admin/grpc
1
0
Fork 0
mirror of https://github.com/grpc/grpc.git synced 2026-01-24 10:53:30 +08:00
Code Issues Packages Projects Releases Wiki Activity

[C++] Add SNI override option to C++ channel credentials options API (#41460)

Browse Source 
This option was added to the core credentials API in #41051. Now we add the same option to the corresponding C++ API.

b/203822267

<!--

If you know who should review your pull request, please assign it to that
person, otherwise the pull request would get assigned randomly.

If your pull request is for a specific language, please add the appropriate
lang label.

-->

Closes #41460

COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/41460 from murgatroid99:c++_creds_sni_override 7241f2afeb
PiperOrigin-RevId: 859620187
This commit is contained in:
Michael Lumish
2026-01-22 08:27:34 -08:00
committed by Copybara-Service
parent d7f3d36f68
commit e0eeeb76e2
3 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
include/grpcpp/security/tls_credentials_options.h
View File

@@ -157,6 +157,11 @@ class TlsChannelCredentialsOptions final : public TlsCredentialsOptions {
// The default is true.
void set_verify_server_certs(bool verify_server_certs);
// Overrides the SNI that the client sends in the TLS handshake. nullopt
// indicates that SNI should not be overridden. An empty string value
// indicates that SNI should not be sent at all. The default is nullopt.
void set_sni_override(std::optional<std::string> sni_override);
private:
};

8
src/cpp/common/tls_credentials_options.cc
View File

@@ -17,6 +17,7 @@
//
#include <grpc/credentials.h>
#include <grpc/credentials_cpp.h>
#include <grpc/grpc_crl_provider.h>
#include <grpc/grpc_security.h>
#include <grpc/grpc_security_constants.h>
@@ -134,6 +135,13 @@ void TlsChannelCredentialsOptions::set_verify_server_certs(
verify_server_certs);
}
void TlsChannelCredentialsOptions::set_sni_override(
std::optional<std::string> sni_override) {
grpc_tls_credentials_options* options = mutable_c_credentials_options();
GRPC_CHECK_NE(options, nullptr);
grpc_tls_credentials_options_set_sni_override(options, sni_override);
}
void TlsServerCredentialsOptions::set_cert_request_type(
grpc_ssl_client_certificate_request_type cert_request_type) {
grpc_tls_credentials_options* options = mutable_c_credentials_options();

14
test/cpp/client/credentials_test.cc
View File

@@ -319,6 +319,20 @@ TEST(CredentialsTest, TlsChannelCredentialsWithDefaultRootsAndDefaultVerifier) {
GRPC_CHECK_NE(channel_credentials.get(), nullptr);
}
TEST(CredentialsTest, TlsChannelCredentialsWithDefaultRootsAndEmptySni) {
grpc::experimental::TlsChannelCredentialsOptions options;
options.set_sni_override("");
auto channel_credentials = grpc::experimental::TlsCredentials(options);
GRPC_CHECK_NE(channel_credentials.get(), nullptr);
}
TEST(CredentialsTest, TlsChannelCredentialsWithDefaultRootsAndSni) {
grpc::experimental::TlsChannelCredentialsOptions options;
options.set_sni_override("test");
auto channel_credentials = grpc::experimental::TlsCredentials(options);
GRPC_CHECK_NE(channel_credentials.get(), nullptr);
}
TEST(
CredentialsTest,
TlsChannelCredentialsWithStaticDataCertificateProviderLoadingRootAndIdentity) {