diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/core/tsi/fake_transport_security.c | 4 | ||||
-rw-r--r-- | src/core/tsi/transport_security.c | 85 | ||||
-rw-r--r-- | src/core/tsi/transport_security.h | 4 | ||||
-rw-r--r-- | src/core/tsi/transport_security_adapter.c | 7 | ||||
-rw-r--r-- | src/core/tsi/transport_security_grpc.c | 64 | ||||
-rw-r--r-- | src/core/tsi/transport_security_grpc.h | 80 | ||||
-rw-r--r-- | src/core/tsi/transport_security_interface.h | 9 | ||||
-rw-r--r-- | src/python/grpcio/grpc_core_dependencies.py | 1 |
8 files changed, 53 insertions, 201 deletions
diff --git a/src/core/tsi/fake_transport_security.c b/src/core/tsi/fake_transport_security.c index de16b356b6..810447313c 100644 --- a/src/core/tsi/fake_transport_security.c +++ b/src/core/tsi/fake_transport_security.c @@ -407,10 +407,8 @@ static void fake_handshaker_result_destroy(tsi_handshaker_result *self) { static const tsi_handshaker_result_vtable handshaker_result_vtable = { fake_handshaker_result_extract_peer, - NULL, /* create_zero_copy_grpc_protector */ fake_handshaker_result_create_frame_protector, - fake_handshaker_result_get_unused_bytes, - fake_handshaker_result_destroy, + fake_handshaker_result_get_unused_bytes, fake_handshaker_result_destroy, }; static tsi_result fake_handshaker_result_create( diff --git a/src/core/tsi/transport_security.c b/src/core/tsi/transport_security.c index 3637f3c190..2b1f4310c1 100644 --- a/src/core/tsi/transport_security.c +++ b/src/core/tsi/transport_security.c @@ -74,12 +74,14 @@ tsi_result tsi_frame_protector_protect(tsi_frame_protector *self, size_t *unprotected_bytes_size, unsigned char *protected_output_frames, size_t *protected_output_frames_size) { - if (self == NULL || self->vtable == NULL || unprotected_bytes == NULL || + if (self == NULL || unprotected_bytes == NULL || unprotected_bytes_size == NULL || protected_output_frames == NULL || protected_output_frames_size == NULL) { return TSI_INVALID_ARGUMENT; } - if (self->vtable->protect == NULL) return TSI_UNIMPLEMENTED; + if (self->vtable == NULL || self->vtable->protect == NULL) { + return TSI_UNIMPLEMENTED; + } return self->vtable->protect(self, unprotected_bytes, unprotected_bytes_size, protected_output_frames, protected_output_frames_size); @@ -88,11 +90,13 @@ tsi_result tsi_frame_protector_protect(tsi_frame_protector *self, tsi_result tsi_frame_protector_protect_flush( tsi_frame_protector *self, unsigned char *protected_output_frames, size_t *protected_output_frames_size, size_t *still_pending_size) { - if (self == NULL || self->vtable == NULL || protected_output_frames == NULL || + if (self == NULL || protected_output_frames == NULL || protected_output_frames_size == NULL || still_pending_size == NULL) { return TSI_INVALID_ARGUMENT; } - if (self->vtable->protect_flush == NULL) return TSI_UNIMPLEMENTED; + if (self->vtable == NULL || self->vtable->protect_flush == NULL) { + return TSI_UNIMPLEMENTED; + } return self->vtable->protect_flush(self, protected_output_frames, protected_output_frames_size, still_pending_size); @@ -102,12 +106,14 @@ tsi_result tsi_frame_protector_unprotect( tsi_frame_protector *self, const unsigned char *protected_frames_bytes, size_t *protected_frames_bytes_size, unsigned char *unprotected_bytes, size_t *unprotected_bytes_size) { - if (self == NULL || self->vtable == NULL || protected_frames_bytes == NULL || + if (self == NULL || protected_frames_bytes == NULL || protected_frames_bytes_size == NULL || unprotected_bytes == NULL || unprotected_bytes_size == NULL) { return TSI_INVALID_ARGUMENT; } - if (self->vtable->unprotect == NULL) return TSI_UNIMPLEMENTED; + if (self->vtable == NULL || self->vtable->unprotect == NULL) { + return TSI_UNIMPLEMENTED; + } return self->vtable->unprotect(self, protected_frames_bytes, protected_frames_bytes_size, unprotected_bytes, unprotected_bytes_size); @@ -125,44 +131,48 @@ void tsi_frame_protector_destroy(tsi_frame_protector *self) { tsi_result tsi_handshaker_get_bytes_to_send_to_peer(tsi_handshaker *self, unsigned char *bytes, size_t *bytes_size) { - if (self == NULL || self->vtable == NULL || bytes == NULL || - bytes_size == NULL) { + if (self == NULL || bytes == NULL || bytes_size == NULL) { return TSI_INVALID_ARGUMENT; } if (self->frame_protector_created) return TSI_FAILED_PRECONDITION; - if (self->vtable->get_bytes_to_send_to_peer == NULL) return TSI_UNIMPLEMENTED; + if (self->vtable == NULL || self->vtable->get_bytes_to_send_to_peer == NULL) { + return TSI_UNIMPLEMENTED; + } return self->vtable->get_bytes_to_send_to_peer(self, bytes, bytes_size); } tsi_result tsi_handshaker_process_bytes_from_peer(tsi_handshaker *self, const unsigned char *bytes, size_t *bytes_size) { - if (self == NULL || self->vtable == NULL || bytes == NULL || - bytes_size == NULL) { + if (self == NULL || bytes == NULL || bytes_size == NULL) { return TSI_INVALID_ARGUMENT; } if (self->frame_protector_created) return TSI_FAILED_PRECONDITION; - if (self->vtable->process_bytes_from_peer == NULL) return TSI_UNIMPLEMENTED; + if (self->vtable == NULL || self->vtable->process_bytes_from_peer == NULL) { + return TSI_UNIMPLEMENTED; + } return self->vtable->process_bytes_from_peer(self, bytes, bytes_size); } tsi_result tsi_handshaker_get_result(tsi_handshaker *self) { - if (self == NULL || self->vtable == NULL) return TSI_INVALID_ARGUMENT; + if (self == NULL) return TSI_INVALID_ARGUMENT; if (self->frame_protector_created) return TSI_FAILED_PRECONDITION; - if (self->vtable->get_result == NULL) return TSI_UNIMPLEMENTED; + if (self->vtable == NULL || self->vtable->get_result == NULL) { + return TSI_UNIMPLEMENTED; + } return self->vtable->get_result(self); } tsi_result tsi_handshaker_extract_peer(tsi_handshaker *self, tsi_peer *peer) { - if (self == NULL || self->vtable == NULL || peer == NULL) { - return TSI_INVALID_ARGUMENT; - } + if (self == NULL || peer == NULL) return TSI_INVALID_ARGUMENT; memset(peer, 0, sizeof(tsi_peer)); if (self->frame_protector_created) return TSI_FAILED_PRECONDITION; if (tsi_handshaker_get_result(self) != TSI_OK) { return TSI_FAILED_PRECONDITION; } - if (self->vtable->extract_peer == NULL) return TSI_UNIMPLEMENTED; + if (self->vtable == NULL || self->vtable->extract_peer == NULL) { + return TSI_UNIMPLEMENTED; + } return self->vtable->extract_peer(self, peer); } @@ -170,12 +180,14 @@ tsi_result tsi_handshaker_create_frame_protector( tsi_handshaker *self, size_t *max_protected_frame_size, tsi_frame_protector **protector) { tsi_result result; - if (self == NULL || self->vtable == NULL || protector == NULL) { - return TSI_INVALID_ARGUMENT; - } + if (self == NULL || protector == NULL) return TSI_INVALID_ARGUMENT; if (self->frame_protector_created) return TSI_FAILED_PRECONDITION; - if (tsi_handshaker_get_result(self) != TSI_OK) return TSI_FAILED_PRECONDITION; - if (self->vtable->create_frame_protector == NULL) return TSI_UNIMPLEMENTED; + if (tsi_handshaker_get_result(self) != TSI_OK) { + return TSI_FAILED_PRECONDITION; + } + if (self->vtable == NULL || self->vtable->create_frame_protector == NULL) { + return TSI_UNIMPLEMENTED; + } result = self->vtable->create_frame_protector(self, max_protected_frame_size, protector); if (result == TSI_OK) { @@ -189,9 +201,11 @@ tsi_result tsi_handshaker_next( size_t received_bytes_size, unsigned char **bytes_to_send, size_t *bytes_to_send_size, tsi_handshaker_result **handshaker_result, tsi_handshaker_on_next_done_cb cb, void *user_data) { - if (self == NULL || self->vtable == NULL) return TSI_INVALID_ARGUMENT; + if (self == NULL) return TSI_INVALID_ARGUMENT; if (self->handshaker_result_created) return TSI_FAILED_PRECONDITION; - if (self->vtable->next == NULL) return TSI_UNIMPLEMENTED; + if (self->vtable == NULL || self->vtable->next == NULL) { + return TSI_UNIMPLEMENTED; + } return self->vtable->next(self, received_bytes, received_bytes_size, bytes_to_send, bytes_to_send_size, handshaker_result, cb, user_data); @@ -206,21 +220,21 @@ void tsi_handshaker_destroy(tsi_handshaker *self) { tsi_result tsi_handshaker_result_extract_peer(const tsi_handshaker_result *self, tsi_peer *peer) { - if (self == NULL || self->vtable == NULL || peer == NULL) { - return TSI_INVALID_ARGUMENT; - } + if (self == NULL || peer == NULL) return TSI_INVALID_ARGUMENT; memset(peer, 0, sizeof(tsi_peer)); - if (self->vtable->extract_peer == NULL) return TSI_UNIMPLEMENTED; + if (self->vtable == NULL || self->vtable->extract_peer == NULL) { + return TSI_UNIMPLEMENTED; + } return self->vtable->extract_peer(self, peer); } tsi_result tsi_handshaker_result_create_frame_protector( const tsi_handshaker_result *self, size_t *max_protected_frame_size, tsi_frame_protector **protector) { - if (self == NULL || self->vtable == NULL || protector == NULL) { - return TSI_INVALID_ARGUMENT; + if (self == NULL || protector == NULL) return TSI_INVALID_ARGUMENT; + if (self->vtable == NULL || self->vtable->create_frame_protector == NULL) { + return TSI_UNIMPLEMENTED; } - if (self->vtable->create_frame_protector == NULL) return TSI_UNIMPLEMENTED; return self->vtable->create_frame_protector(self, max_protected_frame_size, protector); } @@ -228,11 +242,12 @@ tsi_result tsi_handshaker_result_create_frame_protector( tsi_result tsi_handshaker_result_get_unused_bytes( const tsi_handshaker_result *self, const unsigned char **bytes, size_t *bytes_size) { - if (self == NULL || self->vtable == NULL || bytes == NULL || - bytes_size == NULL) { + if (self == NULL || bytes == NULL || bytes_size == NULL) { return TSI_INVALID_ARGUMENT; } - if (self->vtable->get_unused_bytes == NULL) return TSI_UNIMPLEMENTED; + if (self->vtable == NULL || self->vtable->get_unused_bytes == NULL) { + return TSI_UNIMPLEMENTED; + } return self->vtable->get_unused_bytes(self, bytes, bytes_size); } diff --git a/src/core/tsi/transport_security.h b/src/core/tsi/transport_security.h index dde48a6b7f..2c7db6bca9 100644 --- a/src/core/tsi/transport_security.h +++ b/src/core/tsi/transport_security.h @@ -86,10 +86,6 @@ struct tsi_handshaker { See transport_security_interface.h for documentation. */ typedef struct { tsi_result (*extract_peer)(const tsi_handshaker_result *self, tsi_peer *peer); - tsi_result (*create_zero_copy_grpc_protector)( - const tsi_handshaker_result *self, - size_t *max_output_protected_frame_size, - tsi_zero_copy_grpc_protector **protector); tsi_result (*create_frame_protector)(const tsi_handshaker_result *self, size_t *max_output_protected_frame_size, tsi_frame_protector **protector); diff --git a/src/core/tsi/transport_security_adapter.c b/src/core/tsi/transport_security_adapter.c index 3b388af48a..b6dc660c47 100644 --- a/src/core/tsi/transport_security_adapter.c +++ b/src/core/tsi/transport_security_adapter.c @@ -66,11 +66,8 @@ static void adapter_result_destroy(tsi_handshaker_result *self) { } static const tsi_handshaker_result_vtable result_vtable = { - adapter_result_extract_peer, - NULL, /* create_zero_copy_grpc_protector */ - adapter_result_create_frame_protector, - adapter_result_get_unused_bytes, - adapter_result_destroy, + adapter_result_extract_peer, adapter_result_create_frame_protector, + adapter_result_get_unused_bytes, adapter_result_destroy, }; /* Ownership of wrapped tsi_handshaker is transferred to the result object. */ diff --git a/src/core/tsi/transport_security_grpc.c b/src/core/tsi/transport_security_grpc.c deleted file mode 100644 index ab2b6ddd54..0000000000 --- a/src/core/tsi/transport_security_grpc.c +++ /dev/null @@ -1,64 +0,0 @@ -/* - * - * Copyright 2017 gRPC authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#include "src/core/tsi/transport_security_grpc.h" - -/* This method creates a tsi_zero_copy_grpc_protector object. */ -tsi_result tsi_handshaker_result_create_zero_copy_grpc_protector( - const tsi_handshaker_result *self, size_t *max_protected_frame_size, - tsi_zero_copy_grpc_protector **protector) { - if (self == NULL || self->vtable == NULL || protector == NULL) { - return TSI_INVALID_ARGUMENT; - } - if (self->vtable->create_zero_copy_grpc_protector == NULL) { - return TSI_UNIMPLEMENTED; - } - return self->vtable->create_zero_copy_grpc_protector( - self, max_protected_frame_size, protector); -} - -/* --- tsi_zero_copy_grpc_protector common implementation. --- - - Calls specific implementation after state/input validation. */ - -tsi_result tsi_zero_copy_grpc_protector_protect( - tsi_zero_copy_grpc_protector *self, grpc_slice_buffer *unprotected_slices, - grpc_slice_buffer *protected_slices) { - if (self == NULL || self->vtable == NULL || unprotected_slices == NULL || - protected_slices == NULL) { - return TSI_INVALID_ARGUMENT; - } - if (self->vtable->protect == NULL) return TSI_UNIMPLEMENTED; - return self->vtable->protect(self, unprotected_slices, protected_slices); -} - -tsi_result tsi_zero_copy_grpc_protector_unprotect( - tsi_zero_copy_grpc_protector *self, grpc_slice_buffer *protected_slices, - grpc_slice_buffer *unprotected_slices) { - if (self == NULL || self->vtable == NULL || protected_slices == NULL || - unprotected_slices == NULL) { - return TSI_INVALID_ARGUMENT; - } - if (self->vtable->unprotect == NULL) return TSI_UNIMPLEMENTED; - return self->vtable->unprotect(self, protected_slices, unprotected_slices); -} - -void tsi_zero_copy_grpc_protector_destroy(tsi_zero_copy_grpc_protector *self) { - if (self == NULL) return; - self->vtable->destroy(self); -} diff --git a/src/core/tsi/transport_security_grpc.h b/src/core/tsi/transport_security_grpc.h deleted file mode 100644 index 5ab5297cc4..0000000000 --- a/src/core/tsi/transport_security_grpc.h +++ /dev/null @@ -1,80 +0,0 @@ -/* - * - * Copyright 2017 gRPC authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#ifndef GRPC_CORE_TSI_TRANSPORT_SECURITY_GRPC_H -#define GRPC_CORE_TSI_TRANSPORT_SECURITY_GRPC_H - -#include <grpc/slice_buffer.h> -#include "src/core/tsi/transport_security.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/* This method creates a tsi_zero_copy_grpc_protector object. It return TSI_OK - assuming there is no fatal error. - The caller is responsible for destroying the protector. */ -tsi_result tsi_handshaker_result_create_zero_copy_grpc_protector( - const tsi_handshaker_result *self, size_t *max_output_protected_frame_size, - tsi_zero_copy_grpc_protector **protector); - -/* -- tsi_zero_copy_grpc_protector object -- */ - -/* Outputs protected frames. - - unprotected_slices is the unprotected data to be protected. - - protected_slices is the protected output frames. One or more frames - may be produced in this protect function. - - This method returns TSI_OK in case of success or a specific error code in - case of failure. */ -tsi_result tsi_zero_copy_grpc_protector_protect( - tsi_zero_copy_grpc_protector *self, grpc_slice_buffer *unprotected_slices, - grpc_slice_buffer *protected_slices); - -/* Outputs unprotected bytes. - - protected_slices is the bytes of protected frames. - - unprotected_slices is the unprotected output data. - - This method returns TSI_OK in case of success. Success includes cases where - there is not enough data to output in which case unprotected_slices has 0 - bytes. */ -tsi_result tsi_zero_copy_grpc_protector_unprotect( - tsi_zero_copy_grpc_protector *self, grpc_slice_buffer *protected_slices, - grpc_slice_buffer *unprotected_slices); - -/* Destroys the tsi_zero_copy_grpc_protector object. */ -void tsi_zero_copy_grpc_protector_destroy(tsi_zero_copy_grpc_protector *self); - -/* Base for tsi_zero_copy_grpc_protector implementations. */ -typedef struct { - tsi_result (*protect)(tsi_zero_copy_grpc_protector *self, - grpc_slice_buffer *unprotected_slices, - grpc_slice_buffer *protected_slices); - tsi_result (*unprotect)(tsi_zero_copy_grpc_protector *self, - grpc_slice_buffer *protected_slices, - grpc_slice_buffer *unprotected_slices); - void (*destroy)(tsi_zero_copy_grpc_protector *self); -} tsi_zero_copy_grpc_protector_vtable; - -struct tsi_zero_copy_grpc_protector { - const tsi_zero_copy_grpc_protector_vtable *vtable; -}; - -#ifdef __cplusplus -} -#endif - -#endif /* GRPC_CORE_TSI_TRANSPORT_SECURITY_GRPC_H */ diff --git a/src/core/tsi/transport_security_interface.h b/src/core/tsi/transport_security_interface.h index 414c78603f..39ba8addc4 100644 --- a/src/core/tsi/transport_security_interface.h +++ b/src/core/tsi/transport_security_interface.h @@ -62,15 +62,6 @@ const char *tsi_result_to_string(tsi_result result); extern grpc_tracer_flag tsi_tracing_enabled; -/* -- tsi_zero_copy_grpc_protector object -- - - This object protects and unprotects grpc slice buffers with zero or minimized - memory copy once the handshake is done. Implementations of this object must be - thread compatible. This object depends on grpc and the details of this object - is defined in transport_security_grpc.h. */ - -typedef struct tsi_zero_copy_grpc_protector tsi_zero_copy_grpc_protector; - /* --- tsi_frame_protector object --- This object protects and unprotects buffers once the handshake is done. diff --git a/src/python/grpcio/grpc_core_dependencies.py b/src/python/grpcio/grpc_core_dependencies.py index dc4d28f95b..e52d43e81d 100644 --- a/src/python/grpcio/grpc_core_dependencies.py +++ b/src/python/grpcio/grpc_core_dependencies.py @@ -246,7 +246,6 @@ CORE_SOURCE_FILES = [ 'src/core/tsi/fake_transport_security.c', 'src/core/tsi/gts_transport_security.c', 'src/core/tsi/ssl_transport_security.c', - 'src/core/tsi/transport_security_grpc.c', 'src/core/tsi/transport_security.c', 'src/core/tsi/transport_security_adapter.c', 'src/core/ext/transport/chttp2/server/chttp2_server.c', |