348334e53a299934626b29d97f829917a811f0 (patch)
tree	6821ecf54a1c0782a45bd8f6089e0372fb1d6aa5 /src/core
parent	1c3b21330632a12e14f6d3130db99b03940075fc (diff)
parent	5cc1e2ec4b0e6a100dab285c74aed8233add8776 (diff)