| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
- Positive tests pass even if we will have to change the interface to
add the processor to the server credentials (will be done in a
separate pull request).
- ASAN leaks for the error case.
- The client should get a GRPC_STATUS_UNAUTHENTICATED as opposed to
GPRC_STATUS_INTERNAL.
|
| |
|
|
|
|
|
|
|
|
| |
- Right now it is a global function: would be better to have this per
(secure) port.
- Changed the interface of the auth_context slightly to make it more
friendly.
- Positive tests pass. Still need some work on error case (have a
negative case as well).
- Fixing cpp auth context tests so that they use the shiny new C API.
|
| | |
|
| |
|
|
|
|
| |
Handle the case where we recreate an auth context.
Add (opt-in) debugging for refcounts on auth contexts.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Still TODO:
- a way to plug a metadata processing (somewhat elsewhere but did not
one to overload this already large PR).
- plug-in the auth context on the client side.
- Better end to end testing.
|
| | |
|
| |
|
|
|
| |
- Renamed security_context -> security_connector.
- Credentials are now responsible for creating their own connectors.
|
| |
|
|
|
|
| |
- This will take care of a potential issue with default credentials
where the slice pointer is casted as const char * for APIs that need a
null terminated string.
|
| | |
|
| |
|
|
|
|
|
|
| |
Change all !str[n]cmp to be str[n]cmp == 0 consistently across the codebase.
Issue #231
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| | |
This string comes from an authority field, which is allowed to contain a
':' port (see https://tools.ietf.org/html/rfc3986#section-3.2).
We need to strip it before performing host name verification.
|
| | |\
| | |
| | | |
Using HTTP2 compliant cipher suites by default.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
- Added a way to override the cipher suites with an environment
variable so that we can still do interop testing with java7.
- Takes care of #681.
|
| | |/
| |
| |
| | |
- Should fix #746.
|
| |\| |
|
| | |\
| | |
| | | |
Added support for default credentials.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
- Renaming default credentials -> google default credentials.
- Various other things in cpp:
- Adding Cpp wrapping for JWT Tokens.
- Renaming ComposeCredentials -> CompositeCredentials.
|
| |/ /
| |
| |
| | |
And reflects the C++ API in ServerBuilder.
|
| | | |
|
| |\| |
|
| | |\
| | |
| | | |
Implementing JWT credentials (a.k.a JWT ID Tokens).
|
| |/ /
| |
| |
| |
| |
| |
| | |
- The roots.pem file has been generated from
https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt
using
https://github.com/agl/extract-nss-root-certs
|
| |\ \
| | |
| | | |
Defining an installation prefix for grpc's root certs at compilation time.
|
| | | | |
|
| |/ /
| |
| |
| |
| |
| | |
- Makes 2 tests fail:
- httpcli_test
- interop_test
|
| | |
| |
| |
| | |
installed."
|
| | | |
|
| |/
|
|
| |
- Not tested end to end yet
|
| | |
|
| | |
|
| |
|
|
| |
- Fixes #542
|
| |
|
|
|
|
|
| |
- Fixes #405.
- This change is not tested as it should (only end to end and no
negative testing). Will do better when we have testing framework
for filters.
|
| |
|
|
|
|
| |
- Had to add support for files and environment variables as well.
- I can't compile on windows so I'm sure there will be some issues.
- Tested end-to-end with the simple ssl fullstack test.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Changed the unsigned char * + size to NULL terminated strings which
makes sense for the PEM format. I may change TSI later (but the impact
will hopefully be much more limited).
- Added a way to pass multiple key/cert pairs to servers which is needed
when hosting more than one domain.
- Removed the C++ SSL credentials tests as we are going to have an
option to not specify the roots which will then be derived from the
environment (well-known platform dependent locations and/or
environment variable).
- Fixed the php build which is the only one added in the run_test.py.
This change will certainly break node, python and ruby.
|
| | |
|
| |
|
|
| |
Will remove grpc impedance mismatch.
|
| |
|
|
|
|
| |
1. scheme_from_args should return const char*
2. Rename grpc.scheme arg to grpc.http2_scheme, and define a macro for
it.
|
| |
|
|
|
|
| |
This requires additional logic to determine whether to send http or
https. This change assumes a default of http, and plumbs down https
through a synthesized channel arg when using the ssl transport.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Checked that the opensource version still builds.
Just addressing core for now. We will do c++ later.
Change on 2015/01/12 by jboeuf <jboeuf@google.com>
-------------
Created by MOE: http://code.google.com/p/moe-java
MOE_MIGRATED_REVID=83804014
|
| |
|
|
|
|
|
|
| |
failure.
Change on 2015/01/09 by yangg <yangg@google.com>
-------------
Created by MOE: http://code.google.com/p/moe-java
MOE_MIGRATED_REVID=83634736
|
| |
|
|
|
|
|
|
|
|
| |
Fold endpoint interface into iomgr, move secure_endpoint into security/.
This will make it easier for endpoint to rely on some iomgr defined types (like
pollset).
Change on 2014/12/17 by ctiller <ctiller@google.com>
-------------
Created by MOE: http://code.google.com/p/moe-java
MOE_MIGRATED_REVID=82338036
|
| |
|
|
|
|
|
|
| |
(Fixing the rollback from earlier - we were passing '1' as the protocol count, not num_alpn_protocols)
Change on 2014/12/10 by ctiller <ctiller@google.com>
-------------
Created by MOE: http://code.google.com/p/moe-java
MOE_MIGRATED_REVID=81783755
|
Craig Tiller
Julien Boeuf
yang-g
Masood Malekghassemi
Ronnie Sahlberg
Abhishek Kumar
Craig Tiller
Nicolas "Pixel" Noble
jboeuf
Nicolas Noble
David Klempner