From 9386123965ea1db24fe43cfe43b8dea5e425818d Mon Sep 17 00:00:00 2001 From: Matthew Stevenson Date: Tue, 30 Jan 2024 13:45:31 -0800 Subject: [PATCH] Fix some bad merge conflicts. --- grpc.def | 2 - include/grpc/grpc_security.h | 16 --- .../grpcpp/security/tls_credentials_options.h | 2 - .../tls/grpc_tls_credentials_options.cc | 15 --- .../credentials/tls/tls_credentials.cc | 8 -- src/cpp/common/tls_credentials_options.cc | 5 - src/ruby/ext/grpc/rb_grpc_imports.generated.c | 4 - src/ruby/ext/grpc/rb_grpc_imports.generated.h | 6 -- .../core/surface/public_headers_must_be_c89.c | 2 + test/cpp/client/credentials_test.cc | 98 ------------------- 10 files changed, 2 insertions(+), 156 deletions(-) diff --git a/grpc.def b/grpc.def index 512484fddc176..0004b77bcade5 100644 --- a/grpc.def +++ b/grpc.def @@ -149,8 +149,6 @@ EXPORTS grpc_tls_credentials_options_create grpc_tls_credentials_options_set_min_tls_version grpc_tls_credentials_options_set_max_tls_version - grpc_tls_credentials_options_copy - grpc_tls_credentials_options_destroy grpc_tls_credentials_options_set_certificate_provider grpc_tls_credentials_options_watch_root_certs grpc_tls_credentials_options_set_root_cert_name diff --git a/include/grpc/grpc_security.h b/include/grpc/grpc_security.h index b27a38c6afbda..4ba22a9e3e268 100644 --- a/include/grpc/grpc_security.h +++ b/include/grpc/grpc_security.h @@ -831,22 +831,6 @@ GRPCAPI void grpc_tls_credentials_options_set_min_tls_version( GRPCAPI void grpc_tls_credentials_options_set_max_tls_version( grpc_tls_credentials_options* options, grpc_tls_version max_tls_version); -/** - * EXPERIMENTAL API - Subject to change - * - * Copies a grpc_tls_credentials_options. - */ -GRPCAPI grpc_tls_credentials_options* grpc_tls_credentials_options_copy( - grpc_tls_credentials_options* options); - -/** - * EXPERIMENTAL API - Subject to change - * - * Destroys a grpc_tls_credentials_options. - */ -GRPCAPI void grpc_tls_credentials_options_destroy( - grpc_tls_credentials_options* options); - /** * EXPERIMENTAL API - Subject to change * diff --git a/include/grpcpp/security/tls_credentials_options.h b/include/grpcpp/security/tls_credentials_options.h index 79a86d62e1d95..bd18a5aad2a33 100644 --- a/include/grpcpp/security/tls_credentials_options.h +++ b/include/grpcpp/security/tls_credentials_options.h @@ -104,8 +104,6 @@ class TlsCredentialsOptions { // version > 1.1. void set_crl_directory(const std::string& path); - void set_crl_provider(std::shared_ptr crl_provider); - // Sets the minimum TLS version that will be negotiated during the TLS // handshake. If not set, the underlying SSL library will use TLS v1.2. // @param tls_version: The minimum TLS version. diff --git a/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc b/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc index ce864603baf2b..e20afd96afb21 100644 --- a/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +++ b/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc @@ -121,21 +121,6 @@ void grpc_tls_credentials_options_set_tls_session_key_log_file_path( options->set_tls_session_key_log_file_path(path != nullptr ? path : ""); } -void grpc_tls_credentials_options_set_send_client_ca_list( - grpc_tls_credentials_options* options, bool send_client_ca_list) { - if (options == nullptr) { - return; - } - options->set_send_client_ca_list(send_client_ca_list); -} - -void grpc_tls_credentials_options_set_crl_provider( - grpc_tls_credentials_options* options, - std::shared_ptr provider) { - GPR_ASSERT(options != nullptr); - options->set_crl_provider(provider); -} - void grpc_tls_credentials_options_set_min_tls_version( grpc_tls_credentials_options* options, grpc_tls_version min_tls_version) { GPR_ASSERT(options != nullptr); diff --git a/src/core/lib/security/credentials/tls/tls_credentials.cc b/src/core/lib/security/credentials/tls/tls_credentials.cc index 0d8da3c8c8d64..18284f621e85d 100644 --- a/src/core/lib/security/credentials/tls/tls_credentials.cc +++ b/src/core/lib/security/credentials/tls/tls_credentials.cc @@ -62,14 +62,6 @@ bool CredentialOptionSanityCheck(grpc_tls_credentials_options* options, grpc_tls_credentials_options_destroy(options); return false; } - if (!options->crl_directory().empty() && options->crl_provider() != nullptr) { - gpr_log(GPR_ERROR, - "Setting crl_directory and crl_provider not supported. Using the " - "crl_provider."); - // TODO(gtcooke94) - Maybe return false here. Right now object lifetime of - // this options struct is leaky if false is returned and represents a more - // complex fix to handle in another PR. - } // In the following conditions, there won't be any issues, but it might // indicate callers are doing something wrong with the API. if (is_client && options->cert_request_type() != diff --git a/src/cpp/common/tls_credentials_options.cc b/src/cpp/common/tls_credentials_options.cc index 05f9760561f6f..f31c57656b585 100644 --- a/src/cpp/common/tls_credentials_options.cc +++ b/src/cpp/common/tls_credentials_options.cc @@ -97,11 +97,6 @@ void TlsCredentialsOptions::set_max_tls_version(grpc_tls_version tls_version) { grpc_tls_credentials_options_set_max_tls_version(options, tls_version); } -grpc_tls_credentials_options* TlsCredentialsOptions::c_credentials_options() - const { - return grpc_tls_credentials_options_copy(c_credentials_options_); -} - void TlsCredentialsOptions::set_check_call_host(bool check_call_host) { grpc_tls_credentials_options* options = c_credentials_options(); GPR_ASSERT(options != nullptr); diff --git a/src/ruby/ext/grpc/rb_grpc_imports.generated.c b/src/ruby/ext/grpc/rb_grpc_imports.generated.c index f0b207f2fda5b..f2e8b6bad2a19 100644 --- a/src/ruby/ext/grpc/rb_grpc_imports.generated.c +++ b/src/ruby/ext/grpc/rb_grpc_imports.generated.c @@ -172,8 +172,6 @@ grpc_tls_certificate_provider_release_type grpc_tls_certificate_provider_release grpc_tls_credentials_options_create_type grpc_tls_credentials_options_create_import; grpc_tls_credentials_options_set_min_tls_version_type grpc_tls_credentials_options_set_min_tls_version_import; grpc_tls_credentials_options_set_max_tls_version_type grpc_tls_credentials_options_set_max_tls_version_import; -grpc_tls_credentials_options_copy_type grpc_tls_credentials_options_copy_import; -grpc_tls_credentials_options_destroy_type grpc_tls_credentials_options_destroy_import; grpc_tls_credentials_options_set_certificate_provider_type grpc_tls_credentials_options_set_certificate_provider_import; grpc_tls_credentials_options_watch_root_certs_type grpc_tls_credentials_options_watch_root_certs_import; grpc_tls_credentials_options_set_root_cert_name_type grpc_tls_credentials_options_set_root_cert_name_import; @@ -462,8 +460,6 @@ void grpc_rb_load_imports(HMODULE library) { grpc_tls_credentials_options_create_import = (grpc_tls_credentials_options_create_type) GetProcAddress(library, "grpc_tls_credentials_options_create"); grpc_tls_credentials_options_set_min_tls_version_import = (grpc_tls_credentials_options_set_min_tls_version_type) GetProcAddress(library, "grpc_tls_credentials_options_set_min_tls_version"); grpc_tls_credentials_options_set_max_tls_version_import = (grpc_tls_credentials_options_set_max_tls_version_type) GetProcAddress(library, "grpc_tls_credentials_options_set_max_tls_version"); - grpc_tls_credentials_options_copy_import = (grpc_tls_credentials_options_copy_type) GetProcAddress(library, "grpc_tls_credentials_options_copy"); - grpc_tls_credentials_options_destroy_import = (grpc_tls_credentials_options_destroy_type) GetProcAddress(library, "grpc_tls_credentials_options_destroy"); grpc_tls_credentials_options_set_certificate_provider_import = (grpc_tls_credentials_options_set_certificate_provider_type) GetProcAddress(library, "grpc_tls_credentials_options_set_certificate_provider"); grpc_tls_credentials_options_watch_root_certs_import = (grpc_tls_credentials_options_watch_root_certs_type) GetProcAddress(library, "grpc_tls_credentials_options_watch_root_certs"); grpc_tls_credentials_options_set_root_cert_name_import = (grpc_tls_credentials_options_set_root_cert_name_type) GetProcAddress(library, "grpc_tls_credentials_options_set_root_cert_name"); diff --git a/src/ruby/ext/grpc/rb_grpc_imports.generated.h b/src/ruby/ext/grpc/rb_grpc_imports.generated.h index 9f7127984d7c4..1e86391066c28 100644 --- a/src/ruby/ext/grpc/rb_grpc_imports.generated.h +++ b/src/ruby/ext/grpc/rb_grpc_imports.generated.h @@ -491,12 +491,6 @@ extern grpc_tls_credentials_options_set_min_tls_version_type grpc_tls_credential typedef void(*grpc_tls_credentials_options_set_max_tls_version_type)(grpc_tls_credentials_options* options, grpc_tls_version max_tls_version); extern grpc_tls_credentials_options_set_max_tls_version_type grpc_tls_credentials_options_set_max_tls_version_import; #define grpc_tls_credentials_options_set_max_tls_version grpc_tls_credentials_options_set_max_tls_version_import -typedef grpc_tls_credentials_options*(*grpc_tls_credentials_options_copy_type)(grpc_tls_credentials_options* options); -extern grpc_tls_credentials_options_copy_type grpc_tls_credentials_options_copy_import; -#define grpc_tls_credentials_options_copy grpc_tls_credentials_options_copy_import -typedef void(*grpc_tls_credentials_options_destroy_type)(grpc_tls_credentials_options* options); -extern grpc_tls_credentials_options_destroy_type grpc_tls_credentials_options_destroy_import; -#define grpc_tls_credentials_options_destroy grpc_tls_credentials_options_destroy_import typedef void(*grpc_tls_credentials_options_set_certificate_provider_type)(grpc_tls_credentials_options* options, grpc_tls_certificate_provider* provider); extern grpc_tls_credentials_options_set_certificate_provider_type grpc_tls_credentials_options_set_certificate_provider_import; #define grpc_tls_credentials_options_set_certificate_provider grpc_tls_credentials_options_set_certificate_provider_import diff --git a/test/core/surface/public_headers_must_be_c89.c b/test/core/surface/public_headers_must_be_c89.c index 4b04ea7bd6891..1bc9be2596244 100644 --- a/test/core/surface/public_headers_must_be_c89.c +++ b/test/core/surface/public_headers_must_be_c89.c @@ -214,6 +214,8 @@ int main(int argc, char **argv) { printf("%lx", (unsigned long) grpc_tls_certificate_provider_file_watcher_create); printf("%lx", (unsigned long) grpc_tls_certificate_provider_release); printf("%lx", (unsigned long) grpc_tls_credentials_options_create); + printf("%lx", (unsigned long) grpc_tls_credentials_options_set_min_tls_version); + printf("%lx", (unsigned long) grpc_tls_credentials_options_set_max_tls_version); printf("%lx", (unsigned long) grpc_tls_credentials_options_set_certificate_provider); printf("%lx", (unsigned long) grpc_tls_credentials_options_watch_root_certs); printf("%lx", (unsigned long) grpc_tls_credentials_options_set_root_cert_name); diff --git a/test/cpp/client/credentials_test.cc b/test/cpp/client/credentials_test.cc index 123dd63fa145e..fb2bbb58cb252 100644 --- a/test/cpp/client/credentials_test.cc +++ b/test/cpp/client/credentials_test.cc @@ -396,104 +396,6 @@ TEST(CredentialsTest, TlsChannelCredentialsWithCrlDirectory) { GPR_ASSERT(channel_credentials.get() != nullptr); } -TEST(CredentialsTest, TlsChannelCredentialsWithCrlProvider) { - auto provider = experimental::CreateStaticCrlProvider({}); - ASSERT_TRUE(provider.ok()); - grpc::experimental::TlsChannelCredentialsOptions options; - options.set_crl_provider(*provider); - auto channel_credentials = grpc::experimental::TlsCredentials(options); - GPR_ASSERT(channel_credentials.get() != nullptr); -} - -TEST(CredentialsTest, TlsChannelCredentialsWithCrlProviderAndDirectory) { - auto provider = experimental::CreateStaticCrlProvider({}); - ASSERT_TRUE(provider.ok()); - grpc::experimental::TlsChannelCredentialsOptions options; - options.set_crl_directory(CRL_DIR_PATH); - options.set_crl_provider(*provider); - auto channel_credentials = grpc::experimental::TlsCredentials(options); - // TODO(gtcooke94) - behavior might change to make this return nullptr in the - // future - GPR_ASSERT(channel_credentials.get() != nullptr); -} - -TEST(CredentialsTest, TlsCredentialsOptionsDoesNotLeak) { - TlsCredentialsOptions options; - (void)options; -} - -TEST(CredentialsTest, MultipleOptionsOneCertificateProviderDoesNotLeak) { - auto provider = std::make_shared("root-pem"); - TlsCredentialsOptions options_1; - options_1.set_certificate_provider(provider); - TlsCredentialsOptions options_2; - options_2.set_certificate_provider(provider); -} - -TEST(CredentialsTest, MultipleOptionsOneCertificateVerifierDoesNotLeak) { - auto verifier = std::make_shared(); - TlsCredentialsOptions options_1; - options_1.set_certificate_verifier(verifier); - TlsCredentialsOptions options_2; - options_2.set_certificate_verifier(verifier); -} - -TEST(CredentialsTest, MultipleOptionsOneCrlProviderDoesNotLeak) { - auto crl_provider = CreateStaticCrlProvider(/*crls=*/{}); - EXPECT_TRUE(crl_provider.ok()); - TlsCredentialsOptions options_1; - options_1.set_crl_provider(*crl_provider); - TlsCredentialsOptions options_2; - options_2.set_crl_provider(*crl_provider); -} - -TEST(CredentialsTest, TlsChannelCredentialsDoesNotLeak) { - TlsChannelCredentialsOptions options; - auto channel_creds = TlsCredentials(options); - EXPECT_NE(channel_creds, nullptr); -} - -TEST(CredentialsTest, MultipleChannelCredentialsSameOptionsDoesNotLeak) { - TlsChannelCredentialsOptions options; - auto channel_creds_1 = TlsCredentials(options); - EXPECT_NE(channel_creds_1, nullptr); - auto channel_creds_2 = TlsCredentials(options); - EXPECT_NE(channel_creds_2, nullptr); -} - -TEST(CredentialsTest, - MultipleChannelCredentialsOneCertificateProviderDoesNotLeak) { - TlsChannelCredentialsOptions options; - auto provider = std::make_shared("root-pem"); - options.set_certificate_provider(provider); - auto channel_creds_1 = TlsCredentials(options); - EXPECT_NE(channel_creds_1, nullptr); - auto channel_creds_2 = TlsCredentials(options); - EXPECT_NE(channel_creds_2, nullptr); -} - -TEST(CredentialsTest, - MultipleChannelCredentialsOneCertificateVerifierDoesNotLeak) { - TlsChannelCredentialsOptions options; - auto verifier = std::make_shared(); - options.set_certificate_verifier(verifier); - auto channel_creds_1 = TlsCredentials(options); - EXPECT_NE(channel_creds_1, nullptr); - auto channel_creds_2 = TlsCredentials(options); - EXPECT_NE(channel_creds_2, nullptr); -} - -TEST(CredentialsTest, MultipleChannelCredentialsOneCrlProviderDoesNotLeak) { - TlsChannelCredentialsOptions options; - auto provider = CreateStaticCrlProvider(/*crls=*/{}); - EXPECT_TRUE(provider.ok()); - options.set_crl_provider(*provider); - auto channel_creds_1 = TlsCredentials(options); - EXPECT_NE(channel_creds_1, nullptr); - auto channel_creds_2 = TlsCredentials(options); - EXPECT_NE(channel_creds_2, nullptr); -} - TEST(CredentialsTest, TlsChannelCredentialsWithGoodMinAndMaxTlsVersions) { grpc::experimental::TlsChannelCredentialsOptions options; options.set_min_tls_version(grpc_tls_version::TLS1_2);