Macros
#define	GRPC_TRANSPORT_SECURITY_TYPE_PROPERTY_NAME "transport_security_type"

#define	GRPC_SSL_TRANSPORT_SECURITY_TYPE "ssl"

#define	GRPC_TLS_TRANSPORT_SECURITY_TYPE "tls"

#define	GRPC_X509_CN_PROPERTY_NAME "x509_common_name"

#define	GRPC_X509_SUBJECT_PROPERTY_NAME "x509_subject"

#define	GRPC_X509_SAN_PROPERTY_NAME "x509_subject_alternative_name"

#define	GRPC_X509_PEM_CERT_PROPERTY_NAME "x509_pem_cert"

#define	GRPC_X509_PEM_CERT_CHAIN_PROPERTY_NAME "x509_pem_cert_chain"

#define	GRPC_SSL_SESSION_REUSED_PROPERTY "ssl_session_reused"

#define	GRPC_TRANSPORT_SECURITY_LEVEL_PROPERTY_NAME "security_level"

#define	GRPC_PEER_DNS_PROPERTY_NAME "peer_dns"

#define	GRPC_PEER_SPIFFE_ID_PROPERTY_NAME "peer_spiffe_id"

#define	GRPC_PEER_URI_PROPERTY_NAME "peer_uri"

#define	GRPC_PEER_EMAIL_PROPERTY_NAME "peer_email"

#define	GRPC_PEER_IP_PROPERTY_NAME "peer_ip"

#define	GRPC_DEFAULT_SSL_ROOTS_FILE_PATH_ENV_VAR "GRPC_DEFAULT_SSL_ROOTS_FILE_PATH"
	Environment variable that points to the default SSL roots file. More...

#define	GRPC_GOOGLE_CREDENTIALS_ENV_VAR "GOOGLE_APPLICATION_CREDENTIALS"
	Environment variable that points to the google default application credentials json key or refresh token. More...

Enumerations
enum	grpc_ssl_roots_override_result { GRPC_SSL_ROOTS_OVERRIDE_OK, GRPC_SSL_ROOTS_OVERRIDE_FAIL_PERMANENTLY, GRPC_SSL_ROOTS_OVERRIDE_FAIL }
	Results for the SSL roots override callback. More...

enum	grpc_ssl_certificate_config_reload_status { GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_UNCHANGED, GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_NEW, GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_FAIL }
	Callback results for dynamically loading a SSL certificate config. More...

enum	grpc_ssl_client_certificate_request_type { GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE, GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY, GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY, GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY, GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY }

enum	grpc_security_level { GRPC_SECURITY_MIN, GRPC_SECURITY_NONE = GRPC_SECURITY_MIN, GRPC_INTEGRITY_ONLY, GRPC_PRIVACY_AND_INTEGRITY, GRPC_SECURITY_MAX = GRPC_PRIVACY_AND_INTEGRITY }

enum	grpc_local_connect_type { UDS = 0, LOCAL_TCP }
	Type of local connections for which local channel/server credentials will be applied. More...

enum	grpc_tls_version { TLS1_2, TLS1_3 }
	The TLS versions that are supported by the SSL stack. More...

Macro Definition Documentation

◆ GRPC_DEFAULT_SSL_ROOTS_FILE_PATH_ENV_VAR

#define GRPC_DEFAULT_SSL_ROOTS_FILE_PATH_ENV_VAR "GRPC_DEFAULT_SSL_ROOTS_FILE_PATH"

Environment variable that points to the default SSL roots file.

This file must be a PEM encoded file with all the roots such as the one that can be downloaded from https://pki.google.com/roots.pem.

◆ GRPC_GOOGLE_CREDENTIALS_ENV_VAR

#define GRPC_GOOGLE_CREDENTIALS_ENV_VAR "GOOGLE_APPLICATION_CREDENTIALS"

Environment variable that points to the google default application credentials json key or refresh token.

Used in the grpc_google_default_credentials_create function.

◆ GRPC_PEER_DNS_PROPERTY_NAME

#define GRPC_PEER_DNS_PROPERTY_NAME "peer_dns"

◆ GRPC_PEER_EMAIL_PROPERTY_NAME

#define GRPC_PEER_EMAIL_PROPERTY_NAME "peer_email"

◆ GRPC_PEER_IP_PROPERTY_NAME

#define GRPC_PEER_IP_PROPERTY_NAME "peer_ip"

◆ GRPC_PEER_SPIFFE_ID_PROPERTY_NAME

#define GRPC_PEER_SPIFFE_ID_PROPERTY_NAME "peer_spiffe_id"

◆ GRPC_PEER_URI_PROPERTY_NAME

#define GRPC_PEER_URI_PROPERTY_NAME "peer_uri"

◆ GRPC_SSL_SESSION_REUSED_PROPERTY

#define GRPC_SSL_SESSION_REUSED_PROPERTY "ssl_session_reused"

◆ GRPC_SSL_TRANSPORT_SECURITY_TYPE

#define GRPC_SSL_TRANSPORT_SECURITY_TYPE "ssl"

◆ GRPC_TLS_TRANSPORT_SECURITY_TYPE

#define GRPC_TLS_TRANSPORT_SECURITY_TYPE "tls"

◆ GRPC_TRANSPORT_SECURITY_LEVEL_PROPERTY_NAME

#define GRPC_TRANSPORT_SECURITY_LEVEL_PROPERTY_NAME "security_level"

◆ GRPC_TRANSPORT_SECURITY_TYPE_PROPERTY_NAME

#define GRPC_TRANSPORT_SECURITY_TYPE_PROPERTY_NAME "transport_security_type"

◆ GRPC_X509_CN_PROPERTY_NAME

#define GRPC_X509_CN_PROPERTY_NAME "x509_common_name"

◆ GRPC_X509_PEM_CERT_CHAIN_PROPERTY_NAME

#define GRPC_X509_PEM_CERT_CHAIN_PROPERTY_NAME "x509_pem_cert_chain"

◆ GRPC_X509_PEM_CERT_PROPERTY_NAME

#define GRPC_X509_PEM_CERT_PROPERTY_NAME "x509_pem_cert"

◆ GRPC_X509_SAN_PROPERTY_NAME

#define GRPC_X509_SAN_PROPERTY_NAME "x509_subject_alternative_name"

◆ GRPC_X509_SUBJECT_PROPERTY_NAME

#define GRPC_X509_SUBJECT_PROPERTY_NAME "x509_subject"

Enumeration Type Documentation

◆ grpc_local_connect_type

enum grpc_local_connect_type

Type of local connections for which local channel/server credentials will be applied.

It supports UDS and local TCP connections.

Enumerator
UDS
LOCAL_TCP

◆ grpc_security_level

enum grpc_security_level

Enumerator
GRPC_SECURITY_MIN
GRPC_SECURITY_NONE
GRPC_INTEGRITY_ONLY
GRPC_PRIVACY_AND_INTEGRITY
GRPC_SECURITY_MAX

◆ grpc_ssl_certificate_config_reload_status

enum grpc_ssl_certificate_config_reload_status

Callback results for dynamically loading a SSL certificate config.

Enumerator
GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_UNCHANGED
GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_NEW
GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_FAIL

◆ grpc_ssl_client_certificate_request_type

enum grpc_ssl_client_certificate_request_type

Enumerator
GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE	Server does not request client certificate. The certificate presented by the client is not checked by the server at all. (A client may present a self signed or signed certificate or not present a certificate at all and any of those option would be accepted)
GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY	Server requests client certificate but does not enforce that the client presents a certificate. If the client presents a certificate, the client authentication is left to the application (the necessary metadata will be available to the application via authentication context properties, see grpc_auth_context). The client's key certificate pair must be valid for the SSL connection to be established.
GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY	Server requests client certificate but does not enforce that the client presents a certificate. If the client presents a certificate, the client authentication is done by the gRPC framework. (For a successful connection the client needs to either present a certificate that can be verified against the root certificate configured by the server or not present a certificate at all) The client's key certificate pair must be valid for the SSL connection to be established.
GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY	Server requests client certificate and enforces that the client presents a certificate. If the client presents a certificate, the client authentication is left to the application (the necessary metadata will be available to the application via authentication context properties, see grpc_auth_context). The client's key certificate pair must be valid for the SSL connection to be established.
GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY	Server requests client certificate and enforces that the client presents a certificate. The certificate presented by the client is verified by the gRPC framework. (For a successful connection the client needs to present a certificate that can be verified against the root certificate configured by the server) The client's key certificate pair must be valid for the SSL connection to be established.

◆ grpc_ssl_roots_override_result

enum grpc_ssl_roots_override_result

Results for the SSL roots override callback.

Enumerator
GRPC_SSL_ROOTS_OVERRIDE_OK
GRPC_SSL_ROOTS_OVERRIDE_FAIL_PERMANENTLY
GRPC_SSL_ROOTS_OVERRIDE_FAIL	Do not try fallback options.

◆ grpc_tls_version

enum grpc_tls_version

The TLS versions that are supported by the SSL stack.

Enumerator
TLS1_2
TLS1_3

Macros

Enumerations