Home | History | Annotate | Download | only in fixtures 
      1 /*
      2  *
      3  * Copyright 2015 gRPC authors.
      4  *
      5  * Licensed under the Apache License, Version 2.0 (the "License");
      6  * you may not use this file except in compliance with the License.
      7  * You may obtain a copy of the License at
      8  *
      9  *     http://www.apache.org/licenses/LICENSE-2.0
     10  *
     11  * Unless required by applicable law or agreed to in writing, software
     12  * distributed under the License is distributed on an "AS IS" BASIS,
     13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     14  * See the License for the specific language governing permissions and
     15  * limitations under the License.
     16  *
     17  */
     18 
     19 #include "test/core/end2end/end2end_tests.h"
     20 
     21 #include <stdio.h>
     22 #include <string.h>
     23 
     24 #include <grpc/support/alloc.h>
     25 #include <grpc/support/log.h>
     26 
     27 #include "src/core/lib/channel/channel_args.h"
     28 #include "src/core/lib/gpr/env.h"
     29 #include "src/core/lib/gpr/host_port.h"
     30 #include "src/core/lib/gpr/string.h"
     31 #include "src/core/lib/gpr/tmpfile.h"
     32 #include "src/core/lib/security/credentials/credentials.h"
     33 #include "test/core/end2end/data/ssl_test_data.h"
     34 #include "test/core/end2end/fixtures/proxy.h"
     35 #include "test/core/util/port.h"
     36 #include "test/core/util/test_config.h"
     37 
     38 typedef struct fullstack_secure_fixture_data {
     39   grpc_end2end_proxy* proxy;
     40 } fullstack_secure_fixture_data;
     41 
     42 static grpc_server* create_proxy_server(const char* port,
     43                                         grpc_channel_args* server_args) {
     44   grpc_server* s = grpc_server_create(server_args, nullptr);
     45   grpc_ssl_pem_key_cert_pair pem_cert_key_pair = {test_server1_key,
     46                                                   test_server1_cert};
     47   grpc_server_credentials* ssl_creds = grpc_ssl_server_credentials_create(
     48       nullptr, &pem_cert_key_pair, 1, 0, nullptr);
     49   GPR_ASSERT(grpc_server_add_secure_http2_port(s, port, ssl_creds));
     50   grpc_server_credentials_release(ssl_creds);
     51   return s;
     52 }
     53 
     54 static grpc_channel* create_proxy_client(const char* target,
     55                                          grpc_channel_args* client_args) {
     56   grpc_channel* channel;
     57   grpc_channel_credentials* ssl_creds =
     58       grpc_ssl_credentials_create(nullptr, nullptr, nullptr, nullptr);
     59   grpc_arg ssl_name_override = {
     60       GRPC_ARG_STRING,
     61       const_cast<char*>(GRPC_SSL_TARGET_NAME_OVERRIDE_ARG),
     62       {const_cast<char*>("foo.test.google.fr")}};
     63   grpc_channel_args* new_client_args =
     64       grpc_channel_args_copy_and_add(client_args, &ssl_name_override, 1);
     65   channel =
     66       grpc_secure_channel_create(ssl_creds, target, new_client_args, nullptr);
     67   grpc_channel_credentials_release(ssl_creds);
     68   {
     69     grpc_core::ExecCtx exec_ctx;
     70     grpc_channel_args_destroy(new_client_args);
     71   }
     72   return channel;
     73 }
     74 
     75 static const grpc_end2end_proxy_def proxy_def = {create_proxy_server,
     76                                                  create_proxy_client};
     77 
     78 static grpc_end2end_test_fixture chttp2_create_fixture_secure_fullstack(
     79     grpc_channel_args* client_args, grpc_channel_args* server_args) {
     80   grpc_end2end_test_fixture f;
     81   fullstack_secure_fixture_data* ffd =
     82       static_cast<fullstack_secure_fixture_data*>(
     83           gpr_malloc(sizeof(fullstack_secure_fixture_data)));
     84   memset(&f, 0, sizeof(f));
     85 
     86   ffd->proxy = grpc_end2end_proxy_create(&proxy_def, client_args, server_args);
     87 
     88   f.fixture_data = ffd;
     89   f.cq = grpc_completion_queue_create_for_next(nullptr);
     90   f.shutdown_cq = grpc_completion_queue_create_for_pluck(nullptr);
     91 
     92   return f;
     93 }
     94 
     95 static void process_auth_failure(void* state, grpc_auth_context* ctx,
     96                                  const grpc_metadata* md, size_t md_count,
     97                                  grpc_process_auth_metadata_done_cb cb,
     98                                  void* user_data) {
     99   GPR_ASSERT(state == nullptr);
    100   cb(user_data, nullptr, 0, nullptr, 0, GRPC_STATUS_UNAUTHENTICATED, nullptr);
    101 }
    102 
    103 static void chttp2_init_client_secure_fullstack(
    104     grpc_end2end_test_fixture* f, grpc_channel_args* client_args,
    105     grpc_channel_credentials* creds) {
    106   fullstack_secure_fixture_data* ffd =
    107       static_cast<fullstack_secure_fixture_data*>(f->fixture_data);
    108   f->client = grpc_secure_channel_create(
    109       creds, grpc_end2end_proxy_get_client_target(ffd->proxy), client_args,
    110       nullptr);
    111   GPR_ASSERT(f->client != nullptr);
    112   grpc_channel_credentials_release(creds);
    113 }
    114 
    115 static void chttp2_init_server_secure_fullstack(
    116     grpc_end2end_test_fixture* f, grpc_channel_args* server_args,
    117     grpc_server_credentials* server_creds) {
    118   fullstack_secure_fixture_data* ffd =
    119       static_cast<fullstack_secure_fixture_data*>(f->fixture_data);
    120   if (f->server) {
    121     grpc_server_destroy(f->server);
    122   }
    123   f->server = grpc_server_create(server_args, nullptr);
    124   grpc_server_register_completion_queue(f->server, f->cq, nullptr);
    125   GPR_ASSERT(grpc_server_add_secure_http2_port(
    126       f->server, grpc_end2end_proxy_get_server_port(ffd->proxy), server_creds));
    127   grpc_server_credentials_release(server_creds);
    128   grpc_server_start(f->server);
    129 }
    130 
    131 void chttp2_tear_down_secure_fullstack(grpc_end2end_test_fixture* f) {
    132   fullstack_secure_fixture_data* ffd =
    133       static_cast<fullstack_secure_fixture_data*>(f->fixture_data);
    134   grpc_end2end_proxy_destroy(ffd->proxy);
    135   gpr_free(ffd);
    136 }
    137 
    138 static void chttp2_init_client_simple_ssl_secure_fullstack(
    139     grpc_end2end_test_fixture* f, grpc_channel_args* client_args) {
    140   grpc_channel_credentials* ssl_creds =
    141       grpc_ssl_credentials_create(nullptr, nullptr, nullptr, nullptr);
    142   grpc_arg ssl_name_override = {
    143       GRPC_ARG_STRING,
    144       const_cast<char*>(GRPC_SSL_TARGET_NAME_OVERRIDE_ARG),
    145       {const_cast<char*>("foo.test.google.fr")}};
    146   grpc_channel_args* new_client_args =
    147       grpc_channel_args_copy_and_add(client_args, &ssl_name_override, 1);
    148   chttp2_init_client_secure_fullstack(f, new_client_args, ssl_creds);
    149   {
    150     grpc_core::ExecCtx exec_ctx;
    151     grpc_channel_args_destroy(new_client_args);
    152   }
    153 }
    154 
    155 static int fail_server_auth_check(grpc_channel_args* server_args) {
    156   size_t i;
    157   if (server_args == nullptr) return 0;
    158   for (i = 0; i < server_args->num_args; i++) {
    159     if (strcmp(server_args->args[i].key, FAIL_AUTH_CHECK_SERVER_ARG_NAME) ==
    160         0) {
    161       return 1;
    162     }
    163   }
    164   return 0;
    165 }
    166 
    167 static void chttp2_init_server_simple_ssl_secure_fullstack(
    168     grpc_end2end_test_fixture* f, grpc_channel_args* server_args) {
    169   grpc_ssl_pem_key_cert_pair pem_cert_key_pair = {test_server1_key,
    170                                                   test_server1_cert};
    171   grpc_server_credentials* ssl_creds = grpc_ssl_server_credentials_create(
    172       nullptr, &pem_cert_key_pair, 1, 0, nullptr);
    173   if (fail_server_auth_check(server_args)) {
    174     grpc_auth_metadata_processor processor = {process_auth_failure, nullptr,
    175                                               nullptr};
    176     grpc_server_credentials_set_auth_metadata_processor(ssl_creds, processor);
    177   }
    178   chttp2_init_server_secure_fullstack(f, server_args, ssl_creds);
    179 }
    180 
    181 /* All test configurations */
    182 
    183 static grpc_end2end_test_config configs[] = {
    184     {"chttp2/simple_ssl_fullstack",
    185      FEATURE_MASK_SUPPORTS_DELAYED_CONNECTION |
    186          FEATURE_MASK_SUPPORTS_REQUEST_PROXYING |
    187          FEATURE_MASK_SUPPORTS_PER_CALL_CREDENTIALS |
    188          FEATURE_MASK_SUPPORTS_CLIENT_CHANNEL |
    189          FEATURE_MASK_SUPPORTS_AUTHORITY_HEADER,
    190      "foo.test.google.fr", chttp2_create_fixture_secure_fullstack,
    191      chttp2_init_client_simple_ssl_secure_fullstack,
    192      chttp2_init_server_simple_ssl_secure_fullstack,
    193      chttp2_tear_down_secure_fullstack},
    194 };
    195 
    196 int main(int argc, char** argv) {
    197   size_t i;
    198   FILE* roots_file;
    199   size_t roots_size = strlen(test_root_cert);
    200   char* roots_filename;
    201 
    202   grpc_test_init(argc, argv);
    203   grpc_end2end_tests_pre_init();
    204 
    205   /* Set the SSL roots env var. */
    206   roots_file = gpr_tmpfile("chttp2_simple_ssl_fullstack_test", &roots_filename);
    207   GPR_ASSERT(roots_filename != nullptr);
    208   GPR_ASSERT(roots_file != nullptr);
    209   GPR_ASSERT(fwrite(test_root_cert, 1, roots_size, roots_file) == roots_size);
    210   fclose(roots_file);
    211   gpr_setenv(GRPC_DEFAULT_SSL_ROOTS_FILE_PATH_ENV_VAR, roots_filename);
    212 
    213   grpc_init();
    214 
    215   for (i = 0; i < sizeof(configs) / sizeof(*configs); i++) {
    216     grpc_end2end_tests(argc, argv, configs[i]);
    217   }
    218 
    219   grpc_shutdown();
    220 
    221   /* Cleanup. */
    222   remove(roots_filename);
    223   gpr_free(roots_filename);
    224 
    225   return 0;
    226 }
    227