gate auth context under _secure

.github/workflows/ci.yml

@@ -124,6 +124,7 @@ jobs:
     - uses: actions/checkout@v2
     - run: choco install -y llvm
     - run: refreshenv
+      shell: cmd
     - run: go version ; cargo version ; cmake --version 
     - run: cargo xtask submodule
     - run: cargo build

Cargo.toml

@@ -55,4 +55,4 @@ no-omit-frame-pointer = ["grpcio-sys/no-omit-frame-pointer"]
 travis-ci = { repository = "tikv/grpc-rs" }
 
 [patch.crates-io]
-grpcio-compiler = { path = "compiler", version = "0.12.1", default-features = false }
+grpcio-compiler = { path = "compiler", version = "0.12.1" }

compiler/src/util.rs

@@ -34,7 +34,7 @@ impl<'a> Iterator for NameSpliter<'a> {
         let mut meet_lower = false;
         for i in self.pos..self.name.len() {
             let c = self.name[i];
-            if (b'A'..=b'Z').contains(&c) {
+            if c.is_ascii_uppercase() {
                 if meet_lower {
                     // So it should be AaA or aaA
                     pos = i;

src/call/server.rs

@@ -16,7 +16,6 @@ use futures_util::{Sink, Stream};
 use parking_lot::Mutex;
 
 use super::{RpcStatus, ShareCall, ShareCallHolder, WriteFlags};
-use crate::auth_context::AuthContext;
 use crate::buf::GrpcSlice;
 use crate::call::{
     BatchContext, Call, MessageReader, MethodType, RpcStatusCode, SinkBase, StreamingBase,
@@ -193,10 +192,11 @@ impl RequestContext {
     }
 
     /// If the server binds in non-secure mode, this will return None
-    fn auth_context(&self) -> Option<AuthContext> {
+    #[cfg(feature = "_secure")]
+    fn auth_context(&self) -> Option<crate::AuthContext> {
         unsafe {
             let call = grpc_sys::grpcwrap_request_call_context_get_call(self.ctx);
-            AuthContext::from_call_ptr(call)
+            crate::AuthContext::from_call_ptr(call)
         }
     }
 }
@@ -690,7 +690,8 @@ impl<'a> RpcContext<'a> {
     /// Wrapper around the gRPC Core AuthContext
     ///
     /// If the server binds in non-secure mode, this will return None
-    pub fn auth_context(&self) -> Option<AuthContext> {
+    #[cfg(feature = "_secure")]
+    pub fn auth_context(&self) -> Option<crate::AuthContext> {
         self.ctx.auth_context()
     }
 

src/lib.rs

@@ -29,7 +29,6 @@ use grpcio_sys as grpc_sys;
 #[macro_use]
 extern crate log;
 
-mod auth_context;
 mod buf;
 mod call;
 mod channel;
@@ -68,7 +67,6 @@ pub use crate::codec::pb_codec::{de as pb_de, ser as pb_ser};
 #[cfg(feature = "prost-codec")]
 pub use crate::codec::pr_codec::{de as pr_de, ser as pr_ser};
 
-pub use crate::auth_context::{AuthContext, AuthProperty, AuthPropertyIter};
 pub use crate::codec::{Marshaller, MAX_MESSAGE_SIZE};
 pub use crate::env::{EnvBuilder, Environment};
 pub use crate::error::{Error, Result};

src/metadata.rs

@@ -19,11 +19,11 @@ fn normalize_key(key: &str, binary: bool) -> Result<Cow<'_, str>> {
     let mut is_upper_case = false;
     for b in key.as_bytes() {
         let b = *b;
-        if (b'A'..=b'Z').contains(&b) {
+        if b.is_ascii_uppercase() {
             is_upper_case = true;
             continue;
-        } else if (b'a'..=b'z').contains(&b)
-            || (b'0'..=b'9').contains(&b)
+        } else if b.is_ascii_lowercase()
+            || b.is_ascii_digit()
             || b == b'_'
             || b == b'-'
             || b == b'.'

src/security/mod.rs

@@ -1,10 +1,14 @@
 // Copyright 2020 TiKV Project Authors. Licensed under Apache-2.0.
 
+#[cfg(feature = "_secure")]
+mod auth_context;
 #[cfg(feature = "_secure")]
 mod credentials;
 
 use grpcio_sys::{grpc_channel_credentials, grpc_server_credentials};
 
+#[cfg(feature = "_secure")]
+pub use self::auth_context::*;
 #[cfg(feature = "_secure")]
 pub use self::credentials::{
     CertificateRequestType, ChannelCredentialsBuilder, ServerCredentialsBuilder,
@@ -59,6 +63,7 @@ impl ServerCredentials {
             ServerCredentials::from_raw(creds)
         }
     }
+
     pub(crate) unsafe fn from_raw(creds: *mut grpc_server_credentials) -> ServerCredentials {
         ServerCredentials {
             creds,