| Index: third_party/grpc/include/grpc/grpc_security.h
|
| diff --git a/third_party/grpc/include/grpc/grpc_security.h b/third_party/grpc/include/grpc/grpc_security.h
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..ef7205ded8b75e8237453d6c4d6a350d67664b8a
|
| --- /dev/null
|
| +++ b/third_party/grpc/include/grpc/grpc_security.h
|
| @@ -0,0 +1,404 @@
|
| +/*
|
| + *
|
| + * Copyright 2015-2016, Google Inc.
|
| + * All rights reserved.
|
| + *
|
| + * Redistribution and use in source and binary forms, with or without
|
| + * modification, are permitted provided that the following conditions are
|
| + * met:
|
| + *
|
| + * * Redistributions of source code must retain the above copyright
|
| + * notice, this list of conditions and the following disclaimer.
|
| + * * Redistributions in binary form must reproduce the above
|
| + * copyright notice, this list of conditions and the following disclaimer
|
| + * in the documentation and/or other materials provided with the
|
| + * distribution.
|
| + * * Neither the name of Google Inc. nor the names of its
|
| + * contributors may be used to endorse or promote products derived from
|
| + * this software without specific prior written permission.
|
| + *
|
| + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
| + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
| + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
| + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
| + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
| + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
| + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
| + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
| + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
| + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
| + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
| + *
|
| + */
|
| +
|
| +#ifndef GRPC_GRPC_SECURITY_H
|
| +#define GRPC_GRPC_SECURITY_H
|
| +
|
| +#include <grpc/grpc.h>
|
| +#include <grpc/status.h>
|
| +
|
| +#ifdef __cplusplus
|
| +extern "C" {
|
| +#endif
|
| +
|
| +/* --- Authentication Context. --- */
|
| +
|
| +#define GRPC_TRANSPORT_SECURITY_TYPE_PROPERTY_NAME "transport_security_type"
|
| +#define GRPC_SSL_TRANSPORT_SECURITY_TYPE "ssl"
|
| +
|
| +#define GRPC_X509_CN_PROPERTY_NAME "x509_common_name"
|
| +#define GRPC_X509_SAN_PROPERTY_NAME "x509_subject_alternative_name"
|
| +
|
| +typedef struct grpc_auth_context grpc_auth_context;
|
| +
|
| +typedef struct grpc_auth_property_iterator {
|
| + const grpc_auth_context *ctx;
|
| + size_t index;
|
| + const char *name;
|
| +} grpc_auth_property_iterator;
|
| +
|
| +/* value, if not NULL, is guaranteed to be NULL terminated. */
|
| +typedef struct grpc_auth_property {
|
| + char *name;
|
| + char *value;
|
| + size_t value_length;
|
| +} grpc_auth_property;
|
| +
|
| +/* Returns NULL when the iterator is at the end. */
|
| +GRPCAPI const grpc_auth_property *grpc_auth_property_iterator_next(
|
| + grpc_auth_property_iterator *it);
|
| +
|
| +/* Iterates over the auth context. */
|
| +GRPCAPI grpc_auth_property_iterator
|
| +grpc_auth_context_property_iterator(const grpc_auth_context *ctx);
|
| +
|
| +/* Gets the peer identity. Returns an empty iterator (first _next will return
|
| + NULL) if the peer is not authenticated. */
|
| +GRPCAPI grpc_auth_property_iterator
|
| +grpc_auth_context_peer_identity(const grpc_auth_context *ctx);
|
| +
|
| +/* Finds a property in the context. May return an empty iterator (first _next
|
| + will return NULL) if no property with this name was found in the context. */
|
| +GRPCAPI grpc_auth_property_iterator
|
| +grpc_auth_context_find_properties_by_name(const grpc_auth_context *ctx,
|
| + const char *name);
|
| +
|
| +/* Gets the name of the property that indicates the peer identity. Will return
|
| + NULL if the peer is not authenticated. */
|
| +GRPCAPI const char *grpc_auth_context_peer_identity_property_name(
|
| + const grpc_auth_context *ctx);
|
| +
|
| +/* Returns 1 if the peer is authenticated, 0 otherwise. */
|
| +GRPCAPI int grpc_auth_context_peer_is_authenticated(
|
| + const grpc_auth_context *ctx);
|
| +
|
| +/* Gets the auth context from the call. Caller needs to call
|
| + grpc_auth_context_release on the returned context. */
|
| +GRPCAPI grpc_auth_context *grpc_call_auth_context(grpc_call *call);
|
| +
|
| +/* Releases the auth context returned from grpc_call_auth_context. */
|
| +GRPCAPI void grpc_auth_context_release(grpc_auth_context *context);
|
| +
|
| +/* --
|
| + The following auth context methods should only be called by a server metadata
|
| + processor to set properties extracted from auth metadata.
|
| + -- */
|
| +
|
| +/* Add a property. */
|
| +GRPCAPI void grpc_auth_context_add_property(grpc_auth_context *ctx,
|
| + const char *name, const char *value,
|
| + size_t value_length);
|
| +
|
| +/* Add a C string property. */
|
| +GRPCAPI void grpc_auth_context_add_cstring_property(grpc_auth_context *ctx,
|
| + const char *name,
|
| + const char *value);
|
| +
|
| +/* Sets the property name. Returns 1 if successful or 0 in case of failure
|
| + (which means that no property with this name exists). */
|
| +GRPCAPI int grpc_auth_context_set_peer_identity_property_name(
|
| + grpc_auth_context *ctx, const char *name);
|
| +
|
| +/* --- grpc_channel_credentials object. ---
|
| +
|
| + A channel credentials object represents a way to authenticate a client on a
|
| + channel. */
|
| +
|
| +typedef struct grpc_channel_credentials grpc_channel_credentials;
|
| +
|
| +/* Releases a channel credentials object.
|
| + The creator of the credentials object is responsible for its release. */
|
| +GRPCAPI void grpc_channel_credentials_release(grpc_channel_credentials *creds);
|
| +
|
| +/* Environment variable that points to the google default application
|
| + credentials json key or refresh token. Used in the
|
| + grpc_google_default_credentials_create function. */
|
| +#define GRPC_GOOGLE_CREDENTIALS_ENV_VAR "GOOGLE_APPLICATION_CREDENTIALS"
|
| +
|
| +/* Creates default credentials to connect to a google gRPC service.
|
| + WARNING: Do NOT use this credentials to connect to a non-google service as
|
| + this could result in an oauth2 token leak. */
|
| +GRPCAPI grpc_channel_credentials *grpc_google_default_credentials_create(void);
|
| +
|
| +/* Environment variable that points to the default SSL roots file. This file
|
| + must be a PEM encoded file with all the roots such as the one that can be
|
| + downloaded from https://pki.google.com/roots.pem. */
|
| +#define GRPC_DEFAULT_SSL_ROOTS_FILE_PATH_ENV_VAR \
|
| + "GRPC_DEFAULT_SSL_ROOTS_FILE_PATH"
|
| +
|
| +/* Results for the SSL roots override callback. */
|
| +typedef enum {
|
| + GRPC_SSL_ROOTS_OVERRIDE_OK,
|
| + GRPC_SSL_ROOTS_OVERRIDE_FAIL_PERMANENTLY, /* Do not try fallback options. */
|
| + GRPC_SSL_ROOTS_OVERRIDE_FAIL
|
| +} grpc_ssl_roots_override_result;
|
| +
|
| +/* Callback for getting the SSL roots override from the application.
|
| + In case of success, *pem_roots_certs must be set to a NULL terminated string
|
| + containing the list of PEM encoded root certificates. The ownership is passed
|
| + to the core and freed (laster by the core) with gpr_free.
|
| + If this function fails and GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment is
|
| + set to a valid path, it will override the roots specified this func */
|
| +typedef grpc_ssl_roots_override_result (*grpc_ssl_roots_override_callback)(
|
| + char **pem_root_certs);
|
| +
|
| +/* Setup a callback to override the default TLS/SSL roots.
|
| + This function is not thread-safe and must be called at initialization time
|
| + before any ssl credentials are created to have the desired side effect.
|
| + If GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment is set to a valid path, the
|
| + callback will not be called. */
|
| +GRPCAPI void grpc_set_ssl_roots_override_callback(
|
| + grpc_ssl_roots_override_callback cb);
|
| +
|
| +/* Object that holds a private key / certificate chain pair in PEM format. */
|
| +typedef struct {
|
| + /* private_key is the NULL-terminated string containing the PEM encoding of
|
| + the client's private key. */
|
| + const char *private_key;
|
| +
|
| + /* cert_chain is the NULL-terminated string containing the PEM encoding of
|
| + the client's certificate chain. */
|
| + const char *cert_chain;
|
| +} grpc_ssl_pem_key_cert_pair;
|
| +
|
| +/* Creates an SSL credentials object.
|
| + - pem_roots_cert is the NULL-terminated string containing the PEM encoding
|
| + of the server root certificates. If this parameter is NULL, the
|
| + implementation will first try to dereference the file pointed by the
|
| + GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment variable, and if that fails,
|
| + try to get the roots set by grpc_override_ssl_default_roots. Eventually,
|
| + if all these fail, it will try to get the roots from a well-known place on
|
| + disk (in the grpc install directory).
|
| + - pem_key_cert_pair is a pointer on the object containing client's private
|
| + key and certificate chain. This parameter can be NULL if the client does
|
| + not have such a key/cert pair. */
|
| +GRPCAPI grpc_channel_credentials *grpc_ssl_credentials_create(
|
| + const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pair,
|
| + void *reserved);
|
| +
|
| +/* --- grpc_call_credentials object.
|
| +
|
| + A call credentials object represents a way to authenticate on a particular
|
| + call. These credentials can be composed with a channel credentials object
|
| + so that they are sent with every call on this channel. */
|
| +
|
| +typedef struct grpc_call_credentials grpc_call_credentials;
|
| +
|
| +/* Releases a call credentials object.
|
| + The creator of the credentials object is responsible for its release. */
|
| +GRPCAPI void grpc_call_credentials_release(grpc_call_credentials *creds);
|
| +
|
| +/* Creates a composite channel credentials object. */
|
| +GRPCAPI grpc_channel_credentials *grpc_composite_channel_credentials_create(
|
| + grpc_channel_credentials *channel_creds, grpc_call_credentials *call_creds,
|
| + void *reserved);
|
| +
|
| +/* Creates a composite call credentials object. */
|
| +GRPCAPI grpc_call_credentials *grpc_composite_call_credentials_create(
|
| + grpc_call_credentials *creds1, grpc_call_credentials *creds2,
|
| + void *reserved);
|
| +
|
| +/* Creates a compute engine credentials object for connecting to Google.
|
| + WARNING: Do NOT use this credentials to connect to a non-google service as
|
| + this could result in an oauth2 token leak. */
|
| +GRPCAPI grpc_call_credentials *grpc_google_compute_engine_credentials_create(
|
| + void *reserved);
|
| +
|
| +GRPCAPI gpr_timespec grpc_max_auth_token_lifetime();
|
| +
|
| +/* Creates a JWT credentials object. May return NULL if the input is invalid.
|
| + - json_key is the JSON key string containing the client's private key.
|
| + - token_lifetime is the lifetime of each Json Web Token (JWT) created with
|
| + this credentials. It should not exceed grpc_max_auth_token_lifetime or
|
| + will be cropped to this value. */
|
| +GRPCAPI grpc_call_credentials *
|
| +grpc_service_account_jwt_access_credentials_create(const char *json_key,
|
| + gpr_timespec token_lifetime,
|
| + void *reserved);
|
| +
|
| +/* Creates an Oauth2 Refresh Token credentials object for connecting to Google.
|
| + May return NULL if the input is invalid.
|
| + WARNING: Do NOT use this credentials to connect to a non-google service as
|
| + this could result in an oauth2 token leak.
|
| + - json_refresh_token is the JSON string containing the refresh token itself
|
| + along with a client_id and client_secret. */
|
| +GRPCAPI grpc_call_credentials *grpc_google_refresh_token_credentials_create(
|
| + const char *json_refresh_token, void *reserved);
|
| +
|
| +/* Creates an Oauth2 Access Token credentials with an access token that was
|
| + aquired by an out of band mechanism. */
|
| +GRPCAPI grpc_call_credentials *grpc_access_token_credentials_create(
|
| + const char *access_token, void *reserved);
|
| +
|
| +/* Creates an IAM credentials object for connecting to Google. */
|
| +GRPCAPI grpc_call_credentials *grpc_google_iam_credentials_create(
|
| + const char *authorization_token, const char *authority_selector,
|
| + void *reserved);
|
| +
|
| +/* Callback function to be called by the metadata credentials plugin
|
| + implementation when the metadata is ready.
|
| + - user_data is the opaque pointer that was passed in the get_metadata method
|
| + of the grpc_metadata_credentials_plugin (see below).
|
| + - creds_md is an array of credentials metadata produced by the plugin. It
|
| + may be set to NULL in case of an error.
|
| + - num_creds_md is the number of items in the creds_md array.
|
| + - status must be GRPC_STATUS_OK in case of success or another specific error
|
| + code otherwise.
|
| + - error_details contains details about the error if any. In case of success
|
| + it should be NULL and will be otherwise ignored. */
|
| +typedef void (*grpc_credentials_plugin_metadata_cb)(
|
| + void *user_data, const grpc_metadata *creds_md, size_t num_creds_md,
|
| + grpc_status_code status, const char *error_details);
|
| +
|
| +/* Context that can be used by metadata credentials plugin in order to create
|
| + auth related metadata. */
|
| +typedef struct {
|
| + /* The fully qualifed service url. */
|
| + const char *service_url;
|
| +
|
| + /* The method name of the RPC being called (not fully qualified).
|
| + The fully qualified method name can be built from the service_url:
|
| + full_qualified_method_name = ctx->service_url + '/' + ctx->method_name. */
|
| + const char *method_name;
|
| +
|
| + /* The auth_context of the channel which gives the server's identity. */
|
| + const grpc_auth_context *channel_auth_context;
|
| +
|
| + /* Reserved for future use. */
|
| + void *reserved;
|
| +} grpc_auth_metadata_context;
|
| +
|
| +/* grpc_metadata_credentials plugin is an API user provided structure used to
|
| + create grpc_credentials objects that can be set on a channel (composed) or
|
| + a call. See grpc_credentials_metadata_create_from_plugin below.
|
| + The grpc client stack will call the get_metadata method of the plugin for
|
| + every call in scope for the credentials created from it. */
|
| +typedef struct {
|
| + /* The implementation of this method has to be non-blocking.
|
| + - context is the information that can be used by the plugin to create auth
|
| + metadata.
|
| + - cb is the callback that needs to be called when the metadata is ready.
|
| + - user_data needs to be passed as the first parameter of the callback. */
|
| + void (*get_metadata)(void *state, grpc_auth_metadata_context context,
|
| + grpc_credentials_plugin_metadata_cb cb, void *user_data);
|
| +
|
| + /* Destroys the plugin state. */
|
| + void (*destroy)(void *state);
|
| +
|
| + /* State that will be set as the first parameter of the methods above. */
|
| + void *state;
|
| +
|
| + /* Type of credentials that this plugin is implementing. */
|
| + const char *type;
|
| +} grpc_metadata_credentials_plugin;
|
| +
|
| +/* Creates a credentials object from a plugin. */
|
| +GRPCAPI grpc_call_credentials *grpc_metadata_credentials_create_from_plugin(
|
| + grpc_metadata_credentials_plugin plugin, void *reserved);
|
| +
|
| +/* --- Secure channel creation. --- */
|
| +
|
| +/* Creates a secure channel using the passed-in credentials. */
|
| +GRPCAPI grpc_channel *grpc_secure_channel_create(
|
| + grpc_channel_credentials *creds, const char *target,
|
| + const grpc_channel_args *args, void *reserved);
|
| +
|
| +/* --- grpc_server_credentials object. ---
|
| +
|
| + A server credentials object represents a way to authenticate a server. */
|
| +
|
| +typedef struct grpc_server_credentials grpc_server_credentials;
|
| +
|
| +/* Releases a server_credentials object.
|
| + The creator of the server_credentials object is responsible for its release.
|
| + */
|
| +GRPCAPI void grpc_server_credentials_release(grpc_server_credentials *creds);
|
| +
|
| +/* Creates an SSL server_credentials object.
|
| + - pem_roots_cert is the NULL-terminated string containing the PEM encoding of
|
| + the client root certificates. This parameter may be NULL if the server does
|
| + not want the client to be authenticated with SSL.
|
| + - pem_key_cert_pairs is an array private key / certificate chains of the
|
| + server. This parameter cannot be NULL.
|
| + - num_key_cert_pairs indicates the number of items in the private_key_files
|
| + and cert_chain_files parameters. It should be at least 1.
|
| + - force_client_auth, if set to non-zero will force the client to authenticate
|
| + with an SSL cert. Note that this option is ignored if pem_root_certs is
|
| + NULL. */
|
| +GRPCAPI grpc_server_credentials *grpc_ssl_server_credentials_create(
|
| + const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs,
|
| + size_t num_key_cert_pairs, int force_client_auth, void *reserved);
|
| +
|
| +/* --- Server-side secure ports. --- */
|
| +
|
| +/* Add a HTTP2 over an encrypted link over tcp listener.
|
| + Returns bound port number on success, 0 on failure.
|
| + REQUIRES: server not started */
|
| +GRPCAPI int grpc_server_add_secure_http2_port(grpc_server *server,
|
| + const char *addr,
|
| + grpc_server_credentials *creds);
|
| +
|
| +/* --- Call specific credentials. --- */
|
| +
|
| +/* Sets a credentials to a call. Can only be called on the client side before
|
| + grpc_call_start_batch. */
|
| +GRPCAPI grpc_call_error
|
| +grpc_call_set_credentials(grpc_call *call, grpc_call_credentials *creds);
|
| +
|
| +/* --- Auth Metadata Processing --- */
|
| +
|
| +/* Callback function that is called when the metadata processing is done.
|
| + - Consumed metadata will be removed from the set of metadata available on the
|
| + call. consumed_md may be NULL if no metadata has been consumed.
|
| + - Response metadata will be set on the response. response_md may be NULL.
|
| + - status is GRPC_STATUS_OK for success or a specific status for an error.
|
| + Common error status for auth metadata processing is either
|
| + GRPC_STATUS_UNAUTHENTICATED in case of an authentication failure or
|
| + GRPC_STATUS PERMISSION_DENIED in case of an authorization failure.
|
| + - error_details gives details about the error. May be NULL. */
|
| +typedef void (*grpc_process_auth_metadata_done_cb)(
|
| + void *user_data, const grpc_metadata *consumed_md, size_t num_consumed_md,
|
| + const grpc_metadata *response_md, size_t num_response_md,
|
| + grpc_status_code status, const char *error_details);
|
| +
|
| +/* Pluggable server-side metadata processor object. */
|
| +typedef struct {
|
| + /* The context object is read/write: it contains the properties of the
|
| + channel peer and it is the job of the process function to augment it with
|
| + properties derived from the passed-in metadata.
|
| + The lifetime of these objects is guaranteed until cb is invoked. */
|
| + void (*process)(void *state, grpc_auth_context *context,
|
| + const grpc_metadata *md, size_t num_md,
|
| + grpc_process_auth_metadata_done_cb cb, void *user_data);
|
| + void (*destroy)(void *state);
|
| + void *state;
|
| +} grpc_auth_metadata_processor;
|
| +
|
| +GRPCAPI void grpc_server_credentials_set_auth_metadata_processor(
|
| + grpc_server_credentials *creds, grpc_auth_metadata_processor processor);
|
| +
|
| +#ifdef __cplusplus
|
| +}
|
| +#endif
|
| +
|
| +#endif /* GRPC_GRPC_SECURITY_H */
|
|
|
Chromium Code Reviews
Issue 1932353002:
Initial checkin of gRPC to third_party/
Base URL: https://chromium.googlesource.com/chromium/src.git@master