From 9e3538c57df9855ff2f5c6384a00b740c2bec49a Mon Sep 17 00:00:00 2001
From: murgatroid99 <mlumish@google.com>
Date: Thu, 28 Apr 2016 13:27:19 -0700
Subject: Load default roots.pem in Ruby via
 grpc_set_ssl_roots_override_callback

---
 src/ruby/ext/grpc/rb_channel_credentials.c | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

(limited to 'src/ruby/ext/grpc/rb_channel_credentials.c')

diff --git a/src/ruby/ext/grpc/rb_channel_credentials.c b/src/ruby/ext/grpc/rb_channel_credentials.c
index 10391bc963..4c01859db7 100644
--- a/src/ruby/ext/grpc/rb_channel_credentials.c
+++ b/src/ruby/ext/grpc/rb_channel_credentials.c
@@ -31,6 +31,8 @@
  *
  */
 
+#include <string.h>
+
 #include <ruby/ruby.h>
 #include "rb_grpc_imports.generated.h"
 #include "rb_channel_credentials.h"
@@ -39,6 +41,7 @@
 
 #include <grpc/grpc.h>
 #include <grpc/grpc_security.h>
+#include <grpc/support/alloc.h>
 #include <grpc/support/log.h>
 
 #include "rb_call_credentials.h"
@@ -48,6 +51,8 @@
    grpc_channel_credentials. */
 static VALUE grpc_rb_cChannelCredentials = Qnil;
 
+static char *pem_root_certs = NULL;
+
 /* grpc_rb_channel_credentials wraps a grpc_channel_credentials.  It provides a
  * mark object that is used to hold references to any objects used to create
  * the credentials. */
@@ -236,6 +241,24 @@ static VALUE grpc_rb_channel_credentials_compose(int argc, VALUE *argv,
   return grpc_rb_wrap_channel_credentials(creds, mark);
 }
 
+static grpc_ssl_roots_override_result get_ssl_roots_override(
+    char **pem_root_certs_ptr) {
+  *pem_root_certs_ptr = pem_root_certs;
+  if (pem_root_certs == NULL) {
+    return GRPC_SSL_ROOTS_OVERRIDE_FAIL;
+  } else {
+    return GRPC_SSL_ROOTS_OVERRIDE_OK;
+  }
+}
+
+static VALUE grpc_rb_set_default_roots_pem(VALUE self, VALUE roots) {
+  char *roots_ptr = StringValueCStr(roots);
+  size_t length = strlen(roots_ptr);
+  pem_root_certs = gpr_malloc((length + 1) * sizeof(char));
+  memcpy(pem_root_certs, roots_ptr, length + 1);
+  return Qnil;
+}
+
 void Init_grpc_channel_credentials() {
   grpc_rb_cChannelCredentials =
       rb_define_class_under(grpc_rb_mGrpcCore, "ChannelCredentials", rb_cObject);
@@ -251,6 +274,11 @@ void Init_grpc_channel_credentials() {
                    grpc_rb_channel_credentials_init_copy, 1);
   rb_define_method(grpc_rb_cChannelCredentials, "compose",
                    grpc_rb_channel_credentials_compose, -1);
+  rb_define_module_function(grpc_rb_cChannelCredentials,
+                            "set_default_roots_pem",
+                            grpc_rb_set_default_roots_pem, 1);
+
+  grpc_set_ssl_roots_override_callback(get_ssl_roots_override);
 
   id_pem_cert_chain = rb_intern("__pem_cert_chain");
   id_pem_private_key = rb_intern("__pem_private_key");
-- 
cgit v1.2.3