forked from toolshed/abra
chore: bump deps
This commit is contained in:
34
vendor/google.golang.org/grpc/credentials/credentials.go
generated
vendored
34
vendor/google.golang.org/grpc/credentials/credentials.go
generated
vendored
@ -120,6 +120,20 @@ type AuthInfo interface {
|
||||
AuthType() string
|
||||
}
|
||||
|
||||
// AuthorityValidator validates the authority used to override the `:authority`
|
||||
// header. This is an optional interface that implementations of AuthInfo can
|
||||
// implement if they support per-RPC authority overrides. It is invoked when the
|
||||
// application attempts to override the HTTP/2 `:authority` header using the
|
||||
// CallAuthority call option.
|
||||
type AuthorityValidator interface {
|
||||
// ValidateAuthority checks the authority value used to override the
|
||||
// `:authority` header. The authority parameter is the override value
|
||||
// provided by the application via the CallAuthority option. This value
|
||||
// typically corresponds to the server hostname or endpoint the RPC is
|
||||
// targeting. It returns non-nil error if the validation fails.
|
||||
ValidateAuthority(authority string) error
|
||||
}
|
||||
|
||||
// ErrConnDispatched indicates that rawConn has been dispatched out of gRPC
|
||||
// and the caller should not close rawConn.
|
||||
var ErrConnDispatched = errors.New("credentials: rawConn is dispatched out of gRPC")
|
||||
@ -207,14 +221,32 @@ type RequestInfo struct {
|
||||
AuthInfo AuthInfo
|
||||
}
|
||||
|
||||
// requestInfoKey is a struct to be used as the key to store RequestInfo in a
|
||||
// context.
|
||||
type requestInfoKey struct{}
|
||||
|
||||
// RequestInfoFromContext extracts the RequestInfo from the context if it exists.
|
||||
//
|
||||
// This API is experimental.
|
||||
func RequestInfoFromContext(ctx context.Context) (ri RequestInfo, ok bool) {
|
||||
ri, ok = icredentials.RequestInfoFromContext(ctx).(RequestInfo)
|
||||
ri, ok = ctx.Value(requestInfoKey{}).(RequestInfo)
|
||||
return ri, ok
|
||||
}
|
||||
|
||||
// NewContextWithRequestInfo creates a new context from ctx and attaches ri to it.
|
||||
//
|
||||
// This RequestInfo will be accessible via RequestInfoFromContext.
|
||||
//
|
||||
// Intended to be used from tests for PerRPCCredentials implementations (that
|
||||
// often need to check connection's SecurityLevel). Should not be used from
|
||||
// non-test code: the gRPC client already prepares a context with the correct
|
||||
// RequestInfo attached when calling PerRPCCredentials.GetRequestMetadata.
|
||||
//
|
||||
// This API is experimental.
|
||||
func NewContextWithRequestInfo(ctx context.Context, ri RequestInfo) context.Context {
|
||||
return context.WithValue(ctx, requestInfoKey{}, ri)
|
||||
}
|
||||
|
||||
// ClientHandshakeInfo holds data to be passed to ClientHandshake. This makes
|
||||
// it possible to pass arbitrary data to the handshaker from gRPC, resolver,
|
||||
// balancer etc. Individual credential implementations control the actual
|
||||
|
||||
8
vendor/google.golang.org/grpc/credentials/insecure/insecure.go
generated
vendored
8
vendor/google.golang.org/grpc/credentials/insecure/insecure.go
generated
vendored
@ -30,7 +30,7 @@ import (
|
||||
// NewCredentials returns a credentials which disables transport security.
|
||||
//
|
||||
// Note that using this credentials with per-RPC credentials which require
|
||||
// transport security is incompatible and will cause grpc.Dial() to fail.
|
||||
// transport security is incompatible and will cause RPCs to fail.
|
||||
func NewCredentials() credentials.TransportCredentials {
|
||||
return insecureTC{}
|
||||
}
|
||||
@ -71,6 +71,12 @@ func (info) AuthType() string {
|
||||
return "insecure"
|
||||
}
|
||||
|
||||
// ValidateAuthority allows any value to be overridden for the :authority
|
||||
// header.
|
||||
func (info) ValidateAuthority(string) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// insecureBundle implements an insecure bundle.
|
||||
// An insecure bundle provides a thin wrapper around insecureTC to support
|
||||
// the credentials.Bundle interface.
|
||||
|
||||
16
vendor/google.golang.org/grpc/credentials/tls.go
generated
vendored
16
vendor/google.golang.org/grpc/credentials/tls.go
generated
vendored
@ -22,6 +22,7 @@ import (
|
||||
"context"
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net"
|
||||
"net/url"
|
||||
@ -50,6 +51,21 @@ func (t TLSInfo) AuthType() string {
|
||||
return "tls"
|
||||
}
|
||||
|
||||
// ValidateAuthority validates the provided authority being used to override the
|
||||
// :authority header by verifying it against the peer certificates. It returns a
|
||||
// non-nil error if the validation fails.
|
||||
func (t TLSInfo) ValidateAuthority(authority string) error {
|
||||
var errs []error
|
||||
for _, cert := range t.State.PeerCertificates {
|
||||
var err error
|
||||
if err = cert.VerifyHostname(authority); err == nil {
|
||||
return nil
|
||||
}
|
||||
errs = append(errs, err)
|
||||
}
|
||||
return fmt.Errorf("credentials: invalid authority %q: %v", authority, errors.Join(errs...))
|
||||
}
|
||||
|
||||
// cipherSuiteLookup returns the string version of a TLS cipher suite ID.
|
||||
func cipherSuiteLookup(cipherSuiteID uint16) string {
|
||||
for _, s := range tls.CipherSuites() {
|
||||
|
||||
Reference in New Issue
Block a user