aboutsummaryrefslogtreecommitdiffhomepage
path: root/test/core/security/security_connector_test.cc
diff options
context:
space:
mode:
Diffstat (limited to 'test/core/security/security_connector_test.cc')
-rw-r--r--test/core/security/security_connector_test.cc97
1 files changed, 50 insertions, 47 deletions
diff --git a/test/core/security/security_connector_test.cc b/test/core/security/security_connector_test.cc
index fef0ea71f7..2a31763c73 100644
--- a/test/core/security/security_connector_test.cc
+++ b/test/core/security/security_connector_test.cc
@@ -27,6 +27,7 @@
#include "src/core/lib/gpr/env.h"
#include "src/core/lib/gpr/string.h"
#include "src/core/lib/gpr/tmpfile.h"
+#include "src/core/lib/gprpp/ref_counted_ptr.h"
#include "src/core/lib/security/context/security_context.h"
#include "src/core/lib/security/security_connector/security_connector.h"
#include "src/core/lib/security/security_connector/ssl_utils.h"
@@ -83,22 +84,22 @@ static int check_ssl_peer_equivalence(const tsi_peer* original,
static void test_unauthenticated_ssl_peer(void) {
tsi_peer peer;
tsi_peer rpeer;
- grpc_auth_context* ctx;
GPR_ASSERT(tsi_construct_peer(1, &peer) == TSI_OK);
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_X509_CERTIFICATE_TYPE,
&peer.properties[0]) == TSI_OK);
- ctx = grpc_ssl_peer_to_auth_context(&peer);
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_ssl_peer_to_auth_context(&peer);
GPR_ASSERT(ctx != nullptr);
- GPR_ASSERT(!grpc_auth_context_peer_is_authenticated(ctx));
- GPR_ASSERT(check_transport_security_type(ctx));
+ GPR_ASSERT(!grpc_auth_context_peer_is_authenticated(ctx.get()));
+ GPR_ASSERT(check_transport_security_type(ctx.get()));
- rpeer = grpc_shallow_peer_from_ssl_auth_context(ctx);
+ rpeer = grpc_shallow_peer_from_ssl_auth_context(ctx.get());
GPR_ASSERT(check_ssl_peer_equivalence(&peer, &rpeer));
grpc_shallow_peer_destruct(&rpeer);
tsi_peer_destruct(&peer);
- GRPC_AUTH_CONTEXT_UNREF(ctx, "test");
+ ctx.reset(DEBUG_LOCATION, "test");
}
static int check_identity(const grpc_auth_context* ctx,
@@ -175,7 +176,6 @@ static int check_x509_pem_cert(const grpc_auth_context* ctx,
static void test_cn_only_ssl_peer_to_auth_context(void) {
tsi_peer peer;
tsi_peer rpeer;
- grpc_auth_context* ctx;
const char* expected_cn = "cn1";
const char* expected_pem_cert = "pem_cert1";
GPR_ASSERT(tsi_construct_peer(3, &peer) == TSI_OK);
@@ -188,26 +188,27 @@ static void test_cn_only_ssl_peer_to_auth_context(void) {
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_X509_PEM_CERT_PROPERTY, expected_pem_cert,
&peer.properties[2]) == TSI_OK);
- ctx = grpc_ssl_peer_to_auth_context(&peer);
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_ssl_peer_to_auth_context(&peer);
GPR_ASSERT(ctx != nullptr);
- GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx));
- GPR_ASSERT(check_identity(ctx, GRPC_X509_CN_PROPERTY_NAME, &expected_cn, 1));
- GPR_ASSERT(check_transport_security_type(ctx));
- GPR_ASSERT(check_x509_cn(ctx, expected_cn));
- GPR_ASSERT(check_x509_pem_cert(ctx, expected_pem_cert));
+ GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx.get()));
+ GPR_ASSERT(
+ check_identity(ctx.get(), GRPC_X509_CN_PROPERTY_NAME, &expected_cn, 1));
+ GPR_ASSERT(check_transport_security_type(ctx.get()));
+ GPR_ASSERT(check_x509_cn(ctx.get(), expected_cn));
+ GPR_ASSERT(check_x509_pem_cert(ctx.get(), expected_pem_cert));
- rpeer = grpc_shallow_peer_from_ssl_auth_context(ctx);
+ rpeer = grpc_shallow_peer_from_ssl_auth_context(ctx.get());
GPR_ASSERT(check_ssl_peer_equivalence(&peer, &rpeer));
grpc_shallow_peer_destruct(&rpeer);
tsi_peer_destruct(&peer);
- GRPC_AUTH_CONTEXT_UNREF(ctx, "test");
+ ctx.reset(DEBUG_LOCATION, "test");
}
static void test_cn_and_one_san_ssl_peer_to_auth_context(void) {
tsi_peer peer;
tsi_peer rpeer;
- grpc_auth_context* ctx;
const char* expected_cn = "cn1";
const char* expected_san = "san1";
const char* expected_pem_cert = "pem_cert1";
@@ -224,27 +225,28 @@ static void test_cn_and_one_san_ssl_peer_to_auth_context(void) {
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_X509_PEM_CERT_PROPERTY, expected_pem_cert,
&peer.properties[3]) == TSI_OK);
- ctx = grpc_ssl_peer_to_auth_context(&peer);
+
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_ssl_peer_to_auth_context(&peer);
GPR_ASSERT(ctx != nullptr);
- GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx));
+ GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx.get()));
GPR_ASSERT(
- check_identity(ctx, GRPC_X509_SAN_PROPERTY_NAME, &expected_san, 1));
- GPR_ASSERT(check_transport_security_type(ctx));
- GPR_ASSERT(check_x509_cn(ctx, expected_cn));
- GPR_ASSERT(check_x509_pem_cert(ctx, expected_pem_cert));
+ check_identity(ctx.get(), GRPC_X509_SAN_PROPERTY_NAME, &expected_san, 1));
+ GPR_ASSERT(check_transport_security_type(ctx.get()));
+ GPR_ASSERT(check_x509_cn(ctx.get(), expected_cn));
+ GPR_ASSERT(check_x509_pem_cert(ctx.get(), expected_pem_cert));
- rpeer = grpc_shallow_peer_from_ssl_auth_context(ctx);
+ rpeer = grpc_shallow_peer_from_ssl_auth_context(ctx.get());
GPR_ASSERT(check_ssl_peer_equivalence(&peer, &rpeer));
grpc_shallow_peer_destruct(&rpeer);
tsi_peer_destruct(&peer);
- GRPC_AUTH_CONTEXT_UNREF(ctx, "test");
+ ctx.reset(DEBUG_LOCATION, "test");
}
static void test_cn_and_multiple_sans_ssl_peer_to_auth_context(void) {
tsi_peer peer;
tsi_peer rpeer;
- grpc_auth_context* ctx;
const char* expected_cn = "cn1";
const char* expected_sans[] = {"san1", "san2", "san3"};
const char* expected_pem_cert = "pem_cert1";
@@ -265,28 +267,28 @@ static void test_cn_and_multiple_sans_ssl_peer_to_auth_context(void) {
TSI_X509_SUBJECT_ALTERNATIVE_NAME_PEER_PROPERTY,
expected_sans[i], &peer.properties[3 + i]) == TSI_OK);
}
- ctx = grpc_ssl_peer_to_auth_context(&peer);
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_ssl_peer_to_auth_context(&peer);
GPR_ASSERT(ctx != nullptr);
- GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx));
- GPR_ASSERT(check_identity(ctx, GRPC_X509_SAN_PROPERTY_NAME, expected_sans,
- GPR_ARRAY_SIZE(expected_sans)));
- GPR_ASSERT(check_transport_security_type(ctx));
- GPR_ASSERT(check_x509_cn(ctx, expected_cn));
- GPR_ASSERT(check_x509_pem_cert(ctx, expected_pem_cert));
-
- rpeer = grpc_shallow_peer_from_ssl_auth_context(ctx);
+ GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx.get()));
+ GPR_ASSERT(check_identity(ctx.get(), GRPC_X509_SAN_PROPERTY_NAME,
+ expected_sans, GPR_ARRAY_SIZE(expected_sans)));
+ GPR_ASSERT(check_transport_security_type(ctx.get()));
+ GPR_ASSERT(check_x509_cn(ctx.get(), expected_cn));
+ GPR_ASSERT(check_x509_pem_cert(ctx.get(), expected_pem_cert));
+
+ rpeer = grpc_shallow_peer_from_ssl_auth_context(ctx.get());
GPR_ASSERT(check_ssl_peer_equivalence(&peer, &rpeer));
grpc_shallow_peer_destruct(&rpeer);
tsi_peer_destruct(&peer);
- GRPC_AUTH_CONTEXT_UNREF(ctx, "test");
+ ctx.reset(DEBUG_LOCATION, "test");
}
static void test_cn_and_multiple_sans_and_others_ssl_peer_to_auth_context(
void) {
tsi_peer peer;
tsi_peer rpeer;
- grpc_auth_context* ctx;
const char* expected_cn = "cn1";
const char* expected_pem_cert = "pem_cert1";
const char* expected_sans[] = {"san1", "san2", "san3"};
@@ -311,21 +313,22 @@ static void test_cn_and_multiple_sans_and_others_ssl_peer_to_auth_context(
TSI_X509_SUBJECT_ALTERNATIVE_NAME_PEER_PROPERTY,
expected_sans[i], &peer.properties[5 + i]) == TSI_OK);
}
- ctx = grpc_ssl_peer_to_auth_context(&peer);
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_ssl_peer_to_auth_context(&peer);
GPR_ASSERT(ctx != nullptr);
- GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx));
- GPR_ASSERT(check_identity(ctx, GRPC_X509_SAN_PROPERTY_NAME, expected_sans,
- GPR_ARRAY_SIZE(expected_sans)));
- GPR_ASSERT(check_transport_security_type(ctx));
- GPR_ASSERT(check_x509_cn(ctx, expected_cn));
- GPR_ASSERT(check_x509_pem_cert(ctx, expected_pem_cert));
-
- rpeer = grpc_shallow_peer_from_ssl_auth_context(ctx);
+ GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx.get()));
+ GPR_ASSERT(check_identity(ctx.get(), GRPC_X509_SAN_PROPERTY_NAME,
+ expected_sans, GPR_ARRAY_SIZE(expected_sans)));
+ GPR_ASSERT(check_transport_security_type(ctx.get()));
+ GPR_ASSERT(check_x509_cn(ctx.get(), expected_cn));
+ GPR_ASSERT(check_x509_pem_cert(ctx.get(), expected_pem_cert));
+
+ rpeer = grpc_shallow_peer_from_ssl_auth_context(ctx.get());
GPR_ASSERT(check_ssl_peer_equivalence(&peer, &rpeer));
grpc_shallow_peer_destruct(&rpeer);
tsi_peer_destruct(&peer);
- GRPC_AUTH_CONTEXT_UNREF(ctx, "test");
+ ctx.reset(DEBUG_LOCATION, "test");
}
static const char* roots_for_override_api = "roots for override api";
@@ -430,7 +433,7 @@ static void test_default_ssl_roots(void) {
}
int main(int argc, char** argv) {
- grpc_test_init(argc, argv);
+ grpc::testing::TestEnvironment env(argc, argv);
grpc_init();
test_unauthenticated_ssl_peer();
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-19 13:44:17 +0000