aboutsummaryrefslogtreecommitdiffhomepage
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/core/channel/channel_args.h2
-rw-r--r--src/core/channel/http_client_filter.c8
-rw-r--r--src/core/channel/http_server_filter.c3
-rw-r--r--src/core/httpcli/httpcli_security_connector.c27
-rw-r--r--src/core/iomgr/tcp_client_windows.c4
-rw-r--r--src/core/iomgr/tcp_server_windows.c9
-rw-r--r--src/core/security/handshake.c (renamed from src/core/security/secure_transport_setup.c)216
-rw-r--r--src/core/security/handshake.h (renamed from src/core/security/secure_transport_setup.h)23
-rw-r--r--src/core/security/security_connector.c89
-rw-r--r--src/core/security/security_connector.h19
-rw-r--r--src/core/security/server_secure_chttp2.c12
-rw-r--r--src/core/surface/call.c2
-rw-r--r--src/core/surface/channel.c8
-rw-r--r--src/core/surface/channel.h1
-rw-r--r--src/core/surface/channel_connectivity.c16
-rw-r--r--src/core/surface/secure_channel_create.c14
-rw-r--r--src/cpp/client/secure_credentials.cc4
17 files changed, 244 insertions, 213 deletions
diff --git a/src/core/channel/channel_args.h b/src/core/channel/channel_args.h
index 06a6012dee..1a6be91359 100644
--- a/src/core/channel/channel_args.h
+++ b/src/core/channel/channel_args.h
@@ -71,7 +71,7 @@ grpc_channel_args *grpc_channel_args_set_compression_algorithm(
* compression algorithms are enabled. It's an error to disable an algorithm set
* by grpc_channel_args_set_compression_algorithm.
*
- * Returns an instance will the updated algorithm states. The \a a pointer is
+ * Returns an instance with the updated algorithm states. The \a a pointer is
* modified to point to the returned instance (which may be different from the
* input value of \a a). */
grpc_channel_args *grpc_channel_args_compression_algorithm_set_state(
diff --git a/src/core/channel/http_client_filter.c b/src/core/channel/http_client_filter.c
index ec832a0367..5f20f8c16d 100644
--- a/src/core/channel/http_client_filter.c
+++ b/src/core/channel/http_client_filter.c
@@ -70,7 +70,7 @@ typedef struct channel_data {
/* used to silence 'variable not used' warnings */
static void ignore_unused(void *ignored) {}
-static grpc_mdelem *client_filter(void *user_data, grpc_mdelem *md) {
+static grpc_mdelem *client_recv_filter(void *user_data, grpc_mdelem *md) {
grpc_call_element *elem = user_data;
channel_data *channeld = elem->channel_data;
if (md == channeld->status) {
@@ -78,6 +78,8 @@ static grpc_mdelem *client_filter(void *user_data, grpc_mdelem *md) {
} else if (md->key == channeld->status->key) {
grpc_call_element_send_cancel(elem);
return NULL;
+ } else if (md->key == channeld->content_type->key) {
+ return NULL;
}
return md;
}
@@ -92,11 +94,13 @@ static void hc_on_recv(void *user_data, int success) {
grpc_stream_op *op = &ops[i];
if (op->type != GRPC_OP_METADATA) continue;
calld->got_initial_metadata = 1;
- grpc_metadata_batch_filter(&op->data.metadata, client_filter, elem);
+ grpc_metadata_batch_filter(&op->data.metadata, client_recv_filter, elem);
}
calld->on_done_recv->cb(calld->on_done_recv->cb_arg, success);
}
+
+
static grpc_mdelem *client_strip_filter(void *user_data, grpc_mdelem *md) {
grpc_call_element *elem = user_data;
channel_data *channeld = elem->channel_data;
diff --git a/src/core/channel/http_server_filter.c b/src/core/channel/http_server_filter.c
index 2f061946a1..9898efd608 100644
--- a/src/core/channel/http_server_filter.c
+++ b/src/core/channel/http_server_filter.c
@@ -111,8 +111,7 @@ static grpc_mdelem *server_filter(void *user_data, grpc_mdelem *md) {
return NULL;
} else if (md->key == channeld->te_trailers->key ||
md->key == channeld->method_post->key ||
- md->key == channeld->http_scheme->key ||
- md->key == channeld->content_type->key) {
+ md->key == channeld->http_scheme->key) {
gpr_log(GPR_ERROR, "Invalid %s: header: '%s'",
grpc_mdstr_as_c_string(md->key), grpc_mdstr_as_c_string(md->value));
/* swallow it and error everything out. */
diff --git a/src/core/httpcli/httpcli_security_connector.c b/src/core/httpcli/httpcli_security_connector.c
index 7887f9d530..86f34db1d0 100644
--- a/src/core/httpcli/httpcli_security_connector.c
+++ b/src/core/httpcli/httpcli_security_connector.c
@@ -35,7 +35,7 @@
#include <string.h>
-#include "src/core/security/secure_transport_setup.h"
+#include "src/core/security/handshake.h"
#include "src/core/support/string.h"
#include <grpc/support/alloc.h>
#include <grpc/support/log.h>
@@ -58,20 +58,27 @@ static void httpcli_ssl_destroy(grpc_security_connector *sc) {
gpr_free(sc);
}
-static grpc_security_status httpcli_ssl_create_handshaker(
- grpc_security_connector *sc, tsi_handshaker **handshaker) {
+static void httpcli_ssl_do_handshake(
+ grpc_security_connector *sc, grpc_endpoint *nonsecure_endpoint,
+ grpc_security_handshake_done_cb cb, void *user_data) {
grpc_httpcli_ssl_channel_security_connector *c =
(grpc_httpcli_ssl_channel_security_connector *)sc;
tsi_result result = TSI_OK;
- if (c->handshaker_factory == NULL) return GRPC_SECURITY_ERROR;
+ tsi_handshaker *handshaker;
+ if (c->handshaker_factory == NULL) {
+ cb(user_data, GRPC_SECURITY_ERROR, nonsecure_endpoint, NULL);
+ return;
+ }
result = tsi_ssl_handshaker_factory_create_handshaker(
- c->handshaker_factory, c->secure_peer_name, handshaker);
+ c->handshaker_factory, c->secure_peer_name, &handshaker);
if (result != TSI_OK) {
gpr_log(GPR_ERROR, "Handshaker creation failed with error %s.",
tsi_result_to_string(result));
- return GRPC_SECURITY_ERROR;
+ cb(user_data, GRPC_SECURITY_ERROR, nonsecure_endpoint, NULL);
+ } else {
+ grpc_do_security_handshake(handshaker, sc, nonsecure_endpoint, cb,
+ user_data);
}
- return GRPC_SECURITY_OK;
}
static grpc_security_status httpcli_ssl_check_peer(grpc_security_connector *sc,
@@ -94,7 +101,7 @@ static grpc_security_status httpcli_ssl_check_peer(grpc_security_connector *sc,
}
static grpc_security_connector_vtable httpcli_ssl_vtable = {
- httpcli_ssl_destroy, httpcli_ssl_create_handshaker, httpcli_ssl_check_peer};
+ httpcli_ssl_destroy, httpcli_ssl_do_handshake, httpcli_ssl_check_peer};
static grpc_security_status httpcli_ssl_channel_security_connector_create(
const unsigned char *pem_root_certs, size_t pem_root_certs_size,
@@ -169,8 +176,8 @@ static void ssl_handshake(void *arg, grpc_endpoint *tcp, const char *host,
GPR_ASSERT(httpcli_ssl_channel_security_connector_create(
pem_root_certs, pem_root_certs_size, host, &sc) ==
GRPC_SECURITY_OK);
- grpc_setup_secure_transport(&sc->base, tcp, on_secure_transport_setup_done,
- c);
+ grpc_security_connector_do_handshake(&sc->base, tcp,
+ on_secure_transport_setup_done, c);
GRPC_SECURITY_CONNECTOR_UNREF(&sc->base, "httpcli");
}
diff --git a/src/core/iomgr/tcp_client_windows.c b/src/core/iomgr/tcp_client_windows.c
index a42ec7cf11..6f57de0289 100644
--- a/src/core/iomgr/tcp_client_windows.c
+++ b/src/core/iomgr/tcp_client_windows.c
@@ -121,7 +121,7 @@ static void on_connect(void *acp, int from_iocp) {
notification request for the connection, and one timeout alert. */
void grpc_tcp_client_connect(void (*cb)(void *arg, grpc_endpoint *tcp),
void *arg, grpc_pollset_set *interested_parties,
- const struct sockaddr *addr, int addr_len,
+ const struct sockaddr *addr, size_t addr_len,
gpr_timespec deadline) {
SOCKET sock = INVALID_SOCKET;
BOOL success;
@@ -176,7 +176,7 @@ void grpc_tcp_client_connect(void (*cb)(void *arg, grpc_endpoint *tcp),
socket = grpc_winsocket_create(sock, "client");
info = &socket->write_info;
- success = ConnectEx(sock, addr, addr_len, NULL, 0, NULL, &info->overlapped);
+ success = ConnectEx(sock, addr, (int)addr_len, NULL, 0, NULL, &info->overlapped);
/* It wouldn't be unusual to get a success immediately. But we'll still get
an IOCP notification, so let's ignore it. */
diff --git a/src/core/iomgr/tcp_server_windows.c b/src/core/iomgr/tcp_server_windows.c
index a043baafae..c42e5e7527 100644
--- a/src/core/iomgr/tcp_server_windows.c
+++ b/src/core/iomgr/tcp_server_windows.c
@@ -96,7 +96,6 @@ grpc_tcp_server *grpc_tcp_server_create(void) {
grpc_tcp_server *s = gpr_malloc(sizeof(grpc_tcp_server));
gpr_mu_init(&s->mu);
s->active_ports = 0;
- s->iomgr_callbacks_pending = 0;
s->on_accept_cb = NULL;
s->on_accept_cb_arg = NULL;
s->ports = gpr_malloc(sizeof(server_port) * INIT_PORT_CAP);
@@ -156,7 +155,7 @@ void grpc_tcp_server_destroy(grpc_tcp_server *s,
/* Prepare (bind) a recently-created socket for listening. */
static int prepare_socket(SOCKET sock, const struct sockaddr *addr,
- int addr_len) {
+ size_t addr_len) {
struct sockaddr_storage sockname_temp;
socklen_t sockname_len;
@@ -169,7 +168,7 @@ static int prepare_socket(SOCKET sock, const struct sockaddr *addr,
goto error;
}
- if (bind(sock, addr, addr_len) == SOCKET_ERROR) {
+ if (bind(sock, addr, (int)addr_len) == SOCKET_ERROR) {
char *addr_str;
char *utf8_message = gpr_format_message(WSAGetLastError());
grpc_sockaddr_to_string(&addr_str, addr, 0);
@@ -355,7 +354,7 @@ static void on_accept(void *arg, int from_iocp) {
}
static int add_socket_to_server(grpc_tcp_server *s, SOCKET sock,
- const struct sockaddr *addr, int addr_len) {
+ const struct sockaddr *addr, size_t addr_len) {
server_port *sp;
int port;
int status;
@@ -402,7 +401,7 @@ static int add_socket_to_server(grpc_tcp_server *s, SOCKET sock,
}
int grpc_tcp_server_add_port(grpc_tcp_server *s, const void *addr,
- int addr_len) {
+ size_t addr_len) {
int allocated_port = -1;
unsigned i;
SOCKET sock;
diff --git a/src/core/security/secure_transport_setup.c b/src/core/security/handshake.c
index bf0079577e..3b49271373 100644
--- a/src/core/security/secure_transport_setup.c
+++ b/src/core/security/handshake.c
@@ -31,7 +31,7 @@
*
*/
-#include "src/core/security/secure_transport_setup.h"
+#include "src/core/security/handshake.h"
#include <string.h>
@@ -52,133 +52,134 @@ typedef struct {
gpr_slice_buffer left_overs;
gpr_slice_buffer incoming;
gpr_slice_buffer outgoing;
- grpc_secure_transport_setup_done_cb cb;
+ grpc_security_handshake_done_cb cb;
void *user_data;
grpc_iomgr_closure on_handshake_data_sent_to_peer;
grpc_iomgr_closure on_handshake_data_received_from_peer;
-} grpc_secure_transport_setup;
+} grpc_security_handshake;
+
static void on_handshake_data_received_from_peer(void *setup, int success);
static void on_handshake_data_sent_to_peer(void *setup, int success);
-static void secure_transport_setup_done(grpc_secure_transport_setup *s,
- int is_success) {
+static void security_handshake_done(grpc_security_handshake *h,
+ int is_success) {
if (is_success) {
- s->cb(s->user_data, GRPC_SECURITY_OK, s->wrapped_endpoint,
- s->secure_endpoint);
+ h->cb(h->user_data, GRPC_SECURITY_OK, h->wrapped_endpoint,
+ h->secure_endpoint);
} else {
- if (s->secure_endpoint != NULL) {
- grpc_endpoint_shutdown(s->secure_endpoint);
- grpc_endpoint_destroy(s->secure_endpoint);
+ if (h->secure_endpoint != NULL) {
+ grpc_endpoint_shutdown(h->secure_endpoint);
+ grpc_endpoint_destroy(h->secure_endpoint);
} else {
- grpc_endpoint_destroy(s->wrapped_endpoint);
+ grpc_endpoint_destroy(h->wrapped_endpoint);
}
- s->cb(s->user_data, GRPC_SECURITY_ERROR, s->wrapped_endpoint, NULL);
+ h->cb(h->user_data, GRPC_SECURITY_ERROR, h->wrapped_endpoint, NULL);
}
- if (s->handshaker != NULL) tsi_handshaker_destroy(s->handshaker);
- if (s->handshake_buffer != NULL) gpr_free(s->handshake_buffer);
- gpr_slice_buffer_destroy(&s->left_overs);
- gpr_slice_buffer_destroy(&s->outgoing);
- gpr_slice_buffer_destroy(&s->incoming);
- GRPC_SECURITY_CONNECTOR_UNREF(s->connector, "secure_transport_setup");
- gpr_free(s);
+ if (h->handshaker != NULL) tsi_handshaker_destroy(h->handshaker);
+ if (h->handshake_buffer != NULL) gpr_free(h->handshake_buffer);
+ gpr_slice_buffer_destroy(&h->left_overs);
+ gpr_slice_buffer_destroy(&h->outgoing);
+ gpr_slice_buffer_destroy(&h->incoming);
+ GRPC_SECURITY_CONNECTOR_UNREF(h->connector, "handshake");
+ gpr_free(h);
}
static void on_peer_checked(void *user_data, grpc_security_status status) {
- grpc_secure_transport_setup *s = user_data;
+ grpc_security_handshake *h = user_data;
tsi_frame_protector *protector;
tsi_result result;
if (status != GRPC_SECURITY_OK) {
gpr_log(GPR_ERROR, "Error checking peer.");
- secure_transport_setup_done(s, 0);
+ security_handshake_done(h, 0);
return;
}
result =
- tsi_handshaker_create_frame_protector(s->handshaker, NULL, &protector);
+ tsi_handshaker_create_frame_protector(h->handshaker, NULL, &protector);
if (result != TSI_OK) {
gpr_log(GPR_ERROR, "Frame protector creation failed with error %s.",
tsi_result_to_string(result));
- secure_transport_setup_done(s, 0);
+ security_handshake_done(h, 0);
return;
}
- s->secure_endpoint =
- grpc_secure_endpoint_create(protector, s->wrapped_endpoint,
- s->left_overs.slices, s->left_overs.count);
- s->left_overs.count = 0;
- s->left_overs.length = 0;
- secure_transport_setup_done(s, 1);
+ h->secure_endpoint =
+ grpc_secure_endpoint_create(protector, h->wrapped_endpoint,
+ h->left_overs.slices, h->left_overs.count);
+ h->left_overs.count = 0;
+ h->left_overs.length = 0;
+ security_handshake_done(h, 1);
return;
}
-static void check_peer(grpc_secure_transport_setup *s) {
+static void check_peer(grpc_security_handshake *h) {
grpc_security_status peer_status;
tsi_peer peer;
- tsi_result result = tsi_handshaker_extract_peer(s->handshaker, &peer);
+ tsi_result result = tsi_handshaker_extract_peer(h->handshaker, &peer);
if (result != TSI_OK) {
gpr_log(GPR_ERROR, "Peer extraction failed with error %s",
tsi_result_to_string(result));
- secure_transport_setup_done(s, 0);
+ security_handshake_done(h, 0);
return;
}
- peer_status = grpc_security_connector_check_peer(s->connector, peer,
- on_peer_checked, s);
+ peer_status = grpc_security_connector_check_peer(h->connector, peer,
+ on_peer_checked, h);
if (peer_status == GRPC_SECURITY_ERROR) {
gpr_log(GPR_ERROR, "Peer check failed.");
- secure_transport_setup_done(s, 0);
+ security_handshake_done(h, 0);
return;
} else if (peer_status == GRPC_SECURITY_OK) {
- on_peer_checked(s, peer_status);
+ on_peer_checked(h, peer_status);
}
}
-static void send_handshake_bytes_to_peer(grpc_secure_transport_setup *s) {
+static void send_handshake_bytes_to_peer(grpc_security_handshake *h) {
size_t offset = 0;
tsi_result result = TSI_OK;
gpr_slice to_send;
do {
- size_t to_send_size = s->handshake_buffer_size - offset;
+ size_t to_send_size = h->handshake_buffer_size - offset;
result = tsi_handshaker_get_bytes_to_send_to_peer(
- s->handshaker, s->handshake_buffer + offset, &to_send_size);
+ h->handshaker, h->handshake_buffer + offset, &to_send_size);
offset += to_send_size;
if (result == TSI_INCOMPLETE_DATA) {
- s->handshake_buffer_size *= 2;
- s->handshake_buffer =
- gpr_realloc(s->handshake_buffer, s->handshake_buffer_size);
+ h->handshake_buffer_size *= 2;
+ h->handshake_buffer =
+ gpr_realloc(h->handshake_buffer, h->handshake_buffer_size);
}
} while (result == TSI_INCOMPLETE_DATA);
if (result != TSI_OK) {
gpr_log(GPR_ERROR, "Handshake failed with error %s",
tsi_result_to_string(result));
- secure_transport_setup_done(s, 0);
+ security_handshake_done(h, 0);
return;
}
to_send =
- gpr_slice_from_copied_buffer((const char *)s->handshake_buffer, offset);
- gpr_slice_buffer_reset_and_unref(&s->outgoing);
- gpr_slice_buffer_add(&s->outgoing, to_send);
+ gpr_slice_from_copied_buffer((const char *)h->handshake_buffer, offset);
+ gpr_slice_buffer_reset_and_unref(&h->outgoing);
+ gpr_slice_buffer_add(&h->outgoing, to_send);
/* TODO(klempner,jboeuf): This should probably use the client setup
deadline */
- switch (grpc_endpoint_write(s->wrapped_endpoint, &s->outgoing,
- &s->on_handshake_data_sent_to_peer)) {
+ switch (grpc_endpoint_write(h->wrapped_endpoint, &h->outgoing,
+ &h->on_handshake_data_sent_to_peer)) {
case GRPC_ENDPOINT_ERROR:
gpr_log(GPR_ERROR, "Could not send handshake data to peer.");
- secure_transport_setup_done(s, 0);
+ security_handshake_done(h, 0);
break;
case GRPC_ENDPOINT_DONE:
- on_handshake_data_sent_to_peer(s, 1);
+ on_handshake_data_sent_to_peer(h, 1);
break;
case GRPC_ENDPOINT_PENDING:
break;
}
}
-static void on_handshake_data_received_from_peer(void *setup, int success) {
- grpc_secure_transport_setup *s = setup;
+static void on_handshake_data_received_from_peer(void *handshake, int success) {
+ grpc_security_handshake *h = handshake;
size_t consumed_slice_size = 0;
tsi_result result = TSI_OK;
size_t i;
@@ -187,35 +188,35 @@ static void on_handshake_data_received_from_peer(void *setup, int success) {
if (!success) {
gpr_log(GPR_ERROR, "Read failed.");
- secure_transport_setup_done(s, 0);
+ security_handshake_done(h, 0);
return;
}
- for (i = 0; i < s->incoming.count; i++) {
- consumed_slice_size = GPR_SLICE_LENGTH(s->incoming.slices[i]);
+ for (i = 0; i < h->incoming.count; i++) {
+ consumed_slice_size = GPR_SLICE_LENGTH(h->incoming.slices[i]);
result = tsi_handshaker_process_bytes_from_peer(
- s->handshaker, GPR_SLICE_START_PTR(s->incoming.slices[i]),
+ h->handshaker, GPR_SLICE_START_PTR(h->incoming.slices[i]),
&consumed_slice_size);
- if (!tsi_handshaker_is_in_progress(s->handshaker)) break;
+ if (!tsi_handshaker_is_in_progress(h->handshaker)) break;
}
- if (tsi_handshaker_is_in_progress(s->handshaker)) {
+ if (tsi_handshaker_is_in_progress(h->handshaker)) {
/* We may need more data. */
if (result == TSI_INCOMPLETE_DATA) {
- switch (grpc_endpoint_read(s->wrapped_endpoint, &s->incoming,
- &s->on_handshake_data_received_from_peer)) {
+ switch (grpc_endpoint_read(h->wrapped_endpoint, &h->incoming,
+ &h->on_handshake_data_received_from_peer)) {
case GRPC_ENDPOINT_DONE:
- on_handshake_data_received_from_peer(s, 1);
+ on_handshake_data_received_from_peer(h, 1);
break;
case GRPC_ENDPOINT_ERROR:
- on_handshake_data_received_from_peer(s, 0);
+ on_handshake_data_received_from_peer(h, 0);
break;
case GRPC_ENDPOINT_PENDING:
break;
}
return;
} else {
- send_handshake_bytes_to_peer(s);
+ send_handshake_bytes_to_peer(h);
return;
}
}
@@ -223,90 +224,85 @@ static void on_handshake_data_received_from_peer(void *setup, int success) {
if (result != TSI_OK) {
gpr_log(GPR_ERROR, "Handshake failed with error %s",
tsi_result_to_string(result));
- secure_transport_setup_done(s, 0);
+ security_handshake_done(h, 0);
return;
}
/* Handshake is done and successful this point. */
has_left_overs_in_current_slice =
- (consumed_slice_size < GPR_SLICE_LENGTH(s->incoming.slices[i]));
+ (consumed_slice_size < GPR_SLICE_LENGTH(h->incoming.slices[i]));
num_left_overs =
- (has_left_overs_in_current_slice ? 1 : 0) + s->incoming.count - i - 1;
+ (has_left_overs_in_current_slice ? 1 : 0) + h->incoming.count - i - 1;
if (num_left_overs == 0) {
- check_peer(s);
+ check_peer(h);
return;
}
+
/* Put the leftovers in our buffer (ownership transfered). */
if (has_left_overs_in_current_slice) {
gpr_slice_buffer_add(
- &s->left_overs,
- gpr_slice_split_tail(&s->incoming.slices[i], consumed_slice_size));
+ &h->left_overs,
+ gpr_slice_split_tail(&h->incoming.slices[i], consumed_slice_size));
gpr_slice_unref(
- s->incoming.slices[i]); /* split_tail above increments refcount. */
+ h->incoming.slices[i]); /* split_tail above increments refcount. */
}
gpr_slice_buffer_addn(
- &s->left_overs, &s->incoming.slices[i + 1],
+ &h->left_overs, &h->incoming.slices[i + 1],
num_left_overs - (size_t)has_left_overs_in_current_slice);
- check_peer(s);
+ check_peer(h);
}
-/* If setup is NULL, the setup is done. */
-static void on_handshake_data_sent_to_peer(void *setup, int success) {
- grpc_secure_transport_setup *s = setup;
+/* If handshake is NULL, the handshake is done. */
+static void on_handshake_data_sent_to_peer(void *handshake, int success) {
+ grpc_security_handshake *h = handshake;
/* Make sure that write is OK. */
if (!success) {
gpr_log(GPR_ERROR, "Write failed.");
- if (setup != NULL) secure_transport_setup_done(s, 0);
+ if (handshake != NULL) security_handshake_done(h, 0);
return;
}
/* We may be done. */
- if (tsi_handshaker_is_in_progress(s->handshaker)) {
+ if (tsi_handshaker_is_in_progress(h->handshaker)) {
/* TODO(klempner,jboeuf): This should probably use the client setup
deadline */
- switch (grpc_endpoint_read(s->wrapped_endpoint, &s->incoming,
- &s->on_handshake_data_received_from_peer)) {
+ switch (grpc_endpoint_read(h->wrapped_endpoint, &h->incoming,
+ &h->on_handshake_data_received_from_peer)) {
case GRPC_ENDPOINT_ERROR:
- on_handshake_data_received_from_peer(s, 0);
+ on_handshake_data_received_from_peer(h, 0);
break;
case GRPC_ENDPOINT_PENDING:
break;
case GRPC_ENDPOINT_DONE:
- on_handshake_data_received_from_peer(s, 1);
+ on_handshake_data_received_from_peer(h, 1);
break;
}
} else {
- check_peer(s);
+ check_peer(h);
}
}
-void grpc_setup_secure_transport(grpc_security_connector *connector,
- grpc_endpoint *nonsecure_endpoint,
- grpc_secure_transport_setup_done_cb cb,
- void *user_data) {
- grpc_security_status result = GRPC_SECURITY_OK;
- grpc_secure_transport_setup *s =
- gpr_malloc(sizeof(grpc_secure_transport_setup));
- memset(s, 0, sizeof(grpc_secure_transport_setup));
- result = grpc_security_connector_create_handshaker(connector, &s->handshaker);
- if (result != GRPC_SECURITY_OK) {
- secure_transport_setup_done(s, 0);
- return;
- }
- s->connector =
- GRPC_SECURITY_CONNECTOR_REF(connector, "secure_transport_setup");
- s->handshake_buffer_size = GRPC_INITIAL_HANDSHAKE_BUFFER_SIZE;
- s->handshake_buffer = gpr_malloc(s->handshake_buffer_size);
- s->wrapped_endpoint = nonsecure_endpoint;
- s->user_data = user_data;
- s->cb = cb;
- grpc_iomgr_closure_init(&s->on_handshake_data_sent_to_peer,
- on_handshake_data_sent_to_peer, s);
- grpc_iomgr_closure_init(&s->on_handshake_data_received_from_peer,
- on_handshake_data_received_from_peer, s);
- gpr_slice_buffer_init(&s->left_overs);
- gpr_slice_buffer_init(&s->outgoing);
- gpr_slice_buffer_init(&s->incoming);
- send_handshake_bytes_to_peer(s);
+void grpc_do_security_handshake(tsi_handshaker *handshaker,
+ grpc_security_connector *connector,
+ grpc_endpoint *nonsecure_endpoint,
+ grpc_security_handshake_done_cb cb,
+ void *user_data) {
+ grpc_security_handshake *h = gpr_malloc(sizeof(grpc_security_handshake));
+ memset(h, 0, sizeof(grpc_security_handshake));
+ h->handshaker = handshaker;
+ h->connector = GRPC_SECURITY_CONNECTOR_REF(connector, "handshake");
+ h->handshake_buffer_size = GRPC_INITIAL_HANDSHAKE_BUFFER_SIZE;
+ h->handshake_buffer = gpr_malloc(h->handshake_buffer_size);
+ h->wrapped_endpoint = nonsecure_endpoint;
+ h->user_data = user_data;
+ h->cb = cb;
+ grpc_iomgr_closure_init(&h->on_handshake_data_sent_to_peer,
+ on_handshake_data_sent_to_peer, h);
+ grpc_iomgr_closure_init(&h->on_handshake_data_received_from_peer,
+ on_handshake_data_received_from_peer, h);
+ gpr_slice_buffer_init(&h->left_overs);
+ gpr_slice_buffer_init(&h->outgoing);
+ gpr_slice_buffer_init(&h->incoming);
+ send_handshake_bytes_to_peer(h);
}
diff --git a/src/core/security/secure_transport_setup.h b/src/core/security/handshake.h
index d9b802556d..d7e4a30580 100644
--- a/src/core/security/secure_transport_setup.h
+++ b/src/core/security/handshake.h
@@ -31,23 +31,18 @@
*
*/
-#ifndef GRPC_INTERNAL_CORE_SECURITY_SECURE_TRANSPORT_SETUP_H
-#define GRPC_INTERNAL_CORE_SECURITY_SECURE_TRANSPORT_SETUP_H
+#ifndef GRPC_INTERNAL_CORE_SECURITY_HANDSHAKE_H
+#define GRPC_INTERNAL_CORE_SECURITY_HANDSHAKE_H
#include "src/core/iomgr/endpoint.h"
#include "src/core/security/security_connector.h"
-/* --- Secure transport setup --- */
-/* Ownership of the secure_endpoint is transfered. */
-typedef void (*grpc_secure_transport_setup_done_cb)(
- void *user_data, grpc_security_status status,
- grpc_endpoint *wrapped_endpoint, grpc_endpoint *secure_endpoint);
+/* Calls the callback upon completion. Takes owership of handshaker. */
+void grpc_do_security_handshake(tsi_handshaker *handshaker,
+ grpc_security_connector *connector,
+ grpc_endpoint *nonsecure_endpoint,
+ grpc_security_handshake_done_cb cb,
+ void *user_data);
-/* Calls the callback upon completion. */
-void grpc_setup_secure_transport(grpc_security_connector *connector,
- grpc_endpoint *nonsecure_endpoint,
- grpc_secure_transport_setup_done_cb cb,
- void *user_data);
-
-#endif /* GRPC_INTERNAL_CORE_SECURITY_SECURE_TRANSPORT_SETUP_H */
+#endif /* GRPC_INTERNAL_CORE_SECURITY_HANDSHAKE_H */
diff --git a/src/core/security/security_connector.c b/src/core/security/security_connector.c
index ba9ac68c5f..f6460a323e 100644
--- a/src/core/security/security_connector.c
+++ b/src/core/security/security_connector.c
@@ -36,6 +36,7 @@
#include <string.h>
#include "src/core/security/credentials.h"
+#include "src/core/security/handshake.h"
#include "src/core/security/secure_endpoint.h"
#include "src/core/security/security_context.h"
#include "src/core/support/env.h"
@@ -101,10 +102,15 @@ const tsi_peer_property *tsi_peer_get_property_by_name(const tsi_peer *peer,
return NULL;
}
-grpc_security_status grpc_security_connector_create_handshaker(
- grpc_security_connector *sc, tsi_handshaker **handshaker) {
- if (sc == NULL || handshaker == NULL) return GRPC_SECURITY_ERROR;
- return sc->vtable->create_handshaker(sc, handshaker);
+void grpc_security_connector_do_handshake(grpc_security_connector *sc,
+ grpc_endpoint *nonsecure_endpoint,
+ grpc_security_handshake_done_cb cb,
+ void *user_data) {
+ if (sc == NULL || nonsecure_endpoint == NULL) {
+ cb(user_data, GRPC_SECURITY_ERROR, nonsecure_endpoint, NULL);
+ } else {
+ sc->vtable->do_handshake(sc, nonsecure_endpoint, cb, user_data);
+ }
}
grpc_security_status grpc_security_connector_check_peer(
@@ -225,18 +231,6 @@ static void fake_server_destroy(grpc_security_connector *sc) {
gpr_free(sc);
}
-static grpc_security_status fake_channel_create_handshaker(
- grpc_security_connector *sc, tsi_handshaker **handshaker) {
- *handshaker = tsi_create_fake_handshaker(1);
- return GRPC_SECURITY_OK;
-}
-
-static grpc_security_status fake_server_create_handshaker(
- grpc_security_connector *sc, tsi_handshaker **handshaker) {
- *handshaker = tsi_create_fake_handshaker(0);
- return GRPC_SECURITY_OK;
-}
-
static grpc_security_status fake_check_peer(grpc_security_connector *sc,
tsi_peer peer,
grpc_security_check_cb cb,
@@ -286,11 +280,27 @@ static grpc_security_status fake_channel_check_call_host(
}
}
+static void fake_channel_do_handshake(grpc_security_connector *sc,
+ grpc_endpoint *nonsecure_endpoint,
+ grpc_security_handshake_done_cb cb,
+ void *user_data) {
+ grpc_do_security_handshake(tsi_create_fake_handshaker(1), sc,
+ nonsecure_endpoint, cb, user_data);
+}
+
+static void fake_server_do_handshake(grpc_security_connector *sc,
+ grpc_endpoint *nonsecure_endpoint,
+ grpc_security_handshake_done_cb cb,
+ void *user_data) {
+ grpc_do_security_handshake(tsi_create_fake_handshaker(0), sc,
+ nonsecure_endpoint, cb, user_data);
+}
+
static grpc_security_connector_vtable fake_channel_vtable = {
- fake_channel_destroy, fake_channel_create_handshaker, fake_check_peer};
+ fake_channel_destroy, fake_channel_do_handshake, fake_check_peer};
static grpc_security_connector_vtable fake_server_vtable = {
- fake_server_destroy, fake_server_create_handshaker, fake_check_peer};
+ fake_server_destroy, fake_server_do_handshake, fake_check_peer};
grpc_channel_security_connector *grpc_fake_channel_security_connector_create(
grpc_credentials *request_metadata_creds, int call_host_check_is_async) {
@@ -372,22 +382,41 @@ static grpc_security_status ssl_create_handshaker(
return GRPC_SECURITY_OK;
}
-static grpc_security_status ssl_channel_create_handshaker(
- grpc_security_connector *sc, tsi_handshaker **handshaker) {
+static void ssl_channel_do_handshake(grpc_security_connector *sc,
+ grpc_endpoint *nonsecure_endpoint,
+ grpc_security_handshake_done_cb cb,
+ void *user_data) {
grpc_ssl_channel_security_connector *c =
(grpc_ssl_channel_security_connector *)sc;
- return ssl_create_handshaker(c->handshaker_factory, 1,
- c->overridden_target_name != NULL
- ? c->overridden_target_name
- : c->target_name,
- handshaker);
+ tsi_handshaker *handshaker;
+ grpc_security_status status = ssl_create_handshaker(
+ c->handshaker_factory, 1,
+ c->overridden_target_name != NULL ? c->overridden_target_name
+ : c->target_name,
+ &handshaker);
+ if (status != GRPC_SECURITY_OK) {
+ cb(user_data, status, nonsecure_endpoint, NULL);
+ } else {
+ grpc_do_security_handshake(handshaker, sc, nonsecure_endpoint, cb,
+ user_data);
+ }
}
-static grpc_security_status ssl_server_create_handshaker(
- grpc_security_connector *sc, tsi_handshaker **handshaker) {
+static void ssl_server_do_handshake(grpc_security_connector *sc,
+ grpc_endpoint *nonsecure_endpoint,
+ grpc_security_handshake_done_cb cb,
+ void *user_data) {
grpc_ssl_server_security_connector *c =
(grpc_ssl_server_security_connector *)sc;
- return ssl_create_handshaker(c->handshaker_factory, 0, NULL, handshaker);
+ tsi_handshaker *handshaker;
+ grpc_security_status status =
+ ssl_create_handshaker(c->handshaker_factory, 0, NULL, &handshaker);
+ if (status != GRPC_SECURITY_OK) {
+ cb(user_data, status, nonsecure_endpoint, NULL);
+ } else {
+ grpc_do_security_handshake(handshaker, sc, nonsecure_endpoint, cb,
+ user_data);
+ }
}
static int ssl_host_matches_name(const tsi_peer *peer, const char *peer_name) {
@@ -512,10 +541,10 @@ static grpc_security_status ssl_channel_check_call_host(
}
static grpc_security_connector_vtable ssl_channel_vtable = {
- ssl_channel_destroy, ssl_channel_create_handshaker, ssl_channel_check_peer};
+ ssl_channel_destroy, ssl_channel_do_handshake, ssl_channel_check_peer};
static grpc_security_connector_vtable ssl_server_vtable = {
- ssl_server_destroy, ssl_server_create_handshaker, ssl_server_check_peer};
+ ssl_server_destroy, ssl_server_do_handshake, ssl_server_check_peer};
static gpr_slice default_pem_root_certs;
diff --git a/src/core/security/security_connector.h b/src/core/security/security_connector.h
index 2c9aa1c5a4..5fc1db382e 100644
--- a/src/core/security/security_connector.h
+++ b/src/core/security/security_connector.h
@@ -63,10 +63,17 @@ typedef struct grpc_security_connector grpc_security_connector;
typedef void (*grpc_security_check_cb)(void *user_data,
grpc_security_status status);
+
+/* Ownership of the secure_endpoint is transfered. */
+typedef void (*grpc_security_handshake_done_cb)(
+ void *user_data, grpc_security_status status,
+ grpc_endpoint *wrapped_endpoint, grpc_endpoint *secure_endpoint);
+
typedef struct {
void (*destroy)(grpc_security_connector *sc);
- grpc_security_status (*create_handshaker)(grpc_security_connector *sc,
- tsi_handshaker **handshaker);
+ void (*do_handshake)(grpc_security_connector *sc,
+ grpc_endpoint *nonsecure_endpoint,
+ grpc_security_handshake_done_cb cb, void *user_data);
grpc_security_status (*check_peer)(grpc_security_connector *sc, tsi_peer peer,
grpc_security_check_cb cb,
void *user_data);
@@ -100,9 +107,11 @@ grpc_security_connector *grpc_security_connector_ref(
void grpc_security_connector_unref(grpc_security_connector *policy);
#endif
-/* Handshake creation. */
-grpc_security_status grpc_security_connector_create_handshaker(
- grpc_security_connector *sc, tsi_handshaker **handshaker);
+/* Handshake. */
+void grpc_security_connector_do_handshake(grpc_security_connector *connector,
+ grpc_endpoint *nonsecure_endpoint,
+ grpc_security_handshake_done_cb cb,
+ void *user_data);
/* Check the peer.
Implementations can choose to check the peer either synchronously or
diff --git a/src/core/security/server_secure_chttp2.c b/src/core/security/server_secure_chttp2.c
index 4749f5f516..f7318b2079 100644
--- a/src/core/security/server_secure_chttp2.c
+++ b/src/core/security/server_secure_chttp2.c
@@ -44,7 +44,6 @@
#include "src/core/security/credentials.h"
#include "src/core/security/security_connector.h"
#include "src/core/security/security_context.h"
-#include "src/core/security/secure_transport_setup.h"
#include "src/core/surface/server.h"
#include "src/core/transport/chttp2_transport.h"
#include <grpc/support/alloc.h>
@@ -123,10 +122,9 @@ static int remove_tcp_from_list_locked(grpc_server_secure_state *state,
return -1;
}
-static void on_secure_transport_setup_done(void *statep,
- grpc_security_status status,
- grpc_endpoint *wrapped_endpoint,
- grpc_endpoint *secure_endpoint) {
+static void on_secure_handshake_done(void *statep, grpc_security_status status,
+ grpc_endpoint *wrapped_endpoint,
+ grpc_endpoint *secure_endpoint) {
grpc_server_secure_state *state = statep;
grpc_transport *transport;
grpc_mdctx *mdctx;
@@ -165,8 +163,8 @@ static void on_accept(void *statep, grpc_endpoint *tcp) {
node->next = state->handshaking_tcp_endpoints;
state->handshaking_tcp_endpoints = node;
gpr_mu_unlock(&state->mu);
- grpc_setup_secure_transport(state->sc, tcp, on_secure_transport_setup_done,
- state);
+ grpc_security_connector_do_handshake(state->sc, tcp, on_secure_handshake_done,
+ state);
}
/* Server callback: start listening on our ports */
diff --git a/src/core/surface/call.c b/src/core/surface/call.c
index 1636998f59..4168c2ef0c 100644
--- a/src/core/surface/call.c
+++ b/src/core/surface/call.c
@@ -1485,8 +1485,6 @@ static void recv_metadata(grpc_call *call, grpc_metadata_batch *md) {
} else if (key == grpc_channel_get_encodings_accepted_by_peer_string(
call->channel)) {
set_encodings_accepted_by_peer(call, md->value->slice);
- } else if (key == grpc_channel_get_content_type_string(call->channel)) {
- continue; /* swallow "content-type" header */
} else {
dest = &call->buffered_metadata[is_trailing];
if (dest->count == dest->capacity) {
diff --git a/src/core/surface/channel.c b/src/core/surface/channel.c
index cc9d44f45d..a89523b3ab 100644
--- a/src/core/surface/channel.c
+++ b/src/core/surface/channel.c
@@ -69,7 +69,6 @@ struct grpc_channel {
grpc_mdstr *grpc_compression_algorithm_string;
grpc_mdstr *grpc_encodings_accepted_by_peer_string;
grpc_mdstr *grpc_message_string;
- grpc_mdstr *content_type_string;
grpc_mdstr *path_string;
grpc_mdstr *authority_string;
grpc_mdelem *default_authority;
@@ -112,8 +111,6 @@ grpc_channel *grpc_channel_create_from_filters(
grpc_mdstr_from_string(mdctx, "grpc-accept-encoding", 0);
channel->grpc_message_string =
grpc_mdstr_from_string(mdctx, "grpc-message", 0);
- channel->content_type_string =
- grpc_mdstr_from_string(mdctx, "content-type", 0);
for (i = 0; i < NUM_CACHED_STATUS_ELEMS; i++) {
char buf[GPR_LTOA_MIN_BUFSIZE];
gpr_ltoa((long)i, buf);
@@ -284,7 +281,6 @@ static void destroy_channel(void *p, int ok) {
GRPC_MDSTR_UNREF(channel->grpc_compression_algorithm_string);
GRPC_MDSTR_UNREF(channel->grpc_encodings_accepted_by_peer_string);
GRPC_MDSTR_UNREF(channel->grpc_message_string);
- GRPC_MDSTR_UNREF(channel->content_type_string);
GRPC_MDSTR_UNREF(channel->path_string);
GRPC_MDSTR_UNREF(channel->authority_string);
while (channel->registered_calls) {
@@ -368,10 +364,6 @@ grpc_mdstr *grpc_channel_get_message_string(grpc_channel *channel) {
return channel->grpc_message_string;
}
-grpc_mdstr *grpc_channel_get_content_type_string(grpc_channel *channel) {
- return channel->content_type_string;
-}
-
gpr_uint32 grpc_channel_get_max_message_length(grpc_channel *channel) {
return channel->max_message_length;
}
diff --git a/src/core/surface/channel.h b/src/core/surface/channel.h
index 05fbc8d75c..f271616f60 100644
--- a/src/core/surface/channel.h
+++ b/src/core/surface/channel.h
@@ -59,7 +59,6 @@ grpc_mdstr *grpc_channel_get_compression_algorithm_string(
grpc_mdstr *grpc_channel_get_encodings_accepted_by_peer_string(
grpc_channel *channel);
grpc_mdstr *grpc_channel_get_message_string(grpc_channel *channel);
-grpc_mdstr *grpc_channel_get_content_type_string(grpc_channel *channel);
gpr_uint32 grpc_channel_get_max_message_length(grpc_channel *channel);
#ifdef GRPC_CHANNEL_REF_COUNT_DEBUG
diff --git a/src/core/surface/channel_connectivity.c b/src/core/surface/channel_connectivity.c
index 88a7c16598..5c55ad3655 100644
--- a/src/core/surface/channel_connectivity.c
+++ b/src/core/surface/channel_connectivity.c
@@ -67,6 +67,7 @@ typedef struct {
gpr_mu mu;
callback_phase phase;
int success;
+ int removed;
grpc_iomgr_closure on_complete;
grpc_alarm alarm;
grpc_connectivity_state state;
@@ -77,10 +78,6 @@ typedef struct {
} state_watcher;
static void delete_state_watcher(state_watcher *w) {
- grpc_channel_element *client_channel_elem = grpc_channel_stack_last_element(
- grpc_channel_get_channel_stack(w->channel));
- grpc_client_channel_del_interested_party(client_channel_elem,
- grpc_cq_pollset(w->cq));
GRPC_CHANNEL_INTERNAL_UNREF(w->channel, "watch_connectivity");
gpr_mu_destroy(&w->mu);
gpr_free(w);
@@ -112,7 +109,17 @@ static void finished_completion(void *pw, grpc_cq_completion *ignored) {
static void partly_done(state_watcher *w, int due_to_completion) {
int delete = 0;
+ grpc_channel_element *client_channel_elem = NULL;
+ gpr_mu_lock(&w->mu);
+ if (w->removed == 0) {
+ w->removed = 1;
+ client_channel_elem = grpc_channel_stack_last_element(
+ grpc_channel_get_channel_stack(w->channel));
+ grpc_client_channel_del_interested_party(client_channel_elem,
+ grpc_cq_pollset(w->cq));
+ }
+ gpr_mu_unlock(&w->mu);
if (due_to_completion) {
gpr_mu_lock(&w->mu);
w->success = 1;
@@ -163,6 +170,7 @@ void grpc_channel_watch_connectivity_state(
w->phase = WAITING;
w->state = last_observed_state;
w->success = 0;
+ w->removed = 0;
w->cq = cq;
w->tag = tag;
w->channel = channel;
diff --git a/src/core/surface/secure_channel_create.c b/src/core/surface/secure_channel_create.c
index 08c0a4ff95..3f3469720d 100644
--- a/src/core/surface/secure_channel_create.c
+++ b/src/core/surface/secure_channel_create.c
@@ -47,7 +47,6 @@
#include "src/core/iomgr/tcp_client.h"
#include "src/core/security/auth_filters.h"
#include "src/core/security/credentials.h"
-#include "src/core/security/secure_transport_setup.h"
#include "src/core/surface/channel.h"
#include "src/core/transport/chttp2_transport.h"
#include "src/core/tsi/transport_security_interface.h"
@@ -78,10 +77,9 @@ static void connector_unref(grpc_connector *con) {
}
}
-static void on_secure_transport_setup_done(void *arg,
- grpc_security_status status,
- grpc_endpoint *wrapped_endpoint,
- grpc_endpoint *secure_endpoint) {
+static void on_secure_handshake_done(void *arg, grpc_security_status status,
+ grpc_endpoint *wrapped_endpoint,
+ grpc_endpoint *secure_endpoint) {
connector *c = arg;
grpc_iomgr_closure *notify;
gpr_mu_lock(&c->mu);
@@ -90,7 +88,7 @@ static void on_secure_transport_setup_done(void *arg,
gpr_mu_unlock(&c->mu);
} else if (status != GRPC_SECURITY_OK) {
GPR_ASSERT(c->connecting_endpoint == wrapped_endpoint);
- gpr_log(GPR_ERROR, "Secure transport setup failed with error %d.", status);
+ gpr_log(GPR_ERROR, "Secure handshake failed with error %d.", status);
memset(c->result, 0, sizeof(*c->result));
c->connecting_endpoint = NULL;
gpr_mu_unlock(&c->mu);
@@ -119,8 +117,8 @@ static void connected(void *arg, grpc_endpoint *tcp) {
GPR_ASSERT(c->connecting_endpoint == NULL);
c->connecting_endpoint = tcp;
gpr_mu_unlock(&c->mu);
- grpc_setup_secure_transport(&c->security_connector->base, tcp,
- on_secure_transport_setup_done, c);
+ grpc_security_connector_do_handshake(&c->security_connector->base, tcp,
+ on_secure_handshake_done, c);
} else {
memset(c->result, 0, sizeof(*c->result));
notify = c->notify;
diff --git a/src/cpp/client/secure_credentials.cc b/src/cpp/client/secure_credentials.cc
index 8333b01f29..1693cf740b 100644
--- a/src/cpp/client/secure_credentials.cc
+++ b/src/cpp/client/secure_credentials.cc
@@ -173,7 +173,7 @@ void MetadataCredentialsPluginWrapper::GetMetadata(
void MetadataCredentialsPluginWrapper::InvokePlugin(
const char* service_url, grpc_credentials_plugin_metadata_cb cb,
void* user_data) {
- std::multimap<grpc::string, grpc::string_ref> metadata;
+ std::multimap<grpc::string, grpc::string> metadata;
Status status = plugin_->GetMetadata(service_url, &metadata);
std::vector<grpc_metadata> md;
for (auto it = metadata.begin(); it != metadata.end(); ++it) {
@@ -183,7 +183,7 @@ void MetadataCredentialsPluginWrapper::InvokePlugin(
0,
{{nullptr, nullptr, nullptr, nullptr}}});
}
- cb(user_data, &md[0], md.size(),
+ cb(user_data, md.empty() ? nullptr : &md[0], md.size(),
static_cast<grpc_status_code>(status.error_code()),
status.error_message().c_str());
}