GRPC Core  9.0.0
grpc_security.h
Go to the documentation of this file.
1 /*
2  *
3  * Copyright 2015 gRPC authors.
4  *
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  *
17  */
18 
19 #ifndef GRPC_GRPC_SECURITY_H
20 #define GRPC_GRPC_SECURITY_H
21 
23 
24 #include <grpc/grpc.h>
26 #include <grpc/status.h>
27 
28 #ifdef __cplusplus
29 extern "C" {
30 #endif
31 
35 
38  size_t index;
39  const char* name;
41 
43 typedef struct grpc_auth_property {
44  char* name;
45  char* value;
46  size_t value_length;
48 
52 
56 
61 
65  const grpc_auth_context* ctx, const char* name);
66 
70  const grpc_auth_context* ctx);
71 
74  const grpc_auth_context* ctx);
75 
79 
82 
90  const char* name, const char* value,
91  size_t value_length);
92 
95  const char* name,
96  const char* value);
97 
101  grpc_auth_context* ctx, const char* name);
102 
109 
113  size_t capacity);
114 
117 
121 
128 
132 
137 
145  char** pem_root_certs);
146 
154 
156 typedef struct {
159  const char* private_key;
160 
163  const char* cert_chain;
165 
170 typedef struct {
177  int (*verify_peer_callback)(const char* target_name, const char* peer_pem,
178  void* userdata);
185  void (*verify_peer_destruct)(void* userdata);
187 
190 typedef struct {
197  int (*verify_peer_callback)(const char* target_name, const char* peer_pem,
198  void* userdata);
205  void (*verify_peer_destruct)(void* userdata);
207 
238  const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pair,
239  const verify_peer_options* verify_options, void* reserved);
240 
241 /* Creates an SSL credentials object.
242  - pem_root_certs is the NULL-terminated string containing the PEM encoding
243  of the server root certificates. If this parameter is NULL, the
244  implementation will first try to dereference the file pointed by the
245  GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment variable, and if that fails,
246  try to get the roots set by grpc_override_ssl_default_roots. Eventually,
247  if all these fail, it will try to get the roots from a well-known place on
248  disk (in the grpc install directory).
249 
250  gRPC has implemented root cache if the underlying OpenSSL library supports
251  it. The gRPC root certificates cache is only applicable on the default
252  root certificates, which is used when this parameter is nullptr. If user
253  provides their own pem_root_certs, when creating an SSL credential object,
254  gRPC would not be able to cache it, and each subchannel will generate a
255  copy of the root store. So it is recommended to avoid providing large room
256  pem with pem_root_certs parameter to avoid excessive memory consumption,
257  particularly on mobile platforms such as iOS.
258  - pem_key_cert_pair is a pointer on the object containing client's private
259  key and certificate chain. This parameter can be NULL if the client does
260  not have such a key/cert pair.
261  - verify_options is an optional verify_peer_options object which holds
262  additional options controlling how peer certificates are verified. For
263  example, you can supply a callback which receives the peer's certificate
264  with which you can do additional verification. Can be NULL, in which
265  case verification will retain default behavior. Any settings in
266  verify_options are copied during this call, so the verify_options
267  object can be released afterwards. */
269  const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pair,
270  const grpc_ssl_verify_peer_options* verify_options, void* reserved);
271 
279 
283 
286  grpc_channel_credentials* channel_creds, grpc_call_credentials* call_creds,
287  void* reserved);
288 
292  void* reserved);
293 
298  void* reserved);
299 
301 
309  gpr_timespec token_lifetime,
310  void* reserved);
311 
319  const char* json_refresh_token, void* reserved);
320 
324  const char* access_token, void* reserved);
325 
328  const char* authorization_token, const char* authority_selector,
329  void* reserved);
330 
337 typedef struct {
338  const char* token_exchange_service_uri; /* Required. */
339  const char* resource; /* Optional. */
340  const char* audience; /* Optional. */
341  const char* scope; /* Optional. */
342  const char* requested_token_type; /* Optional. */
343  const char* subject_token_path; /* Required. */
344  const char* subject_token_type; /* Required. */
345  const char* actor_token_path; /* Optional. */
346  const char* actor_token_type; /* Optional. */
348 
354  const grpc_sts_credentials_options* options, void* reserved);
355 
368  void* user_data, const grpc_metadata* creds_md, size_t num_creds_md,
369  grpc_status_code status, const char* error_details);
370 
373 typedef struct {
375  const char* service_url;
376 
380  const char* method_name;
381 
384 
386  void* reserved;
388 
391 #define GRPC_METADATA_CREDENTIALS_PLUGIN_SYNC_MAX 4
392 
398 typedef struct {
417  int (*get_metadata)(
418  void* state, grpc_auth_metadata_context context,
419  grpc_credentials_plugin_metadata_cb cb, void* user_data,
421  size_t* num_creds_md, grpc_status_code* status,
422  const char** error_details);
423 
425  void (*destroy)(void* state);
426 
428  void* state;
429 
431  const char* type;
433 
436  grpc_metadata_credentials_plugin plugin, void* reserved);
437 
448  grpc_channel_credentials* creds, const char* target,
449  const grpc_channel_args* args, void* reserved);
450 
456 
461 
468 
481  const char* pem_root_certs,
482  const grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs,
483  size_t num_key_cert_pairs);
484 
488 
497  void* user_data, grpc_ssl_server_certificate_config** config);
498 
512  const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs,
513  size_t num_key_cert_pairs, int force_client_auth, void* reserved);
514 
520  const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs,
521  size_t num_key_cert_pairs,
522  grpc_ssl_client_certificate_request_type client_certificate_request,
523  void* reserved);
524 
527 
534  grpc_ssl_client_certificate_request_type client_certificate_request,
535  grpc_ssl_server_certificate_config* certificate_config);
536 
546  grpc_ssl_client_certificate_request_type client_certificate_request,
547  grpc_ssl_server_certificate_config_callback cb, void* user_data);
548 
552 
558 
565  const char* addr,
566  grpc_server_credentials* creds);
567 
573  grpc_call_credentials* creds);
574 
587  void* user_data, const grpc_metadata* consumed_md, size_t num_consumed_md,
588  const grpc_metadata* response_md, size_t num_response_md,
589  grpc_status_code status, const char* error_details);
590 
592 typedef struct {
597  void (*process)(void* state, grpc_auth_context* context,
598  const grpc_metadata* md, size_t num_md,
599  grpc_process_auth_metadata_done_cb cb, void* user_data);
600  void (*destroy)(void* state);
601  void* state;
603 
606 
618 
625 
632 
642  grpc_alts_credentials_options* options, const char* service_account);
643 
654 
664  const grpc_alts_credentials_options* options);
665 
675  const grpc_alts_credentials_options* options);
676 
689 
700 
707 
712 
717 
721 
725 
733 
742 
751 
760 
767  void);
768 
777  grpc_tls_key_materials_config* config, const char* pem_root_certs,
778  const grpc_ssl_pem_key_cert_pair** pem_key_cert_pairs,
779  size_t num_key_cert_pairs);
780 
787  grpc_tls_key_materials_config* config, int version);
788 
795 
800 
807 
830  const char* error_details;
832  void* context;
833  void (*destroy_context)(void* ctx);
834 };
835 
858  const void* config_user_data,
859  int (*schedule)(void* config_user_data,
861  void (*cancel)(void* config_user_data, grpc_tls_credential_reload_arg* arg),
862  void (*destruct)(void* config_user_data));
863 
869 
876 
902  int success;
903  const char* target_name;
904  const char* peer_cert;
906  const char* error_details;
908  void* context;
909  void (*destroy_context)(void* ctx);
910 };
911 
934  const void* config_user_data,
935  int (*schedule)(void* config_user_data,
937  void (*cancel)(void* config_user_data,
939  void (*destruct)(void* config_user_data));
940 
957 
971 
972 #ifdef __cplusplus
973 }
974 #endif
975 
976 #endif /* GRPC_GRPC_SECURITY_H */
GRPCAPI grpc_ssl_server_credentials_options * grpc_ssl_server_credentials_create_options_using_config(grpc_ssl_client_certificate_request_type client_certificate_request, grpc_ssl_server_certificate_config *certificate_config)
Creates an options object using a certificate config.
GRPCAPI int grpc_tls_key_materials_config_get_version(grpc_tls_key_materials_config *config)
Get the version number of a grpc_tls_key_materials_config instance.
GRPCAPI grpc_call_credentials * grpc_google_iam_credentials_create(const char *authorization_token, const char *authority_selector, void *reserved)
Creates an IAM credentials object for connecting to Google.
GRPCAPI const grpc_auth_property * grpc_auth_property_iterator_next(grpc_auth_property_iterator *it)
Returns NULL when the iterator is at the end.
GRPCAPI void grpc_ssl_server_certificate_config_destroy(grpc_ssl_server_certificate_config *config)
Destroys a grpc_ssl_server_certificate_config object.
void(* grpc_credentials_plugin_metadata_cb)(void *user_data, const grpc_metadata *creds_md, size_t num_creds_md, grpc_status_code status, const char *error_details)
Callback function to be called by the metadata credentials plugin implementation when the metadata is...
Definition: grpc_security.h:367
struct grpc_tls_server_authorization_check_config grpc_tls_server_authorization_check_config
Config for TLS server authorization check.
Definition: grpc_security.h:715
GRPCAPI grpc_ssl_server_credentials_options * grpc_ssl_server_credentials_create_options_using_config_fetcher(grpc_ssl_client_certificate_request_type client_certificate_request, grpc_ssl_server_certificate_config_callback cb, void *user_data)
Creates an options object using a certificate config fetcher.
GRPCAPI grpc_ssl_server_certificate_config * grpc_ssl_server_certificate_config_create(const char *pem_root_certs, const grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs, size_t num_key_cert_pairs)
Creates a grpc_ssl_server_certificate_config object.
GRPCAPI int grpc_tls_credentials_options_set_credential_reload_config(grpc_tls_credentials_options *options, grpc_tls_credential_reload_config *config)
Set grpc_tls_credential_reload_config field in credentials options with the provided config struct wh...
struct grpc_alts_credentials_options grpc_alts_credentials_options
— ALTS channel/server credentials —
Definition: grpc_security.h:617
GRPCAPI grpc_tls_credential_reload_config * grpc_tls_credential_reload_config_create(const void *config_user_data, int(*schedule)(void *config_user_data, grpc_tls_credential_reload_arg *arg), void(*cancel)(void *config_user_data, grpc_tls_credential_reload_arg *arg), void(*destruct)(void *config_user_data))
Create a grpc_tls_credential_reload_config instance.
struct grpc_call_credentials grpc_call_credentials
— grpc_call_credentials object.
Definition: grpc_security.h:278
struct grpc_tls_key_materials_config grpc_tls_key_materials_config
— SPIFFE and HTTPS-based TLS channel/server credentials — It is used for experimental purpose for now...
Definition: grpc_security.h:706
GRPCAPI grpc_alts_credentials_options * grpc_alts_credentials_server_options_create(void)
This method creates a grpc ALTS credentials server options instance.
GRPCAPI grpc_tls_key_materials_config * grpc_tls_key_materials_config_create(void)
— TLS key materials config.
#define GRPC_METADATA_CREDENTIALS_PLUGIN_SYNC_MAX
Maximum number of metadata entries returnable by a credentials plugin via a synchronous return.
Definition: grpc_security.h:391
void(* grpc_process_auth_metadata_done_cb)(void *user_data, const grpc_metadata *consumed_md, size_t num_consumed_md, const grpc_metadata *response_md, size_t num_response_md, grpc_status_code status, const char *error_details)
— Auth Metadata Processing —
Definition: grpc_security.h:586
GRPCAPI void grpc_server_credentials_set_auth_metadata_processor(grpc_server_credentials *creds, grpc_auth_metadata_processor processor)
GRPCAPI grpc_server_credentials * grpc_local_server_credentials_create(grpc_local_connect_type type)
This method creates a local server credential object.
GRPCAPI void grpc_alts_credentials_options_destroy(grpc_alts_credentials_options *options)
This method destroys a grpc_alts_credentials_options instance by de-allocating all of its occupied me...
GRPCAPI grpc_auth_context * grpc_call_auth_context(grpc_call *call)
Gets the auth context from the call.
GRPCAPI void grpc_ssl_session_cache_destroy(grpc_ssl_session_cache *cache)
Destroy SSL session cache.
GRPCAPI gpr_timespec grpc_max_auth_token_lifetime(void)
GRPCAPI void grpc_set_ssl_roots_override_callback(grpc_ssl_roots_override_callback cb)
Setup a callback to override the default TLS/SSL roots.
void(* grpc_tls_on_credential_reload_done_cb)(grpc_tls_credential_reload_arg *arg)
A callback function provided by gRPC to handle the result of credential reload.
Definition: grpc_security.h:805
GRPCAPI grpc_auth_property_iterator grpc_auth_context_peer_identity(const grpc_auth_context *ctx)
Gets the peer identity.
GRPCAPI grpc_arg grpc_ssl_session_cache_create_channel_arg(grpc_ssl_session_cache *cache)
Create a channel arg with the given cache object.
GRPCAPI int grpc_server_add_secure_http2_port(grpc_server *server, const char *addr, grpc_server_credentials *creds)
— Server-side secure ports.
GRPCAPI grpc_channel_credentials * grpc_ssl_credentials_create_ex(const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pair, const grpc_ssl_verify_peer_options *verify_options, void *reserved)
GRPCAPI void grpc_channel_credentials_release(grpc_channel_credentials *creds)
Releases a channel credentials object.
GRPCAPI const char * grpc_auth_context_peer_identity_property_name(const grpc_auth_context *ctx)
Gets the name of the property that indicates the peer identity.
GRPCAPI int grpc_auth_context_peer_is_authenticated(const grpc_auth_context *ctx)
Returns 1 if the peer is authenticated, 0 otherwise.
GRPCAPI grpc_server_credentials * grpc_alts_server_credentials_create(const grpc_alts_credentials_options *options)
This method creates an ALTS server credential object.
GRPCAPI grpc_server_credentials * grpc_ssl_server_credentials_create_ex(const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs, size_t num_key_cert_pairs, grpc_ssl_client_certificate_request_type client_certificate_request, void *reserved)
Deprecated in favor of grpc_ssl_server_credentials_create_with_options.
GRPCAPI grpc_call_credentials * grpc_composite_call_credentials_create(grpc_call_credentials *creds1, grpc_call_credentials *creds2, void *reserved)
Creates a composite call credentials object.
GRPCAPI grpc_channel_credentials * grpc_google_default_credentials_create(void)
Creates default credentials to connect to a google gRPC service.
GRPCAPI grpc_channel_credentials * grpc_local_credentials_create(grpc_local_connect_type type)
— Local channel/server credentials —
GRPCAPI int grpc_tls_credentials_options_set_key_materials_config(grpc_tls_credentials_options *options, grpc_tls_key_materials_config *config)
Set grpc_tls_key_materials_config field in credentials options with the provided config struct whose ...
struct grpc_ssl_session_cache grpc_ssl_session_cache
— SSL Session Cache.
Definition: grpc_security.h:108
GRPCAPI void grpc_auth_context_add_cstring_property(grpc_auth_context *ctx, const char *name, const char *value)
Add a C string property.
grpc_server_credentials * grpc_tls_spiffe_server_credentials_create(grpc_tls_credentials_options *options)
This method creates a TLS server credential object.
GRPCAPI grpc_channel_credentials * grpc_ssl_credentials_create(const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pair, const verify_peer_options *verify_options, void *reserved)
Deprecated in favor of grpc_ssl_server_credentials_create_ex.
GRPCAPI int grpc_tls_credentials_options_set_cert_request_type(grpc_tls_credentials_options *options, grpc_ssl_client_certificate_request_type type)
Set grpc_ssl_client_certificate_request_type field in credentials options with the provided type.
struct grpc_auth_property grpc_auth_property
value, if not NULL, is guaranteed to be NULL terminated.
grpc_ssl_roots_override_result(* grpc_ssl_roots_override_callback)(char **pem_root_certs)
Callback for getting the SSL roots override from the application.
Definition: grpc_security.h:144
grpc_ssl_certificate_config_reload_status(* grpc_ssl_server_certificate_config_callback)(void *user_data, grpc_ssl_server_certificate_config **config)
Callback to retrieve updated SSL server certificates, private keys, and trusted CAs (for client authe...
Definition: grpc_security.h:496
GRPCAPI void grpc_server_credentials_release(grpc_server_credentials *creds)
Releases a server_credentials object.
GRPCAPI grpc_channel_credentials * grpc_composite_channel_credentials_create(grpc_channel_credentials *channel_creds, grpc_call_credentials *call_creds, void *reserved)
Creates a composite channel credentials object.
struct grpc_tls_credentials_options grpc_tls_credentials_options
TLS credentials options.
Definition: grpc_security.h:720
GRPCAPI grpc_tls_server_authorization_check_config * grpc_tls_server_authorization_check_config_create(const void *config_user_data, int(*schedule)(void *config_user_data, grpc_tls_server_authorization_check_arg *arg), void(*cancel)(void *config_user_data, grpc_tls_server_authorization_check_arg *arg), void(*destruct)(void *config_user_data))
Create a grpc_tls_server_authorization_check_config instance.
GRPCAPI void grpc_auth_context_add_property(grpc_auth_context *ctx, const char *name, const char *value, size_t value_length)
– The following auth context methods should only be called by a server metadata
GRPCAPI void grpc_alts_credentials_client_options_add_target_service_account(grpc_alts_credentials_options *options, const char *service_account)
This method adds a target service account to grpc client's ALTS credentials options instance.
GRPCAPI int grpc_auth_context_set_peer_identity_property_name(grpc_auth_context *ctx, const char *name)
Sets the property name.
GRPCAPI grpc_auth_property_iterator grpc_auth_context_find_properties_by_name(const grpc_auth_context *ctx, const char *name)
Finds a property in the context.
grpc_channel_credentials * grpc_tls_spiffe_credentials_create(grpc_tls_credentials_options *options)
— SPIFFE channel/server credentials —
struct grpc_auth_context grpc_auth_context
— Authentication Context.
Definition: grpc_security.h:34
GRPCAPI grpc_call_credentials * grpc_sts_credentials_create(const grpc_sts_credentials_options *options, void *reserved)
Creates an STS credentials following the STS Token Exchanged specifed in the IETF draft https://tools...
GRPCAPI grpc_call_credentials * grpc_google_refresh_token_credentials_create(const char *json_refresh_token, void *reserved)
Creates an Oauth2 Refresh Token credentials object for connecting to Google.
GRPCAPI void grpc_ssl_server_credentials_options_destroy(grpc_ssl_server_credentials_options *options)
Destroys a grpc_ssl_server_credentials_options object.
GRPCAPI int grpc_tls_credentials_options_set_server_authorization_check_config(grpc_tls_credentials_options *options, grpc_tls_server_authorization_check_config *config)
Set grpc_tls_server_authorization_check_config field in credentials options with the provided config ...
GRPCAPI grpc_call_credentials * grpc_access_token_credentials_create(const char *access_token, void *reserved)
Creates an Oauth2 Access Token credentials with an access token that was acquired by an out of band m...
struct grpc_server_credentials grpc_server_credentials
— grpc_server_credentials object.
Definition: grpc_security.h:455
GRPCAPI void grpc_auth_context_release(grpc_auth_context *context)
Releases the auth context returned from grpc_call_auth_context.
GRPCAPI int grpc_tls_key_materials_config_set_version(grpc_tls_key_materials_config *config, int version)
Set grpc_tls_key_materials_config instance with a provided version number, which is used to keep trac...
GRPCAPI grpc_call_error grpc_call_set_credentials(grpc_call *call, grpc_call_credentials *creds)
— Call specific credentials.
struct grpc_channel_credentials grpc_channel_credentials
— grpc_channel_credentials object.
Definition: grpc_security.h:127
GRPCAPI int grpc_tls_key_materials_config_set_key_materials(grpc_tls_key_materials_config *config, const char *pem_root_certs, const grpc_ssl_pem_key_cert_pair **pem_key_cert_pairs, size_t num_key_cert_pairs)
Set grpc_tls_key_materials_config instance with provided a TLS certificate.
void(* grpc_tls_on_server_authorization_check_done_cb)(grpc_tls_server_authorization_check_arg *arg)
callback function provided by gRPC used to handle the result of server authorization check.
Definition: grpc_security.h:874
GRPCAPI grpc_channel * grpc_secure_channel_create(grpc_channel_credentials *creds, const char *target, const grpc_channel_args *args, void *reserved)
— Secure channel creation.
struct grpc_ssl_server_certificate_config grpc_ssl_server_certificate_config
Server certificate config object holds the server's public certificates and associated private keys,...
Definition: grpc_security.h:466
GRPCAPI grpc_tls_credentials_options * grpc_tls_credentials_options_create(void)
Create an empty TLS credentials options.
GRPCAPI grpc_server_credentials * grpc_ssl_server_credentials_create(const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs, size_t num_key_cert_pairs, int force_client_auth, void *reserved)
Deprecated in favor of grpc_ssl_server_credentials_create_ex.
struct grpc_ssl_server_credentials_options grpc_ssl_server_credentials_options
Definition: grpc_security.h:525
GRPCAPI grpc_channel_credentials * grpc_alts_credentials_create(const grpc_alts_credentials_options *options)
This method creates an ALTS channel credential object.
GRPCAPI grpc_alts_credentials_options * grpc_alts_credentials_client_options_create(void)
This method creates a grpc ALTS credentials client options instance.
GRPCAPI grpc_ssl_session_cache * grpc_ssl_session_cache_create_lru(size_t capacity)
Create LRU cache for client-side SSL sessions with the given capacity.
GRPCAPI grpc_call_credentials * grpc_service_account_jwt_access_credentials_create(const char *json_key, gpr_timespec token_lifetime, void *reserved)
Creates a JWT credentials object.
GRPCAPI void grpc_call_credentials_release(grpc_call_credentials *creds)
Releases a call credentials object.
GRPCAPI grpc_server_credentials * grpc_ssl_server_credentials_create_with_options(grpc_ssl_server_credentials_options *options)
Creates an SSL server_credentials object using the provided options struct.
struct grpc_auth_property_iterator grpc_auth_property_iterator
GRPCAPI grpc_call_credentials * grpc_metadata_credentials_create_from_plugin(grpc_metadata_credentials_plugin plugin, void *reserved)
Creates a credentials object from a plugin.
struct grpc_tls_credential_reload_config grpc_tls_credential_reload_config
Config for TLS credential reload.
Definition: grpc_security.h:710
GRPCAPI grpc_auth_property_iterator grpc_auth_context_property_iterator(const grpc_auth_context *ctx)
Iterates over the auth context.
GRPCAPI grpc_call_credentials * grpc_google_compute_engine_credentials_create(void *reserved)
Creates a compute engine credentials object for connecting to Google.
grpc_ssl_client_certificate_request_type
Definition: grpc_security_constants.h:59
grpc_local_connect_type
Type of local connections for which local channel/server credentials will be applied.
Definition: grpc_security_constants.h:112
grpc_ssl_certificate_config_reload_status
Callback results for dynamically loading a SSL certificate config.
Definition: grpc_security_constants.h:53
grpc_ssl_roots_override_result
Results for the SSL roots override callback.
Definition: grpc_security_constants.h:46
grpc_call_error
Result of a grpc call.
Definition: grpc_types.h:407
struct grpc_call grpc_call
A Call represents an RPC.
Definition: grpc_types.h:70
struct grpc_server grpc_server
A server listens to some port and responds to request calls.
Definition: grpc_types.h:65
struct grpc_channel grpc_channel
The Channel interface allows creation of Call objects.
Definition: grpc_types.h:62
#define GRPCAPI
Definition: port_platform.h:608
grpc_status_code
Definition: status.h:26
Analogous to struct timespec.
Definition: gpr_types.h:47
A single argument...
Definition: grpc_types.h:103
Context that can be used by metadata credentials plugin in order to create auth related metadata.
Definition: grpc_security.h:373
void * reserved
Reserved for future use.
Definition: grpc_security.h:386
const char * service_url
The fully qualifed service url.
Definition: grpc_security.h:375
const grpc_auth_context * channel_auth_context
The auth_context of the channel which gives the server's identity.
Definition: grpc_security.h:383
const char * method_name
The method name of the RPC being called (not fully qualified).
Definition: grpc_security.h:380
Pluggable server-side metadata processor object.
Definition: grpc_security.h:592
void * state
Definition: grpc_security.h:601
Definition: grpc_security.h:36
const char * name
Definition: grpc_security.h:39
const grpc_auth_context * ctx
Definition: grpc_security.h:37
size_t index
Definition: grpc_security.h:38
value, if not NULL, is guaranteed to be NULL terminated.
Definition: grpc_security.h:43
size_t value_length
Definition: grpc_security.h:46
char * name
Definition: grpc_security.h:44
char * value
Definition: grpc_security.h:45
An array of arguments that can be passed around.
Definition: grpc_types.h:132
grpc_metadata_credentials plugin is an API user provided structure used to create grpc_credentials ob...
Definition: grpc_security.h:398
void * state
State that will be set as the first parameter of the methods above.
Definition: grpc_security.h:428
const char * type
Type of credentials that this plugin is implementing.
Definition: grpc_security.h:431
A single metadata element.
Definition: grpc_types.h:485
Object that holds a private key / certificate chain pair in PEM format.
Definition: grpc_security.h:156
const char * private_key
private_key is the NULL-terminated string containing the PEM encoding of the client's private key.
Definition: grpc_security.h:159
const char * cert_chain
cert_chain is the NULL-terminated string containing the PEM encoding of the client's certificate chai...
Definition: grpc_security.h:163
Object that holds additional peer-verification options on a secure channel.
Definition: grpc_security.h:190
void * verify_peer_callback_userdata
Arbitrary userdata that will be passed as the last argument to verify_peer_callback.
Definition: grpc_security.h:201
Options for creating STS Oauth Token Exchange credentials following the IETF draft https://tools....
Definition: grpc_security.h:337
const char * requested_token_type
Definition: grpc_security.h:342
const char * scope
Definition: grpc_security.h:341
const char * actor_token_type
Definition: grpc_security.h:346
const char * subject_token_path
Definition: grpc_security.h:343
const char * subject_token_type
Definition: grpc_security.h:344
const char * actor_token_path
Definition: grpc_security.h:345
const char * audience
Definition: grpc_security.h:340
const char * token_exchange_service_uri
Definition: grpc_security.h:338
const char * resource
Definition: grpc_security.h:339
A struct containing all information necessary to schedule/cancel a credential reload request.
Definition: grpc_security.h:825
void(* destroy_context)(void *ctx)
Definition: grpc_security.h:833
grpc_tls_on_credential_reload_done_cb cb
Definition: grpc_security.h:826
void * context
Definition: grpc_security.h:832
grpc_ssl_certificate_config_reload_status status
Definition: grpc_security.h:829
void * cb_user_data
Definition: grpc_security.h:827
grpc_tls_key_materials_config * key_materials_config
Definition: grpc_security.h:828
grpc_tls_credential_reload_config * config
Definition: grpc_security.h:831
const char * error_details
Definition: grpc_security.h:830
A struct containing all information necessary to schedule/cancel a server authorization check request...
Definition: grpc_security.h:899
void * cb_user_data
Definition: grpc_security.h:901
int success
Definition: grpc_security.h:902
const char * target_name
Definition: grpc_security.h:903
const char * error_details
Definition: grpc_security.h:906
grpc_tls_server_authorization_check_config * config
Definition: grpc_security.h:907
grpc_tls_on_server_authorization_check_done_cb cb
Definition: grpc_security.h:900
void * context
Definition: grpc_security.h:908
const char * peer_cert
Definition: grpc_security.h:904
grpc_status_code status
Definition: grpc_security.h:905
void(* destroy_context)(void *ctx)
Definition: grpc_security.h:909
Deprecated in favor of grpc_ssl_verify_peer_options.
Definition: grpc_security.h:170
void * verify_peer_callback_userdata
Arbitrary userdata that will be passed as the last argument to verify_peer_callback.
Definition: grpc_security.h:181