diff options
author | Craig Tiller <ctiller@google.com> | 2015-09-22 12:33:20 -0700 |
---|---|---|
committer | Craig Tiller <ctiller@google.com> | 2015-09-22 12:33:20 -0700 |
commit | a82950e68318a6aab6fe894fa39f7fa616c4647b (patch) | |
tree | 7d02bd1e9e1cbae1f14ad4ad1e06d3ae81a96dfe /src/core/security/server_auth_filter.c | |
parent | 8af4c337181322cc4fb396199c90f574cfb4163f (diff) |
clang-format all core files
Diffstat (limited to 'src/core/security/server_auth_filter.c')
-rw-r--r-- | src/core/security/server_auth_filter.c | 281 |
1 files changed, 138 insertions, 143 deletions
diff --git a/src/core/security/server_auth_filter.c b/src/core/security/server_auth_filter.c index 68f64c4d7e..9638b18e88 100644 --- a/src/core/security/server_auth_filter.c +++ b/src/core/security/server_auth_filter.c @@ -40,8 +40,7 @@ #include <grpc/support/alloc.h> #include <grpc/support/log.h> -typedef struct call_data -{ +typedef struct call_data { gpr_uint8 got_client_metadata; grpc_stream_op_buffer *recv_ops; /* Closure to call when finished with the auth_on_recv hook. */ @@ -58,139 +57,132 @@ typedef struct call_data grpc_auth_context *auth_context; } call_data; -typedef struct channel_data -{ +typedef struct channel_data { grpc_security_connector *security_connector; grpc_auth_metadata_processor processor; grpc_mdctx *mdctx; } channel_data; -static grpc_metadata_array -metadata_batch_to_md_array (const grpc_metadata_batch * batch) -{ +static grpc_metadata_array metadata_batch_to_md_array( + const grpc_metadata_batch *batch) { grpc_linked_mdelem *l; grpc_metadata_array result; - grpc_metadata_array_init (&result); - for (l = batch->list.head; l != NULL; l = l->next) - { - grpc_metadata *usr_md = NULL; - grpc_mdelem *md = l->md; - grpc_mdstr *key = md->key; - grpc_mdstr *value = md->value; - if (result.count == result.capacity) - { - result.capacity = GPR_MAX (result.capacity + 8, result.capacity * 2); - result.metadata = gpr_realloc (result.metadata, result.capacity * sizeof (grpc_metadata)); - } - usr_md = &result.metadata[result.count++]; - usr_md->key = grpc_mdstr_as_c_string (key); - usr_md->value = grpc_mdstr_as_c_string (value); - usr_md->value_length = GPR_SLICE_LENGTH (value->slice); + grpc_metadata_array_init(&result); + for (l = batch->list.head; l != NULL; l = l->next) { + grpc_metadata *usr_md = NULL; + grpc_mdelem *md = l->md; + grpc_mdstr *key = md->key; + grpc_mdstr *value = md->value; + if (result.count == result.capacity) { + result.capacity = GPR_MAX(result.capacity + 8, result.capacity * 2); + result.metadata = + gpr_realloc(result.metadata, result.capacity * sizeof(grpc_metadata)); } + usr_md = &result.metadata[result.count++]; + usr_md->key = grpc_mdstr_as_c_string(key); + usr_md->value = grpc_mdstr_as_c_string(value); + usr_md->value_length = GPR_SLICE_LENGTH(value->slice); + } return result; } -static grpc_mdelem * -remove_consumed_md (void *user_data, grpc_mdelem * md) -{ +static grpc_mdelem *remove_consumed_md(void *user_data, grpc_mdelem *md) { grpc_call_element *elem = user_data; call_data *calld = elem->call_data; size_t i; - for (i = 0; i < calld->num_consumed_md; i++) - { - const grpc_metadata *consumed_md = &calld->consumed_md[i]; - /* Maybe we could do a pointer comparison but we do not have any guarantee - that the metadata processor used the same pointers for consumed_md in the - callback. */ - if (GPR_SLICE_LENGTH (md->key->slice) != strlen (consumed_md->key) || GPR_SLICE_LENGTH (md->value->slice) != consumed_md->value_length) - { - continue; - } - if (memcmp (GPR_SLICE_START_PTR (md->key->slice), consumed_md->key, GPR_SLICE_LENGTH (md->key->slice)) == 0 && memcmp (GPR_SLICE_START_PTR (md->value->slice), consumed_md->value, GPR_SLICE_LENGTH (md->value->slice)) == 0) - { - return NULL; /* Delete. */ - } + for (i = 0; i < calld->num_consumed_md; i++) { + const grpc_metadata *consumed_md = &calld->consumed_md[i]; + /* Maybe we could do a pointer comparison but we do not have any guarantee + that the metadata processor used the same pointers for consumed_md in the + callback. */ + if (GPR_SLICE_LENGTH(md->key->slice) != strlen(consumed_md->key) || + GPR_SLICE_LENGTH(md->value->slice) != consumed_md->value_length) { + continue; } + if (memcmp(GPR_SLICE_START_PTR(md->key->slice), consumed_md->key, + GPR_SLICE_LENGTH(md->key->slice)) == 0 && + memcmp(GPR_SLICE_START_PTR(md->value->slice), consumed_md->value, + GPR_SLICE_LENGTH(md->value->slice)) == 0) { + return NULL; /* Delete. */ + } + } return md; } /* called from application code */ -static void -on_md_processing_done (void *user_data, const grpc_metadata * consumed_md, size_t num_consumed_md, const grpc_metadata * response_md, size_t num_response_md, grpc_status_code status, const char *error_details) -{ +static void on_md_processing_done( + void *user_data, const grpc_metadata *consumed_md, size_t num_consumed_md, + const grpc_metadata *response_md, size_t num_response_md, + grpc_status_code status, const char *error_details) { grpc_call_element *elem = user_data; call_data *calld = elem->call_data; grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT; /* TODO(jboeuf): Implement support for response_md. */ - if (response_md != NULL && num_response_md > 0) - { - gpr_log (GPR_INFO, "response_md in auth metadata processing not supported for now. " "Ignoring..."); - } + if (response_md != NULL && num_response_md > 0) { + gpr_log(GPR_INFO, + "response_md in auth metadata processing not supported for now. " + "Ignoring..."); + } - if (status == GRPC_STATUS_OK) - { - calld->consumed_md = consumed_md; - calld->num_consumed_md = num_consumed_md; - grpc_metadata_batch_filter (&calld->md_op->data.metadata, remove_consumed_md, elem); - grpc_metadata_array_destroy (&calld->md); - calld->on_done_recv->cb (&exec_ctx, calld->on_done_recv->cb_arg, 1); - } - else - { - gpr_slice message; - grpc_metadata_array_destroy (&calld->md); - error_details = error_details != NULL ? error_details : "Authentication metadata processing failed."; - message = gpr_slice_from_copied_string (error_details); - grpc_sopb_reset (calld->recv_ops); - grpc_transport_stream_op_add_close (&calld->transport_op, status, &message); - grpc_call_next_op (&exec_ctx, elem, &calld->transport_op); - } + if (status == GRPC_STATUS_OK) { + calld->consumed_md = consumed_md; + calld->num_consumed_md = num_consumed_md; + grpc_metadata_batch_filter(&calld->md_op->data.metadata, remove_consumed_md, + elem); + grpc_metadata_array_destroy(&calld->md); + calld->on_done_recv->cb(&exec_ctx, calld->on_done_recv->cb_arg, 1); + } else { + gpr_slice message; + grpc_metadata_array_destroy(&calld->md); + error_details = error_details != NULL + ? error_details + : "Authentication metadata processing failed."; + message = gpr_slice_from_copied_string(error_details); + grpc_sopb_reset(calld->recv_ops); + grpc_transport_stream_op_add_close(&calld->transport_op, status, &message); + grpc_call_next_op(&exec_ctx, elem, &calld->transport_op); + } - grpc_exec_ctx_finish (&exec_ctx); + grpc_exec_ctx_finish(&exec_ctx); } -static void -auth_on_recv (grpc_exec_ctx * exec_ctx, void *user_data, int success) -{ +static void auth_on_recv(grpc_exec_ctx *exec_ctx, void *user_data, + int success) { grpc_call_element *elem = user_data; call_data *calld = elem->call_data; channel_data *chand = elem->channel_data; - if (success) - { - size_t i; - size_t nops = calld->recv_ops->nops; - grpc_stream_op *ops = calld->recv_ops->ops; - for (i = 0; i < nops; i++) - { - grpc_stream_op *op = &ops[i]; - if (op->type != GRPC_OP_METADATA || calld->got_client_metadata) - continue; - calld->got_client_metadata = 1; - if (chand->processor.process == NULL) - continue; - calld->md_op = op; - calld->md = metadata_batch_to_md_array (&op->data.metadata); - chand->processor.process (chand->processor.state, calld->auth_context, calld->md.metadata, calld->md.count, on_md_processing_done, elem); - return; - } + if (success) { + size_t i; + size_t nops = calld->recv_ops->nops; + grpc_stream_op *ops = calld->recv_ops->ops; + for (i = 0; i < nops; i++) { + grpc_stream_op *op = &ops[i]; + if (op->type != GRPC_OP_METADATA || calld->got_client_metadata) continue; + calld->got_client_metadata = 1; + if (chand->processor.process == NULL) continue; + calld->md_op = op; + calld->md = metadata_batch_to_md_array(&op->data.metadata); + chand->processor.process(chand->processor.state, calld->auth_context, + calld->md.metadata, calld->md.count, + on_md_processing_done, elem); + return; } - calld->on_done_recv->cb (exec_ctx, calld->on_done_recv->cb_arg, success); + } + calld->on_done_recv->cb(exec_ctx, calld->on_done_recv->cb_arg, success); } -static void -set_recv_ops_md_callbacks (grpc_call_element * elem, grpc_transport_stream_op * op) -{ +static void set_recv_ops_md_callbacks(grpc_call_element *elem, + grpc_transport_stream_op *op) { call_data *calld = elem->call_data; - if (op->recv_ops && !calld->got_client_metadata) - { - /* substitute our callback for the higher callback */ - calld->recv_ops = op->recv_ops; - calld->on_done_recv = op->on_done_recv; - op->on_done_recv = &calld->auth_on_recv; - calld->transport_op = *op; - } + if (op->recv_ops && !calld->got_client_metadata) { + /* substitute our callback for the higher callback */ + calld->recv_ops = op->recv_ops; + calld->on_done_recv = op->on_done_recv; + op->on_done_recv = &calld->auth_on_recv; + calld->transport_op = *op; + } } /* Called either: @@ -198,88 +190,91 @@ set_recv_ops_md_callbacks (grpc_call_element * elem, grpc_transport_stream_op * - a network event (or similar) from below, to receive something op contains type and call direction information, in addition to the data that is being sent or received. */ -static void -auth_start_transport_op (grpc_exec_ctx * exec_ctx, grpc_call_element * elem, grpc_transport_stream_op * op) -{ - set_recv_ops_md_callbacks (elem, op); - grpc_call_next_op (exec_ctx, elem, op); +static void auth_start_transport_op(grpc_exec_ctx *exec_ctx, + grpc_call_element *elem, + grpc_transport_stream_op *op) { + set_recv_ops_md_callbacks(elem, op); + grpc_call_next_op(exec_ctx, elem, op); } /* Constructor for call_data */ -static void -init_call_elem (grpc_exec_ctx * exec_ctx, grpc_call_element * elem, const void *server_transport_data, grpc_transport_stream_op * initial_op) -{ +static void init_call_elem(grpc_exec_ctx *exec_ctx, grpc_call_element *elem, + const void *server_transport_data, + grpc_transport_stream_op *initial_op) { /* grab pointers to our data from the call element */ call_data *calld = elem->call_data; channel_data *chand = elem->channel_data; grpc_server_security_context *server_ctx = NULL; /* initialize members */ - memset (calld, 0, sizeof (*calld)); - grpc_closure_init (&calld->auth_on_recv, auth_on_recv, elem); + memset(calld, 0, sizeof(*calld)); + grpc_closure_init(&calld->auth_on_recv, auth_on_recv, elem); - GPR_ASSERT (initial_op && initial_op->context != NULL && initial_op->context[GRPC_CONTEXT_SECURITY].value == NULL); + GPR_ASSERT(initial_op && initial_op->context != NULL && + initial_op->context[GRPC_CONTEXT_SECURITY].value == NULL); /* Create a security context for the call and reference the auth context from the channel. */ - if (initial_op->context[GRPC_CONTEXT_SECURITY].value != NULL) - { - initial_op->context[GRPC_CONTEXT_SECURITY].destroy (initial_op->context[GRPC_CONTEXT_SECURITY].value); - } - server_ctx = grpc_server_security_context_create (); - server_ctx->auth_context = grpc_auth_context_create (chand->security_connector->auth_context); + if (initial_op->context[GRPC_CONTEXT_SECURITY].value != NULL) { + initial_op->context[GRPC_CONTEXT_SECURITY].destroy( + initial_op->context[GRPC_CONTEXT_SECURITY].value); + } + server_ctx = grpc_server_security_context_create(); + server_ctx->auth_context = + grpc_auth_context_create(chand->security_connector->auth_context); server_ctx->auth_context->pollset = initial_op->bind_pollset; initial_op->context[GRPC_CONTEXT_SECURITY].value = server_ctx; - initial_op->context[GRPC_CONTEXT_SECURITY].destroy = grpc_server_security_context_destroy; + initial_op->context[GRPC_CONTEXT_SECURITY].destroy = + grpc_server_security_context_destroy; calld->auth_context = server_ctx->auth_context; /* Set the metadata callbacks. */ - set_recv_ops_md_callbacks (elem, initial_op); + set_recv_ops_md_callbacks(elem, initial_op); } /* Destructor for call_data */ -static void -destroy_call_elem (grpc_exec_ctx * exec_ctx, grpc_call_element * elem) -{ -} +static void destroy_call_elem(grpc_exec_ctx *exec_ctx, + grpc_call_element *elem) {} /* Constructor for channel_data */ -static void -init_channel_elem (grpc_exec_ctx * exec_ctx, grpc_channel_element * elem, grpc_channel * master, const grpc_channel_args * args, grpc_mdctx * mdctx, int is_first, int is_last) -{ - grpc_security_connector *sc = grpc_find_security_connector_in_args (args); - grpc_auth_metadata_processor *processor = grpc_find_auth_metadata_processor_in_args (args); +static void init_channel_elem(grpc_exec_ctx *exec_ctx, + grpc_channel_element *elem, grpc_channel *master, + const grpc_channel_args *args, grpc_mdctx *mdctx, + int is_first, int is_last) { + grpc_security_connector *sc = grpc_find_security_connector_in_args(args); + grpc_auth_metadata_processor *processor = + grpc_find_auth_metadata_processor_in_args(args); /* grab pointers to our data from the channel element */ channel_data *chand = elem->channel_data; /* The first and the last filters tend to be implemented differently to handle the case that there's no 'next' filter to call on the up or down path */ - GPR_ASSERT (!is_first); - GPR_ASSERT (!is_last); - GPR_ASSERT (sc != NULL); - GPR_ASSERT (processor != NULL); + GPR_ASSERT(!is_first); + GPR_ASSERT(!is_last); + GPR_ASSERT(sc != NULL); + GPR_ASSERT(processor != NULL); /* initialize members */ - GPR_ASSERT (!sc->is_client_side); - chand->security_connector = GRPC_SECURITY_CONNECTOR_REF (sc, "server_auth_filter"); + GPR_ASSERT(!sc->is_client_side); + chand->security_connector = + GRPC_SECURITY_CONNECTOR_REF(sc, "server_auth_filter"); chand->mdctx = mdctx; chand->processor = *processor; } /* Destructor for channel data */ -static void -destroy_channel_elem (grpc_exec_ctx * exec_ctx, grpc_channel_element * elem) -{ +static void destroy_channel_elem(grpc_exec_ctx *exec_ctx, + grpc_channel_element *elem) { /* grab pointers to our data from the channel element */ channel_data *chand = elem->channel_data; - GRPC_SECURITY_CONNECTOR_UNREF (chand->security_connector, "server_auth_filter"); + GRPC_SECURITY_CONNECTOR_UNREF(chand->security_connector, + "server_auth_filter"); } const grpc_channel_filter grpc_server_auth_filter = { - auth_start_transport_op, grpc_channel_next_op, - sizeof (call_data), init_call_elem, - destroy_call_elem, sizeof (channel_data), - init_channel_elem, destroy_channel_elem, - grpc_call_next_get_peer, "server-auth" -}; + auth_start_transport_op, grpc_channel_next_op, + sizeof(call_data), init_call_elem, + destroy_call_elem, sizeof(channel_data), + init_channel_elem, destroy_channel_elem, + grpc_call_next_get_peer, "server-auth"}; |