diff options
Diffstat (limited to 'src/ruby')
| -rwxr-xr-x | src/ruby/.rspec | 1 | ||||
| -rw-r--r-- | src/ruby/README.md | 6 | ||||
| -rwxr-xr-x | src/ruby/bin/math_client.rb | 6 | ||||
| -rwxr-xr-x | src/ruby/bin/math_server.rb | 19 | ||||
| -rwxr-xr-x | src/ruby/bin/noproto_server.rb | 3 | ||||
| -rw-r--r-- | src/ruby/ext/grpc/rb_channel.c | 2 | ||||
| -rw-r--r-- | src/ruby/ext/grpc/rb_credentials.c | 11 | ||||
| -rw-r--r-- | src/ruby/ext/grpc/rb_server.c | 53 | ||||
| -rw-r--r-- | src/ruby/ext/grpc/rb_server_credentials.c | 124 | ||||
| -rwxr-xr-x | src/ruby/grpc.gemspec | 2 | ||||
| -rw-r--r-- | src/ruby/lib/grpc/generic/rpc_server.rb | 27 | ||||
| -rw-r--r-- | src/ruby/lib/grpc/version.rb | 2 | ||||
| -rwxr-xr-x | src/ruby/pb/test/server.rb | 3 | ||||
| -rw-r--r-- | src/ruby/spec/client_server_spec.rb | 20 | ||||
| -rw-r--r-- | src/ruby/spec/credentials_spec.rb | 14 | ||||
| -rw-r--r-- | src/ruby/spec/generic/active_call_spec.rb | 2 | ||||
| -rw-r--r-- | src/ruby/spec/generic/client_stub_spec.rb | 2 | ||||
| -rw-r--r-- | src/ruby/spec/generic/rpc_server_spec.rb | 2 | ||||
| -rw-r--r-- | src/ruby/spec/pb/health/checker_spec.rb | 3 | ||||
| -rw-r--r-- | src/ruby/spec/server_credentials_spec.rb | 39 | ||||
| -rw-r--r-- | src/ruby/spec/server_spec.rb | 12 |
21 files changed, 222 insertions, 131 deletions
diff --git a/src/ruby/.rspec b/src/ruby/.rspec index 2320752db4..efeee2c1d2 100755 --- a/src/ruby/.rspec +++ b/src/ruby/.rspec @@ -1,5 +1,6 @@ -I. -Ipb +--backtrace --require spec_helper --format documentation --color diff --git a/src/ruby/README.md b/src/ruby/README.md index f8902e34c5..8c56ceb135 100644 --- a/src/ruby/README.md +++ b/src/ruby/README.md @@ -19,10 +19,10 @@ INSTALLATION **Linux (Debian):** -Add [Debian unstable][] to your `sources.list` file. Example: +Add [Debian jessie-backports][] to your `sources.list` file. Example: ```sh -echo "deb http://ftp.us.debian.org/debian unstable main contrib non-free" | \ +echo "deb http://http.debian.net/debian jessie-backports main" | \ sudo tee -a /etc/apt/sources.list ``` @@ -99,4 +99,4 @@ Directory structure is the layout for [ruby extensions][] [ruby extensions]:http://guides.rubygems.org/gems-with-extensions/ [rubydoc]: http://www.rubydoc.info/gems/grpc [grpc.io]: http://www.grpc.io/docs/installation/ruby.html -[Debian unstable]:https://www.debian.org/releases/sid/ +[Debian jessie-backports]:http://backports.debian.org/Instructions/ diff --git a/src/ruby/bin/math_client.rb b/src/ruby/bin/math_client.rb index 6319cda309..0ebd26f780 100755 --- a/src/ruby/bin/math_client.rb +++ b/src/ruby/bin/math_client.rb @@ -50,7 +50,7 @@ def do_div(stub) GRPC.logger.info('----------------') req = Math::DivArgs.new(dividend: 7, divisor: 3) GRPC.logger.info("div(7/3): req=#{req.inspect}") - resp = stub.div(req, INFINITE_FUTURE) + resp = stub.div(req, timeout: INFINITE_FUTURE) GRPC.logger.info("Answer: #{resp.inspect}") GRPC.logger.info('----------------') end @@ -71,7 +71,7 @@ def do_fib(stub) GRPC.logger.info('----------------') req = Math::FibArgs.new(limit: 11) GRPC.logger.info("fib(11): req=#{req.inspect}") - resp = stub.fib(req, INFINITE_FUTURE) + resp = stub.fib(req, timeout: INFINITE_FUTURE) resp.each do |r| GRPC.logger.info("Answer: #{r.inspect}") end @@ -86,7 +86,7 @@ def do_div_many(stub) reqs << Math::DivArgs.new(dividend: 5, divisor: 2) reqs << Math::DivArgs.new(dividend: 7, divisor: 2) GRPC.logger.info("div(7/3), div(5/2), div(7/2): reqs=#{reqs.inspect}") - resp = stub.div_many(reqs, 10) + resp = stub.div_many(reqs, timeout: INFINITE_FUTURE) resp.each do |r| GRPC.logger.info("Answer: #{r.inspect}") end diff --git a/src/ruby/bin/math_server.rb b/src/ruby/bin/math_server.rb index b41ccf6ce1..562f197317 100755 --- a/src/ruby/bin/math_server.rb +++ b/src/ruby/bin/math_server.rb @@ -41,9 +41,25 @@ $LOAD_PATH.unshift(this_dir) unless $LOAD_PATH.include?(this_dir) require 'forwardable' require 'grpc' +require 'logger' require 'math_services' require 'optparse' +# RubyLogger defines a logger for gRPC based on the standard ruby logger. +module RubyLogger + def logger + LOGGER + end + + LOGGER = Logger.new(STDOUT) +end + +# GRPC is the general RPC module +module GRPC + # Inject the noop #logger if no module-level logger method has been injected. + extend RubyLogger +end + # Holds state for a fibonacci series class Fibber def initialize(limit) @@ -155,7 +171,8 @@ end def test_server_creds certs = load_test_certs - GRPC::Core::ServerCredentials.new(nil, certs[1], certs[2]) + GRPC::Core::ServerCredentials.new( + nil, [{ private_key: certs[1], cert_chain: certs[2] }], false) end def main diff --git a/src/ruby/bin/noproto_server.rb b/src/ruby/bin/noproto_server.rb index 90baaf9a2e..72a5762040 100755 --- a/src/ruby/bin/noproto_server.rb +++ b/src/ruby/bin/noproto_server.rb @@ -77,7 +77,8 @@ end def test_server_creds certs = load_test_certs - GRPC::Core::ServerCredentials.new(nil, certs[1], certs[2]) + GRPC::Core::ServerCredentials.new( + nil, [{ private_key: certs[1], cert_chain: certs[2] }], false) end def main diff --git a/src/ruby/ext/grpc/rb_channel.c b/src/ruby/ext/grpc/rb_channel.c index 6491aa4fb4..90afdc3fe1 100644 --- a/src/ruby/ext/grpc/rb_channel.c +++ b/src/ruby/ext/grpc/rb_channel.c @@ -150,7 +150,7 @@ static VALUE grpc_rb_channel_init(int argc, VALUE *argv, VALUE self) { ch = grpc_insecure_channel_create(target_chars, &args, NULL); } else { creds = grpc_rb_get_wrapped_credentials(credentials); - ch = grpc_secure_channel_create(creds, target_chars, &args); + ch = grpc_secure_channel_create(creds, target_chars, &args, NULL); } if (args.args != NULL) { xfree(args.args); /* Allocated by grpc_rb_hash_convert_to_channel_args */ diff --git a/src/ruby/ext/grpc/rb_credentials.c b/src/ruby/ext/grpc/rb_credentials.c index a9dcdbce9f..ae757f6986 100644 --- a/src/ruby/ext/grpc/rb_credentials.c +++ b/src/ruby/ext/grpc/rb_credentials.c @@ -154,7 +154,7 @@ static VALUE grpc_rb_default_credentials_create(VALUE cls) { Creates the default credential instances. */ static VALUE grpc_rb_compute_engine_credentials_create(VALUE cls) { grpc_rb_credentials *wrapper = ALLOC(grpc_rb_credentials); - wrapper->wrapped = grpc_compute_engine_credentials_create(); + wrapper->wrapped = grpc_google_compute_engine_credentials_create(NULL); if (wrapper->wrapped == NULL) { rb_raise(rb_eRuntimeError, "could not create composite engine credentials, not sure why"); @@ -181,8 +181,8 @@ static VALUE grpc_rb_composite_credentials_create(VALUE self, VALUE other) { TypedData_Get_Struct(other, grpc_rb_credentials, &grpc_rb_credentials_data_type, other_wrapper); wrapper = ALLOC(grpc_rb_credentials); - wrapper->wrapped = grpc_composite_credentials_create(self_wrapper->wrapped, - other_wrapper->wrapped); + wrapper->wrapped = grpc_composite_credentials_create( + self_wrapper->wrapped, other_wrapper->wrapped, NULL); if (wrapper->wrapped == NULL) { rb_raise(rb_eRuntimeError, "could not create composite credentials, not sure why"); @@ -234,12 +234,13 @@ static VALUE grpc_rb_credentials_init(int argc, VALUE *argv, VALUE self) { return Qnil; } if (pem_private_key == Qnil && pem_cert_chain == Qnil) { - creds = grpc_ssl_credentials_create(RSTRING_PTR(pem_root_certs), NULL); + creds = + grpc_ssl_credentials_create(RSTRING_PTR(pem_root_certs), NULL, NULL); } else { key_cert_pair.private_key = RSTRING_PTR(pem_private_key); key_cert_pair.cert_chain = RSTRING_PTR(pem_cert_chain); creds = grpc_ssl_credentials_create(RSTRING_PTR(pem_root_certs), - &key_cert_pair); + &key_cert_pair, NULL); } if (creds == NULL) { rb_raise(rb_eRuntimeError, "could not create a credentials, not sure why"); diff --git a/src/ruby/ext/grpc/rb_server.c b/src/ruby/ext/grpc/rb_server.c index 7e76349d2e..4469658869 100644 --- a/src/ruby/ext/grpc/rb_server.c +++ b/src/ruby/ext/grpc/rb_server.c @@ -49,6 +49,9 @@ static VALUE grpc_rb_cServer = Qnil; /* id_at is the constructor method of the ruby standard Time class. */ static ID id_at; +/* id_insecure_server is used to indicate that a server is insecure */ +static VALUE id_insecure_server; + /* grpc_rb_server wraps a grpc_server. It provides a peer ruby object, 'mark' to minimize copying when a server is created from ruby. */ typedef struct grpc_rb_server { @@ -234,6 +237,7 @@ static VALUE grpc_rb_server_request_call(VALUE self, VALUE cqueue, grpc_call_error_detail_of(err), err); return Qnil; } + ev = grpc_rb_completion_queue_pluck_event(cqueue, tag_new, timeout); if (ev.type == GRPC_QUEUE_TIMEOUT) { grpc_request_call_stack_cleanup(&st); @@ -298,43 +302,22 @@ static VALUE grpc_rb_server_destroy(int argc, VALUE *argv, VALUE self) { if (s->wrapped != NULL) { grpc_server_shutdown_and_notify(s->wrapped, cq, NULL); ev = grpc_rb_completion_queue_pluck_event(cqueue, Qnil, timeout); - if (!ev.success) { - rb_warn("server shutdown failed, there will be a LEAKED object warning"); - return Qnil; - /* - TODO: renable the rb_raise below. - - At the moment if the timeout is INFINITE_FUTURE as recommended, the - pluck blocks forever, even though - - the outstanding server_request_calls correctly fail on the other - thread that they are running on. - - it's almost as if calls that fail on the other thread do not get - cleaned up by shutdown request, even though it caused htem to - terminate. - - rb_raise(rb_eRuntimeError, "grpc server shutdown did not succeed"); - return Qnil; - - The workaround is just to use a timeout and return without really - shutting down the server, and rely on the grpc core garbage collection - it down as a 'LEAKED OBJECT'. - - */ + rb_warn("server shutdown failed, cancelling the calls, objects may leak"); + grpc_server_cancel_all_calls(s->wrapped); + return Qfalse; } grpc_server_destroy(s->wrapped); s->wrapped = NULL; } - return Qnil; + return Qtrue; } /* call-seq: // insecure port insecure_server = Server.new(cq, {'arg1': 'value1'}) - insecure_server.add_http2_port('mydomain:50051') + insecure_server.add_http2_port('mydomain:50051', :this_port_is_insecure) // secure port server_creds = ... @@ -342,21 +325,22 @@ static VALUE grpc_rb_server_destroy(int argc, VALUE *argv, VALUE self) { secure_server.add_http_port('mydomain:50051', server_creds) Adds a http2 port to server */ -static VALUE grpc_rb_server_add_http2_port(int argc, VALUE *argv, VALUE self) { - VALUE port = Qnil; - VALUE rb_creds = Qnil; +static VALUE grpc_rb_server_add_http2_port(VALUE self, VALUE port, + VALUE rb_creds) { grpc_rb_server *s = NULL; grpc_server_credentials *creds = NULL; int recvd_port = 0; - /* "11" == 1 mandatory args, 1 (rb_creds) is optional */ - rb_scan_args(argc, argv, "11", &port, &rb_creds); - TypedData_Get_Struct(self, grpc_rb_server, &grpc_rb_server_data_type, s); if (s->wrapped == NULL) { rb_raise(rb_eRuntimeError, "destroyed!"); return Qnil; - } else if (rb_creds == Qnil) { + } else if (TYPE(rb_creds) == T_SYMBOL) { + if (id_insecure_server != SYM2ID(rb_creds)) { + rb_raise(rb_eTypeError, + "bad creds symbol, want :this_port_is_insecure"); + return Qnil; + } recvd_port = grpc_server_add_insecure_http2_port(s->wrapped, StringValueCStr(port)); if (recvd_port == 0) { @@ -398,8 +382,9 @@ void Init_grpc_server() { rb_define_alias(grpc_rb_cServer, "close", "destroy"); rb_define_method(grpc_rb_cServer, "add_http2_port", grpc_rb_server_add_http2_port, - -1); + 2); id_at = rb_intern("at"); + id_insecure_server = rb_intern("this_port_is_insecure"); } /* Gets the wrapped server from the ruby wrapper */ diff --git a/src/ruby/ext/grpc/rb_server_credentials.c b/src/ruby/ext/grpc/rb_server_credentials.c index 62c211d769..ea4d0d864e 100644 --- a/src/ruby/ext/grpc/rb_server_credentials.c +++ b/src/ruby/ext/grpc/rb_server_credentials.c @@ -135,62 +135,117 @@ static VALUE grpc_rb_server_credentials_init_copy(VALUE copy, VALUE orig) { return copy; } -/* The attribute used on the mark object to hold the pem_root_certs. */ +/* The attribute used on the mark object to preserve the pem_root_certs. */ static ID id_pem_root_certs; -/* The attribute used on the mark object to hold the pem_private_key. */ -static ID id_pem_private_key; +/* The attribute used on the mark object to preserve the pem_key_certs */ +static ID id_pem_key_certs; -/* The attribute used on the mark object to hold the pem_private_key. */ -static ID id_pem_cert_chain; +/* The key used to access the pem cert in a key_cert pair hash */ +static VALUE sym_cert_chain; + +/* The key used to access the pem private key in a key_cert pair hash */ +static VALUE sym_private_key; /* call-seq: - creds = ServerCredentials.new(pem_root_certs, pem_private_key, - pem_cert_chain) - creds = ServerCredentials.new(nil, pem_private_key, - pem_cert_chain) - - pem_root_certs: (required) PEM encoding of the server root certificate - pem_private_key: (optional) PEM encoding of the server's private key - pem_cert_chain: (optional) PEM encoding of the server's cert chain + creds = ServerCredentials.new(nil, + [{private_key: <pem_private_key1>, + {cert_chain: <pem_cert_chain1>}], + force_client_auth) + creds = ServerCredentials.new(pem_root_certs, + [{private_key: <pem_private_key1>, + {cert_chain: <pem_cert_chain1>}], + force_client_auth) + + pem_root_certs: (optional) PEM encoding of the server root certificate + pem_private_key: (required) PEM encoding of the server's private keys + force_client_auth: indicatees Initializes ServerCredential instances. */ static VALUE grpc_rb_server_credentials_init(VALUE self, VALUE pem_root_certs, - VALUE pem_private_key, - VALUE pem_cert_chain) { - /* TODO support multiple key cert pairs in the ruby API. */ + VALUE pem_key_certs, + VALUE force_client_auth) { grpc_rb_server_credentials *wrapper = NULL; grpc_server_credentials *creds = NULL; - grpc_ssl_pem_key_cert_pair key_cert_pair = {NULL, NULL}; - TypedData_Get_Struct(self, grpc_rb_server_credentials, - &grpc_rb_server_credentials_data_type, wrapper); - if (pem_cert_chain == Qnil) { - rb_raise(rb_eRuntimeError, - "could not create a server credential: nil pem_cert_chain"); + grpc_ssl_pem_key_cert_pair *key_cert_pairs = NULL; + VALUE cert = Qnil; + VALUE key = Qnil; + VALUE key_cert = Qnil; + int auth_client = 0; + int num_key_certs = 0; + int i; + + if (NIL_P(force_client_auth) || + !(force_client_auth == Qfalse || force_client_auth == Qtrue)) { + rb_raise(rb_eTypeError, + "bad force_client_auth: got:<%s> want: <True|False|nil>", + rb_obj_classname(force_client_auth)); return Qnil; - } else if (pem_private_key == Qnil) { - rb_raise(rb_eRuntimeError, - "could not create a server credential: nil pem_private_key"); + } + if (NIL_P(pem_key_certs) || TYPE(pem_key_certs) != T_ARRAY) { + rb_raise(rb_eTypeError, "bad pem_key_certs: got:<%s> want: <Array>", + rb_obj_classname(pem_key_certs)); + return Qnil; + } + num_key_certs = RARRAY_LEN(pem_key_certs); + if (num_key_certs == 0) { + rb_raise(rb_eTypeError, "bad pem_key_certs: it had no elements"); return Qnil; } - key_cert_pair.private_key = RSTRING_PTR(pem_private_key); - key_cert_pair.cert_chain = RSTRING_PTR(pem_cert_chain); - /* TODO Add a force_client_auth parameter and pass it here. */ + for (i = 0; i < num_key_certs; i++) { + key_cert = rb_ary_entry(pem_key_certs, i); + if (key_cert == Qnil) { + rb_raise(rb_eTypeError, + "could not create a server credential: nil key_cert"); + return Qnil; + } else if (TYPE(key_cert) != T_HASH) { + rb_raise(rb_eTypeError, + "could not create a server credential: want <Hash>, got <%s>", + rb_obj_classname(key_cert)); + return Qnil; + } else if (rb_hash_aref(key_cert, sym_private_key) == Qnil) { + rb_raise(rb_eTypeError, + "could not create a server credential: want nil private key"); + return Qnil; + } else if (rb_hash_aref(key_cert, sym_cert_chain) == Qnil) { + rb_raise(rb_eTypeError, + "could not create a server credential: want nil cert chain"); + return Qnil; + } + } + + auth_client = TYPE(force_client_auth) == T_TRUE; + key_cert_pairs = ALLOC_N(grpc_ssl_pem_key_cert_pair, num_key_certs); + for (i = 0; i < num_key_certs; i++) { + key_cert = rb_ary_entry(pem_key_certs, i); + key = rb_hash_aref(key_cert, sym_private_key); + cert = rb_hash_aref(key_cert, sym_cert_chain); + key_cert_pairs[i].private_key = RSTRING_PTR(key); + key_cert_pairs[i].cert_chain = RSTRING_PTR(cert); + } + + TypedData_Get_Struct(self, grpc_rb_server_credentials, + &grpc_rb_server_credentials_data_type, wrapper); + if (pem_root_certs == Qnil) { - creds = grpc_ssl_server_credentials_create(NULL, &key_cert_pair, 1, 0); + creds = grpc_ssl_server_credentials_create(NULL, key_cert_pairs, + num_key_certs, + auth_client, NULL); } else { creds = grpc_ssl_server_credentials_create(RSTRING_PTR(pem_root_certs), - &key_cert_pair, 1, 0); + key_cert_pairs, num_key_certs, + auth_client, NULL); } + xfree(key_cert_pairs); if (creds == NULL) { rb_raise(rb_eRuntimeError, "could not create a credentials, not sure why"); + return Qnil; } wrapper->wrapped = creds; /* Add the input objects as hidden fields to preserve them. */ - rb_ivar_set(self, id_pem_cert_chain, pem_cert_chain); - rb_ivar_set(self, id_pem_private_key, pem_private_key); + rb_ivar_set(self, id_pem_key_certs, pem_key_certs); rb_ivar_set(self, id_pem_root_certs, pem_root_certs); return self; @@ -210,9 +265,10 @@ void Init_grpc_server_credentials() { rb_define_method(grpc_rb_cServerCredentials, "initialize_copy", grpc_rb_server_credentials_init_copy, 1); - id_pem_cert_chain = rb_intern("__pem_cert_chain"); - id_pem_private_key = rb_intern("__pem_private_key"); + id_pem_key_certs = rb_intern("__pem_key_certs"); id_pem_root_certs = rb_intern("__pem_root_certs"); + sym_private_key = ID2SYM(rb_intern("private_key")); + sym_cert_chain = ID2SYM(rb_intern("cert_chain")); } /* Gets the wrapped grpc_server_credentials from the ruby wrapper */ diff --git a/src/ruby/grpc.gemspec b/src/ruby/grpc.gemspec index 20a6206e7e..093606bb8b 100755 --- a/src/ruby/grpc.gemspec +++ b/src/ruby/grpc.gemspec @@ -14,7 +14,7 @@ Gem::Specification.new do |s| s.license = 'BSD-3-Clause' s.required_ruby_version = '>= 2.0.0' - s.requirements << 'libgrpc ~> 0.10.0 needs to be installed' + s.requirements << 'libgrpc ~> 0.11.0 needs to be installed' s.files = %w( Rakefile ) s.files += Dir.glob('lib/**/*') diff --git a/src/ruby/lib/grpc/generic/rpc_server.rb b/src/ruby/lib/grpc/generic/rpc_server.rb index 67bf35ce02..3740ac52da 100644 --- a/src/ruby/lib/grpc/generic/rpc_server.rb +++ b/src/ruby/lib/grpc/generic/rpc_server.rb @@ -277,10 +277,11 @@ module GRPC @stop_mutex.synchronize do @stopped = true end - @pool.stop deadline = from_relative_time(@poll_period) - + return if @server.close(@cq, deadline) + deadline = from_relative_time(@poll_period) @server.close(@cq, deadline) + @pool.stop end # determines if the server has been stopped @@ -383,7 +384,6 @@ module GRPC @pool.start @server.start loop_handle_server_calls - @running = false end # Sends UNAVAILABLE if there are too many unprocessed jobs @@ -414,23 +414,24 @@ module GRPC fail 'not running' unless @running loop_tag = Object.new until stopped? - deadline = from_relative_time(@poll_period) begin - an_rpc = @server.request_call(@cq, loop_tag, deadline) + an_rpc = @server.request_call(@cq, loop_tag, INFINITE_FUTURE) c = new_active_server_call(an_rpc) + unless c.nil? + mth = an_rpc.method.to_sym + @pool.schedule(c) do |call| + rpc_descs[mth].run_server_method(call, rpc_handlers[mth]) + end + end rescue Core::CallError, RuntimeError => e # these might happen for various reasonse. The correct behaviour of - # the server is to log them and continue. - GRPC.logger.warn("server call failed: #{e}") + # the server is to log them and continue, if it's not shutting down. + GRPC.logger.warn("server call failed: #{e}") unless stopped? next end - unless c.nil? - mth = an_rpc.method.to_sym - @pool.schedule(c) do |call| - rpc_descs[mth].run_server_method(call, rpc_handlers[mth]) - end - end end + @running = false + GRPC.logger.info("stopped: #{self}") end def new_active_server_call(an_rpc) diff --git a/src/ruby/lib/grpc/version.rb b/src/ruby/lib/grpc/version.rb index 431e8774b5..108c22b25e 100644 --- a/src/ruby/lib/grpc/version.rb +++ b/src/ruby/lib/grpc/version.rb @@ -29,5 +29,5 @@ # GRPC contains the General RPC module. module GRPC - VERSION = '0.10.0' + VERSION = '0.11.0' end diff --git a/src/ruby/pb/test/server.rb b/src/ruby/pb/test/server.rb index e2e1ecbd62..a311bb76e6 100755 --- a/src/ruby/pb/test/server.rb +++ b/src/ruby/pb/test/server.rb @@ -64,7 +64,8 @@ end # creates a ServerCredentials from the test certificates. def test_server_creds certs = load_test_certs - GRPC::Core::ServerCredentials.new(nil, certs[1], certs[2]) + GRPC::Core::ServerCredentials.new( + nil, [{private_key: certs[1], cert_chain: certs[2]}], false) end # produces a string of null chars (\0) of length l. diff --git a/src/ruby/spec/client_server_spec.rb b/src/ruby/spec/client_server_spec.rb index 2e673ff413..ad0fb26896 100644 --- a/src/ruby/spec/client_server_spec.rb +++ b/src/ruby/spec/client_server_spec.rb @@ -28,16 +28,9 @@ # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. require 'grpc' -require 'spec_helper' include GRPC::Core -def load_test_certs - test_root = File.join(File.dirname(__FILE__), 'testdata') - files = ['ca.pem', 'server1.key', 'server1.pem'] - files.map { |f| File.open(File.join(test_root, f)).read } -end - shared_context 'setup: tags' do let(:sent_message) { 'sent message' } let(:reply_text) { 'the reply' } @@ -47,7 +40,7 @@ shared_context 'setup: tags' do end def deadline - Time.now + 2 + Time.now + 5 end def server_allows_client_to_proceed @@ -402,7 +395,7 @@ describe 'the http client/server' do @client_queue = GRPC::Core::CompletionQueue.new @server_queue = GRPC::Core::CompletionQueue.new @server = GRPC::Core::Server.new(@server_queue, nil) - server_port = @server.add_http2_port(server_host) + server_port = @server.add_http2_port(server_host, :this_port_is_insecure) @server.start @ch = Channel.new("0.0.0.0:#{server_port}", nil) end @@ -420,12 +413,19 @@ describe 'the http client/server' do end describe 'the secure http client/server' do + def load_test_certs + test_root = File.join(File.dirname(__FILE__), 'testdata') + files = ['ca.pem', 'server1.key', 'server1.pem'] + files.map { |f| File.open(File.join(test_root, f)).read } + end + before(:example) do certs = load_test_certs server_host = '0.0.0.0:0' @client_queue = GRPC::Core::CompletionQueue.new @server_queue = GRPC::Core::CompletionQueue.new - server_creds = GRPC::Core::ServerCredentials.new(nil, certs[1], certs[2]) + server_creds = GRPC::Core::ServerCredentials.new( + nil, [{ private_key: certs[1], cert_chain: certs[2] }], false) @server = GRPC::Core::Server.new(@server_queue, nil) server_port = @server.add_http2_port(server_host, server_creds) @server.start diff --git a/src/ruby/spec/credentials_spec.rb b/src/ruby/spec/credentials_spec.rb index 8e72e85d54..b02219dfdb 100644 --- a/src/ruby/spec/credentials_spec.rb +++ b/src/ruby/spec/credentials_spec.rb @@ -29,15 +29,15 @@ require 'grpc' -def load_test_certs - test_root = File.join(File.dirname(__FILE__), 'testdata') - files = ['ca.pem', 'server1.pem', 'server1.key'] - files.map { |f| File.open(File.join(test_root, f)).read } -end +describe GRPC::Core::Credentials do + Credentials = GRPC::Core::Credentials -Credentials = GRPC::Core::Credentials + def load_test_certs + test_root = File.join(File.dirname(__FILE__), 'testdata') + files = ['ca.pem', 'server1.pem', 'server1.key'] + files.map { |f| File.open(File.join(test_root, f)).read } + end -describe Credentials do describe '#new' do it 'can be constructed with fake inputs' do expect { Credentials.new('root_certs', 'key', 'cert') }.not_to raise_error diff --git a/src/ruby/spec/generic/active_call_spec.rb b/src/ruby/spec/generic/active_call_spec.rb index fcd7bd082f..b05e3284fe 100644 --- a/src/ruby/spec/generic/active_call_spec.rb +++ b/src/ruby/spec/generic/active_call_spec.rb @@ -46,7 +46,7 @@ describe GRPC::ActiveCall do @server_queue = GRPC::Core::CompletionQueue.new host = '0.0.0.0:0' @server = GRPC::Core::Server.new(@server_queue, nil) - server_port = @server.add_http2_port(host) + server_port = @server.add_http2_port(host, :this_port_is_insecure) @server.start @ch = GRPC::Core::Channel.new("0.0.0.0:#{server_port}", nil) end diff --git a/src/ruby/spec/generic/client_stub_spec.rb b/src/ruby/spec/generic/client_stub_spec.rb index edcc962a7d..a05433df75 100644 --- a/src/ruby/spec/generic/client_stub_spec.rb +++ b/src/ruby/spec/generic/client_stub_spec.rb @@ -498,7 +498,7 @@ describe 'ClientStub' do def create_test_server @server_queue = GRPC::Core::CompletionQueue.new @server = GRPC::Core::Server.new(@server_queue, nil) - @server.add_http2_port('0.0.0.0:0') + @server.add_http2_port('0.0.0.0:0', :this_port_is_insecure) end def expect_server_to_be_invoked(notifier) diff --git a/src/ruby/spec/generic/rpc_server_spec.rb b/src/ruby/spec/generic/rpc_server_spec.rb index 1295fd7fdd..e484a9ea50 100644 --- a/src/ruby/spec/generic/rpc_server_spec.rb +++ b/src/ruby/spec/generic/rpc_server_spec.rb @@ -139,7 +139,7 @@ describe GRPC::RpcServer do @server_queue = GRPC::Core::CompletionQueue.new server_host = '0.0.0.0:0' @server = GRPC::Core::Server.new(@server_queue, nil) - server_port = @server.add_http2_port(server_host) + server_port = @server.add_http2_port(server_host, :this_port_is_insecure) @host = "localhost:#{server_port}" @ch = GRPC::Core::Channel.new(@host, nil) end diff --git a/src/ruby/spec/pb/health/checker_spec.rb b/src/ruby/spec/pb/health/checker_spec.rb index 6999a69105..9bc82638c7 100644 --- a/src/ruby/spec/pb/health/checker_spec.rb +++ b/src/ruby/spec/pb/health/checker_spec.rb @@ -179,14 +179,13 @@ describe Grpc::Health::Checker do describe 'running on RpcServer' do RpcServer = GRPC::RpcServer - StatusCodes = GRPC::Core::StatusCodes CheckerStub = Grpc::Health::Checker.rpc_stub_class before(:each) do @server_queue = GRPC::Core::CompletionQueue.new server_host = '0.0.0.0:0' @server = GRPC::Core::Server.new(@server_queue, nil) - server_port = @server.add_http2_port(server_host) + server_port = @server.add_http2_port(server_host, :this_port_is_insecure) @host = "localhost:#{server_port}" @ch = GRPC::Core::Channel.new(@host, nil) @client_opts = { channel_override: @ch } diff --git a/src/ruby/spec/server_credentials_spec.rb b/src/ruby/spec/server_credentials_spec.rb index 55598bc8df..8ae577009d 100644 --- a/src/ruby/spec/server_credentials_spec.rb +++ b/src/ruby/spec/server_credentials_spec.rb @@ -31,8 +31,9 @@ require 'grpc' def load_test_certs test_root = File.join(File.dirname(__FILE__), 'testdata') - files = ['ca.pem', 'server1.pem', 'server1.key'] - files.map { |f| File.open(File.join(test_root, f)).read } + files = ['ca.pem', 'server1.key', 'server1.pem'] + contents = files.map { |f| File.open(File.join(test_root, f)).read } + [contents[0], [{ private_key: contents[1], cert_chain: contents[2] }], false] end describe GRPC::Core::ServerCredentials do @@ -40,7 +41,8 @@ describe GRPC::Core::ServerCredentials do describe '#new' do it 'can be constructed from a fake CA PEM, server PEM and a server key' do - expect { Creds.new('a', 'b', 'c') }.not_to raise_error + creds = Creds.new('a', [{ private_key: 'a', cert_chain: 'b' }], false) + expect(creds).to_not be_nil end it 'can be constructed using the test certificates' do @@ -48,21 +50,44 @@ describe GRPC::Core::ServerCredentials do expect { Creds.new(*certs) }.not_to raise_error end + it 'cannot be constructed without a nil key_cert pair array' do + root_cert, _, _ = load_test_certs + blk = proc do + Creds.new(root_cert, nil, false) + end + expect(&blk).to raise_error + end + + it 'cannot be constructed without any key_cert pairs' do + root_cert, _, _ = load_test_certs + blk = proc do + Creds.new(root_cert, [], false) + end + expect(&blk).to raise_error + end + it 'cannot be constructed without a server cert chain' do root_cert, server_key, _ = load_test_certs - blk = proc { Creds.new(root_cert, server_key, nil) } + blk = proc do + Creds.new(root_cert, + [{ server_key: server_key, cert_chain: nil }], + false) + end expect(&blk).to raise_error end it 'cannot be constructed without a server key' do root_cert, _, _ = load_test_certs - blk = proc { Creds.new(root_cert, nil, cert_chain) } + blk = proc do + Creds.new(root_cert, + [{ server_key: nil, cert_chain: cert_chain }]) + end expect(&blk).to raise_error end it 'can be constructed without a root_cret' do - _, server_key, cert_chain = load_test_certs - blk = proc { Creds.new(nil, server_key, cert_chain) } + _, cert_pairs, _ = load_test_certs + blk = proc { Creds.new(nil, cert_pairs, false) } expect(&blk).to_not raise_error end end diff --git a/src/ruby/spec/server_spec.rb b/src/ruby/spec/server_spec.rb index 47fe575343..439b19fb8d 100644 --- a/src/ruby/spec/server_spec.rb +++ b/src/ruby/spec/server_spec.rb @@ -32,7 +32,8 @@ require 'grpc' def load_test_certs test_root = File.join(File.dirname(__FILE__), 'testdata') files = ['ca.pem', 'server1.key', 'server1.pem'] - files.map { |f| File.open(File.join(test_root, f)).read } + contents = files.map { |f| File.open(File.join(test_root, f)).read } + [contents[0], [{ private_key: contents[1], cert_chain: contents[2] }], false] end Server = GRPC::Core::Server @@ -104,7 +105,7 @@ describe Server do it 'runs without failing' do blk = proc do s = Server.new(@cq, nil) - s.add_http2_port('localhost:0') + s.add_http2_port('localhost:0', :this_port_is_insecure) s.close(@cq) end expect(&blk).to_not raise_error @@ -113,7 +114,10 @@ describe Server do it 'fails if the server is closed' do s = Server.new(@cq, nil) s.close(@cq) - expect { s.add_http2_port('localhost:0') }.to raise_error(RuntimeError) + blk = proc do + s.add_http2_port('localhost:0', :this_port_is_insecure) + end + expect(&blk).to raise_error(RuntimeError) end end @@ -198,7 +202,7 @@ describe Server do def start_a_server s = Server.new(@cq, nil) - s.add_http2_port('0.0.0.0:0') + s.add_http2_port('0.0.0.0:0', :this_port_is_insecure) s.start s end |