Skip to content

okhttp: Per-rpc call option authority verification #11754

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
kannanjgithub merged 48 commits into from
Apr 2, 2025
Merged

okhttp: Per-rpc call option authority verification #11754

kannanjgithub merged 48 commits into from
Apr 2, 2025

Conversation

@kannanjgithub
Copy link
Contributor

@kannanjgithub kannanjgithub commented Dec 16, 2024

No description provided.

ejona86
ejona86 reviewed Dec 17, 2024
View reviewed changes
Copy link
Member

@ejona86 ejona86 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I still need to look at the core of it, but the shape looks right. These comments are mostly surface-level.

@kannanjgithub
Copy link
Contributor Author

kannanjgithub commented Jan 10, 2025

Yet to make the changes to use X509ExtendedTrustManager only via reflection if it is available in the class loader.

@kannanjgithub
Copy link
Contributor Author

kannanjgithub commented Jan 13, 2025
edited
Loading

Yet to make the changes to use X509ExtendedTrustManager only via reflection if it is available in the class loader.

Done.

@kannanjgithub kannanjgithub requested a review from ejona86 March 11, 2025 04:07
ejona86
ejona86 reviewed Mar 26, 2025
View reviewed changes
kannanjgithub
kannanjgithub commented Mar 26, 2025
View reviewed changes
ejona86
ejona86 reviewed Mar 26, 2025
View reviewed changes
ejona86
ejona86 reviewed Mar 26, 2025
View reviewed changes
ejona86
ejona86 reviewed Mar 27, 2025
View reviewed changes
ejona86 added 5 commits March 28, 2025 13:50
@ejona86
Unwrap line
be92f57
@ejona86
Remove HostnameVerifier overrides; use common channel creation
d362406
@ejona86
In test, check session hostname instead of counting
2d8844c 
Also make sure that the failure is only the RPC-failure not a connection
failure.
@ejona86
Remove unnecessary uses of FakeX509ExtendedTrustManager
52f4a4a
@ejona86
Remove FakeX509ExtendedTrustManager and rename tests
8870995 
The checkServerTrustedCalled wasn't actually testing what it tried to;
it would become true simply because of the TLS handshake. That led to
searching for a proper way to test it and renaming the tests so it was
clearer what was and wasn't tested which led to further test tweaks.
ejona86
ejona86 requested changes Mar 29, 2025
View reviewed changes
@ejona86 ejona86 mentioned this pull request Mar 31, 2025
Closed
@kannanjgithub kannanjgithub requested a review from ejona86 April 1, 2025 18:10
@ejona86 ejona86 changed the title ok-http: Per-rpc call option authority verification okhttp: Per-rpc call option authority verification Apr 1, 2025
@kannanjgithub kannanjgithub merged commit c28a7e3 into grpc:master Apr 2, 2025
15 of 16 checks passed
Sangamesh1997 pushed a commit to Sangamesh1997/grpc-java that referenced this pull request Apr 3, 2025
@kannanjgithub @Sangamesh1997
okhttp: Per-rpc call option authority verification (grpc#11754)
8c7cf53
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jul 2, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@ejona86 ejona86 ejona86 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kannanjgithub @ejona86