Log overrides: applications can use this API to intercept logging calls and use their own implementations
Analogous to struct timespec. On some machines, absolute times may be in local time.
A single argument… each argument has a key and a value
Context that can be used by metadata credentials plugin in order to create auth related metadata.
Pluggable server-side metadata processor object.
value, if not NULL, is guaranteed to be NULL terminated.
Reader for byte buffers. Iterates over slices in the byte buffer
An array of arguments that can be passed around.
Information requested from the channel.
The default message compression algorithm. It’ll be used in the absence of call specific settings. This option corresponds to the channel argument key behind \a GRPC_COMPRESSION_CHANNEL_DEFAULT_ALGORITHM.
The default compression level. It’ll be used in the absence of call specific settings. This option corresponds to the channel argument key behind \a GRPC_COMPRESSION_CHANNEL_DEFAULT_LEVEL. If present, takes precedence over \a default_algorithm. TODO(dgq): currently only available for server channels.
The result of an operation.
EXPERIMENTAL: Specifies an interface class to be used as a tag for callback-based completion queues. This can be used directly, as the first element of a struct in C, or as a base class in C++. Its “run” value should be assigned to some non-member function, such as a static method.
A single metadata element
The following fields are reserved for grpc internal use. There is no need to initialize them, and they will be set to garbage during calls to grpc.
grpc_metadata_credentials plugin is an API user provided structure used to create grpc_credentials objects that can be set on a channel (composed) or a call. See grpc_credentials_metadata_create_from_plugin below. The grpc client stack will call the get_metadata method of the plugin for every call in scope for the credentials created from it.
Operation data: one field for each op type (except SEND_CLOSE_FROM_CLIENT which has no arguments)
Reserved for future usage
ownership of the array is with the caller, but ownership of the elements stays with the call object (ie key, value members are owned by the call object, recv_initial_metadata->array is owned by the caller). After the operation completes, call grpc_metadata_array_destroy on this value, or reuse it in a future op.
ownership of the byte buffer is moved to the caller; the caller must call grpc_byte_buffer_destroy on this value, or reuse it in a future op. The returned byte buffer will be NULL if trailing metadata was received instead of a message.
If \a is_set, \a compression_level will be used for the call. Otherwise, \a compression_level won’t be considered
A grpc_slice s, if initialized, represents the byte range s.bytes[0..s.length-1].
Represents an expandable array of slices, to be interpreted as a single item.
Object that holds a private key / certificate chain pair in PEM format.
Object that holds additional peer-verification options on a secure channel.
Options for creating STS Oauth Token Exchange credentials following the IETF draft https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16. Optional fields may be set to NULL or empty string. It is the responsibility of the caller to ensure that the subject and actor tokens are refreshed on disk at the specified paths. This API is used for experimental purposes for now and may change in the future.
A struct containing all information necessary to schedule/cancel a server authorization check request.
Deprecated in favor of grpc_ssl_verify_peer_options. It will be removed after all of its call sites are migrated to grpc_ssl_verify_peer_options. Object that holds additional peer-verification options on a secure channel.
The clocks we support.
The severity of a log message - use the #defines below when calling into gpr_log to additionally supply file and line data
Type specifier for grpc_arg
Result of a grpc call. If the caller satisfies the prerequisites of a particular operation, the grpc_call_error returned will be GRPC_CALL_OK. Receiving any other value listed here is an indication of a bug in the caller.
The type of completion (for grpc_event)
The various compression algorithms supported by gRPC (not sorted by compression level)
Compression levels allow a party with knowledge of its peer’s accepted encodings to request compression in an abstract way. The level-algorithm mapping is performed internally and depends on the peer’s supported compression algorithms.
Connectivity state of a channel.
Specifies the type of APIs to use to pop events from the completion queue
Completion queues internally MAY maintain a set of file descriptors in a structure called ‘pollset’. This enum specifies if a completion queue has an associated pollset and any restrictions on the type of file descriptors that can be present in the pollset.
Type of local connections for which local channel/server credentials will be applied. It supports UDS and local TCP connections.
How to handle payloads for a registered method
Callback results for dynamically loading a SSL certificate config.
Results for the SSL roots override callback.
The TLS versions that are supported by the SSL stack.
printf to a newly-allocated string. The set of supported formats may vary between platforms.
Adds \a delta to \a *value, clamping the result to the range specified by \a min and \a max. Returns the new value.
Convert a timespec from one clock to another
Return the CPU on which the current thread is executing; N.B. This should be considered advisory only - it is possible that the thread is switched to a different CPU at any time. Returns a value in range [0, gpr_cpu_num_cores() - 1]
Return the number of CPU cores on the current system. Will return 0 if the information is not available.
Return the value set by gpr_event_set(ev, …), or NULL if no such call has completed. If the result is non-NULL, all operations that occurred prior to the gpr_event_set(ev, …) set will be visible after this call returns. Requires: *ev initialized. This operation is faster than acquiring a mutex on most platforms.
Set *ev so that gpr_event_get() and gpr_event_wait() will return value. Requires: *ev initialized; value != NULL; no prior or concurrent calls to gpr_event_set(ev, …) since initialization.
Wait until *ev is set by gpr_event_set(ev, …), or abs_deadline is exceeded, then return gpr_event_get(ev). Requires: *ev initialized. Use abs_deadline==gpr_inf_future for no deadline. When the event has been signalled before the call, this operation is faster than acquiring a mutex on most platforms.
Returns a string allocated with gpr_malloc that contains a UTF-8 formatted error message, corresponding to the error messageid. Use in conjunction with GetLastError() et al.
free memory allocated by gpr_malloc_aligned
The zero time interval.
The far future
Log a message. It’s advised to use GPR_xxx above to generate the context for each message
Returns a string representation of the log severity
malloc. If size==0, always returns NULL. Otherwise this function never returns NULL. The pointer returned is suitably aligned for any kind of variable it could contain.
aligned malloc, never returns NULL, will align to alignment, which must be a power of 2.
Return the current time measured from the given clocks epoch.
realloc, never returns NULL
Increment the reference count *r. Requires *r initialized.
Initialize *r to value n.
Return non-zero iff the reference count of *r is one, and thus is owned by exactly one object.
Increment the reference count *r. Requires *r initialized. Crashes if refcount is zero
Increment the reference count *r by n. Requires *r initialized, n > 0.
Set global log verbosity
Sleep until at least ‘until’ - an absolute timeout
*c += inc. Requires: *c initialized.
Initialize *c to the value n.
Return *c. Requires: *c initialized.
Returns a copy of src that can be passed to gpr_free(). If allocation fails or if src is NULL, returns NULL.
Returns the identifier of the current thread.
Add and subtract times. Calculations saturate at infinities.
Return -ve, 0, or +ve according to whether a < b, a == b, or a > b respectively.
Return a timespec representing a given number of time units. INT64_MIN is interpreted as gpr_inf_past, and INT64_MAX as gpr_inf_future.
initialize time subsystem
Return 1 if two times are equal or within threshold of each other, 0 otherwise
Decrement the reference count *r and return non-zero iff it has reached zero. . Requires *r initialized.
like malloc, but zero all bytes before returning them
Creates an Oauth2 Access Token credentials with an access token that was acquired by an out of band mechanism.
This method adds a target service account to grpc client’s ALTS credentials options instance. It is used for experimental purpose for now and subject to change.
This method creates a grpc ALTS credentials client options instance. It is used for experimental purpose for now and subject to change.
This method creates an ALTS channel credential object. The security level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY. It is used for experimental purpose for now and subject to change.
This method destroys a grpc_alts_credentials_options instance by de-allocating all of its occupied memory. It is used for experimental purpose for now and subject to change.
This method creates a grpc ALTS credentials server options instance. It is used for experimental purpose for now and subject to change.
This method creates an ALTS server credential object. It is used for experimental purpose for now and subject to change.
Add a C string property.
Add a property.
Finds a property in the context. May return an empty iterator (first _next will return NULL) if no property with this name was found in the context.
Gets the peer identity. Returns an empty iterator (first _next will return NULL) if the peer is not authenticated.
Gets the name of the property that indicates the peer identity. Will return NULL if the peer is not authenticated.
Returns 1 if the peer is authenticated, 0 otherwise.
Iterates over the auth context.
Releases the auth context returned from grpc_call_auth_context.
Sets the property name. Returns 1 if successful or 0 in case of failure (which means that no property with this name exists).
Performs a deep copy from \a from to \a to.
Releases internal resources held by \a context.
Returns NULL when the iterator is at the end.
Copies input byte buffer \a bb.
Destroys \a byte_buffer deallocating all its memory.
Returns the size of the given byte buffer, in bytes.
Cleanup and destroy \a reader
Initialize \a reader to read over \a buffer. Returns 1 upon success, 0 otherwise.
Updates \a slice with the next piece of data from from \a reader and returns
EXPERIMENTAL API - This function may be removed and changed, in the future.
Merge all data from \a reader into single slice
Allocate memory in the grpc_call arena: this memory is automatically discarded at call completion
Gets the auth context from the call. Caller needs to call grpc_auth_context_release on the returned context.
Cancel an RPC. Can be called multiple times, from any thread. THREAD-SAFETY grpc_call_cancel and grpc_call_cancel_with_status are thread-safe, and can be called at any point before grpc_call_unref is called.
Cancel an RPC. Can be called multiple times, from any thread. If a status has not been received for the call, set it to the status code and description passed in. Importantly, this function does not send status nor description to the remote endpoint. Note that \a description doesn’t need be a static string. It doesn’t need to be alive after the call to grpc_call_cancel_with_status completes.
Releases a call credentials object. The creator of the credentials object is responsible for its release.
Convert grpc_call_error values to a string
Returns a newly allocated string representing the endpoint to which this call is communicating with. The string is in the uri format accepted by grpc_channel_create. The returned string should be disposed of with gpr_free().
Ref a call. THREAD SAFETY: grpc_call_ref is thread-compatible
Sets a credentials to a call. Can only be called on the client side before grpc_call_start_batch.
Start a batch of operations defined in the array ops; when complete, post a completion of type ‘tag’ to the completion queue bound to the call. The order of ops specified in the batch has no significance. Only one operation of each type can be active at once in any given batch. If a call to grpc_call_start_batch returns GRPC_CALL_OK you must call grpc_completion_queue_next or grpc_completion_queue_pluck on the completion queue associated with ‘call’ for work to be performed. If a call to grpc_call_start_batch returns any value other than GRPC_CALL_OK it is guaranteed that no state associated with ‘call’ is changed and it is not appropriate to call grpc_completion_queue_next or grpc_completion_queue_pluck consequent to the failed grpc_call_start_batch call. If a call to grpc_call_start_batch with an empty batch returns GRPC_CALL_OK, the tag is put in the completion queue immediately. THREAD SAFETY: access to grpc_call_start_batch in multi-threaded environment needs to be synchronized. As an optimization, you may synchronize batches containing just send operations independently from batches containing just receive operations. Access to grpc_call_start_batch with an empty batch is thread-compatible.
Unref a call. THREAD SAFETY: grpc_call_unref is thread-compatible
Retrieve the calls current census context.
Set census context for a call; Must be called before first call to grpc_call_start_batch().
Check the connectivity state of a channel.
Create a call given a grpc_channel, in order to call ‘method’. All completions are sent to ‘completion_queue’. ‘method’ and ‘host’ need only live through the invocation of this function. If parent_call is non-NULL, it must be a server-side call. It will be used to propagate properties from the server call to this new client call, depending on the value of \a propagation_mask (see propagation_bits.h for possible values).
Create a call given a handle returned from grpc_channel_register_call. \sa grpc_channel_create_call.
Releases a channel credentials object. The creator of the credentials object is responsible for its release.
Close and destroy a grpc channel
Request info about the channel. \a channel_info indicates what information is being requested and how that information will be returned. \a channel_info is owned by the caller.
Return a newly allocated string representing the target a channel was created for.
Number of active “external connectivity state watchers” attached to a channel. Useful for testing.
Pre-register a method/host pair on a channel. method and host are not owned and must remain alive while the channel is alive.
EXPERIMENTAL. Resets the channel’s connect backoff. TODO(roth): When we see whether this proves useful, either promote to non-experimental or remove it.
Check whether a grpc channel supports connectivity watcher
Watch for a change in connectivity state. Once the channel connectivity state is different from last_observed_state, tag will be enqueued on cq with success=1. If deadline expires BEFORE the state is changed, tag will be enqueued on cq with success=0.
CHANNELZ API *************/ churn as the feature is implemented. This comment will be removed once channelz is officially supported, and these APIs become stable. For now you may track the progress by following this github issue: https://github.com/grpc/grpc/issues/15340
Create a completion queue
Helper function to create a completion queue with grpc_cq_completion_type of GRPC_CQ_CALLBACK and grpc_cq_polling_type of GRPC_CQ_DEFAULT_POLLING. This function is experimental.
Helper function to create a completion queue with grpc_cq_completion_type of GRPC_CQ_NEXT and grpc_cq_polling_type of GRPC_CQ_DEFAULT_POLLING
Helper function to create a completion queue with grpc_cq_completion_type of GRPC_CQ_PLUCK and grpc_cq_polling_type of GRPC_CQ_DEFAULT_POLLING
Destroy a completion queue. The caller must ensure that the queue is drained and no threads are executing grpc_completion_queue_next
Returns the completion queue factory based on the attributes. MAY return a NULL if no factory can be found
Blocks until an event is available, the completion queue is being shut down, or deadline is reached.
Blocks until an event with tag ‘tag’ is available, the completion queue is being shutdown or deadline is reached.
Begin destruction of a completion queue. Once all possible events are drained then grpc_completion_queue_next will start to produce GRPC_QUEUE_SHUTDOWN events only. At that point it’s safe to call grpc_completion_queue_destroy.
EXPERIMENTAL API ************/ Returns 1 if there was contents in the cache. If there was an event in \a cq tls cache, its tag is placed in tag, and ok is set to the event success.
EXPERIMENTAL API ************/ grpc_flush_cq_tls_cache() MUST be called on the same thread, with the same cq.
Creates a composite call credentials object.
Creates a composite channel credentials object. The security level of resulting connection is determined by channel_creds.
Returns the compression algorithm corresponding to \a level for the compression algorithms encoded in the \a accepted_encodings bitset.
Return if an algorithm is message compression algorithm.
Return if an algorithm is stream compression algorithm.
Updates \a name with the encoding name corresponding to a valid \a algorithm. Note that \a name is statically allocated and must not be freed. Returns 1 upon success, 0 otherwise.
Parses the \a slice as a grpc_compression_algorithm instance and updating \a algorithm. Returns 1 upon success, 0 otherwise.
Mark \a algorithm as disabled in \a opts.
Mark \a algorithm as enabled in \a opts.
Returns true if \a algorithm is marked as enabled in \a opts.
EXPERIMENTAL. Dumps xDS configs as a serialized ClientConfig proto. The full name of the proto is envoy.service.status.v3.ClientConfig.
Builds External Account credentials.
Return a string specifying what the ‘g’ in gRPC stands for
Creates a compute engine credentials object for connecting to Google. WARNING: Do NOT use this credentials to connect to a non-google service as this could result in an oauth2 token leak.
Creates default credentials to connect to a google gRPC service. WARNING: Do NOT use this credentials to connect to a non-google service as this could result in an oauth2 token leak. The security level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY.
Creates an IAM credentials object for connecting to Google.
Creates an Oauth2 Refresh Token credentials object for connecting to Google. May return NULL if the input is invalid. WARNING: Do NOT use this credentials to connect to a non-google service as this could result in an oauth2 token leak.
Check whether a metadata key is legal (will be accepted by core)
Check whether a non-binary metadata value is legal (will be accepted by core)
Initialize the grpc library.
Create a client channel to ‘target’. Additional channel level configuration MAY be provided by grpc_channel_args, though the expectation is that most clients will want to simply pass NULL. The user data in ‘args’ need only live through the invocation of this function. However, if any args of the ‘pointer’ type are passed, then the referenced vtable must be maintained by the caller until grpc_channel_destroy terminates. See grpc_channel_args definition for more on this.
Create a client channel to ‘target’ using file descriptor ‘fd’. The ‘target’ argument will be used to indicate the name for this channel. See the comment for grpc_insecure_channel_create for description of ‘args’ argument.
EXPERIMENTAL API - Subject to change
EXPERIMENTAL API - Subject to change
Check whether a metadata key corresponds to a binary value
EXPERIMENTAL. Returns 1 if the grpc library has been initialized. TODO(ericgribkoff) Decide if this should be promoted to non-experimental as part of stabilizing the fork support API, as tracked in https://github.com/grpc/grpc/issues/15334
Create a lame client: this client fails every operation attempted on it.
This method creates a local channel credential object. The security level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY for UDS and GRPC_SECURITY_NONE for LOCAL_TCP. It is used for experimental purpose for now and subject to change.
This method creates a local server credential object. It is used for experimental purpose for now and subject to change.
\mainpage GRPC Core
Creates a credentials object from a plugin with a specified minimum security level.
Returns a RAW byte buffer instance over the given slices (up to \a nslices).
Returns a RAW byte buffer instance from the output of \a reader.
Returns a compressed RAW byte buffer instance over the given slices (up to \a nslices). The \a compression argument defines the compression algorithm used to generate the data in \a slices.
Registers a plugin to be initialized and destroyed with the library.
Fetch a vtable for a grpc_channel_arg that points to a grpc_resource_quota
Create a buffer pool
Add a reference to a buffer pool
Update the size of a buffer pool
Update the size of the maximum number of threads allowed
Drop a reference to a buffer pool
Creates a secure channel using the passed-in credentials. Additional channel level configuration MAY be provided by grpc_channel_args, though the expectation is that most clients will want to simply pass NULL. The user data in ‘args’ need only live through the invocation of this function. However, if any args of the ‘pointer’ type are passed, then the referenced vtable must be maintained by the caller until grpc_channel_destroy terminates. See grpc_channel_args definition for more on this.
Add the connected communication channel based on file descriptor ‘fd’ to the ‘server’. The ‘fd’ must be an open file descriptor corresponding to a connected socket. Events from the file descriptor may come on any of the server completion queues (i.e completion queues registered via the grpc_server_register_completion_queue API).
Add a HTTP2 over plaintext over tcp listener. Returns bound port number on success, 0 on failure. REQUIRES: server not started
Add a HTTP2 over an encrypted link over tcp listener. Returns bound port number on success, 0 on failure. REQUIRES: server not started
Cancel all in-progress calls. Only usable after shutdown.
EXPERIMENTAL. Destroys a config fetcher.
EXPERIMENTAL. Creates an xDS config fetcher.
Create a server. Additional configuration for each incoming channel can be specified with args. If no additional configuration is needed, args can be NULL. The user data in ‘args’ need only live through the invocation of this function. However, if any args of the ‘pointer’ type are passed, then the referenced vtable must be maintained by the caller until grpc_server_destroy terminates. See grpc_channel_args definition for more on this.
Releases a server_credentials object. The creator of the server_credentials object is responsible for its release.
Destroy a server. Shutdown must have completed beforehand (i.e. all tags generated by grpc_server_shutdown_and_notify must have been received, and at least one call to grpc_server_shutdown_and_notify must have been made).
Register a completion queue with the server. Must be done for any notification completion queue that is passed to grpc_server_request_*_call and to grpc_server_shutdown_and_notify. Must be performed prior to grpc_server_start.
Registers a method in the server. Methods to this (host, method) pair will not be reported by grpc_server_request_call, but instead be reported by grpc_server_request_registered_call when passed the appropriate registered_method (as returned by this function). Must be called before grpc_server_start. Returns NULL on failure.
Request notification of a new call. Once a call is received, a notification tagged with \a tag_new is added to \a cq_for_notification. \a call, \a details and \a request_metadata are updated with the appropriate call information. \a cq_bound_to_call is bound to \a call, and batch operation notifications for that call will be posted to \a cq_bound_to_call. Note that \a cq_for_notification must have been registered to the server via \a grpc_server_register_completion_queue.
Request notification of a new pre-registered call. ‘cq_for_notification’ must have been registered to the server via grpc_server_register_completion_queue.
EXPERIMENTAL. Sets the server’s config fetcher. Takes ownership. Must be called before adding ports
Begin shutting down a server. After completion, no new calls or connections will be admitted. Existing calls will be allowed to complete. Send a GRPC_OP_COMPLETE event when there are no more calls being serviced. Shutdown is idempotent, and all tags will be notified at once if multiple grpc_server_shutdown_and_notify calls are made. ‘cq’ must have been registered to this server via grpc_server_register_completion_queue.
Start a server - tells all listeners to start listening
Creates a JWT credentials object. May return NULL if the input is invalid.
Setup a callback to override the default TLS/SSL roots. This function is not thread-safe and must be called at initialization time before any ssl credentials are created to have the desired side effect. If GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment is set to a valid path, the callback will not be called.
Shut down the grpc library.
DEPRECATED. Recommend to use grpc_shutdown only
return non-zero if the first blen bytes of a are equal to b
Add an element to a slice buffer - takes ownership of the slice. This function is allowed to concatenate the passed in slice to the end of some other slice if desired by the slice buffer.
add an element to a slice buffer - takes ownership of the slice and returns the index of the slice. Guarantees that the slice will not be concatenated at the end of another slice (i.e. the data for this slice will begin at the first byte of the slice at the returned index in sb->slices) The implementation MAY decide to concatenate data at the end of a small slice added in this fashion.
destroy a slice buffer - unrefs any held elements
initialize a slice buffer
move the first n bytes of src into dst
move the first n bytes of src into dst (copying them)
move the first n bytes of src into dst without adding references
move all of the elements of src into dst
pop the last buffer, but don’t unref it
clear a slice buffer, unref all elements
swap the contents of two slice buffers
take the first slice in the slice buffer
add a very small (less than 8 bytes) amount of data to the end of a slice buffer: returns a pointer into which to add the data
remove n bytes from the end of a slice buffer
undo the above with (a possibly different) \a slice
Returns <0 if a < b, ==0 if a == b, >0 if a > b The order is arbitrary, and is not guaranteed to be stable across different versions of the API.
Copy slice - create a new slice that contains the same data as s
Return a slice pointing to newly allocated memory that has the same contents as \a s
Create a slice by copying a buffer. Equivalent to: grpc_slice slice = grpc_slice_malloc(len); memcpy(slice->data, source, len);
Create a slice by copying a string. Does not preserve null terminators. Equivalent to: size_t len = strlen(source); grpc_slice slice = grpc_slice_malloc(len); memcpy(slice->data, source, len);
Create a slice pointing to constant memory
Create a slice pointing to constant memory
Intern a slice:
Do two slices point at the same memory, with the same length If a or b is inlined, actually compares data
Equivalent to grpc_slice_new(malloc(len), len, free), but saves one malloc() call. Aborts if malloc() fails.
Create a slice pointing at some data. Calls malloc to allocate a refcount for the object, and arranges that destroy will be called with the pointer passed in at destruction.
Equivalent to grpc_slice_new, but with a two argument destroy function that also takes the slice length.
Equivalent to grpc_slice_new, but with a separate pointer that is passed to the destroy function. This function can be useful when the data is part of a larger structure that must be destroyed when the data is no longer needed.
return the index of the last instance of \a c in \a s, or -1 if not found
Increment the refcount of s. Requires slice is initialized. Returns s.
return the index of the first occurrence of \a needle in \a haystack, or -1 if it’s not found
Splits s into two: modifies s to be s[split:s.length], and returns a new slice, sharing a refcount with s, that contains s[0:split]. Requires s initialized, split <= s.length
Splits s into two: modifies s to be s[0:split], and returns a new slice, sharing a refcount with s, that contains s[split:s.length]. Requires s initialized, split <= s.length
The same as grpc_slice_split_tail, but with an option to skip altering refcounts (grpc_slice_split_tail_maybe_ref(…, true) is equivalent to grpc_slice_split_tail(…))
Return a result slice derived from s, which shares a ref count with \a s, where result.data==s.data+begin, and result.length==end-begin. The ref count of \a s is increased by one. Do not assign result back to \a s. Requires s initialized, begin <= end, begin <= s.length, and end <= source->length.
The same as grpc_slice_sub, but without altering the ref count
Return a copy of slice as a C string. Offers no protection against embedded NULL’s. Returned string must be freed with gpr_free.
Decrement the ref count of s. If the ref count of s reaches zero, all slices sharing the ref count are destroyed, and considered no longer initialized. If s is ultimately derived from a call to grpc_slice_new(start, len, dest) where dest!=NULL , then (*dest)(start) is called, else if s is ultimately derived from a call to grpc_slice_new_with_len(start, len, dest) where dest!=NULL , then (*dest)(start, len). Requires s initialized.
Deprecated in favor of grpc_ssl_server_credentials_create_ex. It will be removed after all of its call sites are migrated to grpc_ssl_server_credentials_create_ex. Creates an SSL credentials object. The security level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY.
Creates a grpc_ssl_server_certificate_config object.
Destroys a grpc_ssl_server_certificate_config object.
Deprecated in favor of grpc_ssl_server_credentials_create_ex. Creates an SSL server_credentials object.
Deprecated in favor of grpc_ssl_server_credentials_create_with_options. Same as grpc_ssl_server_credentials_create method except uses grpc_ssl_client_certificate_request_type enum to support more ways to authenticate client certificates.
Creates an options object using a certificate config. Use this method when the certificates and keys of the SSL server will not change during the server’s lifetime.
Creates an options object using a certificate config fetcher. Use this method to reload the certificates and keys of the SSL server without interrupting the operation of the server. Initial certificate config will be fetched during server initialization.
Creates an SSL server_credentials object using the provided options struct.
Destroys a grpc_ssl_server_credentials_options object.
Create a channel arg with the given cache object.
Create LRU cache for client-side SSL sessions with the given capacity. If capacity is < 1, a default capacity is used instead.
Destroy SSL session cache.
Creates an STS credentials following the STS Token Exchanged specifed in the IETF draft https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16. This API is used for experimental purposes for now and may change in the future.
Creates a grpc_tls_certificate_provider that will watch the credential changes on the file system. This provider will always return the up-to-date cert data for all the cert names callers set through |grpc_tls_credentials_options|. Note that this API only supports one key-cert file and hence one set of identity key-cert pair, so SNI(Server Name Indication) is not supported.
Releases a grpc_tls_certificate_provider object. The creator of the grpc_tls_certificate_provider object is responsible for its release. It is used for experimental purpose for now and subject to change.
Creates a grpc_tls_certificate_provider that will load credential data from static string during initialization. This provider will always return the same cert data for all cert names. root_certificate and pem_key_cert_pairs can be nullptr, indicating the corresponding credential data is not needed. This function will make a copy of |root_certificate|. The ownership of |pem_key_cert_pairs| is transferred. It is used for experimental purpose for now and subject to change.
Creates a TLS channel credential object based on the grpc_tls_credentials_options specified by callers. The grpc_channel_credentials will take the ownership of the |options|. The security level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY. It is used for experimental purpose for now and subject to change.
Creates an grpc_tls_credentials_options. It is used for experimental purpose for now and subject to change.
Sets the options of whether to request and verify client certs. This should be called only on the server side. It is used for experimental purpose for now and subject to change.
Sets the credential provider in the options. The |options| will implicitly take a new ref to the |provider|. It is used for experimental purpose for now and subject to change.
Sets the name of the identity certificates being watched. If not set, We will use a default empty string as the identity certificate name. It is used for experimental purpose for now and subject to change.
Sets the name of the root certificates being watched. If not set, We will use a default empty string as the root certificate name. It is used for experimental purpose for now and subject to change.
Sets the configuration for a custom authorization check performed at the end of the handshake. The |options| will implicitly take a new ref to the |config|. It is used for experimental purpose for now and subject to change.
Sets the options of whether to choose certain checks, e.g. certificate check, hostname check, etc. This should be called only on the client side. If |server_verification_option| is not GRPC_TLS_SERVER_VERIFICATION, use of a custom authorization check (grpc_tls_server_authorization_check_config) is mandatory. It is used for experimental purpose for now and subject to change.
If set, gRPC stack will keep watching the identity key-cert pairs with name |identity_cert_name|. This is required on the server side, and optional on the client side. It is used for experimental purpose for now and subject to change.
If set, gRPC stack will keep watching the root certificates with name |root_cert_name|. If this is not set on the client side, we will use the root certificates stored in the default system location, since client side must provide root certificates in TLS. If this is not set on the server side, we will not watch any root certificate updates, and assume no root certificates needed for the server(single-side TLS). Default root certs on the server side is not supported. It is used for experimental purpose for now and subject to change.
Adds a identity private key and a identity certificate chain to grpc_tls_identity_pairs. This function will make an internal copy of |private_key| and |cert_chain|. It is used for experimental purpose for now and subject to change.
Creates a grpc_tls_identity_pairs that stores a list of identity credential data, including identity private key and identity certificate chain. It is used for experimental purpose for now and subject to change.
Destroys a grpc_tls_identity_pairs object. If this object is passed to a provider initiation function, the ownership is transferred so this function doesn’t need to be called. Otherwise the creator of the grpc_tls_identity_pairs object is responsible for its destruction. It is used for experimental purpose for now and subject to change.
Create a grpc_tls_server_authorization_check_config instance.
Releases a grpc_tls_server_authorization_check_config object. The creator of the grpc_tls_server_authorization_check_config object is responsible for its release. It is used for experimental purpose for now and subject to change.
Creates a TLS server credential object based on the grpc_tls_credentials_options specified by callers. The grpc_server_credentials will take the ownership of the |options|. It is used for experimental purpose for now and subject to change.
Enable or disable a tracer.
Return a string representing the current version of grpc
EXPERIMENTAL API - Subject to change
EXPERIMENTAL API - Subject to change
Kick call’s completion queue, it should be called after there is an event ready to poll. THREAD SAFETY: grpcwrap_call_kick_completion_queue is thread-safe because it does not change the call’s state.
Callback function to be called by the metadata credentials plugin implementation when the metadata is ready.
Callback function that is called when the metadata processing is done.
Callback for getting the SSL roots override from the application. In case of success, *pem_roots_certs must be set to a NULL terminated string containing the list of PEM encoded root certificates. The ownership is passed to the core and freed (laster by the core) with gpr_free. If this function fails and GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment is set to a valid path, it will override the roots specified this func
Callback to retrieve updated SSL server certificates, private keys, and trusted CAs (for client authentication).
callback function provided by gRPC used to handle the result of server authorization check. It is used when schedule API is implemented asynchronously, and serves to bring the control back to gRPC C core. It is used for experimental purpose for now and subject to change.
Different current objects correspond to different types of byte buffers