diff -Nur c-spiffe_orign/cmake/cmake.sh c-spiffe/cmake/cmake.sh
--- c-spiffe_orign/cmake/cmake.sh 1970-01-01 08:00:00.000000000 +0800
+++ c-spiffe/cmake/cmake.sh 2022-08-29 21:33:28.000000000 +0800
@@ -0,0 +1,3 @@
+# cmake -DCMAKE_BUILD_TYPE=Debug -DCMAKE_PREFIX_PATH=$MY_INSTALL_DIR ..
+cmake -DCMAKE_BUILD_TYPE=Debug ..
+
diff -Nur c-spiffe_orign/cmake/config.h.in c-spiffe/cmake/config.h.in
--- c-spiffe_orign/cmake/config.h.in 2022-08-29 22:07:28.600000000 +0800
+++ c-spiffe/cmake/config.h.in 1970-01-01 08:00:00.000000000 +0800
@@ -1,24 +0,0 @@
-/*-*- mode:C; -*- */
-/* config.h. Generated from build/cmake/config.h.in by cmake configure */
-
-/*
- * Ensure we have C99-style int64_t, etc, all defined.
- */
-
-/* First, we need to know if the system has already defined them. */
-#cmakedefine HAVE_INTMAX_T
-#cmakedefine HAVE_UINTMAX_T
-
-/* Define to `int' if <sys/types.h> doesn't define. */
-#cmakedefine pid_t ${pid_t}
-
-/* Define intmax_t and uintmax_t if they are not already defined. */
-#if !defined(HAVE_INTMAX_T)
-typedef int64_t intmax_t;
-#define INTMAX_MIN INT64_MIN
-#define INTMAX_MAX INT64_MAX
-#endif
-
-#if !defined(HAVE_UINTMAX_T)
-typedef uint64_t uintmax_t;
-#endif
diff -Nur c-spiffe_orign/cmake/COPYING-CMAKE-SCRIPTS.txt c-spiffe/cmake/COPYING-CMAKE-SCRIPTS.txt
--- c-spiffe_orign/cmake/COPYING-CMAKE-SCRIPTS.txt 2022-08-29 22:07:28.600000000 +0800
+++ c-spiffe/cmake/COPYING-CMAKE-SCRIPTS.txt 1970-01-01 08:00:00.000000000 +0800
@@ -1,22 +0,0 @@
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-
-1. Redistributions of source code must retain the copyright
- notice, this list of conditions and the following disclaimer.
-2. Redistributions in binary form must reproduce the copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-3. The name of the author may not be used to endorse or promote products
- derived from this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
-IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
-OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
-INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
-THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff -Nur c-spiffe_orign/cmake/FindCheck.cmake c-spiffe/cmake/FindCheck.cmake
--- c-spiffe_orign/cmake/FindCheck.cmake 2022-08-29 22:07:28.600000000 +0800
+++ c-spiffe/cmake/FindCheck.cmake 1970-01-01 08:00:00.000000000 +0800
@@ -1,57 +0,0 @@
-# - Try to find the CHECK libraries
-# Once done this will define
-#
-# CHECK_FOUND - system has check
-# CHECK_INCLUDE_DIR - the check include directory
-# CHECK_LIBRARIES - check library
-#
-# This configuration file for finding libcheck is originally from
-# the opensync project. The originally was downloaded from here:
-# opensync.org/browser/branches/3rd-party-cmake-modules/modules/FindCheck.cmake
-#
-# Copyright (c) 2007 Daniel Gollub <dgollub@suse.de>
-# Copyright (c) 2007 Bjoern Ricks <b.ricks@fh-osnabrueck.de>
-#
-# Redistribution and use is allowed according to the terms of the New
-# BSD license.
-# For details see the accompanying COPYING-CMAKE-SCRIPTS file.
-
-
-INCLUDE( FindPkgConfig )
-
-# Take care about check.pc settings
-PKG_SEARCH_MODULE( CHECK Check )
-
-# Look for CHECK include dir and libraries
-IF( NOT CHECK_FOUND )
- IF ( CHECK_INSTALL_DIR )
- MESSAGE ( STATUS "Using override CHECK_INSTALL_DIR to find Check" )
- SET ( CHECK_INCLUDE_DIR "${CHECK_INSTALL_DIR}/include" )
- SET ( CHECK_INCLUDE_DIRS "${CHECK_INCLUDE_DIR}" )
- FIND_LIBRARY( CHECK_LIBRARY NAMES check PATHS "${CHECK_INSTALL_DIR}/lib" )
- FIND_LIBRARY( COMPAT_LIBRARY NAMES compat PATHS "${CHECK_INSTALL_DIR}/lib" )
- SET ( CHECK_LIBRARIES "${CHECK_LIBRARY}" "${COMPAT_LIBRARY}" )
- ELSE ( CHECK_INSTALL_DIR )
- FIND_PATH( CHECK_INCLUDE_DIR check.h )
- FIND_LIBRARY( CHECK_LIBRARIES NAMES check )
- ENDIF ( CHECK_INSTALL_DIR )
-
- IF ( CHECK_INCLUDE_DIR AND CHECK_LIBRARIES )
- SET( CHECK_FOUND 1 )
- IF ( NOT Check_FIND_QUIETLY )
- MESSAGE ( STATUS "Found CHECK: ${CHECK_LIBRARIES}" )
- ENDIF ( NOT Check_FIND_QUIETLY )
- ELSE ( CHECK_INCLUDE_DIR AND CHECK_LIBRARIES )
- IF ( Check_FIND_REQUIRED )
- MESSAGE( FATAL_ERROR "Could NOT find CHECK" )
- ELSE ( Check_FIND_REQUIRED )
- IF ( NOT Check_FIND_QUIETLY )
- MESSAGE( STATUS "Could NOT find CHECK" )
- ENDIF ( NOT Check_FIND_QUIETLY )
- ENDIF ( Check_FIND_REQUIRED )
- ENDIF ( CHECK_INCLUDE_DIR AND CHECK_LIBRARIES )
-ENDIF( NOT CHECK_FOUND )
-
-# Hide advanced variables from CMake GUIs
-MARK_AS_ADVANCED( CHECK_INCLUDE_DIR CHECK_LIBRARIES )
-
diff -Nur c-spiffe_orign/CMakeLists.txt c-spiffe/CMakeLists.txt
--- c-spiffe_orign/CMakeLists.txt 2022-08-29 22:07:28.596000000 +0800
+++ c-spiffe/CMakeLists.txt 2022-08-29 21:33:28.000000000 +0800
@@ -28,33 +28,10 @@
set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake")
set(CMAKE_CXX_STANDARD 14)
-set(protobuf_MODULE_COMPATIBLE TRUE)
-find_package(Protobuf 3.13.0 REQUIRED)
-find_package(gRPC 1.34.0 REQUIRED)
-message(STATUS "Using protobuf ${Protobuf_VERSION}")
+include(common.cmake)
-set(_PROTOBUF_LIBPROTOBUF protobuf::libprotobuf)
-set(_REFLECTION gRPC::grpc++_reflection)
-
-if(CMAKE_CROSSCOMPILING)
- find_program(_PROTOBUF_PROTOC protoc)
-else()
- set(_PROTOBUF_PROTOC $<TARGET_FILE:protobuf::protoc>)
-endif()
-
-# Find gRPC installation
-# Looks for gRPCConfig.cmake file installed by gRPC's cmake installation.
-find_package(gRPC CONFIG REQUIRED)
-message(STATUS "Using gRPC ${gRPC_VERSION}")
-
-set(_GRPC_GRPCPP gRPC::grpc++)
-if(CMAKE_CROSSCOMPILING)
- find_program(_GRPC_CPP_PLUGIN_EXECUTABLE grpc_cpp_plugin)
-else()
- set(_GRPC_CPP_PLUGIN_EXECUTABLE $<TARGET_FILE:gRPC::grpc_cpp_plugin>)
-endif()
# Enable Coverage Tests
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fprofile-arcs -ftest-coverage -g -O0")
diff -Nur c-spiffe_orign/common.cmake c-spiffe/common.cmake
--- c-spiffe_orign/common.cmake 1970-01-01 08:00:00.000000000 +0800
+++ c-spiffe/common.cmake 2022-08-29 21:33:28.000000000 +0800
@@ -0,0 +1,129 @@
+# Copyright 2018 gRPC authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# cmake build file for C++ route_guide example.
+# Assumes protobuf and gRPC have been installed using cmake.
+# See cmake_externalproject/CMakeLists.txt for all-in-one cmake build
+# that automatically builds all the dependencies before building route_guide.
+
+cmake_minimum_required(VERSION 3.5.1)
+
+# set (CMAKE_CXX_STANDARD 11)
+set (CMAKE_CXX_STANDARD 14)
+
+set (GRPC_FETCHCONTENT 1)
+
+
+if(MSVC)
+ add_definitions(-D_WIN32_WINNT=0x600)
+endif()
+
+find_package(Threads REQUIRED)
+
+if(GRPC_AS_SUBMODULE)
+ # One way to build a projects that uses gRPC is to just include the
+ # entire gRPC project tree via "add_subdirectory".
+ # This approach is very simple to use, but the are some potential
+ # disadvantages:
+ # * it includes gRPC's CMakeLists.txt directly into your build script
+ # without and that can make gRPC's internal setting interfere with your
+ # own build.
+ # * depending on what's installed on your system, the contents of submodules
+ # in gRPC's third_party/* might need to be available (and there might be
+ # additional prerequisites required to build them). Consider using
+ # the gRPC_*_PROVIDER options to fine-tune the expected behavior.
+ #
+ # A more robust approach to add dependency on gRPC is using
+ # cmake's ExternalProject_Add (see cmake_externalproject/CMakeLists.txt).
+
+ # Include the gRPC's cmake build (normally grpc source code would live
+ # in a git submodule called "third_party/grpc", but this example lives in
+ # the same repository as gRPC sources, so we just look a few directories up)
+ add_subdirectory(../../.. ${CMAKE_CURRENT_BINARY_DIR}/grpc EXCLUDE_FROM_ALL)
+ message(STATUS "Using gRPC via add_subdirectory.")
+
+ # After using add_subdirectory, we can now use the grpc targets directly from
+ # this build.
+ set(_PROTOBUF_LIBPROTOBUF libprotobuf)
+ set(_REFLECTION grpc++_reflection)
+ if(CMAKE_CROSSCOMPILING)
+ find_program(_PROTOBUF_PROTOC protoc)
+ else()
+ set(_PROTOBUF_PROTOC $<TARGET_FILE:protobuf::protoc>)
+ endif()
+ set(_GRPC_GRPCPP grpc++)
+ if(CMAKE_CROSSCOMPILING)
+ find_program(_GRPC_CPP_PLUGIN_EXECUTABLE grpc_cpp_plugin)
+ else()
+ set(_GRPC_CPP_PLUGIN_EXECUTABLE $<TARGET_FILE:grpc_cpp_plugin>)
+ endif()
+elseif(GRPC_FETCHCONTENT)
+ # Another way is to use CMake's FetchContent module to clone gRPC at
+ # configure time. This makes gRPC's source code available to your project,
+ # similar to a git submodule.
+ message(STATUS "Using gRPC via add_subdirectory (FetchContent).")
+ include(FetchContent)
+ FetchContent_Declare(
+ grpc
+ GIT_REPOSITORY https://github.com/grpc/grpc.git
+ # when using gRPC, you will actually set this to an existing tag, such as
+ # v1.25.0, v1.26.0 etc..
+ # For the purpose of testing, we override the tag used to the commit
+ # that's currently under test.
+ # GIT_TAG vGRPC_TAG_VERSION_OF_YOUR_CHOICE)
+ GIT_TAG v1.48.0
+ )
+ FetchContent_MakeAvailable(grpc)
+
+ # Since FetchContent uses add_subdirectory under the hood, we can use
+ # the grpc targets directly from this build.
+ set(_PROTOBUF_LIBPROTOBUF libprotobuf)
+ set(_REFLECTION grpc++_reflection)
+ set(_PROTOBUF_PROTOC $<TARGET_FILE:protoc>)
+ set(_GRPC_GRPCPP grpc++)
+ if(CMAKE_CROSSCOMPILING)
+ find_program(_GRPC_CPP_PLUGIN_EXECUTABLE grpc_cpp_plugin)
+ else()
+ set(_GRPC_CPP_PLUGIN_EXECUTABLE $<TARGET_FILE:grpc_cpp_plugin>)
+ endif()
+else()
+ # This branch assumes that gRPC and all its dependencies are already installed
+ # on this system, so they can be located by find_package().
+
+ # Find Protobuf installation
+ # Looks for protobuf-config.cmake file installed by Protobuf's cmake installation.
+ set(protobuf_MODULE_COMPATIBLE TRUE)
+ find_package(Protobuf CONFIG REQUIRED)
+ message(STATUS "Using protobuf ${Protobuf_VERSION}")
+
+ set(_PROTOBUF_LIBPROTOBUF protobuf::libprotobuf)
+ set(_REFLECTION gRPC::grpc++_reflection)
+ if(CMAKE_CROSSCOMPILING)
+ find_program(_PROTOBUF_PROTOC protoc)
+ else()
+ set(_PROTOBUF_PROTOC $<TARGET_FILE:protobuf::protoc>)
+ endif()
+
+ # Find gRPC installation
+ # Looks for gRPCConfig.cmake file installed by gRPC's cmake installation.
+ find_package(gRPC CONFIG REQUIRED)
+ message(STATUS "Using gRPC ${gRPC_VERSION}")
+
+ set(_GRPC_GRPCPP gRPC::grpc++)
+ if(CMAKE_CROSSCOMPILING)
+ find_program(_GRPC_CPP_PLUGIN_EXECUTABLE grpc_cpp_plugin)
+ else()
+ set(_GRPC_CPP_PLUGIN_EXECUTABLE $<TARGET_FILE:gRPC::grpc_cpp_plugin>)
+ endif()
+endif()
diff -Nur c-spiffe_orign/protos/google/protobuf/struct.proto c-spiffe/protos/google/protobuf/struct.proto
--- c-spiffe_orign/protos/google/protobuf/struct.proto 1970-01-01 08:00:00.000000000 +0800
+++ c-spiffe/protos/google/protobuf/struct.proto 2022-08-29 21:33:28.000000000 +0800
@@ -0,0 +1,95 @@
+// Protocol Buffers - Google's data interchange format
+// Copyright 2008 Google Inc. All rights reserved.
+// https://developers.google.com/protocol-buffers/
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+syntax = "proto3";
+
+package google.protobuf;
+
+option csharp_namespace = "Google.Protobuf.WellKnownTypes";
+option cc_enable_arenas = true;
+option go_package = "google.golang.org/protobuf/types/known/structpb";
+option java_package = "com.google.protobuf";
+option java_outer_classname = "StructProto";
+option java_multiple_files = true;
+option objc_class_prefix = "GPB";
+
+// `Struct` represents a structured data value, consisting of fields
+// which map to dynamically typed values. In some languages, `Struct`
+// might be supported by a native representation. For example, in
+// scripting languages like JS a struct is represented as an
+// object. The details of that representation are described together
+// with the proto support for the language.
+//
+// The JSON representation for `Struct` is JSON object.
+message Struct {
+ // Unordered map of dynamically typed values.
+ map<string, Value> fields = 1;
+}
+
+// `Value` represents a dynamically typed value which can be either
+// null, a number, a string, a boolean, a recursive struct value, or a
+// list of values. A producer of value is expected to set one of these
+// variants. Absence of any variant indicates an error.
+//
+// The JSON representation for `Value` is JSON value.
+message Value {
+ // The kind of value.
+ oneof kind {
+ // Represents a null value.
+ NullValue null_value = 1;
+ // Represents a double value.
+ double number_value = 2;
+ // Represents a string value.
+ string string_value = 3;
+ // Represents a boolean value.
+ bool bool_value = 4;
+ // Represents a structured value.
+ Struct struct_value = 5;
+ // Represents a repeated `Value`.
+ ListValue list_value = 6;
+ }
+}
+
+// `NullValue` is a singleton enumeration to represent the null value for the
+// `Value` type union.
+//
+// The JSON representation for `NullValue` is JSON `null`.
+enum NullValue {
+ // Null value.
+ NULL_VALUE = 0;
+}
+
+// `ListValue` is a wrapper around a repeated field of values.
+//
+// The JSON representation for `ListValue` is JSON array.
+message ListValue {
+ // Repeated field of dynamically typed values.
+ repeated Value values = 1;
+}
diff -Nur c-spiffe_orign/spiffetls/CMakeLists.txt c-spiffe/spiffetls/CMakeLists.txt
--- c-spiffe_orign/spiffetls/CMakeLists.txt 2022-08-29 22:07:28.628000000 +0800
+++ c-spiffe/spiffetls/CMakeLists.txt 2022-08-29 21:33:28.000000000 +0800
@@ -49,7 +49,7 @@
target_link_libraries(${TARGET_NAME}
svid
- ssl
+ # ssl
spiffeid
internal
bundle
@@ -61,7 +61,10 @@
rt
m
pthread
- crypto)
+ # crypto
+ libcrypto.so
+ libssl.so
+ )
# Install Headers:
set(HEADERS_SPIFFETLS
diff -Nur c-spiffe_orign/svid/jwtsvid/parse.c c-spiffe/svid/jwtsvid/parse.c
--- c-spiffe_orign/svid/jwtsvid/parse.c 2022-08-29 22:07:28.632000000 +0800
+++ c-spiffe/svid/jwtsvid/parse.c 2022-08-29 21:33:28.000000000 +0800
@@ -85,6 +85,17 @@
payload_str_len, 0, NULL);
char *signature = strtok(NULL, dot);
+ //////////////////////////////////////////////////////////////////////
+ // fjyu@whu.edu.cn debug 2022.07.08
+ if (signature == NULL) {
+ printf("%s %d: parsed signature is null \n", __FILE__, __LINE__);
+ jwtsvid_JWT_Free(jwt);
+ *err = ERR_PARSING;
+ return NULL;
+ } else {
+ // printf("%s %d: parsed signature is %s \n", __FILE__, __LINE__, signature);
+ }
+ //////////////////////////////////////////////////////////////////////
signature[-1] = '.';
jwt->signature = string_new(signature);
free(header_str);
diff -Nur c-spiffe_orign/workload/client.cc c-spiffe/workload/client.cc
--- c-spiffe_orign/workload/client.cc 2022-08-29 22:07:28.636000000 +0800
+++ c-spiffe/workload/client.cc 2022-08-29 21:33:28.000000000 +0800
@@ -244,6 +244,7 @@
return NO_ERROR;
}
+
err_t workloadapi_Client_Connect(workloadapi_Client *client)
{
if(!client) {
@@ -252,7 +253,7 @@
// if client already has a stub, we don't create a new one.
if(!client->stub) {
std::shared_ptr<grpc::ChannelInterface> chan = grpc::CreateChannel(
- client->address, grpc::InsecureChannelCredentials());
+ client->address, grpc::InsecureChannelCredentials());
if(!chan) {
return ERR_NULL;
}
@@ -737,7 +738,13 @@
char *token, char *audience,
err_t *err)
{
- grpc::ClientContext ctx;
+ // grpc::ClientContext ctx;
+ grpc::ClientContext *ctx = new grpc::ClientContext();
+
+ if(client->headers) {
+ for(int i = 0; i < arrlen(client->headers); i += 2)
+ ctx->AddMetadata(client->headers[i], client->headers[i + 1]);
+ }
ValidateJWTSVIDRequest req;
req.set_svid(token);
@@ -745,9 +752,10 @@
ValidateJWTSVIDResponse resp;
grpc::Status status = ((SpiffeWorkloadAPI::StubInterface *) client->stub)
- ->ValidateJWTSVID(&ctx, req, &resp);
-
+ ->ValidateJWTSVID(ctx, req, &resp);
+ // ->ValidateJWTSVID(&ctx, req, &resp);
if(status.ok()) {
+ // printf("%s %d: workloadapi_Client_ValidateJWTSVID, status ok \n", __FILE__, __LINE__);
// parse response
string_arr_t audiences_array = NULL;
arrput(audiences_array, audience);
@@ -757,6 +765,7 @@
return svid;
} else {
+ // printf("%s %d: workloadapi_Client_ValidateJWTSVID, err = %d \n", __FILE__, __LINE__, (int)ERR_BAD_REQUEST);
// could not validate jwt svid
*err = ERR_BAD_REQUEST;
return NULL;
diff -Nur c-spiffe_orign/workload/CMakeLists.txt c-spiffe/workload/CMakeLists.txt
--- c-spiffe_orign/workload/CMakeLists.txt 2022-08-29 22:07:28.636000000 +0800
+++ c-spiffe/workload/CMakeLists.txt 2022-08-29 21:33:28.000000000 +0800
@@ -70,7 +70,9 @@
rt
m
pthread
-crypto)
+# crypto
+libcrypto.so
+)
# Install Headers: