Google Git
Sign in
android / platform / external / grpc-grpc / 9e21f7281f4939d46fa391dfcc9672c203c747a8^! / .
commit9e21f7281f4939d46fa391dfcc9672c203c747a8[log] [tgz]
authoryangg <[email protected]>Mon Dec 08 15:49:52 2014 -0800
committerNicolas Noble <[email protected]>Mon Dec 08 18:50:13 2014 -0800
tree02fea33201da3323eaa1148198b014e09949a5c1
parent97fb3f6481cc79ed9409320fcb274b9ea7442aaf [diff]
Add server side credentials support.
Make interop test use ssl by default.
	Change on 2014/12/08 by yangg <[email protected]>
-------------
Created by MOE: http://code.google.com/p/moe-java
MOE_MIGRATED_REVID=81619141

diff --git a/include/grpc++/server.h b/include/grpc++/server.h
index 443b4d4..5fa371b 100644
--- a/include/grpc++/server.h
+++ b/include/grpc++/server.h

@@ -55,6 +55,7 @@
 class AsyncServerContext;
 class RpcService;
 class RpcServiceMethod;
+class ServerCredentials;
 class ThreadPoolInterface;
 
 // Currently it only supports handling rpcs in a single thread.
@@ -69,7 +70,7 @@
   friend class ServerBuilder;
 
   // ServerBuilder use only
-  explicit Server(ThreadPoolInterface* thread_pool);
+  Server(ThreadPoolInterface* thread_pool, ServerCredentials* creds);
   Server();
   // Register a service. This call does not take ownership of the service.
   // The service must exist for the lifetime of the Server instance.
@@ -104,6 +105,8 @@
   ThreadPoolInterface* thread_pool_;
   // Whether the thread pool is created and owned by the server.
   bool thread_pool_owned_;
+  // Whether the server is created with credentials.
+  bool secure_;
 };
 
 }  // namespace grpc

diff --git a/include/grpc++/server_builder.h b/include/grpc++/server_builder.h
index 89e9a25..cf27452 100644
--- a/include/grpc++/server_builder.h
+++ b/include/grpc++/server_builder.h

@@ -43,6 +43,7 @@
 
 class RpcService;
 class Server;
+class ServerCredentials;
 class ThreadPoolInterface;
 
 class ServerBuilder {
@@ -57,6 +58,10 @@
   // Add a listening port. Can be called multiple times.
   void AddPort(const grpc::string& addr);
 
+  // Set a ServerCredentials. Can only be called once.
+  // TODO(yangg) move this to be part of AddPort
+  void SetCredentials(const std::shared_ptr<ServerCredentials>& creds);
+
   // Set the thread pool used for running appliation rpc handlers.
   // Does not take ownership.
   void SetThreadPool(ThreadPoolInterface* thread_pool);
@@ -67,6 +72,7 @@
  private:
   std::vector<RpcService*> services_;
   std::vector<grpc::string> ports_;
+  std::shared_ptr<ServerCredentials> creds_;
   ThreadPoolInterface* thread_pool_;
 };
 

diff --git a/include/grpc++/server_credentials.h b/include/grpc++/server_credentials.h
index f758ad5..cf08870 100644
--- a/include/grpc++/server_credentials.h
+++ b/include/grpc++/server_credentials.h

@@ -53,6 +53,7 @@
   grpc_server_credentials* GetRawCreds();
 
   friend class ServerCredentialsFactory;
+  friend class Server;
 
   grpc_server_credentials* creds_;
 };

diff --git a/src/cpp/server/server.cc b/src/cpp/server/server.cc
index 9bf4073..2130bef 100644
--- a/src/cpp/server/server.cc
+++ b/src/cpp/server/server.cc

@@ -35,26 +35,34 @@
 #include <utility>
 
 #include <grpc/grpc.h>
+#include <grpc/grpc_security.h>
 #include <grpc/support/log.h>
 #include "src/cpp/server/rpc_service_method.h"
 #include "src/cpp/server/server_rpc_handler.h"
 #include "src/cpp/server/thread_pool.h"
 #include <grpc++/async_server_context.h>
 #include <grpc++/completion_queue.h>
+#include <grpc++/server_credentials.h>
 
 namespace grpc {
 
 // TODO(rocking): consider a better default value like num of cores.
 static const int kNumThreads = 4;
 
-Server::Server(ThreadPoolInterface* thread_pool)
+Server::Server(ThreadPoolInterface* thread_pool, ServerCredentials* creds)
     : started_(false),
       shutdown_(false),
       num_running_cb_(0),
       thread_pool_(thread_pool == nullptr ? new ThreadPool(kNumThreads)
                                           : thread_pool),
-      thread_pool_owned_(thread_pool == nullptr) {
-  server_ = grpc_server_create(cq_.cq(), nullptr);
+      thread_pool_owned_(thread_pool == nullptr),
+      secure_(creds != nullptr) {
+  if (creds) {
+    server_ =
+        grpc_secure_server_create(creds->GetRawCreds(), cq_.cq(), nullptr);
+  } else {
+    server_ = grpc_server_create(cq_.cq(), nullptr);
+  }
 }
 
 Server::Server() {
@@ -83,7 +91,12 @@
 
 void Server::AddPort(const grpc::string& addr) {
   GPR_ASSERT(!started_);
-  int success = grpc_server_add_http2_port(server_, addr.c_str());
+  int success;
+  if (secure_) {
+    success = grpc_server_add_secure_http2_port(server_, addr.c_str());
+  } else {
+    success = grpc_server_add_http2_port(server_, addr.c_str());
+  }
   GPR_ASSERT(success);
 }
 

diff --git a/src/cpp/server/server_builder.cc b/src/cpp/server/server_builder.cc
index d5d0689..d74d8cb 100644
--- a/src/cpp/server/server_builder.cc
+++ b/src/cpp/server/server_builder.cc

@@ -33,6 +33,7 @@
 
 #include <grpc++/server_builder.h>
 
+#include <grpc/support/log.h>
 #include <grpc++/server.h>
 
 namespace grpc {
@@ -47,12 +48,18 @@
   ports_.push_back(addr);
 }
 
+void ServerBuilder::SetCredentials(
+    const std::shared_ptr<ServerCredentials>& creds) {
+  GPR_ASSERT(!creds_);
+  creds_ = creds;
+}
+
 void ServerBuilder::SetThreadPool(ThreadPoolInterface* thread_pool) {
   thread_pool_ = thread_pool;
 }
 
 std::unique_ptr<Server> ServerBuilder::BuildAndStart() {
-  std::unique_ptr<Server> server(new Server(thread_pool_));
+  std::unique_ptr<Server> server(new Server(thread_pool_, creds_.get()));
   for (auto* service : services_) {
     server->RegisterService(service);
   }

diff --git a/src/cpp/server/server_credentials.cc b/src/cpp/server/server_credentials.cc
index d23a09f..f9ca162 100644
--- a/src/cpp/server/server_credentials.cc
+++ b/src/cpp/server/server_credentials.cc

@@ -49,12 +49,22 @@
 
 std::shared_ptr<ServerCredentials> ServerCredentialsFactory::SslCredentials(
     const SslServerCredentialsOptions& options) {
+  const unsigned char* pem_root_certs =
+      options.pem_root_certs.empty() ? nullptr
+                                     : reinterpret_cast<const unsigned char*>(
+                                           options.pem_root_certs.c_str());
+  const unsigned char* pem_private_key =
+      options.pem_private_key.empty() ? nullptr
+                                      : reinterpret_cast<const unsigned char*>(
+                                            options.pem_private_key.c_str());
+  const unsigned char* pem_cert_chain =
+      options.pem_cert_chain.empty() ? nullptr
+                                     : reinterpret_cast<const unsigned char*>(
+                                           options.pem_cert_chain.c_str());
+
   grpc_server_credentials* c_creds = grpc_ssl_server_credentials_create(
-      reinterpret_cast<const unsigned char*>(options.pem_root_certs.c_str()),
-      options.pem_root_certs.size(),
-      reinterpret_cast<const unsigned char*>(options.pem_private_key.c_str()),
-      options.pem_private_key.size(),
-      reinterpret_cast<const unsigned char*>(options.pem_cert_chain.c_str()),
+      pem_root_certs, options.pem_root_certs.size(), pem_private_key,
+      options.pem_private_key.size(), pem_cert_chain,
       options.pem_cert_chain.size());
   return std::shared_ptr<ServerCredentials>(new ServerCredentials(c_creds));
 }