diff options
| author |  jiangtaoli2016 <jiangtao@google.com> | 2017-04-10 14:29:43 -0700 |
|---|---|---|
| committer | jiangtaoli2016 <jiangtao@google.com> | 2017-04-10 14:45:23 -0700 |
| commit | e69881de7fd5a2f09ad92986c48e5fa2a013bb34 (patch) | |
| tree | b5f88720044e4baefce81282072cf417803b945d /src | |
| parent | b105f5ae7df41a5a1995c51a24b6feb72d2cc420 (diff) | |
Revise based on Mark's comments.
Diffstat (limited to 'src')
| -rw-r--r-- | src/core/tsi/transport_security.c | 9 | ||||
| -rw-r--r-- | src/core/tsi/transport_security.h | 12 | ||||
| -rw-r--r-- | src/core/tsi/transport_security_adapter. | 0 | ||||
| -rw-r--r-- | src/core/tsi/transport_security_adapter.c | 49 | ||||
| -rw-r--r-- | src/core/tsi/transport_security_interface.h | 44 | ||||
| -rw-r--r-- | src/python/grpcio/grpc_core_dependencies.py | 1 |
6 files changed, 57 insertions, 58 deletions
diff --git a/src/core/tsi/transport_security.c b/src/core/tsi/transport_security.c index a9cb6a107c..aa8808ab74 100644 --- a/src/core/tsi/transport_security.c +++ b/src/core/tsi/transport_security.c @@ -182,7 +182,7 @@ tsi_result tsi_handshaker_create_frame_protector( result = self->vtable->create_frame_protector(self, max_protected_frame_size, protector); if (result == TSI_OK) { - self->frame_protector_created = 1; + self->frame_protector_created = true; } return result; } @@ -206,7 +206,7 @@ void tsi_handshaker_destroy(tsi_handshaker *self) { /* --- tsi_handshaker_result implementation. --- */ -tsi_result tsi_handshaker_result_extract_peer(tsi_handshaker_result *self, +tsi_result tsi_handshaker_result_extract_peer(const tsi_handshaker_result *self, tsi_peer *peer) { if (self == NULL || peer == NULL) return TSI_INVALID_ARGUMENT; memset(peer, 0, sizeof(tsi_peer)); @@ -214,7 +214,7 @@ tsi_result tsi_handshaker_result_extract_peer(tsi_handshaker_result *self, } tsi_result tsi_handshaker_result_create_frame_protector( - tsi_handshaker_result *self, size_t *max_protected_frame_size, + const tsi_handshaker_result *self, size_t *max_protected_frame_size, tsi_frame_protector **protector) { if (self == NULL || protector == NULL) return TSI_INVALID_ARGUMENT; return self->vtable->create_frame_protector(self, max_protected_frame_size, @@ -222,7 +222,8 @@ tsi_result tsi_handshaker_result_create_frame_protector( } tsi_result tsi_handshaker_result_get_unused_bytes( - tsi_handshaker_result *self, unsigned char **bytes, size_t *bytes_size) { + const tsi_handshaker_result *self, unsigned char **bytes, + size_t *bytes_size) { if (self == NULL || bytes == NULL || bytes_size == NULL) { return TSI_INVALID_ARGUMENT; } diff --git a/src/core/tsi/transport_security.h b/src/core/tsi/transport_security.h index 2e82110827..a4c9cbc001 100644 --- a/src/core/tsi/transport_security.h +++ b/src/core/tsi/transport_security.h @@ -34,6 +34,8 @@ #ifndef GRPC_CORE_TSI_TRANSPORT_SECURITY_H #define GRPC_CORE_TSI_TRANSPORT_SECURITY_H +#include <stdbool.h> + #include "src/core/tsi/transport_security_interface.h" #ifdef __cplusplus @@ -90,18 +92,18 @@ typedef struct { struct tsi_handshaker { const tsi_handshaker_vtable *vtable; - int frame_protector_created; - int handshaker_result_created; + bool frame_protector_created; + bool handshaker_result_created; }; /* Base for tsi_handshaker_result implementations. See transport_security_interface.h for documentation. */ typedef struct { - tsi_result (*extract_peer)(tsi_handshaker_result *self, tsi_peer *peer); - tsi_result (*create_frame_protector)(tsi_handshaker_result *self, + tsi_result (*extract_peer)(const tsi_handshaker_result *self, tsi_peer *peer); + tsi_result (*create_frame_protector)(const tsi_handshaker_result *self, size_t *max_output_protected_frame_size, tsi_frame_protector **protector); - tsi_result (*get_unused_bytes)(tsi_handshaker_result *self, + tsi_result (*get_unused_bytes)(const tsi_handshaker_result *self, unsigned char **bytes, size_t *bytes_size); void (*destroy)(tsi_handshaker_result *self); } tsi_handshaker_result_vtable; diff --git a/src/core/tsi/transport_security_adapter. b/src/core/tsi/transport_security_adapter. new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/src/core/tsi/transport_security_adapter. diff --git a/src/core/tsi/transport_security_adapter.c b/src/core/tsi/transport_security_adapter.c index 7e0b8f574a..60cebdd6f2 100644 --- a/src/core/tsi/transport_security_adapter.c +++ b/src/core/tsi/transport_security_adapter.c @@ -50,14 +50,14 @@ typedef struct { size_t unused_bytes_size; } tsi_adapter_handshaker_result; -static tsi_result tsi_adapter_result_extract_peer(tsi_handshaker_result *self, - tsi_peer *peer) { +static tsi_result tsi_adapter_result_extract_peer( + const tsi_handshaker_result *self, tsi_peer *peer) { tsi_adapter_handshaker_result *impl = (tsi_adapter_handshaker_result *)self; return tsi_handshaker_extract_peer(impl->handshaker, peer); } static tsi_result tsi_adapter_result_create_frame_protector( - tsi_handshaker_result *self, size_t *max_output_protected_frame_size, + const tsi_handshaker_result *self, size_t *max_output_protected_frame_size, tsi_frame_protector **protector) { tsi_adapter_handshaker_result *impl = (tsi_adapter_handshaker_result *)self; return tsi_handshaker_create_frame_protector( @@ -65,7 +65,8 @@ static tsi_result tsi_adapter_result_create_frame_protector( } static tsi_result tsi_adapter_result_get_unused_bytes( - tsi_handshaker_result *self, unsigned char **bytes, size_t *byte_size) { + const tsi_handshaker_result *self, unsigned char **bytes, + size_t *byte_size) { tsi_adapter_handshaker_result *impl = (tsi_adapter_handshaker_result *)self; *bytes = impl->unused_bytes; *byte_size = impl->unused_bytes_size; @@ -74,9 +75,7 @@ static tsi_result tsi_adapter_result_get_unused_bytes( static void tsi_adapter_result_destroy(tsi_handshaker_result *self) { tsi_adapter_handshaker_result *impl = (tsi_adapter_handshaker_result *)self; - if (impl->unused_bytes != NULL) { - gpr_free(impl->unused_bytes); - } + gpr_free(impl->unused_bytes); gpr_free(self); } @@ -114,45 +113,45 @@ typedef struct { size_t adapter_buffer_size; } tsi_adapter_handshaker; -tsi_result tsi_adapter_get_bytes_to_send_to_peer(tsi_handshaker *self, - unsigned char *bytes, - size_t *bytes_size) { +static tsi_result tsi_adapter_get_bytes_to_send_to_peer(tsi_handshaker *self, + unsigned char *bytes, + size_t *bytes_size) { return tsi_handshaker_get_bytes_to_send_to_peer( tsi_adapter_handshaker_get_wrapped(self), bytes, bytes_size); } -tsi_result tsi_adapter_process_bytes_from_peer(tsi_handshaker *self, - const unsigned char *bytes, - size_t *bytes_size) { +static tsi_result tsi_adapter_process_bytes_from_peer( + tsi_handshaker *self, const unsigned char *bytes, size_t *bytes_size) { return tsi_handshaker_process_bytes_from_peer( tsi_adapter_handshaker_get_wrapped(self), bytes, bytes_size); } -tsi_result tsi_adapter_get_result(tsi_handshaker *self) { +static tsi_result tsi_adapter_get_result(tsi_handshaker *self) { return tsi_handshaker_get_result(tsi_adapter_handshaker_get_wrapped(self)); } -tsi_result tsi_adapter_extract_peer(tsi_handshaker *self, tsi_peer *peer) { +static tsi_result tsi_adapter_extract_peer(tsi_handshaker *self, + tsi_peer *peer) { return tsi_handshaker_extract_peer(tsi_adapter_handshaker_get_wrapped(self), peer); } -tsi_result tsi_adapter_create_frame_protector(tsi_handshaker *self, - size_t *max_protected_frame_size, - tsi_frame_protector **protector) { +static tsi_result tsi_adapter_create_frame_protector( + tsi_handshaker *self, size_t *max_protected_frame_size, + tsi_frame_protector **protector) { return tsi_handshaker_create_frame_protector( tsi_adapter_handshaker_get_wrapped(self), max_protected_frame_size, protector); } -void tsi_adapter_destroy(tsi_handshaker *self) { +static void tsi_adapter_destroy(tsi_handshaker *self) { tsi_adapter_handshaker *impl = (tsi_adapter_handshaker *)self; tsi_handshaker_destroy(impl->wrapped); gpr_free(impl->adapter_buffer); gpr_free(self); } -tsi_result tsi_adapter_next( +static tsi_result tsi_adapter_next( tsi_handshaker *self, const unsigned char *received_bytes, size_t received_bytes_size, unsigned char **bytes_to_send, size_t *bytes_to_send_size, tsi_handshaker_result **handshaker_result, @@ -196,11 +195,15 @@ tsi_result tsi_adapter_next( size_t unused_bytes_size = received_bytes_size - bytes_consumed; const unsigned char *unused_bytes = unused_bytes_size == 0 ? NULL : received_bytes + bytes_consumed; - return tsi_adapter_create_handshaker_result( + status = tsi_adapter_create_handshaker_result( impl->wrapped, unused_bytes, unused_bytes_size, handshaker_result); + if (status == TSI_OK) { + impl->base.handshaker_result_created = true; + } + } else { + *handshaker_result = NULL; } - *handshaker_result = NULL; - return TSI_OK; + return status; } static const tsi_handshaker_vtable handshaker_vtable = { diff --git a/src/core/tsi/transport_security_interface.h b/src/core/tsi/transport_security_interface.h index be04810e24..c9495f80b6 100644 --- a/src/core/tsi/transport_security_interface.h +++ b/src/core/tsi/transport_security_interface.h @@ -220,22 +220,22 @@ typedef struct tsi_handshaker_result tsi_handshaker_result; /* This method extracts tsi peer. It returns TSI_OK assuming there is no fatal error. The caller is responsible for destructing the peer. */ -tsi_result tsi_handshaker_result_extract_peer(tsi_handshaker_result *self, +tsi_result tsi_handshaker_result_extract_peer(const tsi_handshaker_result *self, tsi_peer *peer); /* This method creates a tsi_frame_protector object. It returns TSI_OK assuming there is no fatal error. The caller is responsible for destroying the protector. */ tsi_result tsi_handshaker_result_create_frame_protector( - tsi_handshaker_result *self, size_t *max_output_protected_frame_size, + const tsi_handshaker_result *self, size_t *max_output_protected_frame_size, tsi_frame_protector **protector); /* This method returns the unused bytes from the handshake. It returns TSI_OK assuming there is no fatal error. The caller should not free the bytes. */ -tsi_result tsi_handshaker_result_get_unused_bytes(tsi_handshaker_result *self, - unsigned char **bytes, - size_t *byte_size); +tsi_result tsi_handshaker_result_get_unused_bytes( + const tsi_handshaker_result *self, unsigned char **bytes, + size_t *byte_size); /* This method releases the tsi_handshaker_handshaker object. After this method is called, no other method can be called on the object. */ @@ -305,8 +305,8 @@ void tsi_handshaker_result_destroy(tsi_handshaker_result *self); ... ------------------------------------------------------------------------ - A typical usage of the new TSI would be as follows, supporting both - synchronous and asynchrnous TSI handshaker implementations: + A typical usage supporting both synchronous and asynchronous TSI handshaker + implementations would be: ------------------------------------------------------------------------ @@ -324,17 +324,6 @@ void tsi_handshaker_result_destroy(tsi_handshaker_result *self); ... } - // This method is a wrapper of the callback function to execute when - // tsi_handshaker_next finishes. It is passed to tsi_handshaker_next as - // the callback function. - void on_handshake_next_done_wrapper( - tsi_result status, void *user_data, const unsigned char *bytes_to_send, - size_t bytes_to_send_size, tsi_handshaker_result *result) { - security_handshaker *h = (security_handshaker *)user_data; - on_handshake_next_done(h, status, bytes_to_send, - bytes_to_send_size, result); - } - // This method is the callback function when there are data received from // the peer. This method will read bytes into the handshake buffer and call // do_handshake_next. @@ -355,19 +344,22 @@ void tsi_handshaker_result_destroy(tsi_handshaker_result *self); tsi_handshaker_result *result = NULL; status = tsi_handshaker_next( handshaker, bytes_received, bytes_received_size, &bytes_to_send, - &bytes_to_send_size, &result, on_handshake_next_done_wrapper, h); + &bytes_to_send_size, &result, on_handshake_next_done, h); // If TSI handshaker is asynchronous, on_handshake_next_done will be - // called during the execution of the callback function. + // executed inside tsi_handshaker_next. if (status == TSI_ASYNC) return; - on_handshake_next_done(h, status, bytes_to_send, + // If TSI handshaker is synchronous, invoke callback directly in this + // thread. + on_handshake_next_done(status, (void *)h, bytes_to_send, bytes_to_send_size, result); } - // This is the real function to execute after tsi_handshaker_next. + // This is the callback function to execute after tsi_handshaker_next. + // It is passed to tsi_handshaker_next as a function parameter. void on_handshake_next_done( - security_handshaker *h, tsi_result status, - const unsigned char *bytes_to_send, size_t bytes_to_send_size, - tsi_handshaker_result *result) { + tsi_result status, void *user_data, const unsigned char *bytes_to_send, + size_t bytes_to_send_size, tsi_handshaker_result *result) { + security_handshaker *h = (security_handshaker *)user_data; if (status == TSI_INCOMPLETE_DATA) { // Schedule an asynchronous read from the peer. If handshake data are // received, on_handshake_data_received_from_peer will be called. @@ -386,7 +378,7 @@ void tsi_handshaker_result_destroy(tsi_handshaker_result *self); // Check the Peer. tsi_peer peer; status = tsi_handshaker_result_extract_peer(result, &peer); - if (status != TSI_OK) return status; + if (status != TSI_OK) return; status = check_peer(&peer); tsi_peer_destruct(&peer); if (status != TSI_OK) return; diff --git a/src/python/grpcio/grpc_core_dependencies.py b/src/python/grpcio/grpc_core_dependencies.py index 3bcbe667e2..88e783815c 100644 --- a/src/python/grpcio/grpc_core_dependencies.py +++ b/src/python/grpcio/grpc_core_dependencies.py @@ -250,6 +250,7 @@ CORE_SOURCE_FILES = [ 'src/core/tsi/fake_transport_security.c', 'src/core/tsi/ssl_transport_security.c', 'src/core/tsi/transport_security.c', + 'src/core/tsi/transport_security_adapter.c', 'src/core/ext/transport/chttp2/server/chttp2_server.c', 'src/core/ext/transport/chttp2/client/secure/secure_channel_create.c', 'src/core/ext/filters/client_channel/channel_connectivity.c', |