stream_op cleanup: security changes

1 files changed, 48 insertions, 61 deletions

diff --git a/src/core/security/client_auth_filter.c b/src/core/security/client_auth_filter.c
index 635982b252..c780b65873 100644
--- a/src/core/security/client_auth_filter.c
+++ b/src/core/security/client_auth_filter.c
@@ -59,8 +59,6 @@ typedef struct {
      progress */
   grpc_pollset *pollset;
   grpc_transport_stream_op op;
-  size_t op_md_idx;
-  int sent_initial_metadata;
   gpr_uint8 security_context_set;
   grpc_linked_mdelem md_links[MAX_CREDENTIALS_METADATA_COUNT];
   char *service_url;
@@ -108,9 +106,8 @@ static void on_credentials_metadata(grpc_exec_ctx *exec_ctx, void *user_data,
     return;
   }
   GPR_ASSERT(num_md <= MAX_CREDENTIALS_METADATA_COUNT);
-  GPR_ASSERT(op->send_ops && op->send_ops->nops > calld->op_md_idx &&
-             op->send_ops->ops[calld->op_md_idx].type == GRPC_OP_METADATA);
-  mdb = &op->send_ops->ops[calld->op_md_idx].data.metadata;
+  GPR_ASSERT(op->send_initial_metadata != NULL);
+  mdb = op->send_initial_metadata;
   for (i = 0; i < num_md; i++) {
     grpc_metadata_batch_add_tail(
         mdb, &calld->md_links[i],
@@ -209,7 +206,6 @@ static void auth_start_transport_op(grpc_exec_ctx *exec_ctx,
   call_data *calld = elem->call_data;
   channel_data *chand = elem->channel_data;
   grpc_linked_mdelem *l;
-  size_t i;
   grpc_client_security_context *sec_ctx = NULL;
 
   if (calld->security_context_set == 0 &&
@@ -228,53 +224,41 @@ static void auth_start_transport_op(grpc_exec_ctx *exec_ctx,
         chand->security_connector->base.auth_context, "client_auth_filter");
   }
 
-  if (op->bind_pollset != NULL) {
-    calld->pollset = op->bind_pollset;
-  }
-
-  if (op->send_ops != NULL && !calld->sent_initial_metadata) {
-    size_t nops = op->send_ops->nops;
-    grpc_stream_op *ops = op->send_ops->ops;
-    for (i = 0; i < nops; i++) {
-      grpc_stream_op *sop = &ops[i];
-      if (sop->type != GRPC_OP_METADATA) continue;
-      calld->op_md_idx = i;
-      calld->sent_initial_metadata = 1;
-      for (l = sop->data.metadata.list.head; l != NULL; l = l->next) {
-        grpc_mdelem *md = l->md;
-        /* Pointer comparison is OK for md_elems created from the same context.
-         */
-        if (md->key == chand->authority_string) {
-          if (calld->host != NULL) GRPC_MDSTR_UNREF(calld->host);
-          calld->host = GRPC_MDSTR_REF(md->value);
-        } else if (md->key == chand->path_string) {
-          if (calld->method != NULL) GRPC_MDSTR_UNREF(calld->method);
-          calld->method = GRPC_MDSTR_REF(md->value);
-        }
+  if (op->send_initial_metadata != NULL) {
+    for (l = op->send_initial_metadata->list.head; l != NULL; l = l->next) {
+      grpc_mdelem *md = l->md;
+      /* Pointer comparison is OK for md_elems created from the same context.
+       */
+      if (md->key == chand->authority_string) {
+        if (calld->host != NULL) GRPC_MDSTR_UNREF(calld->host);
+        calld->host = GRPC_MDSTR_REF(md->value);
+      } else if (md->key == chand->path_string) {
+        if (calld->method != NULL) GRPC_MDSTR_UNREF(calld->method);
+        calld->method = GRPC_MDSTR_REF(md->value);
       }
-      if (calld->host != NULL) {
-        grpc_security_status status;
-        const char *call_host = grpc_mdstr_as_c_string(calld->host);
-        calld->op = *op; /* Copy op (originates from the caller's stack). */
-        status = grpc_channel_security_connector_check_call_host(
-            exec_ctx, chand->security_connector, call_host, on_host_checked,
-            elem);
-        if (status != GRPC_SECURITY_OK) {
-          if (status == GRPC_SECURITY_ERROR) {
-            char *error_msg;
-            gpr_asprintf(&error_msg,
-                         "Invalid host %s set in :authority metadata.",
-                         call_host);
-            bubble_up_error(exec_ctx, elem, GRPC_STATUS_INVALID_ARGUMENT,
-                            error_msg);
-            gpr_free(error_msg);
-          }
-          return; /* early exit */
+    }
+    if (calld->host != NULL) {
+      grpc_security_status status;
+      const char *call_host = grpc_mdstr_as_c_string(calld->host);
+      calld->op = *op; /* Copy op (originates from the caller's stack). */
+      status = grpc_channel_security_connector_check_call_host(
+          exec_ctx, chand->security_connector, call_host, on_host_checked,
+          elem);
+      if (status != GRPC_SECURITY_OK) {
+        if (status == GRPC_SECURITY_ERROR) {
+          char *error_msg;
+          gpr_asprintf(&error_msg,
+                       "Invalid host %s set in :authority metadata.",
+                       call_host);
+          bubble_up_error(exec_ctx, elem, GRPC_STATUS_INVALID_ARGUMENT,
+                          error_msg);
+          gpr_free(error_msg);
         }
+        return; /* early exit */
       }
-      send_security_metadata(exec_ctx, elem, op);
-      return; /* early exit */
     }
+    send_security_metadata(exec_ctx, elem, op);
+    return; /* early exit */
   }
 
   /* pass control down the stack */
@@ -283,11 +267,15 @@ static void auth_start_transport_op(grpc_exec_ctx *exec_ctx,
 
 /* Constructor for call_data */
 static void init_call_elem(grpc_exec_ctx *exec_ctx, grpc_call_element *elem,
-                           const void *server_transport_data,
-                           grpc_transport_stream_op *initial_op) {
+                           grpc_call_element_args *args) {
   call_data *calld = elem->call_data;
   memset(calld, 0, sizeof(*calld));
-  GPR_ASSERT(!initial_op || !initial_op->send_ops);
+}
+
+static void set_pollset(grpc_exec_ctx *exec_ctx, grpc_call_element *elem,
+                        grpc_pollset *pollset) {
+  call_data *calld = elem->call_data;
+  calld->pollset = pollset;
 }
 
 /* Destructor for call_data */
@@ -306,18 +294,17 @@ static void destroy_call_elem(grpc_exec_ctx *exec_ctx,
 
 /* Constructor for channel_data */
 static void init_channel_elem(grpc_exec_ctx *exec_ctx,
-                              grpc_channel_element *elem, grpc_channel *master,
-                              const grpc_channel_args *args,
-                              grpc_mdctx *metadata_context, int is_first,
-                              int is_last) {
-  grpc_security_connector *sc = grpc_find_security_connector_in_args(args);
+                              grpc_channel_element *elem,
+                              grpc_channel_element_args *args) {
+  grpc_security_connector *sc =
+      grpc_find_security_connector_in_args(args->channel_args);
   /* grab pointers to our data from the channel element */
   channel_data *chand = elem->channel_data;
 
   /* The first and the last filters tend to be implemented differently to
      handle the case that there's no 'next' filter to call on the up or down
      path */
-  GPR_ASSERT(!is_last);
+  GPR_ASSERT(!args->is_last);
   GPR_ASSERT(sc != NULL);
 
   /* initialize members */
@@ -325,7 +312,7 @@ static void init_channel_elem(grpc_exec_ctx *exec_ctx,
   chand->security_connector =
       (grpc_channel_security_connector *)GRPC_SECURITY_CONNECTOR_REF(
           sc, "client_auth_filter");
-  chand->md_ctx = metadata_context;
+  chand->md_ctx = args->metadata_context;
   chand->authority_string = grpc_mdstr_from_string(chand->md_ctx, ":authority");
   chand->path_string = grpc_mdstr_from_string(chand->md_ctx, ":path");
   chand->error_msg_key = grpc_mdstr_from_string(chand->md_ctx, "grpc-message");
@@ -356,6 +343,6 @@ static void destroy_channel_elem(grpc_exec_ctx *exec_ctx,
 
 const grpc_channel_filter grpc_client_auth_filter = {
     auth_start_transport_op, grpc_channel_next_op, sizeof(call_data),
-    init_call_elem,          destroy_call_elem,    sizeof(channel_data),
-    init_channel_elem,       destroy_channel_elem, grpc_call_next_get_peer,
+    init_call_elem, set_pollset, destroy_call_elem, sizeof(channel_data),
+    init_channel_elem, destroy_channel_elem, grpc_call_next_get_peer,
     "client-auth"};