[grpc] Add SSL session client cache support

author: Ruslan Nigmatullin <elessar@dropbox.com> 2018-02-21 16:44:35 -0800
committer: Ruslan Nigmatullin <elessar@dropbox.com> 2018-03-20 09:17:28 -0700
commit: 7ae3733cab31c9c8b06dc5961984e063685de261 (patch)
tree: b4d8535830d94b9de4b520761c29ff1162fcf485 /test/core/tsi
parent: c4223da3ef38b1ad728e5b6a7ccd3dd0a0008937 (diff)
3 files changed, 283 insertions, 44 deletions
diff --git a/test/core/tsi/BUILD b/test/core/tsi/BUILD
index 8ac3e7687c..ae6e8fdc32 100644
--- a/test/core/tsi/BUILD
+++ b/test/core/tsi/BUILD
@@ -41,6 +41,20 @@ grpc_cc_test(
     ],
 )
 
+grpc_cc_test(
+    name = "ssl_session_cache_test",
+    srcs = ["ssl_session_cache_test.cc"],
+    language = "C++",
+    external_deps = [
+        "gtest",
+    ],
+    deps = [
+        "//:grpc",
+        "//:gpr",
+        "//:tsi",
+        "//test/core/util:gpr_test_util",
+    ],
+)
 
 grpc_cc_test(
     name = "ssl_transport_security_test",
diff --git a/test/core/tsi/ssl_session_cache_test.cc b/test/core/tsi/ssl_session_cache_test.cc
new file mode 100644
index 0000000000..72df0e545c
--- /dev/null
+++ b/test/core/tsi/ssl_session_cache_test.cc
@@ -0,0 +1,154 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <string>
+#include <unordered_set>
+
+#include "src/core/tsi/ssl/session_cache/ssl_session_cache.h"
+#include "test/core/util/test_config.h"
+
+#include <grpc/grpc.h>
+#include <grpc/support/log.h>
+#include <gtest/gtest.h>
+
+namespace grpc_core {
+
+namespace {
+
+class SessionTracker;
+
+struct SessionExDataId {
+  SessionTracker* tracker;
+  long id;
+};
+
+class SessionTracker {
+ public:
+  SessionTracker() { ssl_context_ = SSL_CTX_new(TLSv1_2_method()); }
+
+  ~SessionTracker() { SSL_CTX_free(ssl_context_); }
+
+  tsi::SslSessionPtr NewSession(long id) {
+    static int ex_data_id = SSL_SESSION_get_ex_new_index(
+        0, nullptr, nullptr, nullptr, DestroyExData);
+    GPR_ASSERT(ex_data_id != -1);
+    // OpenSSL and different version of BoringSSL don't agree on API
+    // so try both.
+    tsi::SslSessionPtr session = NewSessionInternal(SSL_SESSION_new);
+    SessionExDataId* data = new SessionExDataId{this, id};
+    int result = SSL_SESSION_set_ex_data(session.get(), ex_data_id, data);
+    EXPECT_EQ(result, 1);
+    alive_sessions_.insert(id);
+    return session;
+  }
+
+  bool IsAlive(long id) const {
+    return alive_sessions_.find(id) != alive_sessions_.end();
+  }
+
+  size_t AliveCount() const { return alive_sessions_.size(); }
+
+ private:
+  tsi::SslSessionPtr NewSessionInternal(SSL_SESSION* (*cb)()) {
+    return tsi::SslSessionPtr(cb());
+  }
+
+  tsi::SslSessionPtr NewSessionInternal(SSL_SESSION* (*cb)(const SSL_CTX*)) {
+    return tsi::SslSessionPtr(cb(ssl_context_));
+  }
+
+  static void DestroyExData(void* parent, void* ptr, CRYPTO_EX_DATA* ad,
+                            int index, long argl, void* argp) {
+    SessionExDataId* data = static_cast<SessionExDataId*>(ptr);
+    data->tracker->alive_sessions_.erase(data->id);
+    delete data;
+  }
+
+  SSL_CTX* ssl_context_;
+  std::unordered_set<long> alive_sessions_;
+};
+
+TEST(SslSessionCacheTest, InitialState) {
+  SessionTracker tracker;
+  // Verify session initial state.
+  {
+    tsi::SslSessionPtr tmp_sess = tracker.NewSession(1);
+    EXPECT_EQ(tmp_sess->references, 1);
+    EXPECT_TRUE(tracker.IsAlive(1));
+    EXPECT_EQ(tracker.AliveCount(), 1);
+  }
+  EXPECT_FALSE(tracker.IsAlive(1));
+  EXPECT_EQ(tracker.AliveCount(), 0);
+}
+
+TEST(SslSessionCacheTest, LruCache) {
+  SessionTracker tracker;
+  {
+    RefCountedPtr<tsi::SslSessionLRUCache> cache =
+        tsi::SslSessionLRUCache::Create(3);
+    tsi::SslSessionPtr sess2 = tracker.NewSession(2);
+    SSL_SESSION* sess2_ptr = sess2.get();
+    cache->Put("first.dropbox.com", std::move(sess2));
+    EXPECT_EQ(cache->Get("first.dropbox.com").get(), sess2_ptr);
+    EXPECT_TRUE(tracker.IsAlive(2));
+    EXPECT_EQ(tracker.AliveCount(), 1);
+    // Putting element with the same key destroys old session.
+    tsi::SslSessionPtr sess3 = tracker.NewSession(3);
+    SSL_SESSION* sess3_ptr = sess3.get();
+    cache->Put("first.dropbox.com", std::move(sess3));
+    EXPECT_FALSE(tracker.IsAlive(2));
+    EXPECT_EQ(cache->Get("first.dropbox.com").get(), sess3_ptr);
+    EXPECT_TRUE(tracker.IsAlive(3));
+    EXPECT_EQ(tracker.AliveCount(), 1);
+    // Putting three more elements discards current one.
+    for (long id = 4; id < 7; id++) {
+      EXPECT_TRUE(tracker.IsAlive(3));
+      std::string domain = std::to_string(id) + ".random.domain";
+      cache->Put(domain.c_str(), tracker.NewSession(id));
+    }
+    EXPECT_EQ(cache->Size(), 3);
+    EXPECT_FALSE(tracker.IsAlive(3));
+    EXPECT_EQ(tracker.AliveCount(), 3);
+    // Accessing element moves it into front of the queue.
+    EXPECT_TRUE(cache->Get("4.random.domain"));
+    EXPECT_TRUE(tracker.IsAlive(4));
+    EXPECT_TRUE(tracker.IsAlive(5));
+    EXPECT_TRUE(tracker.IsAlive(6));
+    // One element has to be evicted from cache->
+    cache->Put("7.random.domain", tracker.NewSession(7));
+    EXPECT_TRUE(tracker.IsAlive(4));
+    EXPECT_FALSE(tracker.IsAlive(5));
+    EXPECT_TRUE(tracker.IsAlive(6));
+    EXPECT_TRUE(tracker.IsAlive(7));
+    EXPECT_EQ(tracker.AliveCount(), 3);
+  }
+  // Cache destructor destroys all sessions.
+  EXPECT_EQ(tracker.AliveCount(), 0);
+}
+
+}  // namespace
+}  // namespace grpc_core
+
+int main(int argc, char** argv) {
+  ::testing::InitGoogleTest(&argc, argv);
+  grpc_test_init(argc, argv);
+  grpc_init();
+  int ret = RUN_ALL_TESTS();
+  grpc_shutdown();
+  return ret;
+}
diff --git a/test/core/tsi/ssl_transport_security_test.cc b/test/core/tsi/ssl_transport_security_test.cc
index d9eb7470d5..0878c57931 100644
--- a/test/core/tsi/ssl_transport_security_test.cc
+++ b/test/core/tsi/ssl_transport_security_test.cc
@@ -52,8 +52,8 @@ typedef enum AlpnMode {
 
 typedef struct ssl_alpn_lib {
   AlpnMode alpn_mode;
-  char** server_alpn_protocols;
-  char** client_alpn_protocols;
+  const char** server_alpn_protocols;
+  const char** client_alpn_protocols;
   uint16_t num_server_alpn_protocols;
   uint16_t num_client_alpn_protocols;
 } ssl_alpn_lib;
@@ -76,6 +76,10 @@ typedef struct ssl_tsi_test_fixture {
   ssl_alpn_lib* alpn_lib;
   bool force_client_auth;
   char* server_name_indication;
+  tsi_ssl_session_cache* session_cache;
+  bool session_reused;
+  const char* session_ticket_key;
+  size_t session_ticket_key_size;
   tsi_ssl_server_handshaker_factory* server_handshaker_factory;
   tsi_ssl_client_handshaker_factory* client_handshaker_factory;
 } ssl_tsi_test_fixture;
@@ -89,47 +93,60 @@ static void ssl_test_setup_handshakers(tsi_test_fixture* fixture) {
   ssl_key_cert_lib* key_cert_lib = ssl_fixture->key_cert_lib;
   ssl_alpn_lib* alpn_lib = ssl_fixture->alpn_lib;
   /* Create client handshaker factory. */
-  tsi_ssl_pem_key_cert_pair* client_key_cert_pair = nullptr;
+  tsi_ssl_client_handshaker_options client_options;
+  memset(&client_options, 0, sizeof(client_options));
+  client_options.pem_root_certs = key_cert_lib->root_cert;
   if (ssl_fixture->force_client_auth) {
-    client_key_cert_pair = key_cert_lib->use_bad_client_cert
-                               ? &key_cert_lib->bad_client_pem_key_cert_pair
-                               : &key_cert_lib->client_pem_key_cert_pair;
+    client_options.pem_key_cert_pair =
+        key_cert_lib->use_bad_client_cert
+            ? &key_cert_lib->bad_client_pem_key_cert_pair
+            : &key_cert_lib->client_pem_key_cert_pair;
   }
-  char** client_alpn_protocols = nullptr;
-  uint16_t num_client_alpn_protocols = 0;
   if (alpn_lib->alpn_mode == ALPN_CLIENT_NO_SERVER ||
       alpn_lib->alpn_mode == ALPN_CLIENT_SERVER_OK ||
       alpn_lib->alpn_mode == ALPN_CLIENT_SERVER_MISMATCH) {
-    client_alpn_protocols = alpn_lib->client_alpn_protocols;
-    num_client_alpn_protocols = alpn_lib->num_client_alpn_protocols;
+    client_options.alpn_protocols = alpn_lib->client_alpn_protocols;
+    client_options.num_alpn_protocols = alpn_lib->num_client_alpn_protocols;
   }
-  GPR_ASSERT(tsi_create_ssl_client_handshaker_factory(
-                 client_key_cert_pair, key_cert_lib->root_cert, nullptr,
-                 (const char**)client_alpn_protocols, num_client_alpn_protocols,
-                 &ssl_fixture->client_handshaker_factory) == TSI_OK);
+  if (ssl_fixture->session_cache != nullptr) {
+    client_options.session_cache = ssl_fixture->session_cache;
+  }
+  GPR_ASSERT(tsi_create_ssl_client_handshaker_factory_with_options(
+                 &client_options, &ssl_fixture->client_handshaker_factory) ==
+             TSI_OK);
   /* Create server handshaker factory. */
-  char** server_alpn_protocols = nullptr;
-  uint16_t num_server_alpn_protocols = 0;
+  tsi_ssl_server_handshaker_options server_options;
+  memset(&server_options, 0, sizeof(server_options));
   if (alpn_lib->alpn_mode == ALPN_SERVER_NO_CLIENT ||
       alpn_lib->alpn_mode == ALPN_CLIENT_SERVER_OK ||
       alpn_lib->alpn_mode == ALPN_CLIENT_SERVER_MISMATCH) {
-    server_alpn_protocols = alpn_lib->server_alpn_protocols;
-    num_server_alpn_protocols = alpn_lib->num_server_alpn_protocols;
+    server_options.alpn_protocols = alpn_lib->server_alpn_protocols;
+    server_options.num_alpn_protocols = alpn_lib->num_server_alpn_protocols;
     if (alpn_lib->alpn_mode == ALPN_CLIENT_SERVER_MISMATCH) {
-      num_server_alpn_protocols--;
+      server_options.num_alpn_protocols--;
     }
   }
-  GPR_ASSERT(tsi_create_ssl_server_handshaker_factory(
-                 key_cert_lib->use_bad_server_cert
-                     ? key_cert_lib->bad_server_pem_key_cert_pairs
-                     : key_cert_lib->server_pem_key_cert_pairs,
-                 key_cert_lib->use_bad_server_cert
-                     ? key_cert_lib->bad_server_num_key_cert_pairs
-                     : key_cert_lib->server_num_key_cert_pairs,
-                 key_cert_lib->root_cert, ssl_fixture->force_client_auth,
-                 nullptr, (const char**)server_alpn_protocols,
-                 num_server_alpn_protocols,
-                 &ssl_fixture->server_handshaker_factory) == TSI_OK);
+  server_options.pem_key_cert_pairs =
+      key_cert_lib->use_bad_server_cert
+          ? key_cert_lib->bad_server_pem_key_cert_pairs
+          : key_cert_lib->server_pem_key_cert_pairs;
+  server_options.num_key_cert_pairs =
+      key_cert_lib->use_bad_server_cert
+          ? key_cert_lib->bad_server_num_key_cert_pairs
+          : key_cert_lib->server_num_key_cert_pairs;
+  server_options.pem_client_root_certs = key_cert_lib->root_cert;
+  if (ssl_fixture->force_client_auth) {
+    server_options.client_certificate_request =
+        TSI_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY;
+  } else {
+    server_options.client_certificate_request =
+        TSI_DONT_REQUEST_CLIENT_CERTIFICATE;
+  }
+  server_options.session_ticket_key = ssl_fixture->session_ticket_key;
+  server_options.session_ticket_key_size = ssl_fixture->session_ticket_key_size;
+  GPR_ASSERT(tsi_create_ssl_server_handshaker_factory_with_options(
+                 &server_options, &ssl_fixture->server_handshaker_factory) ==
+             TSI_OK);
   /* Create server and client handshakers. */
   tsi_handshaker* client_handshaker = nullptr;
   GPR_ASSERT(tsi_ssl_client_handshaker_factory_create_handshaker(
@@ -176,6 +193,18 @@ check_basic_authenticated_peer_and_get_common_name(const tsi_peer* peer) {
   return property;
 }
 
+static void check_session_reusage(ssl_tsi_test_fixture* ssl_fixture,
+                                  tsi_peer* peer) {
+  const tsi_peer_property* session_reused =
+      tsi_peer_get_property_by_name(peer, TSI_SSL_SESSION_REUSED_PEER_PROPERTY);
+  GPR_ASSERT(session_reused != nullptr);
+  if (ssl_fixture->session_reused) {
+    GPR_ASSERT(strcmp(session_reused->value.data, "true") == 0);
+  } else {
+    GPR_ASSERT(strcmp(session_reused->value.data, "false") == 0);
+  }
+}
+
 void check_server0_peer(tsi_peer* peer) {
   const tsi_peer_property* property =
       check_basic_authenticated_peer_and_get_common_name(peer);
@@ -233,7 +262,7 @@ static void check_client_peer(ssl_tsi_test_fixture* ssl_fixture,
   ssl_alpn_lib* alpn_lib = ssl_fixture->alpn_lib;
   if (!ssl_fixture->force_client_auth) {
     GPR_ASSERT(peer->property_count ==
-               (alpn_lib->alpn_mode == ALPN_CLIENT_SERVER_OK ? 1 : 0));
+               (alpn_lib->alpn_mode == ALPN_CLIENT_SERVER_OK ? 2 : 1));
   } else {
     const tsi_peer_property* property =
         check_basic_authenticated_peer_and_get_common_name(peer);
@@ -257,8 +286,8 @@ static void ssl_test_check_handshaker_peers(tsi_test_fixture* fixture) {
   if (expect_success) {
     GPR_ASSERT(tsi_handshaker_result_extract_peer(
                    ssl_fixture->base.client_result, &peer) == TSI_OK);
+    check_session_reusage(ssl_fixture, &peer);
     check_alpn(ssl_fixture, &peer);
-
     if (ssl_fixture->server_name_indication != nullptr) {
       check_server1_peer(&peer);
     } else {
@@ -270,6 +299,7 @@ static void ssl_test_check_handshaker_peers(tsi_test_fixture* fixture) {
   if (expect_success) {
     GPR_ASSERT(tsi_handshaker_result_extract_peer(
                    ssl_fixture->base.server_result, &peer) == TSI_OK);
+    check_session_reusage(ssl_fixture, &peer);
     check_alpn(ssl_fixture, &peer);
     check_client_peer(ssl_fixture, &peer);
   } else {
@@ -291,11 +321,11 @@ static void ssl_test_destruct(tsi_test_fixture* fixture) {
   /* Destroy ssl_alpn_lib. */
   ssl_alpn_lib* alpn_lib = ssl_fixture->alpn_lib;
   for (size_t i = 0; i < alpn_lib->num_server_alpn_protocols; i++) {
-    gpr_free(alpn_lib->server_alpn_protocols[i]);
+    gpr_free(const_cast<char*>(alpn_lib->server_alpn_protocols[i]));
   }
   gpr_free(alpn_lib->server_alpn_protocols);
   for (size_t i = 0; i < alpn_lib->num_client_alpn_protocols; i++) {
-    gpr_free(alpn_lib->client_alpn_protocols[i]);
+    gpr_free(const_cast<char*>(alpn_lib->client_alpn_protocols[i]));
   }
   gpr_free(alpn_lib->client_alpn_protocols);
   gpr_free(alpn_lib);
@@ -316,6 +346,9 @@ static void ssl_test_destruct(tsi_test_fixture* fixture) {
       key_cert_lib->bad_client_pem_key_cert_pair);
   gpr_free(key_cert_lib->root_cert);
   gpr_free(key_cert_lib);
+  if (ssl_fixture->session_cache != nullptr) {
+    tsi_ssl_session_cache_unref(ssl_fixture->session_cache);
+  }
   /* Unreference others. */
   tsi_ssl_server_handshaker_factory_unref(
       ssl_fixture->server_handshaker_factory);
@@ -388,10 +421,10 @@ static tsi_test_fixture* ssl_tsi_test_fixture_create() {
   /* Create ssl_alpn_lib. */
   ssl_alpn_lib* alpn_lib =
       static_cast<ssl_alpn_lib*>(gpr_zalloc(sizeof(*alpn_lib)));
-  alpn_lib->server_alpn_protocols =
-      static_cast<char**>(gpr_zalloc(sizeof(char*) * SSL_TSI_TEST_ALPN_NUM));
-  alpn_lib->client_alpn_protocols =
-      static_cast<char**>(gpr_zalloc(sizeof(char*) * SSL_TSI_TEST_ALPN_NUM));
+  alpn_lib->server_alpn_protocols = static_cast<const char**>(
+      gpr_zalloc(sizeof(char*) * SSL_TSI_TEST_ALPN_NUM));
+  alpn_lib->client_alpn_protocols = static_cast<const char**>(
+      gpr_zalloc(sizeof(char*) * SSL_TSI_TEST_ALPN_NUM));
   alpn_lib->server_alpn_protocols[0] = gpr_strdup(SSL_TSI_TEST_ALPN1);
   alpn_lib->server_alpn_protocols[1] = gpr_strdup(SSL_TSI_TEST_ALPN3);
   alpn_lib->client_alpn_protocols[0] = gpr_strdup(SSL_TSI_TEST_ALPN2);
@@ -402,6 +435,9 @@ static tsi_test_fixture* ssl_tsi_test_fixture_create() {
   ssl_fixture->alpn_lib = alpn_lib;
   ssl_fixture->base.vtable = &vtable;
   ssl_fixture->server_name_indication = nullptr;
+  ssl_fixture->session_reused = false;
+  ssl_fixture->session_ticket_key = nullptr;
+  ssl_fixture->session_ticket_key_size = 0;
   ssl_fixture->force_client_auth = false;
   return &ssl_fixture->base;
 }
@@ -558,6 +594,38 @@ void ssl_tsi_test_do_round_trip_odd_buffer_size() {
   }
 }
 
+void ssl_tsi_test_do_handshake_session_cache() {
+  tsi_ssl_session_cache* session_cache = tsi_ssl_session_cache_create_lru(16);
+  char session_ticket_key[48];
+  auto do_handshake = [&session_ticket_key,
+                       &session_cache](bool session_reused) {
+    tsi_test_fixture* fixture = ssl_tsi_test_fixture_create();
+    ssl_tsi_test_fixture* ssl_fixture =
+        reinterpret_cast<ssl_tsi_test_fixture*>(fixture);
+    ssl_fixture->server_name_indication =
+        const_cast<char*>("waterzooi.test.google.be");
+    ssl_fixture->session_ticket_key = session_ticket_key;
+    ssl_fixture->session_ticket_key_size = 48;
+    tsi_ssl_session_cache_ref(session_cache);
+    ssl_fixture->session_cache = session_cache;
+    ssl_fixture->session_reused = session_reused;
+    tsi_test_do_round_trip(&ssl_fixture->base);
+    tsi_test_fixture_destroy(fixture);
+  };
+  memset(session_ticket_key, 'a', 48);
+  do_handshake(false);
+  do_handshake(true);
+  do_handshake(true);
+  // Changing session_ticket_key on server invalidates ticket.
+  memset(session_ticket_key, 'b', 48);
+  do_handshake(false);
+  do_handshake(true);
+  memset(session_ticket_key, 'c', 48);
+  do_handshake(false);
+  do_handshake(true);
+  tsi_ssl_session_cache_unref(session_cache);
+}
+
 static const tsi_ssl_handshaker_factory_vtable* original_vtable;
 static bool handshaker_factory_destructor_called;
 
@@ -575,13 +643,14 @@ static tsi_ssl_handshaker_factory_vtable test_handshaker_factory_vtable = {
 
 void test_tsi_ssl_client_handshaker_factory_refcounting() {
   int i;
-  const char* cert_chain =
-      load_file(SSL_TSI_TEST_CREDENTIALS_DIR, "client.pem");
+  char* cert_chain = load_file(SSL_TSI_TEST_CREDENTIALS_DIR, "client.pem");
 
+  tsi_ssl_client_handshaker_options options;
+  memset(&options, 0, sizeof(options));
+  options.pem_root_certs = cert_chain;
   tsi_ssl_client_handshaker_factory* client_handshaker_factory;
-  GPR_ASSERT(tsi_create_ssl_client_handshaker_factory(
-                 nullptr, cert_chain, nullptr, nullptr, 0,
-                 &client_handshaker_factory) == TSI_OK);
+  GPR_ASSERT(tsi_create_ssl_client_handshaker_factory_with_options(
+                 &options, &client_handshaker_factory) == TSI_OK);
 
   handshaker_factory_destructor_called = false;
   original_vtable = tsi_ssl_handshaker_factory_swap_vtable(
@@ -608,7 +677,7 @@ void test_tsi_ssl_client_handshaker_factory_refcounting() {
   tsi_handshaker_destroy(handshaker[2]);
   GPR_ASSERT(handshaker_factory_destructor_called);
 
-  gpr_free((void*)cert_chain);
+  gpr_free(cert_chain);
 }
 
 void test_tsi_ssl_server_handshaker_factory_refcounting() {
@@ -673,6 +742,7 @@ void ssl_tsi_test_handshaker_factory_internals() {
 int main(int argc, char** argv) {
   grpc_test_init(argc, argv);
   grpc_init();
+
   ssl_tsi_test_do_handshake_tiny_handshake_buffer();
   ssl_tsi_test_do_handshake_small_handshake_buffer();
   ssl_tsi_test_do_handshake();
@@ -688,6 +758,7 @@ int main(int argc, char** argv) {
 #endif
   ssl_tsi_test_do_handshake_alpn_server_no_client();
   ssl_tsi_test_do_handshake_alpn_client_server_ok();
+  ssl_tsi_test_do_handshake_session_cache();
   ssl_tsi_test_do_round_trip_for_all_configs();
   ssl_tsi_test_do_round_trip_odd_buffer_size();
   ssl_tsi_test_handshaker_factory_internals();
author	Ruslan Nigmatullin <elessar@dropbox.com>	2018-02-21 16:44:35 -0800
committer	Ruslan Nigmatullin <elessar@dropbox.com>	2018-03-20 09:17:28 -0700
commit	7ae3733cab31c9c8b06dc5961984e063685de261 (patch)
tree	b4d8535830d94b9de4b520761c29ff1162fcf485 /test/core/tsi
parent	c4223da3ef38b1ad728e5b6a7ccd3dd0a0008937 (diff)