Skip to content
Snippets Groups Projects
Commit 1fe942f7 authored by Jan Tattermusch's avatar Jan Tattermusch
Browse files

Merge pull request #5700 from bluecmd/ssl-defaults

ssl_channel_credentials to use None by default
parents 4da87600 ce2a2d04
No related branches found
No related tags found
No related merge requests found
# Copyright 2015, Google Inc. # Copyright 2015-2016, Google Inc.
# All rights reserved. # All rights reserved.
# #
# Redistribution and use in source and binary forms, with or without # Redistribution and use in source and binary forms, with or without
...@@ -61,15 +61,16 @@ class ChannelCredentials(object): ...@@ -61,15 +61,16 @@ class ChannelCredentials(object):
self._low_credentials = low_credentials self._low_credentials = low_credentials
def ssl_channel_credentials(root_certificates, private_key, certificate_chain): def ssl_channel_credentials(root_certificates=None, private_key=None,
certificate_chain=None):
"""Creates a ChannelCredentials for use with an SSL-enabled Channel. """Creates a ChannelCredentials for use with an SSL-enabled Channel.
Args: Args:
root_certificates: The PEM-encoded root certificates or None to ask for root_certificates: The PEM-encoded root certificates or unset to ask for
them to be retrieved from a default location. them to be retrieved from a default location.
private_key: The PEM-encoded private key to use or None if no private key private_key: The PEM-encoded private key to use or unset if no private key
should be used. should be used.
certificate_chain: The PEM-encoded certificate chain to use or None if no certificate_chain: The PEM-encoded certificate chain to use or unset if no
certificate chain should be used. certificate chain should be used.
Returns: Returns:
......
# Copyright 2015, Google Inc. # Copyright 2015-2016, Google Inc.
# All rights reserved. # All rights reserved.
# #
# Redistribution and use in source and binary forms, with or without # Redistribution and use in source and binary forms, with or without
...@@ -56,7 +56,7 @@ class SecureInteropTest( ...@@ -56,7 +56,7 @@ class SecureInteropTest(
self.stub = test_pb2.beta_create_TestService_stub( self.stub = test_pb2.beta_create_TestService_stub(
test_utilities.not_really_secure_channel( test_utilities.not_really_secure_channel(
'[::]', port, implementations.ssl_channel_credentials( '[::]', port, implementations.ssl_channel_credentials(
resources.test_root_certificates(), None, None), resources.test_root_certificates()),
_SERVER_HOST_OVERRIDE)) _SERVER_HOST_OVERRIDE))
def tearDown(self): def tearDown(self):
......
# Copyright 2015, Google Inc. # Copyright 2015-2016, Google Inc.
# All rights reserved. # All rights reserved.
# #
# Redistribution and use in source and binary forms, with or without # Redistribution and use in source and binary forms, with or without
...@@ -94,7 +94,7 @@ def _stub(args): ...@@ -94,7 +94,7 @@ def _stub(args):
channel = test_utilities.not_really_secure_channel( channel = test_utilities.not_really_secure_channel(
args.server_host, args.server_port, args.server_host, args.server_port,
implementations.ssl_channel_credentials(root_certificates, None, None), implementations.ssl_channel_credentials(root_certificates),
args.server_host_override) args.server_host_override)
stub = test_pb2.beta_create_TestService_stub( stub = test_pb2.beta_create_TestService_stub(
channel, metadata_transformer=metadata_transformer) channel, metadata_transformer=metadata_transformer)
......
# Copyright 2015, Google Inc. # Copyright 2015-2016, Google Inc.
# All rights reserved. # All rights reserved.
# #
# Redistribution and use in source and binary forms, with or without # Redistribution and use in source and binary forms, with or without
...@@ -183,7 +183,7 @@ class BetaFeaturesTest(unittest.TestCase): ...@@ -183,7 +183,7 @@ class BetaFeaturesTest(unittest.TestCase):
port = self._server.add_secure_port('[::]:0', server_credentials) port = self._server.add_secure_port('[::]:0', server_credentials)
self._server.start() self._server.start()
self._channel_credentials = implementations.ssl_channel_credentials( self._channel_credentials = implementations.ssl_channel_credentials(
resources.test_root_certificates(), None, None) resources.test_root_certificates())
self._call_credentials = implementations.metadata_call_credentials( self._call_credentials = implementations.metadata_call_credentials(
_metadata_plugin) _metadata_plugin)
channel = test_utilities.not_really_secure_channel( channel = test_utilities.not_really_secure_channel(
...@@ -296,7 +296,7 @@ class ContextManagementAndLifecycleTest(unittest.TestCase): ...@@ -296,7 +296,7 @@ class ContextManagementAndLifecycleTest(unittest.TestCase):
self._server_credentials = implementations.ssl_server_credentials( self._server_credentials = implementations.ssl_server_credentials(
[(resources.private_key(), resources.certificate_chain(),),]) [(resources.private_key(), resources.certificate_chain(),),])
self._channel_credentials = implementations.ssl_channel_credentials( self._channel_credentials = implementations.ssl_channel_credentials(
resources.test_root_certificates(), None, None) resources.test_root_certificates())
self._stub_options = implementations.stub_options( self._stub_options = implementations.stub_options(
thread_pool_size=test_constants.POOL_SIZE) thread_pool_size=test_constants.POOL_SIZE)
......
# Copyright 2015, Google Inc. # Copyright 2015-2016, Google Inc.
# All rights reserved. # All rights reserved.
# #
# Redistribution and use in source and binary forms, with or without # Redistribution and use in source and binary forms, with or without
...@@ -94,7 +94,7 @@ class _Implementation(test_interfaces.Implementation): ...@@ -94,7 +94,7 @@ class _Implementation(test_interfaces.Implementation):
port = server.add_secure_port('[::]:0', server_credentials) port = server.add_secure_port('[::]:0', server_credentials)
server.start() server.start()
channel_credentials = implementations.ssl_channel_credentials( channel_credentials = implementations.ssl_channel_credentials(
resources.test_root_certificates(), None, None) resources.test_root_certificates())
channel = test_utilities.not_really_secure_channel( channel = test_utilities.not_really_secure_channel(
'localhost', port, channel_credentials, _SERVER_HOST_OVERRIDE) 'localhost', port, channel_credentials, _SERVER_HOST_OVERRIDE)
stub_options = implementations.stub_options( stub_options = implementations.stub_options(
......
...@@ -38,14 +38,13 @@ from tests.unit import resources ...@@ -38,14 +38,13 @@ from tests.unit import resources
class ChannelCredentialsTest(unittest.TestCase): class ChannelCredentialsTest(unittest.TestCase):
def test_runtime_provided_root_certificates(self): def test_runtime_provided_root_certificates(self):
channel_credentials = implementations.ssl_channel_credentials( channel_credentials = implementations.ssl_channel_credentials()
None, None, None)
self.assertIsInstance( self.assertIsInstance(
channel_credentials, implementations.ChannelCredentials) channel_credentials, implementations.ChannelCredentials)
def test_application_provided_root_certificates(self): def test_application_provided_root_certificates(self):
channel_credentials = implementations.ssl_channel_credentials( channel_credentials = implementations.ssl_channel_credentials(
resources.test_root_certificates(), None, None) resources.test_root_certificates())
self.assertIsInstance( self.assertIsInstance(
channel_credentials, implementations.ChannelCredentials) channel_credentials, implementations.ChannelCredentials)
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment