From 426167c88e2711b9afb58ee48d63dc3ed18712a7 Mon Sep 17 00:00:00 2001
From: Tim Emiola <temiola@google.com>
Date: Mon, 26 Jan 2015 22:22:37 -0800
Subject: [PATCH] Allows production certificates to be specified
---
src/ruby/bin/interop/interop_client.rb | 52 +++++++++++++++++++++-----
src/ruby/bin/interop/interop_server.rb | 3 +-
2 files changed, 43 insertions(+), 12 deletions(-)
diff --git a/src/ruby/bin/interop/interop_client.rb b/src/ruby/bin/interop/interop_client.rb
index c5e87a7ba2..86739b7b67 100755
--- a/src/ruby/bin/interop/interop_client.rb
+++ b/src/ruby/bin/interop/interop_client.rb
@@ -54,6 +54,8 @@ require 'test/cpp/interop/test_services'
require 'test/cpp/interop/messages'
require 'test/cpp/interop/empty'
+require 'signet/ssl_config'
+
# loads the certificates used to access the test server securely.
def load_test_certs
this_dir = File.expand_path(File.dirname(__FILE__))
@@ -62,18 +64,41 @@ def load_test_certs
files.map { |f| File.open(File.join(data_dir, f)).read }
end
+# loads the certificates used to access the test server securely.
+def load_prod_cert
+ fail 'could not find a production cert' if ENV['SSL_CERT_FILE'].nil?
+ p "loading prod certs from #{ENV['SSL_CERT_FILE']}"
+ File.open(ENV['SSL_CERT_FILE']).read
+end
+
# creates a Credentials from the test certificates.
def test_creds
certs = load_test_certs
GRPC::Core::Credentials.new(certs[0])
end
+RX_CERT = /-----BEGIN CERTIFICATE-----\n.*?-----END CERTIFICATE-----\n/m
+
+
+# creates a Credentials from the production certificates.
+def prod_creds
+ cert_text = load_prod_cert
+ GRPC::Core::Credentials.new(cert_text)
+end
+
# creates a test stub that accesses host:port securely.
-def create_stub(host, port, is_secure, host_override)
+def create_stub(host, port, is_secure, host_override, use_test_ca)
address = "#{host}:#{port}"
if is_secure
+ creds = nil
+ if use_test_ca
+ creds = test_creds
+ else
+ creds = prod_creds
+ end
+
stub_opts = {
- :creds => test_creds,
+ :creds => creds,
GRPC::Core::Channel::SSL_TARGET => host_override
}
logger.info("... connecting securely to #{address}")
@@ -200,9 +225,9 @@ class NamedTests
def all
all_methods = NamedTests.instance_methods(false).map(&:to_s)
all_methods.each do |m|
- next if m == 'all' or m.start_with?('assert')
+ next if m == 'all' || m.start_with?('assert')
p "TESTCASE: #{m}"
- self.method(m).call
+ method(m).call
end
end
end
@@ -235,26 +260,33 @@ def parse_options
" (#{test_case_list})") do |v|
options['test_case'] = v
end
- opts.on('-u', '--use_tls', 'access using test creds') do |v|
+ opts.on('-s', '--use_tls', 'require a secure connection?') do |v|
options['secure'] = v
end
+ opts.on('-t', '--use_test_ca',
+ 'if secure, use the test certificate?') do |v|
+ options['use_test_ca'] = v
+ end
end.parse!
+ _check_options(options)
+end
+def _check_options(opts)
%w(server_host server_port test_case).each do |arg|
- if options[arg].nil?
+ if opts[arg].nil?
fail(OptionParser::MissingArgument, "please specify --#{arg}")
end
end
- if options['server_host_override'].nil?
- options['server_host_override'] = options['server_host']
+ if opts['server_host_override'].nil?
+ opts['server_host_override'] = opts['server_host']
end
- options
+ opts
end
def main
opts = parse_options
stub = create_stub(opts['server_host'], opts['server_port'], opts['secure'],
- opts['server_host_override'])
+ opts['server_host_override'], opts['use_test_ca'])
NamedTests.new(stub).method(opts['test_case']).call
end
diff --git a/src/ruby/bin/interop/interop_server.rb b/src/ruby/bin/interop/interop_server.rb
index 441f609713..cc4d260879 100755
--- a/src/ruby/bin/interop/interop_server.rb
+++ b/src/ruby/bin/interop/interop_server.rb
@@ -162,10 +162,9 @@ def parse_options
opts.on('--port PORT', 'server port') do |v|
options['port'] = v
end
- opts.on('-u', '--use_tls', 'access using test creds') do |v|
+ opts.on('-s', '--use_tls', 'require a secure connection?') do |v|
options['secure'] = v
end
-
end.parse!
if options['port'].nil?
--
GitLab