Hi JI, (I think we worked together on Pants)
I can’t really help that much, I’m not that deep into the gRPC codebase,
but I think that Eric Richardson on our team did some work to get this
working on Ruby. He had to add in a call to fetch the authenticated cert
and get it into the ruby wrappers
+/* Called to obtain the x509 cert of an authenticated peer. */
+static VALUE grpc_rb_call_get_peer_cert(VALUE self) {
+ grpc_call *call = NULL;
+ VALUE res = Qnil;
+ grpc_auth_context *ctx = NULL;
+ // char *peer_cert = NULL;
+ TypedData_Get_Struct(self, grpc_call, &grpc_call_data_type, call);
+
+ ctx = grpc_call_auth_context(call);
+
+ grpc_auth_property_iterator it =
+ grpc_auth_context_find_properties_by_name(ctx,
GRPC_X509_PEM_CERT_PROPERTY_NAME);
+ const grpc_auth_property *prop = grpc_auth_property_iterator_next(&it);
+ if (prop == NULL) {
+ return Qnil;
+ }
+
+ res = rb_str_new2(prop->value);
+
+ return res;
+}
On Sat, Jul 9, 2016 at 3:18 PM, JI Ioannidis <[email protected]> wrote:
> The examples given in the *examples* directory are all for insecure
> credentials. Does anyone have a worked-out version of *helloword* (preferably
> for C++ or Python) where the connection happens over http2, but the actual
> client and server code can see who the principals of the (now
> mutually-authenticated) connection are so they can make access-control
> decisions?
>
> Thanks
>
> /ji
>
>
> --
> You received this message because you are subscribed to the Google Groups "
> grpc.io" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To post to this group, send email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/grpc-io/e9525fad-1a5f-42af-8792-d8e67bb8fa41%40googlegroups.com
> <https://groups.google.com/d/msgid/grpc-io/e9525fad-1a5f-42af-8792-d8e67bb8fa41%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"grpc.io" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/grpc-io/CAOy0ARddY30o%2Bj3B_LvZPimPw14WnO9uMFOzgQtHOEPJQYtU_Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
