Merge pull request #2605 from yang-g/fake_transport_security_to_private

Fake transport security to private

Makefile

@@ -4119,7 +4119,6 @@ LIBGRPC++_TEST_UTIL_SRC = \
     $(GENDIR)/test/cpp/util/echo_duplicate.pb.cc $(GENDIR)/test/cpp/util/echo_duplicate.grpc.pb.cc \
     test/cpp/util/cli_call.cc \
     test/cpp/util/create_test_channel.cc \
-    test/cpp/util/fake_credentials.cc \
     test/cpp/util/subprocess.cc \
 
 
@@ -4166,7 +4165,6 @@ endif
 endif
 $(OBJDIR)/$(CONFIG)/test/cpp/util/cli_call.o: $(GENDIR)/test/cpp/util/messages.pb.cc $(GENDIR)/test/cpp/util/messages.grpc.pb.cc $(GENDIR)/test/cpp/util/echo.pb.cc $(GENDIR)/test/cpp/util/echo.grpc.pb.cc $(GENDIR)/test/cpp/util/echo_duplicate.pb.cc $(GENDIR)/test/cpp/util/echo_duplicate.grpc.pb.cc
 $(OBJDIR)/$(CONFIG)/test/cpp/util/create_test_channel.o: $(GENDIR)/test/cpp/util/messages.pb.cc $(GENDIR)/test/cpp/util/messages.grpc.pb.cc $(GENDIR)/test/cpp/util/echo.pb.cc $(GENDIR)/test/cpp/util/echo.grpc.pb.cc $(GENDIR)/test/cpp/util/echo_duplicate.pb.cc $(GENDIR)/test/cpp/util/echo_duplicate.grpc.pb.cc
-$(OBJDIR)/$(CONFIG)/test/cpp/util/fake_credentials.o: $(GENDIR)/test/cpp/util/messages.pb.cc $(GENDIR)/test/cpp/util/messages.grpc.pb.cc $(GENDIR)/test/cpp/util/echo.pb.cc $(GENDIR)/test/cpp/util/echo.grpc.pb.cc $(GENDIR)/test/cpp/util/echo_duplicate.pb.cc $(GENDIR)/test/cpp/util/echo_duplicate.grpc.pb.cc
 $(OBJDIR)/$(CONFIG)/test/cpp/util/subprocess.o: $(GENDIR)/test/cpp/util/messages.pb.cc $(GENDIR)/test/cpp/util/messages.grpc.pb.cc $(GENDIR)/test/cpp/util/echo.pb.cc $(GENDIR)/test/cpp/util/echo.grpc.pb.cc $(GENDIR)/test/cpp/util/echo_duplicate.pb.cc $(GENDIR)/test/cpp/util/echo_duplicate.grpc.pb.cc
 
 

build.json

@@ -611,7 +611,6 @@
       "headers": [
         "test/cpp/util/cli_call.h",
         "test/cpp/util/create_test_channel.h",
-        "test/cpp/util/fake_credentials.h",
         "test/cpp/util/subprocess.h"
       ],
       "src": [
@@ -620,7 +619,6 @@
         "test/cpp/util/echo_duplicate.proto",
         "test/cpp/util/cli_call.cc",
         "test/cpp/util/create_test_channel.cc",
-        "test/cpp/util/fake_credentials.cc",
         "test/cpp/util/subprocess.cc"
       ],
       "deps": [

include/grpc/grpc_security.h

@@ -140,9 +140,6 @@ grpc_credentials *grpc_access_token_credentials_create(
 grpc_credentials *grpc_iam_credentials_create(const char *authorization_token,
                                               const char *authority_selector);
 
-/* Creates a fake transport security credentials object for testing. */
-grpc_credentials *grpc_fake_transport_security_credentials_create(void);
-
 /* --- Secure channel creation. --- */
 
 /* The caller of the secure_channel_create functions may override the target
@@ -182,10 +179,6 @@ grpc_server_credentials *grpc_ssl_server_credentials_create(
     const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs,
     size_t num_key_cert_pairs);
 
-/* Creates a fake server transport security credentials object for testing. */
-grpc_server_credentials *grpc_fake_transport_security_server_credentials_create(
-    void);
-
 /* --- Server-side secure ports. --- */
 
 /* Add a HTTP2 over an encrypted link over tcp listener.
@@ -206,7 +199,6 @@ grpc_call_error grpc_call_set_credentials(grpc_call *call,
 /* TODO(jboeuf): Define some well-known property names. */
 
 #define GRPC_TRANSPORT_SECURITY_TYPE_PROPERTY_NAME "transport_security_type"
-#define GRPC_FAKE_TRANSPORT_SECURITY_TYPE "fake"
 #define GRPC_SSL_TRANSPORT_SECURITY_TYPE "ssl"
 
 #define GRPC_X509_CN_PROPERTY_NAME "x509_common_name"

src/core/security/credentials.h

@@ -52,6 +52,8 @@ typedef enum {
   GRPC_CREDENTIALS_ERROR
 } grpc_credentials_status;
 
+#define GRPC_FAKE_TRANSPORT_SECURITY_TYPE "fake"
+
 #define GRPC_CREDENTIALS_TYPE_SSL "Ssl"
 #define GRPC_CREDENTIALS_TYPE_OAUTH2 "Oauth2"
 #define GRPC_CREDENTIALS_TYPE_JWT "Jwt"
@@ -112,6 +114,12 @@ void grpc_credentials_md_store_unref(grpc_credentials_md_store *store);
 
 /* --- grpc_credentials. --- */
 
+/* Creates a fake transport security credentials object for testing. */
+grpc_credentials *grpc_fake_transport_security_credentials_create(void);
+/* Creates a fake server transport security credentials object for testing. */
+grpc_server_credentials *grpc_fake_transport_security_server_credentials_create(
+    void);
+
 /* It is the caller's responsibility to gpr_free the result if not NULL. */
 char *grpc_get_well_known_google_credentials_file_path(void);
 

src/node/ext/credentials.cc

@@ -79,8 +79,6 @@ void Credentials::Init(Handle<Object> exports) {
            NanNew<FunctionTemplate>(CreateComposite)->GetFunction());
   ctr->Set(NanNew("createGce"),
            NanNew<FunctionTemplate>(CreateGce)->GetFunction());
-  ctr->Set(NanNew("createFake"),
-           NanNew<FunctionTemplate>(CreateFake)->GetFunction());
   ctr->Set(NanNew("createIam"),
            NanNew<FunctionTemplate>(CreateIam)->GetFunction());
   constructor = new NanCallback(ctr);
@@ -180,11 +178,6 @@ NAN_METHOD(Credentials::CreateGce) {
   NanReturnValue(WrapStruct(grpc_compute_engine_credentials_create()));
 }
 
-NAN_METHOD(Credentials::CreateFake) {
-  NanScope();
-  NanReturnValue(WrapStruct(grpc_fake_transport_security_credentials_create()));
-}
-
 NAN_METHOD(Credentials::CreateIam) {
   NanScope();
   if (!args[0]->IsString()) {

src/node/ext/server_credentials.cc

@@ -73,8 +73,6 @@ void ServerCredentials::Init(Handle<Object> exports) {
   Handle<Function> ctr = tpl->GetFunction();
   ctr->Set(NanNew("createSsl"),
            NanNew<FunctionTemplate>(CreateSsl)->GetFunction());
-  ctr->Set(NanNew("createFake"),
-           NanNew<FunctionTemplate>(CreateFake)->GetFunction());
   constructor = new NanCallback(ctr);
   exports->Set(NanNew("ServerCredentials"), ctr);
 }
@@ -144,11 +142,5 @@ NAN_METHOD(ServerCredentials::CreateSsl) {
       grpc_ssl_server_credentials_create(root_certs, &key_cert_pair, 1)));
 }
 
-NAN_METHOD(ServerCredentials::CreateFake) {
-  NanScope();
-  NanReturnValue(
-      WrapStruct(grpc_fake_transport_security_server_credentials_create()));
-}
-
 }  // namespace node
 }  // namespace grpc

src/node/ext/server_credentials.h

@@ -63,7 +63,6 @@ class ServerCredentials : public ::node::ObjectWrap {
 
   static NAN_METHOD(New);
   static NAN_METHOD(CreateSsl);
-  static NAN_METHOD(CreateFake);
   static NanCallback *constructor;
   // Used for typechecking instances of this javascript class
   static v8::Persistent<v8::FunctionTemplate> fun_tpl;

src/node/test/server_test.js

@@ -34,6 +34,8 @@
 'use strict';
 
 var assert = require('assert');
+var fs = require('fs');
+var path = require('path');
 var grpc = require('bindings')('grpc.node');
 
 describe('server', function() {
@@ -67,9 +69,13 @@ describe('server', function() {
     before(function() {
       server = new grpc.Server();
     });
-    it('should bind to an unused port with fake credentials', function() {
+    it('should bind to an unused port with ssl credentials', function() {
       var port;
-      var creds = grpc.ServerCredentials.createFake();
+      var key_path = path.join(__dirname, '../test/data/server1.key');
+      var pem_path = path.join(__dirname, '../test/data/server1.pem');
+      var key_data = fs.readFileSync(key_path);
+      var pem_data = fs.readFileSync(pem_path);
+      var creds = grpc.ServerCredentials.createSsl(null, key_data, pem_data);
       assert.doesNotThrow(function() {
         port = server.addSecureHttp2Port('0.0.0.0:0', creds);
       });

src/php/ext/grpc/credentials.c

@@ -175,23 +175,12 @@ PHP_METHOD(Credentials, createGce) {
   RETURN_DESTROY_ZVAL(creds_object);
 }
 
-/**
- * Create fake credentials. Only to be used for testing.
- * @return Credentials The new fake credentials object
- */
-PHP_METHOD(Credentials, createFake) {
-  grpc_credentials *creds = grpc_fake_transport_security_credentials_create();
-  zval *creds_object = grpc_php_wrap_credentials(creds);
-  RETURN_DESTROY_ZVAL(creds_object);
-}
-
 static zend_function_entry credentials_methods[] = {
     PHP_ME(Credentials, createDefault, NULL, ZEND_ACC_PUBLIC | ZEND_ACC_STATIC)
     PHP_ME(Credentials, createSsl, NULL, ZEND_ACC_PUBLIC | ZEND_ACC_STATIC)
     PHP_ME(Credentials, createComposite, NULL,
            ZEND_ACC_PUBLIC | ZEND_ACC_STATIC)
     PHP_ME(Credentials, createGce, NULL, ZEND_ACC_PUBLIC | ZEND_ACC_STATIC)
-    PHP_ME(Credentials, createFake, NULL, ZEND_ACC_PUBLIC | ZEND_ACC_STATIC)
     PHP_FE_END};
 
 void grpc_init_credentials(TSRMLS_D) {

src/php/ext/grpc/server_credentials.c

@@ -121,21 +121,8 @@ PHP_METHOD(ServerCredentials, createSsl) {
   RETURN_DESTROY_ZVAL(creds_object);
 }
 
-/**
- * Create fake credentials. Only to be used for testing.
- * @return ServerCredentials The new fake credentials object
- */
-PHP_METHOD(ServerCredentials, createFake) {
-  grpc_server_credentials *creds =
-      grpc_fake_transport_security_server_credentials_create();
-  zval *creds_object = grpc_php_wrap_server_credentials(creds);
-  RETURN_DESTROY_ZVAL(creds_object);
-}
-
 static zend_function_entry server_credentials_methods[] = {
     PHP_ME(ServerCredentials, createSsl, NULL,
-           ZEND_ACC_PUBLIC | ZEND_ACC_STATIC)
-    PHP_ME(ServerCredentials, createFake, NULL,
            ZEND_ACC_PUBLIC | ZEND_ACC_STATIC) PHP_FE_END};
 
 void grpc_init_server_credentials(TSRMLS_D) {

src/python/src/grpc/_adapter/_c/types.h

@@ -63,8 +63,6 @@ ClientCredentials *pygrpc_ClientCredentials_jwt(
     PyTypeObject *type, PyObject *args, PyObject *kwargs);
 ClientCredentials *pygrpc_ClientCredentials_refresh_token(
     PyTypeObject *type, PyObject *args, PyObject *kwargs);
-ClientCredentials *pygrpc_ClientCredentials_fake_transport_security(
-    PyTypeObject *type, PyObject *ignored);
 ClientCredentials *pygrpc_ClientCredentials_iam(
     PyTypeObject *type, PyObject *args, PyObject *kwargs);
 extern PyTypeObject pygrpc_ClientCredentials_type;
@@ -81,8 +79,6 @@ typedef struct ServerCredentials {
 void pygrpc_ServerCredentials_dealloc(ServerCredentials *self);
 ServerCredentials *pygrpc_ServerCredentials_ssl(
     PyTypeObject *type, PyObject *args, PyObject *kwargs);
-ServerCredentials *pygrpc_ServerCredentials_fake_transport_security(
-    PyTypeObject *type, PyObject *ignored);
 extern PyTypeObject pygrpc_ServerCredentials_type;
 
 

src/python/src/grpc/_adapter/_c/types/client_credentials.c

@@ -54,9 +54,6 @@ PyMethodDef pygrpc_ClientCredentials_methods[] = {
      METH_CLASS|METH_KEYWORDS, ""},
     {"refresh_token", (PyCFunction)pygrpc_ClientCredentials_refresh_token,
      METH_CLASS|METH_KEYWORDS, ""},
-    {"fake_transport_security",
-     (PyCFunction)pygrpc_ClientCredentials_fake_transport_security,
-     METH_CLASS|METH_NOARGS, ""},
     {"iam", (PyCFunction)pygrpc_ClientCredentials_iam,
      METH_CLASS|METH_KEYWORDS, ""},
     {NULL}
@@ -250,20 +247,6 @@ ClientCredentials *pygrpc_ClientCredentials_refresh_token(
   return self;
 }
 
-ClientCredentials *pygrpc_ClientCredentials_fake_transport_security(
-    PyTypeObject *type, PyObject *ignored) {
-  ClientCredentials *self = (ClientCredentials *)type->tp_alloc(type, 0);
-  self->c_creds = grpc_fake_transport_security_credentials_create();
-  if (!self->c_creds) {
-    Py_DECREF(self);
-    PyErr_SetString(PyExc_RuntimeError,
-                    "couldn't create fake credentials; "
-                    "something is horribly wrong with the universe");
-    return NULL;
-  }
-  return self;
-}
-
 ClientCredentials *pygrpc_ClientCredentials_iam(
     PyTypeObject *type, PyObject *args, PyObject *kwargs) {
   ClientCredentials *self;

src/python/src/grpc/_adapter/_c/types/server_credentials.c

@@ -43,9 +43,6 @@
 PyMethodDef pygrpc_ServerCredentials_methods[] = {
     {"ssl", (PyCFunction)pygrpc_ServerCredentials_ssl,
      METH_CLASS|METH_KEYWORDS, ""},
-    {"fake_transport_security",
-     (PyCFunction)pygrpc_ServerCredentials_fake_transport_security,
-     METH_CLASS|METH_NOARGS, ""},
     {NULL}
 };
 const char pygrpc_ServerCredentials_doc[] = "";
@@ -137,10 +134,3 @@ ServerCredentials *pygrpc_ServerCredentials_ssl(
   return self;
 }
 
-ServerCredentials *pygrpc_ServerCredentials_fake_transport_security(
-    PyTypeObject *type, PyObject *ignored) {
-  ServerCredentials *self = (ServerCredentials *)type->tp_alloc(type, 0);
-  self->c_creds = grpc_fake_transport_security_server_credentials_create();
-  return self;
-}
-

src/python/src/grpc/_adapter/_c_test.py

@@ -36,14 +36,6 @@ from grpc._adapter import _types
 
 class CTypeSmokeTest(unittest.TestCase):
 
-  def testClientCredentialsUpDown(self):
-    credentials = _c.ClientCredentials.fake_transport_security()
-    del credentials
-
-  def testServerCredentialsUpDown(self):
-    credentials = _c.ServerCredentials.fake_transport_security()
-    del credentials
-
   def testCompletionQueueUpDown(self):
     completion_queue = _c.CompletionQueue()
     del completion_queue
@@ -58,10 +50,6 @@ class CTypeSmokeTest(unittest.TestCase):
     channel = _c.Channel('[::]:0', [])
     del channel
 
-  def testSecureChannelUpDown(self):
-    channel = _c.Channel('[::]:0', [], _c.ClientCredentials.fake_transport_security())
-    del channel
-
 
 if __name__ == '__main__':
   unittest.main(verbosity=2)

src/python/src/grpc/_cython/_cygrpc/credentials.pyx

@@ -153,12 +153,6 @@ def client_credentials_refresh_token(json_refresh_token):
   credentials.references.append(json_refresh_token)
   return credentials
 
-def client_credentials_fake_transport_security():
-  cdef ClientCredentials credentials = ClientCredentials()
-  credentials.c_credentials = (
-      grpc.grpc_fake_transport_security_credentials_create())
-  return credentials
-
 def client_credentials_iam(authorization_token, authority_selector):
   if isinstance(authorization_token, bytes):
     pass
@@ -211,8 +205,3 @@ def server_credentials_ssl(pem_root_certs, pem_key_cert_pairs):
   )
   return credentials
 
-def server_credentials_fake_transport_security():
-  cdef ServerCredentials credentials = ServerCredentials()
-  credentials.c_credentials = (
-      grpc.grpc_fake_transport_security_server_credentials_create())
-  return credentials

src/python/src/grpc/_cython/_cygrpc/grpc.pxd

@@ -317,7 +317,6 @@ cdef extern from "grpc/grpc_security.h":
                                                 gpr_timespec token_lifetime)
   grpc_credentials *grpc_refresh_token_credentials_create(
       const char *json_refresh_token)
-  grpc_credentials *grpc_fake_transport_security_credentials_create()
   grpc_credentials *grpc_iam_credentials_create(const char *authorization_token,
                                                 const char *authority_selector)
   void grpc_credentials_release(grpc_credentials *creds)
@@ -334,7 +333,6 @@ cdef extern from "grpc/grpc_security.h":
       const char *pem_root_certs,
       grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs,
       size_t num_key_cert_pairs);
-  grpc_server_credentials *grpc_fake_transport_security_server_credentials_create()
   void grpc_server_credentials_release(grpc_server_credentials *creds)
 
   int grpc_server_add_secure_http2_port(grpc_server *server, const char *addr,

src/python/src/grpc/_cython/adapter_low.py

@@ -71,10 +71,6 @@ class ClientCredentials(object):
   def refresh_token():
     raise NotImplementedError()
 
-  @staticmethod
-  def fake_transport_security():
-    raise NotImplementedError()
-
   @staticmethod
   def iam():
     raise NotImplementedError()
@@ -88,10 +84,6 @@ class ServerCredentials(object):
   def ssl():
     raise NotImplementedError()
 
-  @staticmethod
-  def fake_transport_security():
-    raise NotImplementedError()
-
 
 class CompletionQueue(type_interfaces.CompletionQueue):
   def __init__(self):

src/python/src/grpc/_cython/cygrpc.pyx

@@ -82,12 +82,8 @@ client_credentials_compute_engine = (
     credentials.client_credentials_compute_engine)
 client_credentials_jwt = credentials.client_credentials_jwt
 client_credentials_refresh_token = credentials.client_credentials_refresh_token
-client_credentials_fake_transport_security = (
-    credentials.client_credentials_fake_transport_security)
 client_credentials_iam = credentials.client_credentials_iam
 server_credentials_ssl = credentials.server_credentials_ssl
-server_credentials_fake_transport_security = (
-    credentials.server_credentials_fake_transport_security)
 
 CompletionQueue = completion_queue.CompletionQueue
 Channel = channel.Channel

src/python/src/grpc/_cython/cygrpc_test.py

@@ -76,14 +76,6 @@ class TypeSmokeTest(unittest.TestCase):
     timespec = cygrpc.Timespec(now)
     self.assertAlmostEqual(now, float(timespec), places=8)
 
-  def testClientCredentialsUpDown(self):
-    credentials = cygrpc.client_credentials_fake_transport_security()
-    del credentials
-
-  def testServerCredentialsUpDown(self):
-    credentials = cygrpc.server_credentials_fake_transport_security()
-    del credentials
-
   def testCompletionQueueUpDown(self):
     completion_queue = cygrpc.CompletionQueue()
     del completion_queue
@@ -96,12 +88,6 @@ class TypeSmokeTest(unittest.TestCase):
     channel = cygrpc.Channel('[::]:0', cygrpc.ChannelArgs([]))
     del channel
 
-  def testSecureChannelUpDown(self):
-    channel = cygrpc.Channel(
-        '[::]:0', cygrpc.ChannelArgs([]),
-        cygrpc.client_credentials_fake_transport_security())
-    del channel
-
   @unittest.skip('TODO(atash): undo skip after #2229 is merged')
   def testServerStartNoExplicitShutdown(self):
     server = cygrpc.Server()

test/cpp/end2end/end2end_test.cc

@@ -35,11 +35,11 @@
 #include <thread>
 
 #include "src/core/security/credentials.h"
+#include "test/core/end2end/data/ssl_test_data.h"
 #include "test/core/util/port.h"
 #include "test/core/util/test_config.h"
 #include "test/cpp/util/echo_duplicate.grpc.pb.h"
 #include "test/cpp/util/echo.grpc.pb.h"
-#include "test/cpp/util/fake_credentials.h"
 #include <grpc++/channel_arguments.h>
 #include <grpc++/channel_interface.h>
 #include <grpc++/client_context.h>
@@ -83,13 +83,12 @@ void MaybeEchoDeadline(ServerContext* context, const EchoRequest* request,
   }
 }
 
-template <typename T>
-void CheckAuthContext(T* context) {
+void CheckServerAuthContext(const ServerContext* context) {
   std::shared_ptr<const AuthContext> auth_ctx = context->auth_context();
-  std::vector<grpc::string> fake =
+  std::vector<grpc::string> ssl =
       auth_ctx->FindPropertyValues("transport_security_type");
-  EXPECT_EQ(1u, fake.size());
-  EXPECT_EQ("fake", fake[0]);
+  EXPECT_EQ(1u, ssl.size());
+  EXPECT_EQ("ssl", ssl[0]);
   EXPECT_TRUE(auth_ctx->GetPeerIdentityPropertyName().empty());
   EXPECT_TRUE(auth_ctx->GetPeerIdentity().empty());
 }
@@ -142,7 +141,7 @@ class TestServiceImpl : public ::grpc::cpp::test::util::TestService::Service {
       }
     }
     if (request->has_param() && request->param().check_auth_context()) {
-      CheckAuthContext(context);
+      CheckServerAuthContext(context);
     }
     if (request->has_param() &&
         request->param().response_message_length() > 0) {
@@ -240,10 +239,15 @@ class End2endTest : public ::testing::Test {
     server_address_ << "localhost:" << port;
     // Setup server
     ServerBuilder builder;
+    SslServerCredentialsOptions::PemKeyCertPair pkcp = {test_server1_key,
+      test_server1_cert};
+    SslServerCredentialsOptions ssl_opts;
+    ssl_opts.pem_root_certs = "";
+    ssl_opts.pem_key_cert_pairs.push_back(pkcp);
     builder.AddListeningPort(server_address_.str(),
-                             FakeTransportSecurityServerCredentials());
+                             SslServerCredentials(ssl_opts));
     builder.RegisterService(&service_);
-    builder.RegisterService("special", &special_service_);
+    builder.RegisterService("foo.test.youtube.com", &special_service_);
     builder.SetMaxMessageSize(
         kMaxMessageSize_);  // For testing max message size.
     builder.RegisterService(&dup_pkg_service_);
@@ -254,13 +258,16 @@ class End2endTest : public ::testing::Test {
   void TearDown() GRPC_OVERRIDE { server_->Shutdown(); }
 
   void ResetStub() {
+    SslCredentialsOptions ssl_opts = {test_root_cert, "", ""};
     ChannelArguments args;
+    args.SetSslTargetNameOverride("foo.test.google.fr");
     args.SetString(GRPC_ARG_SECONDARY_USER_AGENT_STRING, "end2end_test");
-    std::shared_ptr<ChannelInterface> channel = CreateChannel(
-        server_address_.str(), FakeTransportSecurityCredentials(), args);
-    stub_ = std::move(grpc::cpp::test::util::TestService::NewStub(channel));
+    channel_ = CreateChannel(server_address_.str(), SslCredentials(ssl_opts),
+                             args);
+    stub_ = std::move(grpc::cpp::test::util::TestService::NewStub(channel_));
   }
 
+  std::shared_ptr<ChannelInterface> channel_;
   std::unique_ptr<grpc::cpp::test::util::TestService::Stub> stub_;
   std::unique_ptr<Server> server_;
   std::ostringstream server_address_;
@@ -294,11 +301,11 @@ TEST_F(End2endTest, SimpleRpcWithHost) {
   request.set_message("Hello");
 
   ClientContext context;
-  context.set_authority("special");
+  context.set_authority("foo.test.youtube.com");
   Status s = stub_->Echo(&context, request, &response);
   EXPECT_EQ(response.message(), request.message());
   EXPECT_TRUE(response.has_param());
-  EXPECT_EQ(response.param().host(), "special");
+  EXPECT_EQ("special", response.param().host());
   EXPECT_TRUE(s.ok());
 }
 
@@ -487,24 +494,19 @@ TEST_F(End2endTest, BidiStream) {
 // Talk to the two services with the same name but different package names.
 // The two stubs are created on the same channel.
 TEST_F(End2endTest, DiffPackageServices) {
-  std::shared_ptr<ChannelInterface> channel =
-      CreateChannel(server_address_.str(), FakeTransportSecurityCredentials(),
-                    ChannelArguments());
-
+  ResetStub();
   EchoRequest request;
   EchoResponse response;
   request.set_message("Hello");
 
-  std::unique_ptr<grpc::cpp::test::util::TestService::Stub> stub(
-      grpc::cpp::test::util::TestService::NewStub(channel));
   ClientContext context;
-  Status s = stub->Echo(&context, request, &response);
+  Status s = stub_->Echo(&context, request, &response);
   EXPECT_EQ(response.message(), request.message());
   EXPECT_TRUE(s.ok());
 
   std::unique_ptr<grpc::cpp::test::util::duplicate::TestService::Stub>
       dup_pkg_stub(
-          grpc::cpp::test::util::duplicate::TestService::NewStub(channel));
+          grpc::cpp::test::util::duplicate::TestService::NewStub(channel_));
   ClientContext context2;
   s = dup_pkg_stub->Echo(&context2, request, &response);
   EXPECT_EQ("no package", response.message());
@@ -788,7 +790,17 @@ TEST_F(End2endTest, ClientAuthContext) {
   EXPECT_EQ(response.message(), request.message());
   EXPECT_TRUE(s.ok());
 
-  CheckAuthContext(&context);
+  std::shared_ptr<const AuthContext> auth_ctx = context.auth_context();
+  std::vector<grpc::string> ssl =
+      auth_ctx->FindPropertyValues("transport_security_type");
+  EXPECT_EQ(1u, ssl.size());
+  EXPECT_EQ("ssl", ssl[0]);
+  EXPECT_EQ("x509_subject_alternative_name",
+            auth_ctx->GetPeerIdentityPropertyName());
+  EXPECT_EQ(3u, auth_ctx->GetPeerIdentity().size());
+  EXPECT_EQ("*.test.google.fr", auth_ctx->GetPeerIdentity()[0]);
+  EXPECT_EQ("waterzooi.test.google.be", auth_ctx->GetPeerIdentity()[1]);
+  EXPECT_EQ("*.test.youtube.com", auth_ctx->GetPeerIdentity()[2]);
 }
 
 // Make the response larger than the flow control window.

test/cpp/util/fake_credentials.cc

@@ -1,58 +0,0 @@
-/*
- *
- * Copyright 2015, Google Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
- *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include <grpc/grpc_security.h>
-#include <grpc++/channel_arguments.h>
-#include <grpc++/credentials.h>
-#include <grpc++/server_credentials.h>
-#include "src/cpp/client/channel.h"
-#include "src/cpp/client/secure_credentials.h"
-#include "src/cpp/server/secure_server_credentials.h"
-
-namespace grpc {
-namespace testing {
-
-std::shared_ptr<Credentials> FakeTransportSecurityCredentials() {
-  grpc_credentials* c_creds = grpc_fake_transport_security_credentials_create();
-  return std::shared_ptr<Credentials>(new SecureCredentials(c_creds));
-}
-
-std::shared_ptr<ServerCredentials> FakeTransportSecurityServerCredentials() {
-  grpc_server_credentials* c_creds =
-      grpc_fake_transport_security_server_credentials_create();
-  return std::shared_ptr<ServerCredentials>(
-      new SecureServerCredentials(c_creds));
-}
-
-}  // namespace testing
-}  // namespace grpc

test/cpp/util/fake_credentials.h

@@ -1,51 +0,0 @@
-/*
- *
- * Copyright 2015, Google Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
- *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#ifndef GRPC_TEST_CPP_UTIL_FAKE_CREDENTIALS_H
-#define GRPC_TEST_CPP_UTIL_FAKE_CREDENTIALS_H
-
-#include <memory>
-
-namespace grpc {
-class Credentials;
-class ServerCredentials;
-
-namespace testing {
-
-std::shared_ptr<Credentials> FakeTransportSecurityCredentials();
-std::shared_ptr<ServerCredentials> FakeTransportSecurityServerCredentials();
-
-}  // namespace testing
-}  // namespace grpc
-
-#endif  // GRPC_TEST_CPP_UTIL_FAKE_CREDENTIALS_H

tools/run_tests/sources_and_headers.json

@@ -10789,7 +10789,6 @@
       "test/cpp/util/echo.pb.h", 
       "test/cpp/util/echo_duplicate.grpc.pb.h", 
       "test/cpp/util/echo_duplicate.pb.h", 
-      "test/cpp/util/fake_credentials.h", 
       "test/cpp/util/messages.grpc.pb.h", 
       "test/cpp/util/messages.pb.h", 
       "test/cpp/util/subprocess.h"
@@ -10801,8 +10800,6 @@
       "test/cpp/util/cli_call.h", 
       "test/cpp/util/create_test_channel.cc", 
       "test/cpp/util/create_test_channel.h", 
-      "test/cpp/util/fake_credentials.cc", 
-      "test/cpp/util/fake_credentials.h", 
       "test/cpp/util/subprocess.cc", 
       "test/cpp/util/subprocess.h"
     ]