From 9e21f7281f4939d46fa391dfcc9672c203c747a8 Mon Sep 17 00:00:00 2001
From: yangg <yangg@google.com>
Date: Mon, 8 Dec 2014 15:49:52 -0800
Subject: Add server side credentials support. Make interop test use ssl by
 default. 	Change on 2014/12/08 by yangg <yangg@google.com> -------------
 Created by MOE: http://code.google.com/p/moe-java MOE_MIGRATED_REVID=81619141

---
 src/cpp/server/server.cc             | 21 +++++++++++++++++----
 src/cpp/server/server_builder.cc     |  9 ++++++++-
 src/cpp/server/server_credentials.cc | 20 +++++++++++++++-----
 3 files changed, 40 insertions(+), 10 deletions(-)

(limited to 'src/cpp')

diff --git a/src/cpp/server/server.cc b/src/cpp/server/server.cc
index 9bf4073238..2130befa7d 100644
--- a/src/cpp/server/server.cc
+++ b/src/cpp/server/server.cc
@@ -35,26 +35,34 @@
 #include <utility>
 
 #include <grpc/grpc.h>
+#include <grpc/grpc_security.h>
 #include <grpc/support/log.h>
 #include "src/cpp/server/rpc_service_method.h"
 #include "src/cpp/server/server_rpc_handler.h"
 #include "src/cpp/server/thread_pool.h"
 #include <grpc++/async_server_context.h>
 #include <grpc++/completion_queue.h>
+#include <grpc++/server_credentials.h>
 
 namespace grpc {
 
 // TODO(rocking): consider a better default value like num of cores.
 static const int kNumThreads = 4;
 
-Server::Server(ThreadPoolInterface* thread_pool)
+Server::Server(ThreadPoolInterface* thread_pool, ServerCredentials* creds)
     : started_(false),
       shutdown_(false),
       num_running_cb_(0),
       thread_pool_(thread_pool == nullptr ? new ThreadPool(kNumThreads)
                                           : thread_pool),
-      thread_pool_owned_(thread_pool == nullptr) {
-  server_ = grpc_server_create(cq_.cq(), nullptr);
+      thread_pool_owned_(thread_pool == nullptr),
+      secure_(creds != nullptr) {
+  if (creds) {
+    server_ =
+        grpc_secure_server_create(creds->GetRawCreds(), cq_.cq(), nullptr);
+  } else {
+    server_ = grpc_server_create(cq_.cq(), nullptr);
+  }
 }
 
 Server::Server() {
@@ -83,7 +91,12 @@ void Server::RegisterService(RpcService* service) {
 
 void Server::AddPort(const grpc::string& addr) {
   GPR_ASSERT(!started_);
-  int success = grpc_server_add_http2_port(server_, addr.c_str());
+  int success;
+  if (secure_) {
+    success = grpc_server_add_secure_http2_port(server_, addr.c_str());
+  } else {
+    success = grpc_server_add_http2_port(server_, addr.c_str());
+  }
   GPR_ASSERT(success);
 }
 
diff --git a/src/cpp/server/server_builder.cc b/src/cpp/server/server_builder.cc
index d5d0689bc5..d74d8cb65f 100644
--- a/src/cpp/server/server_builder.cc
+++ b/src/cpp/server/server_builder.cc
@@ -33,6 +33,7 @@
 
 #include <grpc++/server_builder.h>
 
+#include <grpc/support/log.h>
 #include <grpc++/server.h>
 
 namespace grpc {
@@ -47,12 +48,18 @@ void ServerBuilder::AddPort(const grpc::string& addr) {
   ports_.push_back(addr);
 }
 
+void ServerBuilder::SetCredentials(
+    const std::shared_ptr<ServerCredentials>& creds) {
+  GPR_ASSERT(!creds_);
+  creds_ = creds;
+}
+
 void ServerBuilder::SetThreadPool(ThreadPoolInterface* thread_pool) {
   thread_pool_ = thread_pool;
 }
 
 std::unique_ptr<Server> ServerBuilder::BuildAndStart() {
-  std::unique_ptr<Server> server(new Server(thread_pool_));
+  std::unique_ptr<Server> server(new Server(thread_pool_, creds_.get()));
   for (auto* service : services_) {
     server->RegisterService(service);
   }
diff --git a/src/cpp/server/server_credentials.cc b/src/cpp/server/server_credentials.cc
index d23a09f3c1..f9ca1622ba 100644
--- a/src/cpp/server/server_credentials.cc
+++ b/src/cpp/server/server_credentials.cc
@@ -49,12 +49,22 @@ grpc_server_credentials* ServerCredentials::GetRawCreds() { return creds_; }
 
 std::shared_ptr<ServerCredentials> ServerCredentialsFactory::SslCredentials(
     const SslServerCredentialsOptions& options) {
+  const unsigned char* pem_root_certs =
+      options.pem_root_certs.empty() ? nullptr
+                                     : reinterpret_cast<const unsigned char*>(
+                                           options.pem_root_certs.c_str());
+  const unsigned char* pem_private_key =
+      options.pem_private_key.empty() ? nullptr
+                                      : reinterpret_cast<const unsigned char*>(
+                                            options.pem_private_key.c_str());
+  const unsigned char* pem_cert_chain =
+      options.pem_cert_chain.empty() ? nullptr
+                                     : reinterpret_cast<const unsigned char*>(
+                                           options.pem_cert_chain.c_str());
+
   grpc_server_credentials* c_creds = grpc_ssl_server_credentials_create(
-      reinterpret_cast<const unsigned char*>(options.pem_root_certs.c_str()),
-      options.pem_root_certs.size(),
-      reinterpret_cast<const unsigned char*>(options.pem_private_key.c_str()),
-      options.pem_private_key.size(),
-      reinterpret_cast<const unsigned char*>(options.pem_cert_chain.c_str()),
+      pem_root_certs, options.pem_root_certs.size(), pem_private_key,
+      options.pem_private_key.size(), pem_cert_chain,
       options.pem_cert_chain.size());
   return std::shared_ptr<ServerCredentials>(new ServerCredentials(c_creds));
 }
-- 
cgit v1.2.3