Commit message (Collapse) | Author | Age | ||
---|---|---|---|---|
... | ||||
| | * | minor fix | Yihua Zhang | 2018-07-03 | |
| | | | ||||
| | * | finished 2nd revision | Yihua Zhang | 2018-07-03 | |
| | | | ||||
| * | | Allocate on call arena in client_auth_filter | Hope Casey-Allen | 2018-07-03 | |
| | | | ||||
| | * | finished 1st revision | Yihua Zhang | 2018-07-02 | |
| | | | ||||
| | * | implement loca credentials | Yihua Zhang | 2018-07-02 | |
| |/ |/| | ||||
* | | Remove auth_context from call data. Use channel data auth context instead | Hope Casey-Allen | 2018-06-29 | |
| | | ||||
* | | Fix macro error and clang tidy | Hope Casey-Allen | 2018-06-29 | |
| | | ||||
* | | Remove allocation in server_auth_filter | Hope Casey-Allen | 2018-06-29 | |
|/ | ||||
* | Remove allocation in server_auth filter and allocate on the arena instead | Hope Casey-Allen | 2018-06-22 | |
| | ||||
* | Create verify_peer_options when creating ssl credentials in order to expose ↵ | Ian Haken | 2018-06-12 | |
| | | | | | | a verification callback option. These options are not yet exposed to languages outside of core. | |||
* | Fix fuzzer error | ncteisen | 2018-06-06 | |
| | ||||
* | Stop using cached time in oauth token expiration time | yang-g | 2018-06-01 | |
| | ||||
* | use a new gcp env check mechansim | Yihua Zhang | 2018-05-18 | |
| | ||||
* | Merge pull request #15404 from jiangtaoli2016/ecdsa | Jiangtao Li | 2018-05-16 | |
|\ | | | | | Add ECDSA to gRPC default SSL cipher list | |||
| * | Add ECDSA to gRPC default SSL cipher list | jiangtaoli2016 | 2018-05-15 | |
| | | ||||
* | | Reviewer feedback and build fixes | ncteisen | 2018-05-15 | |
| | | ||||
* | | Stop using banned functions | ncteisen | 2018-05-15 | |
|/ | ||||
* | Merge pull request #15325 from yihuazhang/google_default_creds_fix | yihuaz | 2018-05-10 | |
|\ | | | | | Fix channel args errors in google default credentials | |||
| * | fix google default creds | Yihua Zhang | 2018-05-09 | |
| | | ||||
* | | Migrate SSL_transport_security TSI to new TSI handshaker API | jiangtaoli2016 | 2018-05-09 | |
|/ | ||||
* | Add tsi_handshaker_shutdown to TSI | Yihua Zhang | 2018-05-09 | |
| | ||||
* | incorporate alts to google default creds | Yihua Zhang | 2018-05-03 | |
| | ||||
* | fix namespace of security_connector test functions | jiangtaoli2016 | 2018-04-27 | |
| | ||||
* | Merge pull request #14387 from dcow/zone-id | Mark D. Roth | 2018-04-27 | |
|\ | | | | | gRPC core: strip zone-id from IPv6 hosts before TLS verification | |||
* \ | Merge pull request #15190 from yihuazhang/enable_cpp_for_alts_interop | yihuaz | 2018-04-26 | |
|\ \ | | | | | | | Enable C++ in ALTS interop tests | |||
| | * | gRPC core: strip zone-id from IPv6 hosts before TLS verification | David Cowden | 2018-04-26 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When initiating a connection to an IPv6 peer using an address that is not globally scoped, there may be ambiguity regarding which zone the destination address applies to when multiple links of the same scope are present. The scoped address architecture and zone-id syntax are described in rfc4007 and rfc 6874, respectively: * https://tools.ietf.org/html/rfc4007#section-6 * https://tools.ietf.org/html/rfc6874 This patch allows host name verification performed during TLS session establishment, and on a per-call basis, to work correctly when the peer presents a certificate with a non-global IPv6 address listed as one of its alternate names. Whether arbitrary certificate authorities choose issue certificates of this nature, or not, is outside the scope of gRPC. The zone-id is separated from the address using a percent (%) character. It is considered a system implementation detail and guidance suggests it be stripped from any paths or addresses egressing a host because it is irrelevant and meaningless otherwise. It would not make sense for a server to present a certificate containing non-global IPv6 addresses with zone-ids present nor would it work unless two hosts happened to be using the same zone-id. ssl_host_matches_name is prefixed with grpc_ because it has been promoted to the global namespace for testing. Resolves #14371 | |||
| * | | don't call security_handshake_failed_locked | Yihua Zhang | 2018-04-25 | |
| | | | ||||
* | | | Change trace logging to use GPR_INFO instead of GPR_DEBUG. | Mark D. Roth | 2018-04-25 | |
| |/ |/| | ||||
| * | enable c++ for ALTS kokoro tests | Yihua Zhang | 2018-04-25 | |
|/ | ||||
* | Add tracer for handshakers. | Mark D. Roth | 2018-04-17 | |
| | ||||
* | Add C++ experimental API extensions for ALTS C stack | Yihua Zhang | 2018-04-16 | |
| | ||||
* | Init default root certs store once | jiangtaoli2016 | 2018-03-28 | |
| | ||||
* | Merge branch 'master' of github.com:grpc/grpc into authority_header | David Garcia Quintas | 2018-03-27 | |
|\ | ||||
* | | more comments | David Garcia Quintas | 2018-03-27 | |
| | | ||||
* | | added call_host_override test | David Garcia Quintas | 2018-03-26 | |
| | | ||||
* | | PR comments | David Garcia Quintas | 2018-03-23 | |
| | | ||||
| * | cache default SSL root cert store | jiangtaoli2016 | 2018-03-23 | |
| | | ||||
* | | Fixed tests call host | David Garcia Quintas | 2018-03-22 | |
| | | ||||
* | | Merge branch 'master' of github.com:grpc/grpc into authority_header | David Garcia Quintas | 2018-03-21 | |
|\| | ||||
| * | [grpc] Add SSL session client cache support | Ruslan Nigmatullin | 2018-03-20 | |
| | | ||||
| * | Remove unnecessary includes of exec_ctx.h | Yash Tibrewal | 2018-03-14 | |
| | | ||||
* | | Undo changes to ssl_credentials.cc | David Garcia Quintas | 2018-03-14 | |
| | | ||||
| * | Use metadata batch callouts in client_auth_filter. | Mark D. Roth | 2018-03-12 | |
| | | ||||
* | | Secure channels: use the right authority | David Garcia Quintas | 2018-03-10 | |
|/ | ||||
* | Add ALTS code to grpc/core | Yihua Zhang | 2018-03-08 | |
| | ||||
* | Revert "Add ALTS C stack to gRPC core" | Sree Kuchibhotla | 2018-03-07 | |
| | ||||
* | Add ALTS code to grpc/core | Yihua Zhang | 2018-03-06 | |
| | ||||
* | Perform secure naming checks in grpclb_end2end_test | David Garcia Quintas | 2018-02-27 | |
| | ||||
* | Convert slice hash table and service config code to C++. | Mark D. Roth | 2018-02-26 | |
| | ||||
* | Add a sanity check for inclusion of port_platform.h | Alexander Polcyn | 2018-02-23 | |
| |