static grpc_security_status ssl_check_peer(grpc_security_connector *sc, const char *peer_name, const tsi_peer *peer) { /* Check the ALPN. */ const tsi_peer_property *p = tsi_peer_get_property_by_name(peer, TSI_SSL_ALPN_SELECTED_PROTOCOL); if (p == NULL) { gpr_log(GPR_ERROR, "Missing selected ALPN property."); return GRPC_SECURITY_ERROR; } if (!grpc_chttp2_is_alpn_version_supported(p->value.data, p->value.length)) { gpr_log(GPR_ERROR, "Invalid ALPN value."); return GRPC_SECURITY_ERROR; } /* Check the peer name if specified. */ if (peer_name != NULL && !ssl_host_matches_name(peer, peer_name)) { gpr_log(GPR_ERROR, "Peer name %s is not in peer certificate", peer_name); return GRPC_SECURITY_ERROR; } if (sc->auth_context != NULL) { GRPC_AUTH_CONTEXT_UNREF(sc->auth_context, "connector"); } sc->auth_context = tsi_ssl_peer_to_auth_context(peer); return GRPC_SECURITY_OK; }
static grpc_security_status ssl_check_peer(const char *peer_name, const tsi_peer *peer) { /* Check the ALPN. */ const tsi_peer_property *p = tsi_peer_get_property_by_name(peer, TSI_SSL_ALPN_SELECTED_PROTOCOL); if (p == NULL) { gpr_log(GPR_ERROR, "Missing selected ALPN property."); return GRPC_SECURITY_ERROR; } if (p->type != TSI_PEER_PROPERTY_TYPE_STRING) { gpr_log(GPR_ERROR, "Invalid selected ALPN property."); return GRPC_SECURITY_ERROR; } if (!grpc_chttp2_is_alpn_version_supported(p->value.string.data, p->value.string.length)) { gpr_log(GPR_ERROR, "Invalid ALPN value."); return GRPC_SECURITY_ERROR; } /* Check the peer name if specified. */ if (peer_name != NULL && !ssl_host_matches_name(peer, peer_name)) { gpr_log(GPR_ERROR, "Peer name %s is not in peer certificate", peer_name); return GRPC_SECURITY_ERROR; } return GRPC_SECURITY_OK; }