Skip to content

Commit

Permalink
Merge pull request wolfSSL#7445 from julek-wolfssl/grpc
Browse files Browse the repository at this point in the history
Add grpc support
  • Loading branch information
dgarske authored and jefferyq2 committed Jun 9, 2024
1 parent 17b57a1 commit 6ca3d2d
Show file tree
Hide file tree
Showing 20 changed files with 925 additions and 401 deletions.
103 changes: 103 additions & 0 deletions .github/workflows/grpc.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,103 @@
name: grpc Tests

# START OF COMMON SECTION
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION

jobs:
build_wolfssl:
name: Build wolfSSL
# Just to keep it the same as the testing target
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 10
steps:
- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
path: wolfssl
configure: --enable-all 'CPPFLAGS=-DWOLFSSL_RSA_KEY_CHECK -DHAVE_EX_DATA_CLEANUP_HOOKS'
install: true

- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-grpc
path: build-dir
retention-days: 5

grpc_check:
strategy:
fail-fast: false
matrix:
include:
- ref: v1.60.0
tests: >-
bad_ssl_alpn_test bad_ssl_cert_test client_ssl_test
crl_ssl_transport_security_test server_ssl_test
ssl_transport_security_test ssl_transport_security_utils_test
test_core_security_ssl_credentials_test test_cpp_end2end_ssl_credentials_test
h2_ssl_cert_test h2_ssl_session_reuse_test
name: ${{ matrix.ref }}
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 60
needs: build_wolfssl
steps:
- name: Confirm IPv4 and IPv6 support
run: |
ip addr list lo | grep 'inet '
ip addr list lo | grep 'inet6 '
- name: Install prereqs
run:
sudo apt-get install build-essential autoconf libtool pkg-config cmake clang libc++-dev

- name: Download lib
uses: actions/download-artifact@v4
with:
name: wolf-install-grpc
path: build-dir

- name: Checkout OSP
uses: actions/checkout@v4
with:
# TODO point to wolf repo once merged
repository: julek-wolfssl/osp
path: osp
ref: grpc-update

- name: Checkout grpc
uses: actions/checkout@v4
with:
repository: grpc/grpc
path: grpc
ref: ${{ matrix.ref }}

- name: Build grpc
working-directory: ./grpc
run: |
patch -p1 < ../osp/grpc/grpc-${{ matrix.ref }}.patch
git submodule update --init
mkdir cmake/build
cd cmake/build
cmake -DgRPC_BUILD_TESTS=ON -DgRPC_SSL_PROVIDER=wolfssl \
-DWOLFSSL_INSTALL_DIR=$GITHUB_WORKSPACE/build-dir ../..
make -j $(nproc) ${{ matrix.tests }}
- name: Run grpc tests
working-directory: ./grpc
run: |
export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
./tools/run_tests/start_port_server.py
for t in ${{ matrix.tests }} ; do
./cmake/build/$t
done
11 changes: 10 additions & 1 deletion src/bio.c
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,8 @@ static int wolfSSL_BIO_BIO_read(WOLFSSL_BIO* bio, void* buf, int len)
if (buf == NULL || len == 0)
return 0;

/* default no retry */
bio->flags &= ~(WOLFSSL_BIO_FLAG_READ|WOLFSSL_BIO_FLAG_RETRY);
sz1 = wolfSSL_BIO_nread(bio, &pt, len);
if (sz1 > 0) {
XMEMCPY(buf, pt, sz1);
Expand All @@ -91,8 +93,10 @@ static int wolfSSL_BIO_BIO_read(WOLFSSL_BIO* bio, void* buf, int len)
}
}
}
if (sz1 == 0)
if (sz1 == 0) {
bio->flags |= WOLFSSL_BIO_FLAG_READ|WOLFSSL_BIO_FLAG_RETRY;
sz1 = -1;
}

return sz1;
}
Expand Down Expand Up @@ -502,8 +506,11 @@ static int wolfSSL_BIO_BIO_write(WOLFSSL_BIO* bio, const void* data,
if (bio == NULL || data == NULL || len == 0)
return 0;

/* default no retry */
bio->flags &= ~(WOLFSSL_BIO_FLAG_WRITE|WOLFSSL_BIO_FLAG_RETRY);
sz1 = wolfSSL_BIO_nwrite(bio, &buf, len);
if (sz1 == 0) {
bio->flags |= WOLFSSL_BIO_FLAG_WRITE|WOLFSSL_BIO_FLAG_RETRY;
WOLFSSL_MSG("No room left to write");
return WOLFSSL_BIO_ERROR;
}
Expand All @@ -521,6 +528,8 @@ static int wolfSSL_BIO_BIO_write(WOLFSSL_BIO* bio, const void* data,
if (sz2 > 0) {
XMEMCPY(buf, data, sz2);
sz1 += sz2;
if (len > sz2)
bio->flags |= WOLFSSL_BIO_FLAG_WRITE|WOLFSSL_BIO_FLAG_RETRY;
}
}

Expand Down
22 changes: 18 additions & 4 deletions src/crl.c
Original file line number Diff line number Diff line change
Expand Up @@ -504,7 +504,7 @@ int CheckCertCRL_ex(WOLFSSL_CRL* crl, byte* issuerHash, byte* serial,
/* and try again checking Cert in the CRL list. */
/* When not set the folder or not use hash_dir, do nothing. */
if ((foundEntry == 0) && (ret != OCSP_WANT_READ)) {
if (crl->cm->x509_store_p != NULL) {
if (crl->cm != NULL && crl->cm->x509_store_p != NULL) {
ret = LoadCertByIssuer(crl->cm->x509_store_p,
(WOLFSSL_X509_NAME*)issuerName, X509_LU_CRL);
if (ret == WOLFSSL_SUCCESS) {
Expand All @@ -521,7 +521,7 @@ int CheckCertCRL_ex(WOLFSSL_CRL* crl, byte* issuerHash, byte* serial,
ret = CRL_MISSING;
}

if (crl->cm->cbMissingCRL) {
if (crl->cm != NULL && crl->cm->cbMissingCRL) {
char url[256];

WOLFSSL_MSG("Issuing missing CRL callback");
Expand Down Expand Up @@ -685,8 +685,8 @@ static WOLFSSL_X509_CRL* wolfSSL_X509_crl_new(WOLFSSL_CERT_MANAGER* cm)
{
WOLFSSL_X509_CRL* ret;

ret = (WOLFSSL_X509_CRL*)XMALLOC(sizeof(WOLFSSL_X509_CRL), cm->heap,
DYNAMIC_TYPE_CRL);
ret = (WOLFSSL_X509_CRL*)XMALLOC(sizeof(WOLFSSL_X509_CRL),
cm != NULL ? cm->heap : NULL, DYNAMIC_TYPE_CRL);
if (ret != NULL) {
if (InitCRL(ret, cm) < 0) {
WOLFSSL_MSG("Unable to initialize new CRL structure");
Expand Down Expand Up @@ -885,6 +885,20 @@ static int DupX509_CRL(WOLFSSL_X509_CRL *dupl, const WOLFSSL_X509_CRL* crl)
return 0;
}

WOLFSSL_X509_CRL* wolfSSL_X509_CRL_dup(const WOLFSSL_X509_CRL* crl)
{
WOLFSSL_X509_CRL* ret;

WOLFSSL_ENTER("wolfSSL_X509_CRL_dup");

ret = wolfSSL_X509_crl_new(crl->cm);
if (ret != NULL && DupX509_CRL(ret, crl) != 0) {
FreeCRL(ret, 1);
ret = NULL;
}
return ret;
}

/* returns WOLFSSL_SUCCESS on success. Does not take ownership of newcrl */
int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *store, WOLFSSL_X509_CRL *newcrl)
{
Expand Down
Loading

0 comments on commit 6ca3d2d

Please sign in to comment.