From f7350ea6b7b58d632bf4a8aafaa0354e022d9c0b Mon Sep 17 00:00:00 2001 From: Yash Tibrewal Date: Wed, 19 Jul 2017 10:26:41 -0700 Subject: Adding connect auth feature. Proxy-Authorization header is being inserted when user creds are present in uri --- test/core/end2end/fixtures/http_proxy_fixture.c | 43 +++++++++++++++++++++++-- 1 file changed, 41 insertions(+), 2 deletions(-) (limited to 'test/core/end2end/fixtures/http_proxy_fixture.c') diff --git a/test/core/end2end/fixtures/http_proxy_fixture.c b/test/core/end2end/fixtures/http_proxy_fixture.c index 54693c4900..d69ed1a086 100644 --- a/test/core/end2end/fixtures/http_proxy_fixture.c +++ b/test/core/end2end/fixtures/http_proxy_fixture.c @@ -22,6 +22,7 @@ #include +#include #include #include #include @@ -47,6 +48,7 @@ #include "src/core/lib/iomgr/tcp_server.h" #include "src/core/lib/iomgr/timer.h" #include "src/core/lib/slice/slice_internal.h" +#include "src/core/lib/slice/b64.h" #include "test/core/util/port.h" struct grpc_end2end_http_proxy { @@ -352,6 +354,42 @@ static void on_read_request_done(grpc_exec_ctx* exec_ctx, void* arg, GRPC_ERROR_UNREF(error); return; } + // If proxy auth is being used, check if the header is present + if(grpc_channel_args_find( + conn->proxy->channel_args, + GRPC_END2END_HTTP_PROXY_TEST_CONNECT_AUTH_PRESENT) != NULL) { + bool found = false, failed = false; + for(size_t i = 0; i < conn->http_request.hdr_count; i++) { + if(strcmp(conn->http_request.hdrs[i].key, "Proxy-Authorization") == 0) { + found = true; + // Authentication type should be Basic + if(strncmp(conn->http_request.hdrs[i].value, "Basic", + strlen("Basic")) != 0) { + failed = true; + break; + } + // Check if encoded string is as expected + char *encoded_str_start = + strchr(conn->http_request.hdrs[i].value, ' ') + 1; + grpc_slice decoded_slice = + grpc_base64_decode(exec_ctx, encoded_str_start, 0); + if(grpc_slice_str_cmp( + decoded_slice, GRPC_END2END_HTTP_PROXY_TEST_CONNECT_CRED) != 0) { + failed = true; + break; + } + break; + } + } + if(!found || failed) { + const char *msg = "HTTP Connect could not verify authentication"; + error = GRPC_ERROR_CREATE_FROM_COPIED_STRING(msg); + proxy_connection_failed(exec_ctx, conn, true /* is_client */, + "HTTP proxy read request", error); + GRPC_ERROR_UNREF(error); + return; + } + } // Resolve address. grpc_resolved_addresses* resolved_addresses = NULL; error = grpc_blocking_resolve_address(conn->http_request.path, "80", @@ -436,7 +474,8 @@ static void thread_main(void* arg) { grpc_exec_ctx_finish(&exec_ctx); } -grpc_end2end_http_proxy* grpc_end2end_http_proxy_create(void) { +grpc_end2end_http_proxy* grpc_end2end_http_proxy_create( + grpc_channel_args *args) { grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT; grpc_end2end_http_proxy* proxy = (grpc_end2end_http_proxy*)gpr_malloc(sizeof(*proxy)); @@ -448,7 +487,7 @@ grpc_end2end_http_proxy* grpc_end2end_http_proxy_create(void) { gpr_join_host_port(&proxy->proxy_name, "localhost", proxy_port); gpr_log(GPR_INFO, "Proxy address: %s", proxy->proxy_name); // Create TCP server. - proxy->channel_args = grpc_channel_args_copy(NULL); + proxy->channel_args = grpc_channel_args_copy(args); grpc_error* error = grpc_tcp_server_create( &exec_ctx, NULL, proxy->channel_args, &proxy->server); GPR_ASSERT(error == GRPC_ERROR_NONE); -- cgit v1.2.3 From 78d7125017951d17b4e9ee2b8d184c5beed65d7c Mon Sep 17 00:00:00 2001 From: Yash Tibrewal Date: Wed, 19 Jul 2017 16:33:16 -0700 Subject: Removing a few style issues --- src/core/ext/filters/client_channel/http_proxy.c | 44 ++++++++++++---- test/core/end2end/fixtures/h2_http_proxy.c | 7 +-- test/core/end2end/fixtures/http_proxy_fixture.c | 66 +++++++++++++++++------- 3 files changed, 84 insertions(+), 33 deletions(-) (limited to 'test/core/end2end/fixtures/http_proxy_fixture.c') diff --git a/src/core/ext/filters/client_channel/http_proxy.c b/src/core/ext/filters/client_channel/http_proxy.c index 1bd847b0db..a8a23ceb9e 100644 --- a/src/core/ext/filters/client_channel/http_proxy.c +++ b/src/core/ext/filters/client_channel/http_proxy.c @@ -34,12 +34,19 @@ #include "src/core/lib/support/string.h" #include "src/core/lib/slice/b64.h" -static void grpc_get_http_proxy_server(grpc_exec_ctx* exec_ctx, - char **name_to_resolve, +/** + * Parses the 'http_proxy' env var and returns the proxy hostname to resolve or + * NULL on error. Also sets 'user_cred' if it is not NULL to user credentials + * if present in the 'http_proxy' env var. + */ +static char *grpc_get_http_proxy_server(grpc_exec_ctx* exec_ctx, char **user_cred) { - *name_to_resolve = NULL; + char *proxy_name = NULL; + if(user_cred != NULL) { + *user_cred = NULL; + } char* uri_str = gpr_getenv("http_proxy"); - if (uri_str == NULL) return; + if (uri_str == NULL) return NULL; grpc_uri* uri = grpc_uri_parse(exec_ctx, uri_str, false /* suppress_errors */); if (uri == NULL || uri->authority == NULL) { @@ -50,18 +57,33 @@ static void grpc_get_http_proxy_server(grpc_exec_ctx* exec_ctx, gpr_log(GPR_ERROR, "'%s' scheme not supported in proxy URI", uri->scheme); goto done; } - char *user_cred_end = strchr(uri->authority, '@'); - if (user_cred_end != NULL) { - *name_to_resolve = gpr_strdup(user_cred_end + 1); - *user_cred_end = '\0'; - *user_cred = gpr_strdup(uri->authority); + /* Split on '@' to separate user credentials from host */ + char **authority_strs = NULL; + size_t authority_nstrs; + gpr_string_split(uri->authority, "@", &authority_strs, &authority_nstrs); + GPR_ASSERT(authority_nstrs != 0); /* should have atleast 1 string */ + if(authority_nstrs == 1) { + /* User cred not present in authority */ + proxy_name = gpr_strdup(authority_strs[0]); + } else if(authority_nstrs == 2) { + /* User cred found */ + if(user_cred != NULL) { + *user_cred = gpr_strdup(authority_strs[0]); + } + proxy_name = gpr_strdup(authority_strs[1]); gpr_log(GPR_INFO, "userinfo found in proxy URI"); } else { - *name_to_resolve = gpr_strdup(uri->authority); + /* Bad authority */ + proxy_name = NULL; + } + for(size_t i = 0; i < authority_nstrs; i++) { + gpr_free(authority_strs[i]); } + gpr_free(authority_strs); done: gpr_free(uri_str); grpc_uri_destroy(uri); + return proxy_name; } static bool proxy_mapper_map_name(grpc_exec_ctx* exec_ctx, @@ -71,7 +93,7 @@ static bool proxy_mapper_map_name(grpc_exec_ctx* exec_ctx, char** name_to_resolve, grpc_channel_args** new_args) { char *user_cred = NULL; - grpc_get_http_proxy_server(exec_ctx, name_to_resolve, &user_cred); + *name_to_resolve = grpc_get_http_proxy_server(exec_ctx, &user_cred); if (*name_to_resolve == NULL) return false; grpc_uri* uri = grpc_uri_parse(exec_ctx, server_uri, false /* suppress_errors */); diff --git a/test/core/end2end/fixtures/h2_http_proxy.c b/test/core/end2end/fixtures/h2_http_proxy.c index 817a9a0a09..ce93c614df 100644 --- a/test/core/end2end/fixtures/h2_http_proxy.c +++ b/test/core/end2end/fixtures/h2_http_proxy.c @@ -53,11 +53,12 @@ static grpc_end2end_test_fixture chttp2_create_fixture_fullstack( const int server_port = grpc_pick_unused_port_or_die(); gpr_join_host_port(&ffd->server_addr, "localhost", server_port); - //If we are testing proxy auth, add the proxy auth arg to proxy channel args + /* If we are testing proxy auth, add the proxy auth arg to proxy channel args + */ grpc_channel_args *proxy_args = NULL; const grpc_arg *proxy_auth_arg = grpc_channel_args_find( client_args, GRPC_END2END_HTTP_PROXY_TEST_CONNECT_AUTH_PRESENT); - if(proxy_auth_arg) { + if(proxy_auth_arg != NULL) { proxy_args = grpc_channel_args_copy_and_add(NULL, proxy_auth_arg, 1); } ffd->proxy = grpc_end2end_http_proxy_create(proxy_args); @@ -77,7 +78,7 @@ void chttp2_init_client_fullstack(grpc_end2end_test_fixture *f, fullstack_fixture_data *ffd = f->fixture_data; char *proxy_uri; - // If testing for proxy auth, add credentials to proxy uri + /* If testing for proxy auth, add credentials to proxy uri */ if(grpc_channel_args_find( client_args, GRPC_END2END_HTTP_PROXY_TEST_CONNECT_AUTH_PRESENT) == NULL) { gpr_asprintf(&proxy_uri, "http://%s", diff --git a/test/core/end2end/fixtures/http_proxy_fixture.c b/test/core/end2end/fixtures/http_proxy_fixture.c index d69ed1a086..239444e75f 100644 --- a/test/core/end2end/fixtures/http_proxy_fixture.c +++ b/test/core/end2end/fixtures/http_proxy_fixture.c @@ -47,8 +47,9 @@ #include "src/core/lib/iomgr/tcp_client.h" #include "src/core/lib/iomgr/tcp_server.h" #include "src/core/lib/iomgr/timer.h" -#include "src/core/lib/slice/slice_internal.h" #include "src/core/lib/slice/b64.h" +#include "src/core/lib/slice/slice_internal.h" +#include "src/core/lib/support/string.h" #include "test/core/util/port.h" struct grpc_end2end_http_proxy { @@ -306,6 +307,45 @@ static void on_server_connect_done(grpc_exec_ctx* exec_ctx, void* arg, &conn->on_write_response_done); } +/** + * Parses the proxy auth header value to check if it matches :- + * Basic + * Returns true if it matches, false otherwise + */ +static bool proxy_auth_header_matches(grpc_exec_ctx *exec_ctx, + char *proxy_auth_header_val) { + if(proxy_auth_header_val == NULL) { + return false; + } + char **auth_header_strs; + size_t auth_header_nstrs; + bool auth_header_matches = false; + // Split the auth header value on space + gpr_string_split(proxy_auth_header_val, " ", &auth_header_strs, + &auth_header_nstrs); + if(auth_header_nstrs != 2) { + goto done; + } + // Authentication type should be Basic + if(strcmp(auth_header_strs[0], "Basic") != 0) { + goto done; + } + // should match GRPC_END2END_HTTP_PROXY_TEST_CONNECT_CRED after decoding + grpc_slice decoded_slice = + grpc_base64_decode(exec_ctx, auth_header_strs[1], 0); + if(grpc_slice_str_cmp( + decoded_slice, GRPC_END2END_HTTP_PROXY_TEST_CONNECT_CRED) != 0) { + goto done; + } + auth_header_matches = true; +done: + for(size_t i = 0; i < auth_header_nstrs; i++) { + gpr_free(auth_header_strs[i]); + } + gpr_free(auth_header_strs); + return auth_header_matches; +} + // Callback to read the HTTP CONNECT request. // TODO(roth): Technically, for any of the failure modes handled by this // function, we should handle the error by returning an HTTP response to @@ -354,34 +394,22 @@ static void on_read_request_done(grpc_exec_ctx* exec_ctx, void* arg, GRPC_ERROR_UNREF(error); return; } - // If proxy auth is being used, check if the header is present + // If proxy auth is being used, check if the header is present and as expected if(grpc_channel_args_find( conn->proxy->channel_args, GRPC_END2END_HTTP_PROXY_TEST_CONNECT_AUTH_PRESENT) != NULL) { - bool found = false, failed = false; + bool auth_header_found = false; for(size_t i = 0; i < conn->http_request.hdr_count; i++) { if(strcmp(conn->http_request.hdrs[i].key, "Proxy-Authorization") == 0) { - found = true; - // Authentication type should be Basic - if(strncmp(conn->http_request.hdrs[i].value, "Basic", - strlen("Basic")) != 0) { - failed = true; - break; - } - // Check if encoded string is as expected - char *encoded_str_start = - strchr(conn->http_request.hdrs[i].value, ' ') + 1; - grpc_slice decoded_slice = - grpc_base64_decode(exec_ctx, encoded_str_start, 0); - if(grpc_slice_str_cmp( - decoded_slice, GRPC_END2END_HTTP_PROXY_TEST_CONNECT_CRED) != 0) { - failed = true; + if(!proxy_auth_header_matches( + exec_ctx, conn->http_request.hdrs[i].value)) { break; } + auth_header_found = true; break; } } - if(!found || failed) { + if(!auth_header_found) { const char *msg = "HTTP Connect could not verify authentication"; error = GRPC_ERROR_CREATE_FROM_COPIED_STRING(msg); proxy_connection_failed(exec_ctx, conn, true /* is_client */, -- cgit v1.2.3 From c62ce80b805837dc2246b453a4a8b76c886cb6a3 Mon Sep 17 00:00:00 2001 From: Yash Tibrewal Date: Thu, 20 Jul 2017 16:48:01 -0700 Subject: Test credentials are passed with channel arg. Renamed macros and refactored code as per suggestions. Renamed test to proxy_auth and changed it to use simple_request instead of a payload. --- CMakeLists.txt | 4 +- Makefile | 4 +- src/core/ext/filters/client_channel/http_proxy.c | 58 +- test/core/end2end/end2end_nosec_tests.c | 16 +- test/core/end2end/end2end_tests.c | 16 +- test/core/end2end/fixtures/h2_http_proxy.c | 23 +- test/core/end2end/fixtures/http_proxy_fixture.c | 68 +- test/core/end2end/fixtures/http_proxy_fixture.h | 12 +- test/core/end2end/gen_build_yaml.py | 15 +- test/core/end2end/generate_tests.bzl | 18 +- test/core/end2end/tests/payload_with_proxy_auth.c | 302 -------- test/core/end2end/tests/proxy_auth.c | 235 ++++++ tools/run_tests/generated/sources_and_headers.json | 4 +- tools/run_tests/generated/tests.json | 848 +-------------------- .../end2end_nosec_tests.vcxproj | 4 +- .../end2end_nosec_tests.vcxproj.filters | 6 +- .../tests/end2end_tests/end2end_tests.vcxproj | 4 +- .../end2end_tests/end2end_tests.vcxproj.filters | 6 +- 18 files changed, 392 insertions(+), 1251 deletions(-) delete mode 100644 test/core/end2end/tests/payload_with_proxy_auth.c create mode 100644 test/core/end2end/tests/proxy_auth.c (limited to 'test/core/end2end/fixtures/http_proxy_fixture.c') diff --git a/CMakeLists.txt b/CMakeLists.txt index 1d6cf021d4..266f2c0774 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -4352,9 +4352,9 @@ add_library(end2end_tests test/core/end2end/tests/no_logging.c test/core/end2end/tests/no_op.c test/core/end2end/tests/payload.c - test/core/end2end/tests/payload_with_proxy_auth.c test/core/end2end/tests/ping.c test/core/end2end/tests/ping_pong_streaming.c + test/core/end2end/tests/proxy_auth.c test/core/end2end/tests/registered_call.c test/core/end2end/tests/request_with_flags.c test/core/end2end/tests/request_with_payload.c @@ -4452,9 +4452,9 @@ add_library(end2end_nosec_tests test/core/end2end/tests/no_logging.c test/core/end2end/tests/no_op.c test/core/end2end/tests/payload.c - test/core/end2end/tests/payload_with_proxy_auth.c test/core/end2end/tests/ping.c test/core/end2end/tests/ping_pong_streaming.c + test/core/end2end/tests/proxy_auth.c test/core/end2end/tests/registered_call.c test/core/end2end/tests/request_with_flags.c test/core/end2end/tests/request_with_payload.c diff --git a/Makefile b/Makefile index a311dee659..7b53024b6c 100644 --- a/Makefile +++ b/Makefile @@ -7950,9 +7950,9 @@ LIBEND2END_TESTS_SRC = \ test/core/end2end/tests/no_logging.c \ test/core/end2end/tests/no_op.c \ test/core/end2end/tests/payload.c \ - test/core/end2end/tests/payload_with_proxy_auth.c \ test/core/end2end/tests/ping.c \ test/core/end2end/tests/ping_pong_streaming.c \ + test/core/end2end/tests/proxy_auth.c \ test/core/end2end/tests/registered_call.c \ test/core/end2end/tests/request_with_flags.c \ test/core/end2end/tests/request_with_payload.c \ @@ -8045,9 +8045,9 @@ LIBEND2END_NOSEC_TESTS_SRC = \ test/core/end2end/tests/no_logging.c \ test/core/end2end/tests/no_op.c \ test/core/end2end/tests/payload.c \ - test/core/end2end/tests/payload_with_proxy_auth.c \ test/core/end2end/tests/ping.c \ test/core/end2end/tests/ping_pong_streaming.c \ + test/core/end2end/tests/proxy_auth.c \ test/core/end2end/tests/registered_call.c \ test/core/end2end/tests/request_with_flags.c \ test/core/end2end/tests/request_with_payload.c \ diff --git a/src/core/ext/filters/client_channel/http_proxy.c b/src/core/ext/filters/client_channel/http_proxy.c index 2e2471e68d..8a14b4e57c 100644 --- a/src/core/ext/filters/client_channel/http_proxy.c +++ b/src/core/ext/filters/client_channel/http_proxy.c @@ -30,21 +30,19 @@ #include "src/core/ext/filters/client_channel/proxy_mapper_registry.h" #include "src/core/ext/filters/client_channel/uri_parser.h" #include "src/core/lib/channel/channel_args.h" +#include "src/core/lib/slice/b64.h" #include "src/core/lib/support/env.h" #include "src/core/lib/support/string.h" -#include "src/core/lib/slice/b64.h" /** * Parses the 'http_proxy' env var and returns the proxy hostname to resolve or - * NULL on error. Also sets 'user_cred' to user credentials present in the - * 'http_proxy' env var, NULL if not present. + * NULL on error. Also sets 'user_cred' to user credentials if present in the + * 'http_proxy' env var, otherwise leaves it unchanged. It is caller's + * responsibility to gpr_free user_cred. */ -static char *grpc_get_http_proxy_server(grpc_exec_ctx* exec_ctx, - char **user_cred) { - char *proxy_name = NULL; - if(user_cred != NULL) { - *user_cred = NULL; - } +static char* get_http_proxy_server(grpc_exec_ctx* exec_ctx, char** user_cred) { + GPR_ASSERT(user_cred != NULL); + char* proxy_name = NULL; char* uri_str = gpr_getenv("http_proxy"); if (uri_str == NULL) return NULL; grpc_uri* uri = @@ -58,27 +56,25 @@ static char *grpc_get_http_proxy_server(grpc_exec_ctx* exec_ctx, goto done; } /* Split on '@' to separate user credentials from host */ - char **authority_strs = NULL; + char** authority_strs = NULL; size_t authority_nstrs; gpr_string_split(uri->authority, "@", &authority_strs, &authority_nstrs); GPR_ASSERT(authority_nstrs != 0); /* should have at least 1 string */ - if(authority_nstrs == 1) { - /* User cred not present in authority */ - proxy_name = gpr_strdup(authority_strs[0]); - } else if(authority_nstrs == 2) { - /* User cred found */ - if(user_cred != NULL) { - *user_cred = gpr_strdup(authority_strs[0]); - } - proxy_name = gpr_strdup(authority_strs[1]); + if (authority_nstrs == 1) { + /* User cred not present in authority */ + proxy_name = authority_strs[0]; + } else if (authority_nstrs == 2) { + /* User cred found */ + *user_cred = authority_strs[0]; + proxy_name = authority_strs[1]; gpr_log(GPR_INFO, "userinfo found in proxy URI"); } else { - /* Bad authority */ + /* Bad authority */ + for (size_t i = 0; i < authority_nstrs; i++) { + gpr_free(authority_strs[i]); + } proxy_name = NULL; } - for(size_t i = 0; i < authority_nstrs; i++) { - gpr_free(authority_strs[i]); - } gpr_free(authority_strs); done: gpr_free(uri_str); @@ -92,8 +88,8 @@ static bool proxy_mapper_map_name(grpc_exec_ctx* exec_ctx, const grpc_channel_args* args, char** name_to_resolve, grpc_channel_args** new_args) { - char *user_cred = NULL; - *name_to_resolve = grpc_get_http_proxy_server(exec_ctx, &user_cred); + char* user_cred = NULL; + *name_to_resolve = get_http_proxy_server(exec_ctx, &user_cred); if (*name_to_resolve == NULL) return false; grpc_uri* uri = grpc_uri_parse(exec_ctx, server_uri, false /* suppress_errors */); @@ -163,15 +159,15 @@ static bool proxy_mapper_map_name(grpc_exec_ctx* exec_ctx, args_to_add[0] = grpc_channel_arg_string_create( GRPC_ARG_HTTP_CONNECT_SERVER, uri->path[0] == '/' ? uri->path + 1 : uri->path); - if(user_cred != NULL) { - /* Use base64 encoding for user credentials */ - char *encoded_user_cred = + if (user_cred != NULL) { + /* Use base64 encoding for user credentials as stated in RFC 7617 */ + char* encoded_user_cred = grpc_base64_encode(user_cred, strlen(user_cred), 0, 0); - char *header; + char* header; gpr_asprintf(&header, "Proxy-Authorization:Basic %s", encoded_user_cred); gpr_free(encoded_user_cred); - args_to_add[1] = grpc_channel_arg_string_create( - GRPC_ARG_HTTP_CONNECT_HEADERS, header); + args_to_add[1] = + grpc_channel_arg_string_create(GRPC_ARG_HTTP_CONNECT_HEADERS, header); *new_args = grpc_channel_args_copy_and_add(args, args_to_add, 2); gpr_free(header); } else { diff --git a/test/core/end2end/end2end_nosec_tests.c b/test/core/end2end/end2end_nosec_tests.c index 483f84e783..6a061a4e2d 100644 --- a/test/core/end2end/end2end_nosec_tests.c +++ b/test/core/end2end/end2end_nosec_tests.c @@ -102,12 +102,12 @@ extern void no_op(grpc_end2end_test_config config); extern void no_op_pre_init(void); extern void payload(grpc_end2end_test_config config); extern void payload_pre_init(void); -extern void payload_with_proxy_auth(grpc_end2end_test_config config); -extern void payload_with_proxy_auth_pre_init(void); extern void ping(grpc_end2end_test_config config); extern void ping_pre_init(void); extern void ping_pong_streaming(grpc_end2end_test_config config); extern void ping_pong_streaming_pre_init(void); +extern void proxy_auth(grpc_end2end_test_config config); +extern void proxy_auth_pre_init(void); extern void registered_call(grpc_end2end_test_config config); extern void registered_call_pre_init(void); extern void request_with_flags(grpc_end2end_test_config config); @@ -181,9 +181,9 @@ void grpc_end2end_tests_pre_init(void) { no_logging_pre_init(); no_op_pre_init(); payload_pre_init(); - payload_with_proxy_auth_pre_init(); ping_pre_init(); ping_pong_streaming_pre_init(); + proxy_auth_pre_init(); registered_call_pre_init(); request_with_flags_pre_init(); request_with_payload_pre_init(); @@ -245,9 +245,9 @@ void grpc_end2end_tests(int argc, char **argv, no_logging(config); no_op(config); payload(config); - payload_with_proxy_auth(config); ping(config); ping_pong_streaming(config); + proxy_auth(config); registered_call(config); request_with_flags(config); request_with_payload(config); @@ -412,10 +412,6 @@ void grpc_end2end_tests(int argc, char **argv, payload(config); continue; } - if (0 == strcmp("payload_with_proxy_auth", argv[i])) { - payload_with_proxy_auth(config); - continue; - } if (0 == strcmp("ping", argv[i])) { ping(config); continue; @@ -424,6 +420,10 @@ void grpc_end2end_tests(int argc, char **argv, ping_pong_streaming(config); continue; } + if (0 == strcmp("proxy_auth", argv[i])) { + proxy_auth(config); + continue; + } if (0 == strcmp("registered_call", argv[i])) { registered_call(config); continue; diff --git a/test/core/end2end/end2end_tests.c b/test/core/end2end/end2end_tests.c index 745546dbb7..3fc7c3fb6c 100644 --- a/test/core/end2end/end2end_tests.c +++ b/test/core/end2end/end2end_tests.c @@ -104,12 +104,12 @@ extern void no_op(grpc_end2end_test_config config); extern void no_op_pre_init(void); extern void payload(grpc_end2end_test_config config); extern void payload_pre_init(void); -extern void payload_with_proxy_auth(grpc_end2end_test_config config); -extern void payload_with_proxy_auth_pre_init(void); extern void ping(grpc_end2end_test_config config); extern void ping_pre_init(void); extern void ping_pong_streaming(grpc_end2end_test_config config); extern void ping_pong_streaming_pre_init(void); +extern void proxy_auth(grpc_end2end_test_config config); +extern void proxy_auth_pre_init(void); extern void registered_call(grpc_end2end_test_config config); extern void registered_call_pre_init(void); extern void request_with_flags(grpc_end2end_test_config config); @@ -184,9 +184,9 @@ void grpc_end2end_tests_pre_init(void) { no_logging_pre_init(); no_op_pre_init(); payload_pre_init(); - payload_with_proxy_auth_pre_init(); ping_pre_init(); ping_pong_streaming_pre_init(); + proxy_auth_pre_init(); registered_call_pre_init(); request_with_flags_pre_init(); request_with_payload_pre_init(); @@ -249,9 +249,9 @@ void grpc_end2end_tests(int argc, char **argv, no_logging(config); no_op(config); payload(config); - payload_with_proxy_auth(config); ping(config); ping_pong_streaming(config); + proxy_auth(config); registered_call(config); request_with_flags(config); request_with_payload(config); @@ -420,10 +420,6 @@ void grpc_end2end_tests(int argc, char **argv, payload(config); continue; } - if (0 == strcmp("payload_with_proxy_auth", argv[i])) { - payload_with_proxy_auth(config); - continue; - } if (0 == strcmp("ping", argv[i])) { ping(config); continue; @@ -432,6 +428,10 @@ void grpc_end2end_tests(int argc, char **argv, ping_pong_streaming(config); continue; } + if (0 == strcmp("proxy_auth", argv[i])) { + proxy_auth(config); + continue; + } if (0 == strcmp("registered_call", argv[i])) { registered_call(config); continue; diff --git a/test/core/end2end/fixtures/h2_http_proxy.c b/test/core/end2end/fixtures/h2_http_proxy.c index ce93c614df..fdc8d749c6 100644 --- a/test/core/end2end/fixtures/h2_http_proxy.c +++ b/test/core/end2end/fixtures/h2_http_proxy.c @@ -47,24 +47,13 @@ static grpc_end2end_test_fixture chttp2_create_fixture_fullstack( grpc_channel_args *client_args, grpc_channel_args *server_args) { grpc_end2end_test_fixture f; memset(&f, 0, sizeof(f)); - grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT; - fullstack_fixture_data *ffd = gpr_malloc(sizeof(fullstack_fixture_data)); const int server_port = grpc_pick_unused_port_or_die(); gpr_join_host_port(&ffd->server_addr, "localhost", server_port); - /* If we are testing proxy auth, add the proxy auth arg to proxy channel args + /* Passing client_args to proxy_create for the case of checking for proxy auth */ - grpc_channel_args *proxy_args = NULL; - const grpc_arg *proxy_auth_arg = grpc_channel_args_find( - client_args, GRPC_END2END_HTTP_PROXY_TEST_CONNECT_AUTH_PRESENT); - if(proxy_auth_arg != NULL) { - proxy_args = grpc_channel_args_copy_and_add(NULL, proxy_auth_arg, 1); - } - ffd->proxy = grpc_end2end_http_proxy_create(proxy_args); - grpc_channel_args_destroy(&exec_ctx, proxy_args); - - grpc_exec_ctx_finish(&exec_ctx); + ffd->proxy = grpc_end2end_http_proxy_create(client_args); f.fixture_data = ffd; f.cq = grpc_completion_queue_create_for_next(NULL); @@ -79,13 +68,13 @@ void chttp2_init_client_fullstack(grpc_end2end_test_fixture *f, char *proxy_uri; /* If testing for proxy auth, add credentials to proxy uri */ - if(grpc_channel_args_find( - client_args, GRPC_END2END_HTTP_PROXY_TEST_CONNECT_AUTH_PRESENT) == NULL) { + const grpc_arg *proxy_auth = + grpc_channel_args_find(client_args, GRPC_ARG_HTTP_PROXY_AUTH_CREDS); + if (proxy_auth == NULL) { gpr_asprintf(&proxy_uri, "http://%s", grpc_end2end_http_proxy_get_proxy_name(ffd->proxy)); } else { - gpr_asprintf(&proxy_uri, "http://%s@%s", - GRPC_END2END_HTTP_PROXY_TEST_CONNECT_CRED, + gpr_asprintf(&proxy_uri, "http://%s@%s", proxy_auth->value.string, grpc_end2end_http_proxy_get_proxy_name(ffd->proxy)); } gpr_setenv("http_proxy", proxy_uri); diff --git a/test/core/end2end/fixtures/http_proxy_fixture.c b/test/core/end2end/fixtures/http_proxy_fixture.c index 239444e75f..266351d181 100644 --- a/test/core/end2end/fixtures/http_proxy_fixture.c +++ b/test/core/end2end/fixtures/http_proxy_fixture.c @@ -309,41 +309,23 @@ static void on_server_connect_done(grpc_exec_ctx* exec_ctx, void* arg, /** * Parses the proxy auth header value to check if it matches :- - * Basic + * Basic * Returns true if it matches, false otherwise */ -static bool proxy_auth_header_matches(grpc_exec_ctx *exec_ctx, - char *proxy_auth_header_val) { - if(proxy_auth_header_val == NULL) { +static bool proxy_auth_header_matches(grpc_exec_ctx* exec_ctx, + char* proxy_auth_header_val, + char* expected_cred) { + GPR_ASSERT(proxy_auth_header_val != NULL && expected_cred != NULL); + if (strncmp(proxy_auth_header_val, "Basic ", 6) != 0) { return false; } - char **auth_header_strs; - size_t auth_header_nstrs; - bool auth_header_matches = false; - // Split the auth header value on space - gpr_string_split(proxy_auth_header_val, " ", &auth_header_strs, - &auth_header_nstrs); - if(auth_header_nstrs != 2) { - goto done; - } - // Authentication type should be Basic - if(strcmp(auth_header_strs[0], "Basic") != 0) { - goto done; - } - // should match GRPC_END2END_HTTP_PROXY_TEST_CONNECT_CRED after decoding + proxy_auth_header_val += 6; grpc_slice decoded_slice = - grpc_base64_decode(exec_ctx, auth_header_strs[1], 0); - if(grpc_slice_str_cmp( - decoded_slice, GRPC_END2END_HTTP_PROXY_TEST_CONNECT_CRED) != 0) { - goto done; - } - auth_header_matches = true; -done: - for(size_t i = 0; i < auth_header_nstrs; i++) { - gpr_free(auth_header_strs[i]); - } - gpr_free(auth_header_strs); - return auth_header_matches; + grpc_base64_decode(exec_ctx, proxy_auth_header_val, 0); + const bool header_matches = + grpc_slice_str_cmp(decoded_slice, expected_cred) == 0; + grpc_slice_unref_internal(exec_ctx, decoded_slice); + return header_matches; } // Callback to read the HTTP CONNECT request. @@ -395,23 +377,21 @@ static void on_read_request_done(grpc_exec_ctx* exec_ctx, void* arg, return; } // If proxy auth is being used, check if the header is present and as expected - if(grpc_channel_args_find( - conn->proxy->channel_args, - GRPC_END2END_HTTP_PROXY_TEST_CONNECT_AUTH_PRESENT) != NULL) { + const grpc_arg* proxy_auth = grpc_channel_args_find( + conn->proxy->channel_args, GRPC_ARG_HTTP_PROXY_AUTH_CREDS); + if (proxy_auth != NULL) { bool auth_header_found = false; - for(size_t i = 0; i < conn->http_request.hdr_count; i++) { - if(strcmp(conn->http_request.hdrs[i].key, "Proxy-Authorization") == 0) { - if(!proxy_auth_header_matches( - exec_ctx, conn->http_request.hdrs[i].value)) { - break; - } - auth_header_found = true; + for (size_t i = 0; i < conn->http_request.hdr_count; i++) { + if (strcmp(conn->http_request.hdrs[i].key, "Proxy-Authorization") == 0) { + auth_header_found = proxy_auth_header_matches( + exec_ctx, conn->http_request.hdrs[i].value, + proxy_auth->value.string); break; } } - if(!auth_header_found) { - const char *msg = "HTTP Connect could not verify authentication"; - error = GRPC_ERROR_CREATE_FROM_COPIED_STRING(msg); + if (!auth_header_found) { + const char* msg = "HTTP Connect could not verify authentication"; + error = GRPC_ERROR_CREATE_FROM_STATIC_STRING(msg); proxy_connection_failed(exec_ctx, conn, true /* is_client */, "HTTP proxy read request", error); GRPC_ERROR_UNREF(error); @@ -503,7 +483,7 @@ static void thread_main(void* arg) { } grpc_end2end_http_proxy* grpc_end2end_http_proxy_create( - grpc_channel_args *args) { + grpc_channel_args* args) { grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT; grpc_end2end_http_proxy* proxy = (grpc_end2end_http_proxy*)gpr_malloc(sizeof(*proxy)); diff --git a/test/core/end2end/fixtures/http_proxy_fixture.h b/test/core/end2end/fixtures/http_proxy_fixture.h index f3da0494ae..103bd08196 100644 --- a/test/core/end2end/fixtures/http_proxy_fixture.h +++ b/test/core/end2end/fixtures/http_proxy_fixture.h @@ -22,20 +22,18 @@ #include /* The test credentials being used for HTTP Proxy Authorization */ -#define GRPC_END2END_HTTP_PROXY_TEST_CONNECT_CRED "aladdin:opensesame" +#define GRPC_TEST_HTTP_PROXY_AUTH_CREDS "aladdin:opensesame" /* A channel arg key used to indicate that the channel uses proxy authorization. - * The value is of no consequence as just the presence of the argument is - * enough. It is currently kept as of type integer but can be changed as seen - * fit. + * The value (string) should be the proxy auth credentials that should be + * checked. */ -#define GRPC_END2END_HTTP_PROXY_TEST_CONNECT_AUTH_PRESENT \ - "grpc.test.connect_auth" +#define GRPC_ARG_HTTP_PROXY_AUTH_CREDS "grpc.test.proxy_auth" typedef struct grpc_end2end_http_proxy grpc_end2end_http_proxy; grpc_end2end_http_proxy* grpc_end2end_http_proxy_create( - grpc_channel_args *args); + grpc_channel_args* args); void grpc_end2end_http_proxy_destroy(grpc_end2end_http_proxy* proxy); diff --git a/test/core/end2end/gen_build_yaml.py b/test/core/end2end/gen_build_yaml.py index de8508cc15..18bae63a8a 100755 --- a/test/core/end2end/gen_build_yaml.py +++ b/test/core/end2end/gen_build_yaml.py @@ -24,9 +24,9 @@ import hashlib FixtureOptions = collections.namedtuple( 'FixtureOptions', - 'fullstack includes_proxy dns_resolver name_resolution secure platforms ci_mac tracing exclude_configs exclude_iomgrs large_writes enables_compression supports_compression is_inproc is_http2') + 'fullstack includes_proxy dns_resolver name_resolution secure platforms ci_mac tracing exclude_configs exclude_iomgrs large_writes enables_compression supports_compression is_inproc is_http2 supports_proxy_auth') default_unsecure_fixture_options = FixtureOptions( - True, False, True, True, False, ['windows', 'linux', 'mac', 'posix'], True, False, [], [], True, False, True, False, True) + True, False, True, True, False, ['windows', 'linux', 'mac', 'posix'], True, False, [], [], True, False, True, False, True, False) socketpair_unsecure_fixture_options = default_unsecure_fixture_options._replace(fullstack=False, dns_resolver=False) default_secure_fixture_options = default_unsecure_fixture_options._replace(secure=True) uds_fixture_options = default_unsecure_fixture_options._replace(dns_resolver=False, platforms=['linux', 'mac', 'posix'], exclude_iomgrs=['uv']) @@ -47,7 +47,7 @@ END2END_FIXTURES = { 'h2_full+trace': default_unsecure_fixture_options._replace(tracing=True), 'h2_full+workarounds': default_unsecure_fixture_options, 'h2_http_proxy': default_unsecure_fixture_options._replace( - ci_mac=False, exclude_iomgrs=['uv']), + ci_mac=False, exclude_iomgrs=['uv'], supports_proxy_auth=True), 'h2_oauth2': default_secure_fixture_options._replace( ci_mac=False, exclude_iomgrs=['uv']), 'h2_proxy': default_unsecure_fixture_options._replace( @@ -69,8 +69,8 @@ END2END_FIXTURES = { TestOptions = collections.namedtuple( 'TestOptions', - 'needs_fullstack needs_dns needs_names proxyable secure traceable cpu_cost exclude_iomgrs large_writes flaky allows_compression needs_compression exclude_inproc needs_http2') -default_test_options = TestOptions(False, False, False, True, False, True, 1.0, [], False, False, True, False, False, False) + 'needs_fullstack needs_dns needs_names proxyable secure traceable cpu_cost exclude_iomgrs large_writes flaky allows_compression needs_compression exclude_inproc needs_http2 needs_proxy_auth') +default_test_options = TestOptions(False, False, False, True, False, True, 1.0, [], False, False, True, False, False, False, False) connectivity_test_options = default_test_options._replace(needs_fullstack=True) LOWCPU = 0.1 @@ -125,10 +125,10 @@ END2END_TESTS = { 'no_logging': default_test_options._replace(traceable=False), 'no_op': default_test_options, 'payload': default_test_options, - 'payload_with_proxy_auth': default_test_options, 'load_reporting_hook': default_test_options, 'ping_pong_streaming': default_test_options._replace(cpu_cost=LOWCPU), 'ping': connectivity_test_options._replace(proxyable=False, cpu_cost=LOWCPU), + 'proxy_auth': default_test_options._replace(needs_proxy_auth=True), 'registered_call': default_test_options, 'request_with_flags': default_test_options._replace( proxyable=False, cpu_cost=LOWCPU), @@ -179,6 +179,9 @@ def compatible(f, t): if END2END_TESTS[t].needs_http2: if not END2END_FIXTURES[f].is_http2: return False + if END2END_TESTS[t].needs_proxy_auth: + if not END2END_FIXTURES[f].supports_proxy_auth: + return False return True diff --git a/test/core/end2end/generate_tests.bzl b/test/core/end2end/generate_tests.bzl index 1f56ddb5af..6d1917c0ff 100755 --- a/test/core/end2end/generate_tests.bzl +++ b/test/core/end2end/generate_tests.bzl @@ -21,7 +21,7 @@ load("//bazel:grpc_build_system.bzl", "grpc_sh_test", "grpc_cc_binary", "grpc_cc def fixture_options(fullstack=True, includes_proxy=False, dns_resolver=True, name_resolution=True, secure=True, tracing=False, platforms=['windows', 'linux', 'mac', 'posix'], - is_inproc=False, is_http2=True): + is_inproc=False, is_http2=True, supports_proxy_auth=False): return struct( fullstack=fullstack, includes_proxy=includes_proxy, @@ -30,7 +30,8 @@ def fixture_options(fullstack=True, includes_proxy=False, dns_resolver=True, secure=secure, tracing=tracing, is_inproc=is_inproc, - is_http2=is_http2 + is_http2=is_http2, + supports_proxy_auth=supports_proxy_auth #platforms=platforms ) @@ -47,7 +48,7 @@ END2END_FIXTURES = { 'h2_full+pipe': fixture_options(platforms=['linux']), 'h2_full+trace': fixture_options(tracing=True), 'h2_full+workarounds': fixture_options(), - 'h2_http_proxy': fixture_options(), + 'h2_http_proxy': fixture_options(supports_proxy_auth=True), 'h2_oauth2': fixture_options(), 'h2_proxy': fixture_options(includes_proxy=True), 'h2_sockpair_1byte': fixture_options(fullstack=False, dns_resolver=False), @@ -67,7 +68,8 @@ END2END_FIXTURES = { def test_options(needs_fullstack=False, needs_dns=False, needs_names=False, proxyable=True, secure=False, traceable=False, - exclude_inproc=False, needs_http2=False): + exclude_inproc=False, needs_http2=False, + needs_proxy_auth=False): return struct( needs_fullstack=needs_fullstack, needs_dns=needs_dns, @@ -76,7 +78,8 @@ def test_options(needs_fullstack=False, needs_dns=False, needs_names=False, secure=secure, traceable=traceable, exclude_inproc=exclude_inproc, - needs_http2=needs_http2 + needs_http2=needs_http2, + needs_proxy_auth=needs_proxy_auth ) @@ -120,10 +123,10 @@ END2END_TESTS = { 'no_logging': test_options(traceable=False), 'no_op': test_options(), 'payload': test_options(), - 'payload_with_proxy_auth': test_options(), 'load_reporting_hook': test_options(), 'ping_pong_streaming': test_options(), 'ping': test_options(needs_fullstack=True, proxyable=False), + 'proxy_auth': test_options(needs_proxy_auth=True), 'registered_call': test_options(), 'request_with_flags': test_options(proxyable=False), 'request_with_payload': test_options(), @@ -166,6 +169,9 @@ def compatible(fopt, topt): if topt.needs_http2: if not fopt.is_http2: return False + if topt.needs_proxy_auth: + if not fopt.supports_proxy_auth: + return False return True diff --git a/test/core/end2end/tests/payload_with_proxy_auth.c b/test/core/end2end/tests/payload_with_proxy_auth.c deleted file mode 100644 index 4d176f9145..0000000000 --- a/test/core/end2end/tests/payload_with_proxy_auth.c +++ /dev/null @@ -1,302 +0,0 @@ -/* - * - * Copyright 2015 gRPC authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#include "test/core/end2end/end2end_tests.h" -#include "test/core/end2end/fixtures/http_proxy_fixture.h" - -#include -#include - -#include -#include -#include -#include -#include -#include "test/core/end2end/cq_verifier.h" - -static void *tag(intptr_t t) { return (void *)t; } - -static grpc_end2end_test_fixture begin_test(grpc_end2end_test_config config, - const char *test_name, - grpc_channel_args *client_args, - grpc_channel_args *server_args) { - grpc_end2end_test_fixture f; - gpr_log(GPR_INFO, "Running test: %s/%s", test_name, config.name); - f = config.create_fixture(client_args, server_args); - config.init_server(&f, server_args); - config.init_client(&f, client_args); - return f; -} - -static gpr_timespec n_seconds_from_now(int n) { - return grpc_timeout_seconds_to_deadline(n); -} - -static gpr_timespec five_seconds_from_now(void) { - return n_seconds_from_now(5); -} - -static void drain_cq(grpc_completion_queue *cq) { - grpc_event ev; - do { - ev = grpc_completion_queue_next(cq, five_seconds_from_now(), NULL); - } while (ev.type != GRPC_QUEUE_SHUTDOWN); -} - -static void shutdown_server(grpc_end2end_test_fixture *f) { - if (!f->server) return; - grpc_server_shutdown_and_notify(f->server, f->shutdown_cq, tag(1000)); - GPR_ASSERT(grpc_completion_queue_pluck(f->shutdown_cq, tag(1000), - grpc_timeout_seconds_to_deadline(5), - NULL) - .type == GRPC_OP_COMPLETE); - grpc_server_destroy(f->server); - f->server = NULL; -} - -static void shutdown_client(grpc_end2end_test_fixture *f) { - if (!f->client) return; - grpc_channel_destroy(f->client); - f->client = NULL; -} - -static void end_test(grpc_end2end_test_fixture *f) { - shutdown_server(f); - shutdown_client(f); - - grpc_completion_queue_shutdown(f->cq); - drain_cq(f->cq); - grpc_completion_queue_destroy(f->cq); - grpc_completion_queue_destroy(f->shutdown_cq); -} - -/* Creates and returns a grpc_slice containing random alphanumeric characters. - */ -static grpc_slice generate_random_slice() { - size_t i; - static const char chars[] = "abcdefghijklmnopqrstuvwxyz1234567890"; - char *output; - const size_t output_size = 1024 * 1024; - output = gpr_malloc(output_size); - for (i = 0; i < output_size - 1; ++i) { - output[i] = chars[rand() % (int)(sizeof(chars) - 1)]; - } - output[output_size - 1] = '\0'; - grpc_slice out = grpc_slice_from_copied_string(output); - gpr_free(output); - return out; -} - -static void request_response_with_payload_and_proxy_auth - (grpc_end2end_test_config config, - grpc_end2end_test_fixture f) { - /* Create large request and response bodies. These are big enough to require - * multiple round trips to deliver to the peer, and their exact contents of - * will be verified on completion. */ - grpc_slice request_payload_slice = generate_random_slice(); - grpc_slice response_payload_slice = generate_random_slice(); - - grpc_call *c; - grpc_call *s; - grpc_byte_buffer *request_payload = - grpc_raw_byte_buffer_create(&request_payload_slice, 1); - grpc_byte_buffer *response_payload = - grpc_raw_byte_buffer_create(&response_payload_slice, 1); - cq_verifier *cqv = cq_verifier_create(f.cq); - grpc_op ops[6]; - grpc_op *op; - grpc_metadata_array initial_metadata_recv; - grpc_metadata_array trailing_metadata_recv; - grpc_metadata_array request_metadata_recv; - grpc_byte_buffer *request_payload_recv = NULL; - grpc_byte_buffer *response_payload_recv = NULL; - grpc_call_details call_details; - grpc_status_code status; - grpc_call_error error; - grpc_slice details; - int was_cancelled = 2; - - gpr_timespec deadline = n_seconds_from_now(60); - c = grpc_channel_create_call( - f.client, NULL, GRPC_PROPAGATE_DEFAULTS, f.cq, - grpc_slice_from_static_string("/foo"), - get_host_override_slice("foo.test.google.fr:1234", config), deadline, - NULL); - GPR_ASSERT(c); - - grpc_metadata_array_init(&initial_metadata_recv); - grpc_metadata_array_init(&trailing_metadata_recv); - grpc_metadata_array_init(&request_metadata_recv); - grpc_call_details_init(&call_details); - - memset(ops, 0, sizeof(ops)); - op = ops; - op->op = GRPC_OP_SEND_INITIAL_METADATA; - op->data.send_initial_metadata.count = 0; - op->flags = 0; - op->reserved = NULL; - op++; - op->op = GRPC_OP_SEND_MESSAGE; - op->data.send_message.send_message = request_payload; - op->flags = 0; - op->reserved = NULL; - op++; - op->op = GRPC_OP_SEND_CLOSE_FROM_CLIENT; - op->flags = 0; - op->reserved = NULL; - op++; - op->op = GRPC_OP_RECV_INITIAL_METADATA; - op->data.recv_initial_metadata.recv_initial_metadata = &initial_metadata_recv; - op->flags = 0; - op->reserved = NULL; - op++; - op->op = GRPC_OP_RECV_MESSAGE; - op->data.recv_message.recv_message = &response_payload_recv; - op->flags = 0; - op->reserved = NULL; - op++; - op->op = GRPC_OP_RECV_STATUS_ON_CLIENT; - op->data.recv_status_on_client.trailing_metadata = &trailing_metadata_recv; - op->data.recv_status_on_client.status = &status; - op->data.recv_status_on_client.status_details = &details; - op->flags = 0; - op->reserved = NULL; - op++; - error = grpc_call_start_batch(c, ops, (size_t)(op - ops), tag(1), NULL); - GPR_ASSERT(GRPC_CALL_OK == error); - - error = - grpc_server_request_call(f.server, &s, &call_details, - &request_metadata_recv, f.cq, f.cq, tag(101)); - GPR_ASSERT(GRPC_CALL_OK == error); - CQ_EXPECT_COMPLETION(cqv, tag(101), 1); - cq_verify(cqv); - - memset(ops, 0, sizeof(ops)); - op = ops; - op->op = GRPC_OP_SEND_INITIAL_METADATA; - op->data.send_initial_metadata.count = 0; - op->flags = 0; - op->reserved = NULL; - op++; - op->op = GRPC_OP_RECV_MESSAGE; - op->data.recv_message.recv_message = &request_payload_recv; - op->flags = 0; - op->reserved = NULL; - op++; - error = grpc_call_start_batch(s, ops, (size_t)(op - ops), tag(102), NULL); - GPR_ASSERT(GRPC_CALL_OK == error); - - CQ_EXPECT_COMPLETION(cqv, tag(102), 1); - cq_verify(cqv); - - memset(ops, 0, sizeof(ops)); - op = ops; - op->op = GRPC_OP_RECV_CLOSE_ON_SERVER; - op->data.recv_close_on_server.cancelled = &was_cancelled; - op->flags = 0; - op->reserved = NULL; - op++; - op->op = GRPC_OP_SEND_MESSAGE; - op->data.send_message.send_message = response_payload; - op->flags = 0; - op->reserved = NULL; - op++; - op->op = GRPC_OP_SEND_STATUS_FROM_SERVER; - op->data.send_status_from_server.trailing_metadata_count = 0; - op->data.send_status_from_server.status = GRPC_STATUS_OK; - grpc_slice status_details = grpc_slice_from_static_string("xyz"); - op->data.send_status_from_server.status_details = &status_details; - op->flags = 0; - op->reserved = NULL; - op++; - error = grpc_call_start_batch(s, ops, (size_t)(op - ops), tag(103), NULL); - GPR_ASSERT(GRPC_CALL_OK == error); - - CQ_EXPECT_COMPLETION(cqv, tag(103), 1); - CQ_EXPECT_COMPLETION(cqv, tag(1), 1); - cq_verify(cqv); - - GPR_ASSERT(status == GRPC_STATUS_OK); - GPR_ASSERT(0 == grpc_slice_str_cmp(details, "xyz")); - GPR_ASSERT(0 == grpc_slice_str_cmp(call_details.method, "/foo")); - validate_host_override_string("foo.test.google.fr:1234", call_details.host, - config); - GPR_ASSERT(was_cancelled == 0); - GPR_ASSERT(byte_buffer_eq_slice(request_payload_recv, request_payload_slice)); - GPR_ASSERT( - byte_buffer_eq_slice(response_payload_recv, response_payload_slice)); - - grpc_slice_unref(details); - grpc_metadata_array_destroy(&initial_metadata_recv); - grpc_metadata_array_destroy(&trailing_metadata_recv); - grpc_metadata_array_destroy(&request_metadata_recv); - grpc_call_details_destroy(&call_details); - - grpc_call_unref(c); - grpc_call_unref(s); - - cq_verifier_destroy(cqv); - - grpc_byte_buffer_destroy(request_payload); - grpc_byte_buffer_destroy(response_payload); - grpc_byte_buffer_destroy(request_payload_recv); - grpc_byte_buffer_destroy(response_payload_recv); -} - -/* Client sends a request with payload, server reads then returns a response - payload and status. */ -static void test_invoke_request_response_with_payload_and_proxy_auth( - grpc_end2end_test_config config) { - /* Indicate that the proxy requires user auth */ - grpc_arg client_arg = {.type = GRPC_ARG_INTEGER, - .key = GRPC_END2END_HTTP_PROXY_TEST_CONNECT_AUTH_PRESENT, - .value.integer = 0}; - grpc_channel_args client_args = {.num_args = 1, .args = &client_arg}; - grpc_end2end_test_fixture f = begin_test( - config, "test_invoke_request_response_with_payload_and_proxy_auth", - &client_args, NULL); - request_response_with_payload_and_proxy_auth(config, f); - end_test(&f); - config.tear_down_data(&f); -} - -static void test_invoke_10_request_response_with_payload_and_proxy_auth( - grpc_end2end_test_config config) { - int i; - /* Indicate that the proxy requires user auth */ - grpc_arg client_arg = {.type = GRPC_ARG_INTEGER, - .key = GRPC_END2END_HTTP_PROXY_TEST_CONNECT_AUTH_PRESENT, - .value.integer = 0}; - grpc_channel_args client_args = {.num_args = 1, .args = &client_arg}; - grpc_end2end_test_fixture f = begin_test( - config, "test_invoke_10_request_response_with_payload_and_proxy_auth", - &client_args, NULL); - for (i = 0; i < 10; i++) { - request_response_with_payload_and_proxy_auth(config, f); - } - end_test(&f); - config.tear_down_data(&f); -} - -void payload_with_proxy_auth(grpc_end2end_test_config config) { - test_invoke_request_response_with_payload_and_proxy_auth(config); - test_invoke_10_request_response_with_payload_and_proxy_auth(config); -} - -void payload_with_proxy_auth_pre_init(void) {} diff --git a/test/core/end2end/tests/proxy_auth.c b/test/core/end2end/tests/proxy_auth.c new file mode 100644 index 0000000000..d922049bcb --- /dev/null +++ b/test/core/end2end/tests/proxy_auth.c @@ -0,0 +1,235 @@ +/* + * + * Copyright 2015 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +/** + * This test is for checking whether proxy authentication is working with HTTP + * Connect. + */ +#include "test/core/end2end/end2end_tests.h" +#include "test/core/end2end/fixtures/http_proxy_fixture.h" + +#include +#include + +#include +#include +#include +#include +#include +#include +#include "src/core/lib/support/string.h" +#include "test/core/end2end/cq_verifier.h" + +static void *tag(intptr_t t) { return (void *)t; } + +static grpc_end2end_test_fixture begin_test(grpc_end2end_test_config config, + const char *test_name, + grpc_channel_args *client_args, + grpc_channel_args *server_args) { + grpc_end2end_test_fixture f; + gpr_log(GPR_INFO, "Running test: %s/%s", test_name, config.name); + f = config.create_fixture(client_args, server_args); + config.init_server(&f, server_args); + config.init_client(&f, client_args); + return f; +} + +static gpr_timespec n_seconds_from_now(int n) { + return grpc_timeout_seconds_to_deadline(n); +} + +static gpr_timespec five_seconds_from_now(void) { + return n_seconds_from_now(5); +} + +static void drain_cq(grpc_completion_queue *cq) { + grpc_event ev; + do { + ev = grpc_completion_queue_next(cq, five_seconds_from_now(), NULL); + } while (ev.type != GRPC_QUEUE_SHUTDOWN); +} + +static void shutdown_server(grpc_end2end_test_fixture *f) { + if (!f->server) return; + grpc_server_shutdown_and_notify(f->server, f->shutdown_cq, tag(1000)); + GPR_ASSERT(grpc_completion_queue_pluck(f->shutdown_cq, tag(1000), + grpc_timeout_seconds_to_deadline(5), + NULL) + .type == GRPC_OP_COMPLETE); + grpc_server_destroy(f->server); + f->server = NULL; +} + +static void shutdown_client(grpc_end2end_test_fixture *f) { + if (!f->client) return; + grpc_channel_destroy(f->client); + f->client = NULL; +} + +static void end_test(grpc_end2end_test_fixture *f) { + shutdown_server(f); + shutdown_client(f); + + grpc_completion_queue_shutdown(f->cq); + drain_cq(f->cq); + grpc_completion_queue_destroy(f->cq); + grpc_completion_queue_destroy(f->shutdown_cq); +} + +static void simple_request_body(grpc_end2end_test_config config, + grpc_end2end_test_fixture f) { + grpc_call *c; + grpc_call *s; + cq_verifier *cqv = cq_verifier_create(f.cq); + grpc_op ops[6]; + grpc_op *op; + grpc_metadata_array initial_metadata_recv; + grpc_metadata_array trailing_metadata_recv; + grpc_metadata_array request_metadata_recv; + grpc_call_details call_details; + grpc_status_code status; + grpc_call_error error; + grpc_slice details; + int was_cancelled = 2; + char *peer; + + gpr_timespec deadline = five_seconds_from_now(); + c = grpc_channel_create_call( + f.client, NULL, GRPC_PROPAGATE_DEFAULTS, f.cq, + grpc_slice_from_static_string("/foo"), + get_host_override_slice("foo.test.google.fr:1234", config), deadline, + NULL); + GPR_ASSERT(c); + + peer = grpc_call_get_peer(c); + GPR_ASSERT(peer != NULL); + gpr_log(GPR_DEBUG, "client_peer_before_call=%s", peer); + gpr_free(peer); + + grpc_metadata_array_init(&initial_metadata_recv); + grpc_metadata_array_init(&trailing_metadata_recv); + grpc_metadata_array_init(&request_metadata_recv); + grpc_call_details_init(&call_details); + + memset(ops, 0, sizeof(ops)); + op = ops; + op->op = GRPC_OP_SEND_INITIAL_METADATA; + op->data.send_initial_metadata.count = 0; + op->flags = 0; + op->reserved = NULL; + op++; + op->op = GRPC_OP_SEND_CLOSE_FROM_CLIENT; + op->flags = 0; + op->reserved = NULL; + op++; + op->op = GRPC_OP_RECV_INITIAL_METADATA; + op->data.recv_initial_metadata.recv_initial_metadata = &initial_metadata_recv; + op->flags = 0; + op->reserved = NULL; + op++; + op->op = GRPC_OP_RECV_STATUS_ON_CLIENT; + op->data.recv_status_on_client.trailing_metadata = &trailing_metadata_recv; + op->data.recv_status_on_client.status = &status; + op->data.recv_status_on_client.status_details = &details; + op->flags = 0; + op->reserved = NULL; + op++; + error = grpc_call_start_batch(c, ops, (size_t)(op - ops), tag(1), NULL); + GPR_ASSERT(GRPC_CALL_OK == error); + + error = + grpc_server_request_call(f.server, &s, &call_details, + &request_metadata_recv, f.cq, f.cq, tag(101)); + GPR_ASSERT(GRPC_CALL_OK == error); + CQ_EXPECT_COMPLETION(cqv, tag(101), 1); + cq_verify(cqv); + + peer = grpc_call_get_peer(s); + GPR_ASSERT(peer != NULL); + gpr_log(GPR_DEBUG, "server_peer=%s", peer); + gpr_free(peer); + peer = grpc_call_get_peer(c); + GPR_ASSERT(peer != NULL); + gpr_log(GPR_DEBUG, "client_peer=%s", peer); + gpr_free(peer); + + memset(ops, 0, sizeof(ops)); + op = ops; + op->op = GRPC_OP_SEND_INITIAL_METADATA; + op->data.send_initial_metadata.count = 0; + op->flags = 0; + op->reserved = NULL; + op++; + op->op = GRPC_OP_SEND_STATUS_FROM_SERVER; + op->data.send_status_from_server.trailing_metadata_count = 0; + op->data.send_status_from_server.status = GRPC_STATUS_UNIMPLEMENTED; + grpc_slice status_details = grpc_slice_from_static_string("xyz"); + op->data.send_status_from_server.status_details = &status_details; + op->flags = 0; + op->reserved = NULL; + op++; + op->op = GRPC_OP_RECV_CLOSE_ON_SERVER; + op->data.recv_close_on_server.cancelled = &was_cancelled; + op->flags = 0; + op->reserved = NULL; + op++; + error = grpc_call_start_batch(s, ops, (size_t)(op - ops), tag(102), NULL); + GPR_ASSERT(GRPC_CALL_OK == error); + + CQ_EXPECT_COMPLETION(cqv, tag(102), 1); + CQ_EXPECT_COMPLETION(cqv, tag(1), 1); + cq_verify(cqv); + + GPR_ASSERT(status == GRPC_STATUS_UNIMPLEMENTED); + GPR_ASSERT(0 == grpc_slice_str_cmp(details, "xyz")); + GPR_ASSERT(0 == grpc_slice_str_cmp(call_details.method, "/foo")); + validate_host_override_string("foo.test.google.fr:1234", call_details.host, + config); + GPR_ASSERT(0 == call_details.flags); + GPR_ASSERT(was_cancelled == 1); + + grpc_slice_unref(details); + grpc_metadata_array_destroy(&initial_metadata_recv); + grpc_metadata_array_destroy(&trailing_metadata_recv); + grpc_metadata_array_destroy(&request_metadata_recv); + grpc_call_details_destroy(&call_details); + + grpc_call_unref(c); + grpc_call_unref(s); + + cq_verifier_destroy(cqv); +} + +static void test_invoke_proxy_auth(grpc_end2end_test_config config) { + /* Indicate that the proxy requires user auth */ + grpc_arg client_arg = {.type = GRPC_ARG_STRING, + .key = GRPC_ARG_HTTP_PROXY_AUTH_CREDS, + .value.string = GRPC_TEST_HTTP_PROXY_AUTH_CREDS}; + grpc_channel_args client_args = {.num_args = 1, .args = &client_arg}; + grpc_end2end_test_fixture f = + begin_test(config, "test_invoke_proxy_auth", &client_args, NULL); + simple_request_body(config, f); + end_test(&f); + config.tear_down_data(&f); +} + +void proxy_auth(grpc_end2end_test_config config) { + test_invoke_proxy_auth(config); +} + +void proxy_auth_pre_init(void) {} diff --git a/tools/run_tests/generated/sources_and_headers.json b/tools/run_tests/generated/sources_and_headers.json index 313a174b33..cbd0e1d9d7 100644 --- a/tools/run_tests/generated/sources_and_headers.json +++ b/tools/run_tests/generated/sources_and_headers.json @@ -7337,9 +7337,9 @@ "test/core/end2end/tests/no_logging.c", "test/core/end2end/tests/no_op.c", "test/core/end2end/tests/payload.c", - "test/core/end2end/tests/payload_with_proxy_auth.c", "test/core/end2end/tests/ping.c", "test/core/end2end/tests/ping_pong_streaming.c", + "test/core/end2end/tests/proxy_auth.c", "test/core/end2end/tests/registered_call.c", "test/core/end2end/tests/request_with_flags.c", "test/core/end2end/tests/request_with_payload.c", @@ -7415,9 +7415,9 @@ "test/core/end2end/tests/no_logging.c", "test/core/end2end/tests/no_op.c", "test/core/end2end/tests/payload.c", - "test/core/end2end/tests/payload_with_proxy_auth.c", "test/core/end2end/tests/ping.c", "test/core/end2end/tests/ping_pong_streaming.c", + "test/core/end2end/tests/proxy_auth.c", "test/core/end2end/tests/registered_call.c", "test/core/end2end/tests/request_with_flags.c", "test/core/end2end/tests/request_with_payload.c", diff --git a/tools/run_tests/generated/tests.json b/tools/run_tests/generated/tests.json index 901e869e7c..767a5ce147 100644 --- a/tools/run_tests/generated/tests.json +++ b/tools/run_tests/generated/tests.json @@ -6629,29 +6629,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "mac", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [], - "flaky": false, - "language": "c", - "name": "h2_census_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping" @@ -7921,29 +7898,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "mac", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [], - "flaky": false, - "language": "c", - "name": "h2_compress_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping" @@ -9153,28 +9107,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [], - "flaky": false, - "language": "c", - "name": "h2_fakesec_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping" @@ -10307,29 +10239,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "linux", - "mac", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [ - "uv" - ], - "flaky": false, - "language": "c", - "name": "h2_fd_test", - "platforms": [ - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping_pong_streaming" @@ -11553,29 +11462,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "mac", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [], - "flaky": false, - "language": "c", - "name": "h2_full_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping" @@ -12693,25 +12579,6 @@ "linux" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "linux" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [ - "uv" - ], - "flaky": false, - "language": "c", - "name": "h2_full+pipe_test", - "platforms": [ - "linux" - ] - }, { "args": [ "ping" @@ -13863,29 +13730,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "mac", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [], - "flaky": false, - "language": "c", - "name": "h2_full+trace_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping" @@ -15155,29 +14999,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "mac", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [], - "flaky": false, - "language": "c", - "name": "h2_full+workarounds_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping" @@ -16482,14 +16303,14 @@ }, { "args": [ - "payload_with_proxy_auth" + "ping" ], "ci_platforms": [ "windows", "linux", "posix" ], - "cpu_cost": 1.0, + "cpu_cost": 0.1, "exclude_configs": [], "exclude_iomgrs": [ "uv" @@ -16506,7 +16327,7 @@ }, { "args": [ - "ping" + "ping_pong_streaming" ], "ci_platforms": [ "windows", @@ -16530,14 +16351,14 @@ }, { "args": [ - "ping_pong_streaming" + "proxy_auth" ], "ci_platforms": [ "windows", "linux", "posix" ], - "cpu_cost": 0.1, + "cpu_cost": 1.0, "exclude_configs": [], "exclude_iomgrs": [ "uv" @@ -17791,29 +17612,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "mac", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [], - "flaky": false, - "language": "c", - "name": "h2_load_reporting_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping" @@ -19116,30 +18914,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [ - "uv" - ], - "flaky": false, - "language": "c", - "name": "h2_oauth2_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping" @@ -20294,7 +20068,31 @@ }, { "args": [ - "payload_with_proxy_auth" + "ping_pong_streaming" + ], + "ci_platforms": [ + "windows", + "linux", + "posix" + ], + "cpu_cost": 0.1, + "exclude_configs": [], + "exclude_iomgrs": [ + "uv" + ], + "flaky": false, + "language": "c", + "name": "h2_proxy_test", + "platforms": [ + "windows", + "linux", + "mac", + "posix" + ] + }, + { + "args": [ + "registered_call" ], "ci_platforms": [ "windows", @@ -20318,7 +20116,7 @@ }, { "args": [ - "ping_pong_streaming" + "request_with_payload" ], "ci_platforms": [ "windows", @@ -20342,14 +20140,14 @@ }, { "args": [ - "registered_call" + "server_finishes_request" ], "ci_platforms": [ "windows", "linux", "posix" ], - "cpu_cost": 1.0, + "cpu_cost": 0.1, "exclude_configs": [], "exclude_iomgrs": [ "uv" @@ -20366,55 +20164,7 @@ }, { "args": [ - "request_with_payload" - ], - "ci_platforms": [ - "windows", - "linux", - "posix" - ], - "cpu_cost": 0.1, - "exclude_configs": [], - "exclude_iomgrs": [ - "uv" - ], - "flaky": false, - "language": "c", - "name": "h2_proxy_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, - { - "args": [ - "server_finishes_request" - ], - "ci_platforms": [ - "windows", - "linux", - "posix" - ], - "cpu_cost": 0.1, - "exclude_configs": [], - "exclude_iomgrs": [ - "uv" - ], - "flaky": false, - "language": "c", - "name": "h2_proxy_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, - { - "args": [ - "shutdown_finishes_calls" + "shutdown_finishes_calls" ], "ci_platforms": [ "windows", @@ -21444,30 +21194,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [ - "uv" - ], - "flaky": false, - "language": "c", - "name": "h2_sockpair_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping_pong_streaming" @@ -22572,30 +22298,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [ - "uv" - ], - "flaky": false, - "language": "c", - "name": "h2_sockpair+trace_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping_pong_streaming" @@ -23788,32 +23490,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [ - "msan" - ], - "exclude_iomgrs": [ - "uv" - ], - "flaky": false, - "language": "c", - "name": "h2_sockpair_1byte_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping_pong_streaming" @@ -25059,29 +24735,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "mac", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [], - "flaky": false, - "language": "c", - "name": "h2_ssl_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping" @@ -26351,29 +26004,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "mac", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [], - "flaky": false, - "language": "c", - "name": "h2_ssl_cert_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping" @@ -27508,30 +27138,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [ - "uv" - ], - "flaky": false, - "language": "c", - "name": "h2_ssl_proxy_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping_pong_streaming" @@ -28720,29 +28326,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "linux", - "mac", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [ - "uv" - ], - "flaky": false, - "language": "c", - "name": "h2_uds_test", - "platforms": [ - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping" @@ -29755,29 +29338,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "mac", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [], - "flaky": false, - "language": "c", - "name": "inproc_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping_pong_streaming" @@ -30978,29 +30538,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "mac", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [], - "flaky": false, - "language": "c", - "name": "h2_census_nosec_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping" @@ -32249,7 +31786,7 @@ }, { "args": [ - "payload_with_proxy_auth" + "ping" ], "ci_platforms": [ "windows", @@ -32257,7 +31794,7 @@ "mac", "posix" ], - "cpu_cost": 1.0, + "cpu_cost": 0.1, "exclude_configs": [], "exclude_iomgrs": [], "flaky": false, @@ -32272,30 +31809,7 @@ }, { "args": [ - "ping" - ], - "ci_platforms": [ - "windows", - "linux", - "mac", - "posix" - ], - "cpu_cost": 0.1, - "exclude_configs": [], - "exclude_iomgrs": [], - "flaky": false, - "language": "c", - "name": "h2_compress_nosec_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, - { - "args": [ - "ping_pong_streaming" + "ping_pong_streaming" ], "ci_platforms": [ "windows", @@ -33374,29 +32888,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "linux", - "mac", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [ - "uv" - ], - "flaky": false, - "language": "c", - "name": "h2_fd_nosec_test", - "platforms": [ - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping_pong_streaming" @@ -34597,29 +34088,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "mac", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [], - "flaky": false, - "language": "c", - "name": "h2_full_nosec_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping" @@ -35718,25 +35186,6 @@ "linux" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "linux" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [ - "uv" - ], - "flaky": false, - "language": "c", - "name": "h2_full+pipe_nosec_test", - "platforms": [ - "linux" - ] - }, { "args": [ "ping" @@ -36865,29 +36314,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "mac", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [], - "flaky": false, - "language": "c", - "name": "h2_full+trace_nosec_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping" @@ -38134,29 +37560,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "mac", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [], - "flaky": false, - "language": "c", - "name": "h2_full+workarounds_nosec_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping" @@ -39437,14 +38840,14 @@ }, { "args": [ - "payload_with_proxy_auth" + "ping" ], "ci_platforms": [ "windows", "linux", "posix" ], - "cpu_cost": 1.0, + "cpu_cost": 0.1, "exclude_configs": [], "exclude_iomgrs": [ "uv" @@ -39461,7 +38864,7 @@ }, { "args": [ - "ping" + "ping_pong_streaming" ], "ci_platforms": [ "windows", @@ -39485,14 +38888,14 @@ }, { "args": [ - "ping_pong_streaming" + "proxy_auth" ], "ci_platforms": [ "windows", "linux", "posix" ], - "cpu_cost": 0.1, + "cpu_cost": 1.0, "exclude_configs": [], "exclude_iomgrs": [ "uv" @@ -40723,29 +40126,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "mac", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [], - "flaky": false, - "language": "c", - "name": "h2_load_reporting_nosec_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping" @@ -41856,30 +41236,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [ - "uv" - ], - "flaky": false, - "language": "c", - "name": "h2_proxy_nosec_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping_pong_streaming" @@ -42984,30 +42340,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [ - "uv" - ], - "flaky": false, - "language": "c", - "name": "h2_sockpair_nosec_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping_pong_streaming" @@ -44088,30 +43420,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [ - "uv" - ], - "flaky": false, - "language": "c", - "name": "h2_sockpair+trace_nosec_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping_pong_streaming" @@ -45278,32 +44586,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [ - "msan" - ], - "exclude_iomgrs": [ - "uv" - ], - "flaky": false, - "language": "c", - "name": "h2_sockpair_1byte_nosec_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping_pong_streaming" @@ -46499,29 +45781,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "linux", - "mac", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [ - "uv" - ], - "flaky": false, - "language": "c", - "name": "h2_uds_nosec_test", - "platforms": [ - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping" @@ -47511,29 +46770,6 @@ "posix" ] }, - { - "args": [ - "payload_with_proxy_auth" - ], - "ci_platforms": [ - "windows", - "linux", - "mac", - "posix" - ], - "cpu_cost": 1.0, - "exclude_configs": [], - "exclude_iomgrs": [], - "flaky": false, - "language": "c", - "name": "inproc_nosec_test", - "platforms": [ - "windows", - "linux", - "mac", - "posix" - ] - }, { "args": [ "ping_pong_streaming" diff --git a/vsprojects/vcxproj/test/end2end/tests/end2end_nosec_tests/end2end_nosec_tests.vcxproj b/vsprojects/vcxproj/test/end2end/tests/end2end_nosec_tests/end2end_nosec_tests.vcxproj index 3a45ed619c..249d99b526 100644 --- a/vsprojects/vcxproj/test/end2end/tests/end2end_nosec_tests/end2end_nosec_tests.vcxproj +++ b/vsprojects/vcxproj/test/end2end/tests/end2end_nosec_tests/end2end_nosec_tests.vcxproj @@ -227,12 +227,12 @@ - - + + diff --git a/vsprojects/vcxproj/test/end2end/tests/end2end_nosec_tests/end2end_nosec_tests.vcxproj.filters b/vsprojects/vcxproj/test/end2end/tests/end2end_nosec_tests/end2end_nosec_tests.vcxproj.filters index 69bcf02b43..3a2105ebe8 100644 --- a/vsprojects/vcxproj/test/end2end/tests/end2end_nosec_tests/end2end_nosec_tests.vcxproj.filters +++ b/vsprojects/vcxproj/test/end2end/tests/end2end_nosec_tests/end2end_nosec_tests.vcxproj.filters @@ -115,15 +115,15 @@ test\core\end2end\tests - - test\core\end2end\tests - test\core\end2end\tests test\core\end2end\tests + + test\core\end2end\tests + test\core\end2end\tests diff --git a/vsprojects/vcxproj/test/end2end/tests/end2end_tests/end2end_tests.vcxproj b/vsprojects/vcxproj/test/end2end/tests/end2end_tests/end2end_tests.vcxproj index fe1f627980..b7a2ecd27b 100644 --- a/vsprojects/vcxproj/test/end2end/tests/end2end_tests/end2end_tests.vcxproj +++ b/vsprojects/vcxproj/test/end2end/tests/end2end_tests/end2end_tests.vcxproj @@ -229,12 +229,12 @@ - - + + diff --git a/vsprojects/vcxproj/test/end2end/tests/end2end_tests/end2end_tests.vcxproj.filters b/vsprojects/vcxproj/test/end2end/tests/end2end_tests/end2end_tests.vcxproj.filters index 255a76e107..1626b77d14 100644 --- a/vsprojects/vcxproj/test/end2end/tests/end2end_tests/end2end_tests.vcxproj.filters +++ b/vsprojects/vcxproj/test/end2end/tests/end2end_tests/end2end_tests.vcxproj.filters @@ -118,15 +118,15 @@ test\core\end2end\tests - - test\core\end2end\tests - test\core\end2end\tests test\core\end2end\tests + + test\core\end2end\tests + test\core\end2end\tests -- cgit v1.2.3 From d0c1e50ea91b9c4aefc7357a21daeae689d7bb48 Mon Sep 17 00:00:00 2001 From: Yash Tibrewal Date: Fri, 21 Jul 2017 12:34:38 -0700 Subject: Changing a few variable names and adding few safety conditions --- src/core/ext/filters/client_channel/http_proxy.c | 2 +- test/core/end2end/fixtures/h2_http_proxy.c | 6 +++--- test/core/end2end/fixtures/http_proxy_fixture.c | 15 ++++++++------- 3 files changed, 12 insertions(+), 11 deletions(-) (limited to 'test/core/end2end/fixtures/http_proxy_fixture.c') diff --git a/src/core/ext/filters/client_channel/http_proxy.c b/src/core/ext/filters/client_channel/http_proxy.c index 8a14b4e57c..ef3512ed83 100644 --- a/src/core/ext/filters/client_channel/http_proxy.c +++ b/src/core/ext/filters/client_channel/http_proxy.c @@ -67,7 +67,7 @@ static char* get_http_proxy_server(grpc_exec_ctx* exec_ctx, char** user_cred) { /* User cred found */ *user_cred = authority_strs[0]; proxy_name = authority_strs[1]; - gpr_log(GPR_INFO, "userinfo found in proxy URI"); + gpr_log(GPR_DEBUG, "userinfo found in proxy URI"); } else { /* Bad authority */ for (size_t i = 0; i < authority_nstrs; i++) { diff --git a/test/core/end2end/fixtures/h2_http_proxy.c b/test/core/end2end/fixtures/h2_http_proxy.c index fdc8d749c6..6145892365 100644 --- a/test/core/end2end/fixtures/h2_http_proxy.c +++ b/test/core/end2end/fixtures/h2_http_proxy.c @@ -68,13 +68,13 @@ void chttp2_init_client_fullstack(grpc_end2end_test_fixture *f, char *proxy_uri; /* If testing for proxy auth, add credentials to proxy uri */ - const grpc_arg *proxy_auth = + const grpc_arg *proxy_auth_arg = grpc_channel_args_find(client_args, GRPC_ARG_HTTP_PROXY_AUTH_CREDS); - if (proxy_auth == NULL) { + if (proxy_auth_arg == NULL || proxy_auth_arg->type != GRPC_ARG_STRING) { gpr_asprintf(&proxy_uri, "http://%s", grpc_end2end_http_proxy_get_proxy_name(ffd->proxy)); } else { - gpr_asprintf(&proxy_uri, "http://%s@%s", proxy_auth->value.string, + gpr_asprintf(&proxy_uri, "http://%s@%s", proxy_auth_arg->value.string, grpc_end2end_http_proxy_get_proxy_name(ffd->proxy)); } gpr_setenv("http_proxy", proxy_uri); diff --git a/test/core/end2end/fixtures/http_proxy_fixture.c b/test/core/end2end/fixtures/http_proxy_fixture.c index 266351d181..a4cfc77bcb 100644 --- a/test/core/end2end/fixtures/http_proxy_fixture.c +++ b/test/core/end2end/fixtures/http_proxy_fixture.c @@ -315,7 +315,8 @@ static void on_server_connect_done(grpc_exec_ctx* exec_ctx, void* arg, static bool proxy_auth_header_matches(grpc_exec_ctx* exec_ctx, char* proxy_auth_header_val, char* expected_cred) { - GPR_ASSERT(proxy_auth_header_val != NULL && expected_cred != NULL); + GPR_ASSERT(proxy_auth_header_val != NULL); + GPR_ASSERT(expected_cred != NULL); if (strncmp(proxy_auth_header_val, "Basic ", 6) != 0) { return false; } @@ -377,19 +378,19 @@ static void on_read_request_done(grpc_exec_ctx* exec_ctx, void* arg, return; } // If proxy auth is being used, check if the header is present and as expected - const grpc_arg* proxy_auth = grpc_channel_args_find( + const grpc_arg* proxy_auth_arg = grpc_channel_args_find( conn->proxy->channel_args, GRPC_ARG_HTTP_PROXY_AUTH_CREDS); - if (proxy_auth != NULL) { - bool auth_header_found = false; + if (proxy_auth_arg != NULL && proxy_auth_arg->type == GRPC_ARG_STRING) { + bool client_authenticated = false; for (size_t i = 0; i < conn->http_request.hdr_count; i++) { if (strcmp(conn->http_request.hdrs[i].key, "Proxy-Authorization") == 0) { - auth_header_found = proxy_auth_header_matches( + client_authenticated = proxy_auth_header_matches( exec_ctx, conn->http_request.hdrs[i].value, - proxy_auth->value.string); + proxy_auth_arg->value.string); break; } } - if (!auth_header_found) { + if (!client_authenticated) { const char* msg = "HTTP Connect could not verify authentication"; error = GRPC_ERROR_CREATE_FROM_STATIC_STRING(msg); proxy_connection_failed(exec_ctx, conn, true /* is_client */, -- cgit v1.2.3