// // // Copyright 2015 gRPC authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. // // #include <grpc/support/port_platform.h> #include "src/core/lib/security/transport/security_handshaker.h" #include <limits.h> #include <stdint.h> #include <string.h> #include <algorithm> #include <memory> #include <string> #include "absl/base/attributes.h" #include "absl/status/status.h" #include "absl/strings/str_cat.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" #include <grpc/grpc_security.h> #include <grpc/grpc_security_constants.h> #include <grpc/slice.h> #include <grpc/slice_buffer.h> #include <grpc/support/alloc.h> #include <grpc/support/log.h> #include "src/core/lib/channel/channel_args.h" #include "src/core/lib/channel/channelz.h" #include "src/core/lib/config/core_configuration.h" #include "src/core/lib/debug/stats.h" #include "src/core/lib/debug/stats_data.h" #include "src/core/lib/gprpp/debug_location.h" #include "src/core/lib/gprpp/ref_counted_ptr.h" #include "src/core/lib/gprpp/status_helper.h" #include "src/core/lib/gprpp/sync.h" #include "src/core/lib/gprpp/unique_type_name.h" #include "src/core/lib/iomgr/closure.h" #include "src/core/lib/iomgr/endpoint.h" #include "src/core/lib/iomgr/error.h" #include "src/core/lib/iomgr/exec_ctx.h" #include "src/core/lib/iomgr/iomgr_fwd.h" #include "src/core/lib/iomgr/tcp_server.h" #include "src/core/lib/security/context/security_context.h" #include "src/core/lib/security/transport/secure_endpoint.h" #include "src/core/lib/security/transport/tsi_error.h" #include "src/core/lib/slice/slice.h" #include "src/core/lib/slice/slice_internal.h" #include "src/core/lib/transport/handshaker.h" #include "src/core/lib/transport/handshaker_factory.h" #include "src/core/lib/transport/handshaker_registry.h" #include "src/core/tsi/transport_security_grpc.h" #define GRPC_INITIAL_HANDSHAKE_BUFFER_SIZE … namespace grpc_core { namespace { class SecurityHandshaker : public Handshaker { … }; SecurityHandshaker::SecurityHandshaker(tsi_handshaker* handshaker, grpc_security_connector* connector, const ChannelArgs& args) : … { … } SecurityHandshaker::~SecurityHandshaker() { … } size_t SecurityHandshaker::MoveReadBufferIntoHandshakeBuffer() { … } // Set args_ fields to NULL, saving the endpoint and read buffer for // later destruction. void SecurityHandshaker::CleanupArgsForFailureLocked() { … } // If the handshake failed or we're shutting down, clean up and invoke the // callback with the error. void SecurityHandshaker::HandshakeFailedLocked(grpc_error_handle error) { … } namespace { RefCountedPtr<channelz::SocketNode::Security> MakeChannelzSecurityFromAuthContext(grpc_auth_context* auth_context) { … } } // namespace void SecurityHandshaker::OnPeerCheckedInner(grpc_error_handle error) { … } void SecurityHandshaker::OnPeerCheckedFn(void* arg, grpc_error_handle error) { … } grpc_error_handle SecurityHandshaker::CheckPeerLocked() { … } grpc_error_handle SecurityHandshaker::OnHandshakeNextDoneLocked( tsi_result result, const unsigned char* bytes_to_send, size_t bytes_to_send_size, tsi_handshaker_result* handshaker_result) { … } void SecurityHandshaker::OnHandshakeNextDoneGrpcWrapper( tsi_result result, void* user_data, const unsigned char* bytes_to_send, size_t bytes_to_send_size, tsi_handshaker_result* handshaker_result) { … } grpc_error_handle SecurityHandshaker::DoHandshakerNextLocked( const unsigned char* bytes_received, size_t bytes_received_size) { … } // This callback might be run inline while we are still holding on to the mutex, // so schedule OnHandshakeDataReceivedFromPeerFn on ExecCtx to avoid a deadlock. void SecurityHandshaker::OnHandshakeDataReceivedFromPeerFnScheduler( void* arg, grpc_error_handle error) { … } void SecurityHandshaker::OnHandshakeDataReceivedFromPeerFn( void* arg, grpc_error_handle error) { … } // This callback might be run inline while we are still holding on to the mutex, // so schedule OnHandshakeDataSentToPeerFn on ExecCtx to avoid a deadlock. void SecurityHandshaker::OnHandshakeDataSentToPeerFnScheduler( void* arg, grpc_error_handle error) { … } void SecurityHandshaker::OnHandshakeDataSentToPeerFn(void* arg, grpc_error_handle error) { … } // // public handshaker API // void SecurityHandshaker::Shutdown(grpc_error_handle why) { … } void SecurityHandshaker::DoHandshake(grpc_tcp_server_acceptor* /*acceptor*/, grpc_closure* on_handshake_done, HandshakerArgs* args) { … } // // FailHandshaker // class FailHandshaker : public Handshaker { … }; // // handshaker factories // class ClientSecurityHandshakerFactory : public HandshakerFactory { … }; class ServerSecurityHandshakerFactory : public HandshakerFactory { … }; } // namespace // // exported functions // RefCountedPtr<Handshaker> SecurityHandshakerCreate( tsi_handshaker* handshaker, grpc_security_connector* connector, const ChannelArgs& args) { … } void SecurityRegisterHandshakerFactories(CoreConfiguration::Builder* builder) { … } } // namespace grpc_core grpc_handshaker* grpc_security_handshaker_create( tsi_handshaker* handshaker, grpc_security_connector* connector, const grpc_channel_args* args) { … }
Codebase Browser
chromium