diff options
-rw-r--r-- | src/core/lib/channel/channel_stack.c | 8 | ||||
-rw-r--r-- | src/core/lib/security/transport/client_auth_filter.c | 80 | ||||
-rw-r--r-- | src/core/lib/security/transport/server_auth_filter.c | 10 |
3 files changed, 47 insertions, 51 deletions
diff --git a/src/core/lib/channel/channel_stack.c b/src/core/lib/channel/channel_stack.c index 22bdb2952a..ec973d4e7f 100644 --- a/src/core/lib/channel/channel_stack.c +++ b/src/core/lib/channel/channel_stack.c @@ -287,3 +287,11 @@ grpc_call_stack *grpc_call_stack_from_top_element(grpc_call_element *elem) { return (grpc_call_stack *)((char *)(elem)-ROUND_UP_TO_ALIGNMENT_SIZE( sizeof(grpc_call_stack))); } + +void grpc_call_element_signal_error(grpc_exec_ctx *exec_ctx, + grpc_call_element *elem, + grpc_error *error) { + grpc_transport_stream_op *op = grpc_make_transport_stream_op(NULL); + op->cancel_error = error; + elem->filter->start_transport_stream_op(exec_ctx, elem, op); +} diff --git a/src/core/lib/security/transport/client_auth_filter.c b/src/core/lib/security/transport/client_auth_filter.c index eb137ba311..b20e88851a 100644 --- a/src/core/lib/security/transport/client_auth_filter.c +++ b/src/core/lib/security/transport/client_auth_filter.c @@ -92,16 +92,6 @@ static void reset_auth_metadata_context( auth_md_context->channel_auth_context = NULL; } -static void bubble_up_error(grpc_exec_ctx *exec_ctx, grpc_call_element *elem, - grpc_status_code status, const char *error_msg) { - call_data *calld = elem->call_data; - gpr_log(GPR_ERROR, "Client side authentication failure: %s", error_msg); - grpc_slice error_slice = grpc_slice_from_copied_string(error_msg); - grpc_transport_stream_op_add_close(exec_ctx, &calld->op, status, - &error_slice); - grpc_call_next_op(exec_ctx, elem, &calld->op); -} - static void add_error(grpc_error **combined, grpc_error *error) { if (error == GRPC_ERROR_NONE) return; if (*combined == GRPC_ERROR_NONE) { @@ -121,35 +111,36 @@ static void on_credentials_metadata(grpc_exec_ctx *exec_ctx, void *user_data, grpc_metadata_batch *mdb; size_t i; reset_auth_metadata_context(&calld->auth_md_context); - if (status != GRPC_CREDENTIALS_OK) { - bubble_up_error(exec_ctx, elem, GRPC_STATUS_UNAUTHENTICATED, - (error_details != NULL && strlen(error_details) > 0) - ? error_details - : "Credentials failed to get metadata."); - return; - } - GPR_ASSERT(num_md <= MAX_CREDENTIALS_METADATA_COUNT); - GPR_ASSERT(op->send_initial_metadata != NULL); - mdb = op->send_initial_metadata; grpc_error *error = GRPC_ERROR_NONE; - for (i = 0; i < num_md; i++) { - if (!grpc_header_key_is_legal(md_elems[i].key)) { - char *str = grpc_slice_to_c_string(md_elems[i].key); - gpr_log(GPR_ERROR, "attempt to send invalid metadata key: %s", str); - gpr_free(str); - } else if (!grpc_is_binary_header(md_elems[i].key) && - !grpc_header_nonbin_value_is_legal(md_elems[i].value)) { - char *str = - grpc_dump_slice(md_elems[i].value, GPR_DUMP_HEX | GPR_DUMP_ASCII); - gpr_log(GPR_ERROR, "attempt to send invalid metadata value: %s", str); - gpr_free(str); - } else { - add_error(&error, - grpc_metadata_batch_add_tail( - mdb, &calld->md_links[i], - grpc_mdelem_from_slices( - exec_ctx, grpc_slice_ref_internal(md_elems[i].key), - grpc_slice_ref_internal(md_elems[i].value)))); + if (status != GRPC_CREDENTIALS_OK) { + error = grpc_error_set_int( + GRPC_ERROR_CREATE(error_details != NULL && strlen(error_details) > 0 + ? error_details + : "Credentials failed to get metadata."), + GRPC_ERROR_INT_GRPC_STATUS, GRPC_STATUS_UNAUTHENTICATED); + } else { + GPR_ASSERT(num_md <= MAX_CREDENTIALS_METADATA_COUNT); + GPR_ASSERT(op->send_initial_metadata != NULL); + mdb = op->send_initial_metadata; + for (i = 0; i < num_md; i++) { + if (!grpc_header_key_is_legal(md_elems[i].key)) { + char *str = grpc_slice_to_c_string(md_elems[i].key); + gpr_log(GPR_ERROR, "attempt to send invalid metadata key: %s", str); + gpr_free(str); + } else if (!grpc_is_binary_header(md_elems[i].key) && + !grpc_header_nonbin_value_is_legal(md_elems[i].value)) { + char *str = + grpc_dump_slice(md_elems[i].value, GPR_DUMP_HEX | GPR_DUMP_ASCII); + gpr_log(GPR_ERROR, "attempt to send invalid metadata value: %s", str); + gpr_free(str); + } else { + add_error(&error, + grpc_metadata_batch_add_tail( + mdb, &calld->md_links[i], + grpc_mdelem_from_slices( + exec_ctx, grpc_slice_ref_internal(md_elems[i].key), + grpc_slice_ref_internal(md_elems[i].value)))); + } } } if (error == GRPC_ERROR_NONE) { @@ -210,8 +201,12 @@ static void send_security_metadata(grpc_exec_ctx *exec_ctx, calld->creds = grpc_composite_call_credentials_create(channel_call_creds, ctx->creds, NULL); if (calld->creds == NULL) { - bubble_up_error(exec_ctx, elem, GRPC_STATUS_UNAUTHENTICATED, - "Incompatible credentials set on channel and call."); + grpc_transport_stream_op_finish_with_failure( + exec_ctx, op, + grpc_error_set_int( + GRPC_ERROR_CREATE( + "Incompatible credentials set on channel and call."), + GRPC_ERROR_INT_GRPC_STATUS, GRPC_STATUS_UNAUTHENTICATED)); return; } } else { @@ -241,7 +236,10 @@ static void on_host_checked(grpc_exec_ctx *exec_ctx, void *user_data, gpr_asprintf(&error_msg, "Invalid host %s set in :authority metadata.", host); gpr_free(host); - bubble_up_error(exec_ctx, elem, GRPC_STATUS_UNAUTHENTICATED, error_msg); + grpc_call_element_signal_error( + exec_ctx, elem, grpc_error_set_int(GRPC_ERROR_CREATE(error_msg), + GRPC_ERROR_INT_GRPC_STATUS, + GRPC_STATUS_UNAUTHENTICATED)); gpr_free(error_msg); } } diff --git a/src/core/lib/security/transport/server_auth_filter.c b/src/core/lib/security/transport/server_auth_filter.c index 8eb84ed3e4..6b04ad2385 100644 --- a/src/core/lib/security/transport/server_auth_filter.c +++ b/src/core/lib/security/transport/server_auth_filter.c @@ -98,10 +98,6 @@ static grpc_filtered_mdelem remove_consumed_md(grpc_exec_ctx *exec_ctx, return GRPC_FILTERED_MDELEM(md); } -static void destroy_op(grpc_exec_ctx *exec_ctx, void *arg, grpc_error *error) { - gpr_free(arg); -} - /* called from application code */ static void on_md_processing_done( void *user_data, const grpc_metadata *consumed_md, size_t num_consumed_md, @@ -135,8 +131,6 @@ static void on_md_processing_done( grpc_closure_sched(&exec_ctx, calld->on_done_recv, GRPC_ERROR_NONE); } else { grpc_slice message; - grpc_transport_stream_op *close_op = gpr_malloc(sizeof(*close_op)); - memset(close_op, 0, sizeof(*close_op)); for (size_t i = 0; i < calld->md.count; i++) { grpc_slice_unref_internal(&exec_ctx, calld->md.metadata[i].key); grpc_slice_unref_internal(&exec_ctx, calld->md.metadata[i].value); @@ -152,10 +146,6 @@ static void on_md_processing_done( calld->transport_op->send_message = NULL; } calld->transport_op->send_trailing_metadata = NULL; - close_op->on_complete = - grpc_closure_create(destroy_op, close_op, grpc_schedule_on_exec_ctx); - grpc_transport_stream_op_add_close(&exec_ctx, close_op, status, &message); - grpc_call_next_op(&exec_ctx, elem, close_op); grpc_closure_sched(&exec_ctx, calld->on_done_recv, grpc_error_set_int(GRPC_ERROR_CREATE(error_details), GRPC_ERROR_INT_GRPC_STATUS, status)); |