Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

xds: fix the validation code to accept new-style CertificateProviderPluginInstance wherever used #8892

Merged
merged 2 commits into from
Feb 7, 2022

Conversation

sanjaypujare
Copy link
Contributor

Update CommonTlsContextUtil validation functions to accept new-style CertificateProviderPluginInstance

fixes #8885

@sanjaypujare
Copy link
Contributor Author

The fix in this PR verified as reported in #8885 (comment)

@dapengzhang0 dapengzhang0 added this to the v1.45 milestone Feb 7, 2022
Comment on lines 48 to 51
private static boolean hasValidationProviderInstance(CommonTlsContext commonTlsContext) {
return (commonTlsContext.hasValidationContext() && commonTlsContext.getValidationContext()
.hasCaCertificateProviderInstance())
|| commonTlsContext.hasValidationContextCertificateProviderInstance();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If this method hasValidationProviderInstance is only used once, why not use it inline?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Similar to other functions defined here e.g. hasIdentityCertificateProviderInstance or hasCertProviderValidationContext. If I inline all functions used only once I'll end up with complex functions (with successive such inlining). In general if it helps in understanding the code I think it is good to have separate, appropriately named functions. The compiler will anyway inline such functions so I don't see the downside.

@sanjaypujare sanjaypujare merged commit f0a7132 into grpc:master Feb 7, 2022
@sanjaypujare sanjaypujare deleted the security-fix branch February 7, 2022 23:43
@ejona86 ejona86 added the TODO:backport PR needs to be backported. Removed after backport complete label Feb 9, 2022
sanjaypujare added a commit to sanjaypujare/grpc-java that referenced this pull request Feb 9, 2022
sanjaypujare added a commit to sanjaypujare/grpc-java that referenced this pull request Feb 9, 2022
sanjaypujare added a commit to sanjaypujare/grpc-java that referenced this pull request Feb 9, 2022
sanjaypujare added a commit that referenced this pull request Feb 9, 2022
sanjaypujare added a commit that referenced this pull request Feb 9, 2022
@ejona86 ejona86 removed the TODO:backport PR needs to be backported. Removed after backport complete label Feb 9, 2022
@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 11, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

xds: 'Unsupported configurations in UpstreamTlsContext!' error on creating a channel
3 participants