aboutsummaryrefslogtreecommitdiffhomepage
path: root/src/core/lib/security/credentials/ssl/ssl_credentials.cc
diff options
context:
space:
mode:
Diffstat (limited to 'src/core/lib/security/credentials/ssl/ssl_credentials.cc')
-rw-r--r--src/core/lib/security/credentials/ssl/ssl_credentials.cc143
1 files changed, 72 insertions, 71 deletions
diff --git a/src/core/lib/security/credentials/ssl/ssl_credentials.cc b/src/core/lib/security/credentials/ssl/ssl_credentials.cc
index 2085e2b8e7..79e223ddcb 100644
--- a/src/core/lib/security/credentials/ssl/ssl_credentials.cc
+++ b/src/core/lib/security/credentials/ssl/ssl_credentials.cc
@@ -31,33 +31,33 @@
// SSL Channel Credentials.
//
-void grpc_tsi_ssl_pem_key_cert_pairs_destroy(tsi_ssl_pem_key_cert_pair *kp,
+void grpc_tsi_ssl_pem_key_cert_pairs_destroy(tsi_ssl_pem_key_cert_pair* kp,
size_t num_key_cert_pairs) {
if (kp == NULL) return;
for (size_t i = 0; i < num_key_cert_pairs; i++) {
- gpr_free((void *)kp[i].private_key);
- gpr_free((void *)kp[i].cert_chain);
+ gpr_free((void*)kp[i].private_key);
+ gpr_free((void*)kp[i].cert_chain);
}
gpr_free(kp);
}
-static void ssl_destruct(grpc_exec_ctx *exec_ctx,
- grpc_channel_credentials *creds) {
- grpc_ssl_credentials *c = (grpc_ssl_credentials *)creds;
+static void ssl_destruct(grpc_exec_ctx* exec_ctx,
+ grpc_channel_credentials* creds) {
+ grpc_ssl_credentials* c = (grpc_ssl_credentials*)creds;
gpr_free(c->config.pem_root_certs);
grpc_tsi_ssl_pem_key_cert_pairs_destroy(c->config.pem_key_cert_pair, 1);
}
static grpc_security_status ssl_create_security_connector(
- grpc_exec_ctx *exec_ctx, grpc_channel_credentials *creds,
- grpc_call_credentials *call_creds, const char *target,
- const grpc_channel_args *args, grpc_channel_security_connector **sc,
- grpc_channel_args **new_args) {
- grpc_ssl_credentials *c = (grpc_ssl_credentials *)creds;
+ grpc_exec_ctx* exec_ctx, grpc_channel_credentials* creds,
+ grpc_call_credentials* call_creds, const char* target,
+ const grpc_channel_args* args, grpc_channel_security_connector** sc,
+ grpc_channel_args** new_args) {
+ grpc_ssl_credentials* c = (grpc_ssl_credentials*)creds;
grpc_security_status status = GRPC_SECURITY_OK;
- const char *overridden_target_name = NULL;
+ const char* overridden_target_name = NULL;
for (size_t i = 0; args && i < args->num_args; i++) {
- grpc_arg *arg = &args->args[i];
+ grpc_arg* arg = &args->args[i];
if (strcmp(arg->key, GRPC_SSL_TARGET_NAME_OVERRIDE_ARG) == 0 &&
arg->type == GRPC_ARG_STRING) {
overridden_target_name = arg->value.string;
@@ -71,7 +71,7 @@ static grpc_security_status ssl_create_security_connector(
return status;
}
grpc_arg new_arg = grpc_channel_arg_string_create(
- (char *)GRPC_ARG_HTTP2_SCHEME, (char *)"https");
+ (char*)GRPC_ARG_HTTP2_SCHEME, (char*)"https");
*new_args = grpc_channel_args_copy_and_add(args, &new_arg, 1);
return status;
}
@@ -79,16 +79,16 @@ static grpc_security_status ssl_create_security_connector(
static grpc_channel_credentials_vtable ssl_vtable = {
ssl_destruct, ssl_create_security_connector, NULL};
-static void ssl_build_config(const char *pem_root_certs,
- grpc_ssl_pem_key_cert_pair *pem_key_cert_pair,
- grpc_ssl_config *config) {
+static void ssl_build_config(const char* pem_root_certs,
+ grpc_ssl_pem_key_cert_pair* pem_key_cert_pair,
+ grpc_ssl_config* config) {
if (pem_root_certs != NULL) {
config->pem_root_certs = gpr_strdup(pem_root_certs);
}
if (pem_key_cert_pair != NULL) {
GPR_ASSERT(pem_key_cert_pair->private_key != NULL);
GPR_ASSERT(pem_key_cert_pair->cert_chain != NULL);
- config->pem_key_cert_pair = (tsi_ssl_pem_key_cert_pair *)gpr_zalloc(
+ config->pem_key_cert_pair = (tsi_ssl_pem_key_cert_pair*)gpr_zalloc(
sizeof(tsi_ssl_pem_key_cert_pair));
config->pem_key_cert_pair->cert_chain =
gpr_strdup(pem_key_cert_pair->cert_chain);
@@ -97,11 +97,11 @@ static void ssl_build_config(const char *pem_root_certs,
}
}
-grpc_channel_credentials *grpc_ssl_credentials_create(
- const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pair,
- void *reserved) {
- grpc_ssl_credentials *c =
- (grpc_ssl_credentials *)gpr_zalloc(sizeof(grpc_ssl_credentials));
+grpc_channel_credentials* grpc_ssl_credentials_create(
+ const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pair,
+ void* reserved) {
+ grpc_ssl_credentials* c =
+ (grpc_ssl_credentials*)gpr_zalloc(sizeof(grpc_ssl_credentials));
GRPC_API_TRACE(
"grpc_ssl_credentials_create(pem_root_certs=%s, "
"pem_key_cert_pair=%p, "
@@ -121,34 +121,34 @@ grpc_channel_credentials *grpc_ssl_credentials_create(
struct grpc_ssl_server_credentials_options {
grpc_ssl_client_certificate_request_type client_certificate_request;
- grpc_ssl_server_certificate_config *certificate_config;
- grpc_ssl_server_certificate_config_fetcher *certificate_config_fetcher;
+ grpc_ssl_server_certificate_config* certificate_config;
+ grpc_ssl_server_certificate_config_fetcher* certificate_config_fetcher;
};
-static void ssl_server_destruct(grpc_exec_ctx *exec_ctx,
- grpc_server_credentials *creds) {
- grpc_ssl_server_credentials *c = (grpc_ssl_server_credentials *)creds;
+static void ssl_server_destruct(grpc_exec_ctx* exec_ctx,
+ grpc_server_credentials* creds) {
+ grpc_ssl_server_credentials* c = (grpc_ssl_server_credentials*)creds;
grpc_tsi_ssl_pem_key_cert_pairs_destroy(c->config.pem_key_cert_pairs,
c->config.num_key_cert_pairs);
gpr_free(c->config.pem_root_certs);
}
static grpc_security_status ssl_server_create_security_connector(
- grpc_exec_ctx *exec_ctx, grpc_server_credentials *creds,
- grpc_server_security_connector **sc) {
+ grpc_exec_ctx* exec_ctx, grpc_server_credentials* creds,
+ grpc_server_security_connector** sc) {
return grpc_ssl_server_security_connector_create(exec_ctx, creds, sc);
}
static grpc_server_credentials_vtable ssl_server_vtable = {
ssl_server_destruct, ssl_server_create_security_connector};
-tsi_ssl_pem_key_cert_pair *grpc_convert_grpc_to_tsi_cert_pairs(
- const grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs,
+tsi_ssl_pem_key_cert_pair* grpc_convert_grpc_to_tsi_cert_pairs(
+ const grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs,
size_t num_key_cert_pairs) {
- tsi_ssl_pem_key_cert_pair *tsi_pairs = NULL;
+ tsi_ssl_pem_key_cert_pair* tsi_pairs = NULL;
if (num_key_cert_pairs > 0) {
GPR_ASSERT(pem_key_cert_pairs != NULL);
- tsi_pairs = (tsi_ssl_pem_key_cert_pair *)gpr_zalloc(
+ tsi_pairs = (tsi_ssl_pem_key_cert_pair*)gpr_zalloc(
num_key_cert_pairs * sizeof(tsi_ssl_pem_key_cert_pair));
}
for (size_t i = 0; i < num_key_cert_pairs; i++) {
@@ -161,10 +161,10 @@ tsi_ssl_pem_key_cert_pair *grpc_convert_grpc_to_tsi_cert_pairs(
}
static void ssl_build_server_config(
- const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs,
+ const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs,
size_t num_key_cert_pairs,
grpc_ssl_client_certificate_request_type client_certificate_request,
- grpc_ssl_server_config *config) {
+ grpc_ssl_server_config* config) {
config->client_certificate_request = client_certificate_request;
if (pem_root_certs != NULL) {
config->pem_root_certs = gpr_strdup(pem_root_certs);
@@ -174,19 +174,19 @@ static void ssl_build_server_config(
config->num_key_cert_pairs = num_key_cert_pairs;
}
-grpc_ssl_server_certificate_config *grpc_ssl_server_certificate_config_create(
- const char *pem_root_certs,
- const grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs,
+grpc_ssl_server_certificate_config* grpc_ssl_server_certificate_config_create(
+ const char* pem_root_certs,
+ const grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs,
size_t num_key_cert_pairs) {
- grpc_ssl_server_certificate_config *config =
- (grpc_ssl_server_certificate_config *)gpr_zalloc(
+ grpc_ssl_server_certificate_config* config =
+ (grpc_ssl_server_certificate_config*)gpr_zalloc(
sizeof(grpc_ssl_server_certificate_config));
if (pem_root_certs != NULL) {
config->pem_root_certs = gpr_strdup(pem_root_certs);
}
if (num_key_cert_pairs > 0) {
GPR_ASSERT(pem_key_cert_pairs != NULL);
- config->pem_key_cert_pairs = (grpc_ssl_pem_key_cert_pair *)gpr_zalloc(
+ config->pem_key_cert_pairs = (grpc_ssl_pem_key_cert_pair*)gpr_zalloc(
num_key_cert_pairs * sizeof(grpc_ssl_pem_key_cert_pair));
}
config->num_key_cert_pairs = num_key_cert_pairs;
@@ -202,27 +202,27 @@ grpc_ssl_server_certificate_config *grpc_ssl_server_certificate_config_create(
}
void grpc_ssl_server_certificate_config_destroy(
- grpc_ssl_server_certificate_config *config) {
+ grpc_ssl_server_certificate_config* config) {
if (config == NULL) return;
for (size_t i = 0; i < config->num_key_cert_pairs; i++) {
- gpr_free((void *)config->pem_key_cert_pairs[i].private_key);
- gpr_free((void *)config->pem_key_cert_pairs[i].cert_chain);
+ gpr_free((void*)config->pem_key_cert_pairs[i].private_key);
+ gpr_free((void*)config->pem_key_cert_pairs[i].cert_chain);
}
gpr_free(config->pem_key_cert_pairs);
gpr_free(config->pem_root_certs);
gpr_free(config);
}
-grpc_ssl_server_credentials_options *
+grpc_ssl_server_credentials_options*
grpc_ssl_server_credentials_create_options_using_config(
grpc_ssl_client_certificate_request_type client_certificate_request,
- grpc_ssl_server_certificate_config *config) {
- grpc_ssl_server_credentials_options *options = NULL;
+ grpc_ssl_server_certificate_config* config) {
+ grpc_ssl_server_credentials_options* options = NULL;
if (config == NULL) {
gpr_log(GPR_ERROR, "Certificate config must not be NULL.");
goto done;
}
- options = (grpc_ssl_server_credentials_options *)gpr_zalloc(
+ options = (grpc_ssl_server_credentials_options*)gpr_zalloc(
sizeof(grpc_ssl_server_credentials_options));
options->client_certificate_request = client_certificate_request;
options->certificate_config = config;
@@ -230,23 +230,23 @@ done:
return options;
}
-grpc_ssl_server_credentials_options *
+grpc_ssl_server_credentials_options*
grpc_ssl_server_credentials_create_options_using_config_fetcher(
grpc_ssl_client_certificate_request_type client_certificate_request,
- grpc_ssl_server_certificate_config_callback cb, void *user_data) {
+ grpc_ssl_server_certificate_config_callback cb, void* user_data) {
if (cb == NULL) {
gpr_log(GPR_ERROR, "Invalid certificate config callback parameter.");
return NULL;
}
- grpc_ssl_server_certificate_config_fetcher *fetcher =
- (grpc_ssl_server_certificate_config_fetcher *)gpr_zalloc(
+ grpc_ssl_server_certificate_config_fetcher* fetcher =
+ (grpc_ssl_server_certificate_config_fetcher*)gpr_zalloc(
sizeof(grpc_ssl_server_certificate_config_fetcher));
fetcher->cb = cb;
fetcher->user_data = user_data;
- grpc_ssl_server_credentials_options *options =
- (grpc_ssl_server_credentials_options *)gpr_zalloc(
+ grpc_ssl_server_credentials_options* options =
+ (grpc_ssl_server_credentials_options*)gpr_zalloc(
sizeof(grpc_ssl_server_credentials_options));
options->client_certificate_request = client_certificate_request;
options->certificate_config_fetcher = fetcher;
@@ -254,9 +254,9 @@ grpc_ssl_server_credentials_create_options_using_config_fetcher(
return options;
}
-grpc_server_credentials *grpc_ssl_server_credentials_create(
- const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs,
- size_t num_key_cert_pairs, int force_client_auth, void *reserved) {
+grpc_server_credentials* grpc_ssl_server_credentials_create(
+ const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs,
+ size_t num_key_cert_pairs, int force_client_auth, void* reserved) {
return grpc_ssl_server_credentials_create_ex(
pem_root_certs, pem_key_cert_pairs, num_key_cert_pairs,
force_client_auth
@@ -265,33 +265,34 @@ grpc_server_credentials *grpc_ssl_server_credentials_create(
reserved);
}
-grpc_server_credentials *grpc_ssl_server_credentials_create_ex(
- const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs,
+grpc_server_credentials* grpc_ssl_server_credentials_create_ex(
+ const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs,
size_t num_key_cert_pairs,
grpc_ssl_client_certificate_request_type client_certificate_request,
- void *reserved) {
+ void* reserved) {
GRPC_API_TRACE(
"grpc_ssl_server_credentials_create_ex("
"pem_root_certs=%s, pem_key_cert_pairs=%p, num_key_cert_pairs=%lu, "
"client_certificate_request=%d, reserved=%p)",
- 5, (pem_root_certs, pem_key_cert_pairs, (unsigned long)num_key_cert_pairs,
- client_certificate_request, reserved));
+ 5,
+ (pem_root_certs, pem_key_cert_pairs, (unsigned long)num_key_cert_pairs,
+ client_certificate_request, reserved));
GPR_ASSERT(reserved == NULL);
- grpc_ssl_server_certificate_config *cert_config =
+ grpc_ssl_server_certificate_config* cert_config =
grpc_ssl_server_certificate_config_create(
pem_root_certs, pem_key_cert_pairs, num_key_cert_pairs);
- grpc_ssl_server_credentials_options *options =
+ grpc_ssl_server_credentials_options* options =
grpc_ssl_server_credentials_create_options_using_config(
client_certificate_request, cert_config);
return grpc_ssl_server_credentials_create_with_options(options);
}
-grpc_server_credentials *grpc_ssl_server_credentials_create_with_options(
- grpc_ssl_server_credentials_options *options) {
- grpc_server_credentials *retval = NULL;
- grpc_ssl_server_credentials *c = NULL;
+grpc_server_credentials* grpc_ssl_server_credentials_create_with_options(
+ grpc_ssl_server_credentials_options* options) {
+ grpc_server_credentials* retval = NULL;
+ grpc_ssl_server_credentials* c = NULL;
if (options == NULL) {
gpr_log(GPR_ERROR,
@@ -311,7 +312,7 @@ grpc_server_credentials *grpc_ssl_server_credentials_create_with_options(
goto done;
}
- c = (grpc_ssl_server_credentials *)gpr_zalloc(
+ c = (grpc_ssl_server_credentials*)gpr_zalloc(
sizeof(grpc_ssl_server_credentials));
c->base.type = GRPC_CHANNEL_CREDENTIALS_TYPE_SSL;
gpr_ref_init(&c->base.refcount, 1);
@@ -335,7 +336,7 @@ done:
}
void grpc_ssl_server_credentials_options_destroy(
- grpc_ssl_server_credentials_options *o) {
+ grpc_ssl_server_credentials_options* o) {
if (o == NULL) return;
gpr_free(o->certificate_config_fetcher);
grpc_ssl_server_certificate_config_destroy(o->certificate_config);
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-06 03:40:18 +0000