How to use the grpc.ssl_target_name_override function in grpc
To help you get started, we’ve selected a few grpc examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
hyperledger / fabric-sdk-node / test / unit / remote.js View on Github 
t.equal(remote.getName(), aHost, 'checking the name assignment');
t.equal(remote.toString(), ' Remote : {url:grpcs://atesthostname:9999}', 'Checking that peer.toString() reports correctly');
t.equal(remote._grpc_wait_for_ready_timeout, 3000, 'Remote should have grpc waitForReady timeout default to 3000');
t.ok(remote._endpoint.creds, 'GRPC Options tests: new Remote grpc with opts = null _endpoint.creds created');
const dummy_name = 'areallygreatname';
opts = {
pem: aPem,
'grpc.dummy_property': 'some_value',
'ssl-target-name-override': aHostnameOverride,
'grpc-wait-for-ready-timeout': 500,
'name': dummy_name
};
remote = new Remote(url, opts);
t.equal(remote.getName(), dummy_name, 'Check passing in the name option');
t.equal(aHostnameOverride, remote._options['grpc.ssl_target_name_override'], 'GRPC Options tests: new Remote grpc with opts ssl-target-name-override created');
t.ok(remote._endpoint.creds, 'GRPC Options tests: new Remote grpc with opts _endpoint.creds created');
t.equal('some_value', remote._options['grpc.dummy_property'], 'GRPC options tests: pass-through option properties');
t.equal(remote.getUrl(), url, 'checking that getURL works');
t.equal(remote._grpc_wait_for_ready_timeout, 500, 'Remote should have grpc waitForReady timeout equals 500');
t.comment('\n * PEER *');
// Peer: secure grpcs, requires opts.pem
opts = {pem: aPem};
let peer = null;
t.doesNotThrow(
() => {
peer = new Peer(url, opts);
},
'Check not passing any GRPC options.'
);'pem': 'dummyPEMString',
'ssl-target-name-override': 'dummyHost',
'request-timeout': 12345,
'another-property': 'dummyValue7',
'key':'dummyKeyString',
'cert':'dummyCertString',
'grpc.max_send_message_length': 1,
'grpc.max_receive_message_length': 2,
'grpc.keepalive_time_ms': 3,
'grpc.http2.min_time_between_pings_ms': 5,
'grpc.keepalive_timeout_ms': 8,
'grpc.http2.max_pings_without_data': 13,
'grpc.keepalive_permit_without_calls': 21
});
t.equal(handler._options['grpc.ssl_target_name_override'], 'dummyHost', 'Test converting opts.ssl-target-name-override to grpc.ssl_target_name_override');
t.equal(handler._options['grpc.default_authority'], 'dummyHost', 'Test converting opts.ssl-target-name-override to grpc.default_authority');
t.equal(handler._options['request-timeout'], 12345, 'Test processing request-time option');
t.equal(handler._options['another-property'], 'dummyValue7', 'Test processing another-property option');
t.equal(handler._options['grpc.max_send_message_length'], 1, 'Test grpc.max_send_message_length set to 1');
t.equal(handler._options['grpc.max_receive_message_length'], 2, 'Test grpc.max_receive_message_length set to 2');
t.equal(handler._options['grpc.keepalive_time_ms'], 3, 'Test grpc.keepalive_time_ms set to 3');
t.equal(handler._options['grpc.http2.min_time_between_pings_ms'], 5, 'Test grpc.http2.min_time_between_pings_ms set to 5');
t.equal(handler._options['grpc.keepalive_timeout_ms'], 8, 'Test grpc.keepalive_timeout_ms set to 8');
t.equal(handler._options['grpc.http2.max_pings_without_data'], 13, 'Test grpc.http2.max_pings_without_data set to 13');
t.equal(handler._options['grpc.keepalive_permit_without_calls'], 21, 'Test grpc.keepalive_permit_without_calls set to 21');
// The DNS can be case sensitive in some cases (eg Docker DNS)
handler = new Handler(chaincodeObj, 'grpc://Peer.Example.com:7051');
t.equal(handler._endpoint.addr, 'Peer.Example.com:7051', 'Test handler.addr value preserves casing');
t.end();function runTest(address, host_override, test_case, tls, test_ca, done, extra) {
// TODO(mlumish): enable TLS functionality
var options = {};
var creds;
if (tls) {
var ca_path;
if (test_ca) {
ca_path = path.join(__dirname, '../data/ca.pem');
var ca_data = fs.readFileSync(ca_path);
creds = grpc.credentials.createSsl(ca_data);
} else {
creds = grpc.credentials.createSsl();
}
if (host_override) {
options['grpc.ssl_target_name_override'] = host_override;
options['grpc.default_authority'] = host_override;
}
} else {
creds = grpc.credentials.createInsecure();
}
var test = test_cases[test_case];
var execute = function(err, creds) {
assert.ifError(err);
var client = new test.Client(address, creds, options);
test.run(client, done, extra);
};
if (test.getCreds) {
test.getCreds(extra.oauth_scope, function(err, new_creds) {
assert.ifError(err);function runTest(address, host_override, test_case, tls, test_ca, done, extra) {
// TODO(mlumish): enable TLS functionality
var options = {};
var creds;
if (tls) {
var ca_path;
if (test_ca) {
ca_path = path.join(__dirname, '../data/ca.pem');
var ca_data = fs.readFileSync(ca_path);
creds = grpc.credentials.createSsl(ca_data);
} else {
creds = grpc.credentials.createSsl();
}
if (host_override) {
options['grpc.ssl_target_name_override'] = host_override;
options['grpc.default_authority'] = host_override;
}
} else {
creds = grpc.credentials.createInsecure();
}
var test = test_cases[test_case];
var execute = function(err, creds) {
assert.ifError(err);
var client = new test.Client(address, creds, options);
test.run(client, done, extra);
};
if (test.getCreds) {
test.getCreds(extra.oauth_scope, function(err, new_creds) {
assert.ifError(err);}
if (typeof chaincode.Init !== 'function') {
throw new Error('The chaincode argument must implement the mandatory "Init()" method');
}
if (typeof chaincode.Invoke !== 'function') {
throw new Error('The chaincode argument must implement the mandatory "Invoke()" method');
}
this.chaincode = chaincode;
// connection options
this._options = {};
if (opts && opts['ssl-target-name-override'] && opts['ssl-target-name-override'] !== '') {
this._options['grpc.ssl_target_name_override'] = opts['ssl-target-name-override'];
this._options['grpc.default_authority'] = opts['ssl-target-name-override'];
}
for (const key in opts ? opts : {}) {
if (key !== 'pem' && key !== 'ssl-target-name-override') {
this._options[key] = opts[key];
}
}
// service connection
this._url = url;
this._endpoint = new Endpoint(url, opts);
// node.js based timeout
this._request_timeout = 30000;
if (opts && opts['request-timeout']) {private startConnectingInternal() {
const connectionOptions: http2.SecureClientSessionOptions =
this.credentials._getConnectionOptions() || {};
let addressScheme = 'http://';
if ('secureContext' in connectionOptions) {
addressScheme = 'https://';
// If provided, the value of grpc.ssl_target_name_override should be used
// to override the target hostname when checking server identity.
// This option is used for testing only.
if (this.options['grpc.ssl_target_name_override']) {
const sslTargetNameOverride = this.options[
'grpc.ssl_target_name_override'
]!;
connectionOptions.checkServerIdentity = (
host: string,
cert: PeerCertificate
): Error | undefined => {
return checkServerIdentity(sslTargetNameOverride, cert);
};
connectionOptions.servername = sslTargetNameOverride;
} else {
connectionOptions.servername = getDefaultAuthority(this.channelTarget);
}
}
const session = http2.connect(
addressScheme + this.subchannelAddress,
connectionOptionsif (value && typeof value !== 'string' && !Number.isInteger(value)) {
throw new Error(`invalid grpc option value:${key}-> ${value} expected string|integer`);
}
if (key !== 'pem' && key !== 'ssl-target-name-override') {
this._options[key] = value;
}
}
const {pem, clientKey, clientCert, ['ssl-target-name-override']: ssl_target_name_override} = opts;
this.clientCert = clientCert;
// connection options
if (ssl_target_name_override && typeof ssl_target_name_override === 'string') {
this._options['grpc.ssl_target_name_override'] = ssl_target_name_override;
this._options['grpc.default_authority'] = ssl_target_name_override;
}
let grpc_receive_max;
if (opts[MAX_RECEIVE_V10]) {
grpc_receive_max = opts[MAX_RECEIVE_V10];
} else if (opts[MAX_RECEIVE]) {
grpc_receive_max = opts[MAX_RECEIVE];
} else {
grpc_receive_max = utils.getConfigSetting(MAX_RECEIVE_V10);
if (typeof grpc_receive_max === 'undefined') {
grpc_receive_max = utils.getConfigSetting(MAX_RECEIVE);
}
}
if (typeof grpc_receive_max === 'undefined') {
grpc_receive_max = -1; // default is unlimitedprivate startConnecting(): void {
const connectionOptions: http2.SecureClientSessionOptions =
this.credentials._getConnectionOptions() || {};
if (connectionOptions.secureContext !== null) {
// If provided, the value of grpc.ssl_target_name_override should be used
// to override the target hostname when checking server identity.
// This option is used for testing only.
if (this.options['grpc.ssl_target_name_override']) {
const sslTargetNameOverride = this.options[
'grpc.ssl_target_name_override'
]!;
connectionOptions.checkServerIdentity = (
host: string,
cert: PeerCertificate
): Error | undefined => {
return checkServerIdentity(sslTargetNameOverride, cert);
};
connectionOptions.servername = sslTargetNameOverride;
}
}
const subChannel: Http2SubChannel = new Http2SubChannel(
this.target,
connectionOptions,
this.userAgent,}
// make sure we have wait for request timeout
const requestTimeout = _options.requestTimeout;
if (!requestTimeout) {
_options.requestTimeout = 3000; // default 3 seconds
} else {
if (Number.isInteger(requestTimeout)) {
logger.debug('%s requestTimeout set to %s', method, requestTimeout);
} else {
throw Error(`invalid requestTimeout :: ${requestTimeout}`);
}
}
if (typeof ssl_target_name_override === 'string') {
_options['grpc.ssl_target_name_override'] = ssl_target_name_override;
_options['grpc.default_authority'] = ssl_target_name_override;
logger.debug('%s - ssl_target_name_override: %s', method, ssl_target_name_override);
}
const endpoint = new Endpoint(_options);
logger.debug('new endpoint url: %s', _options.url);
return endpoint;
}stream.on('end', () => {
stream.sendMetadata(stream.metadata);
stream.end();
});
}
});
const keyCertPairs = [{ private_key: key, cert_chain: cert }];
const creds = ServerCredentials.createSsl(null, keyCertPairs);
port = await server.bind('localhost:0', creds);
server.start();
Client = proto.TestService;
clientSslCreds = Grpc.credentials.createSsl(ca);
const hostOverride = 'foo.test.google.fr';
clientOptions['grpc.ssl_target_name_override'] = hostOverride;
clientOptions['grpc.default_authority'] = hostOverride;
});
Popular grpc functions
- grpc.credentials
- grpc.credentials.createInsecure
- grpc.credentials.createSsl
- grpc.default_authority
- grpc.InterceptingCall
- grpc.keepalive_time_ms
- grpc.keepalive_timeout_ms
- grpc.load
- grpc.loadObject
- grpc.loadPackageDefinition
- grpc.makeGenericClientConstructor
- grpc.Metadata
- grpc.primary_user_agent
- grpc.RequesterBuilder
- grpc.Server
- grpc.ServerCredentials
- grpc.ssl_target_name_override
- grpc.status
- grpc.status.NOT_FOUND
- grpc.waitForClientReady