Exemplo n.º 1
0
static grpc_security_status composite_channel_create_security_connector(
    grpc_channel_credentials *creds, grpc_call_credentials *call_creds,
    const char *target, const grpc_channel_args *args,
    grpc_channel_security_connector **sc, grpc_channel_args **new_args) {
  grpc_composite_channel_credentials *c =
      (grpc_composite_channel_credentials *)creds;
  grpc_security_status status = GRPC_SECURITY_ERROR;

  GPR_ASSERT(c->inner_creds != NULL && c->call_creds != NULL &&
             c->inner_creds->vtable != NULL &&
             c->inner_creds->vtable->create_security_connector != NULL);
  /* If we are passed a call_creds, create a call composite to pass it
     downstream. */
  if (call_creds != NULL) {
    grpc_call_credentials *composite_call_creds =
        grpc_composite_call_credentials_create(c->call_creds, call_creds, NULL);
    status = c->inner_creds->vtable->create_security_connector(
        c->inner_creds, composite_call_creds, target, args, sc, new_args);
    grpc_call_credentials_unref(composite_call_creds);
  } else {
    status = c->inner_creds->vtable->create_security_connector(
        c->inner_creds, c->call_creds, target, args, sc, new_args);
  }
  return status;
}
Exemplo n.º 2
0
static void send_security_metadata(grpc_exec_ctx *exec_ctx,
                                   grpc_call_element *elem,
                                   grpc_transport_stream_op_batch *batch) {
  call_data *calld = elem->call_data;
  channel_data *chand = elem->channel_data;
  grpc_client_security_context *ctx =
      (grpc_client_security_context *)batch->payload
          ->context[GRPC_CONTEXT_SECURITY]
          .value;
  grpc_call_credentials *channel_call_creds =
      chand->security_connector->request_metadata_creds;
  int call_creds_has_md = (ctx != NULL) && (ctx->creds != NULL);

  if (channel_call_creds == NULL && !call_creds_has_md) {
    /* Skip sending metadata altogether. */
    grpc_call_next_op(exec_ctx, elem, batch);
    return;
  }

  if (channel_call_creds != NULL && call_creds_has_md) {
    calld->creds = grpc_composite_call_credentials_create(channel_call_creds,
                                                          ctx->creds, NULL);
    if (calld->creds == NULL) {
      grpc_transport_stream_op_batch_finish_with_failure(
          exec_ctx, batch,
          grpc_error_set_int(
              GRPC_ERROR_CREATE_FROM_STATIC_STRING(
                  "Incompatible credentials set on channel and call."),
              GRPC_ERROR_INT_GRPC_STATUS, GRPC_STATUS_UNAUTHENTICATED));
      return;
    }
  } else {
    calld->creds = grpc_call_credentials_ref(
        call_creds_has_md ? ctx->creds : channel_call_creds);
  }

  build_auth_metadata_context(&chand->security_connector->base,
                              chand->auth_context, calld);

  grpc_error *cancel_error = set_cancel_func(elem, cancel_get_request_metadata);
  if (cancel_error != GRPC_ERROR_NONE) {
    grpc_transport_stream_op_batch_finish_with_failure(exec_ctx, batch,
                                                       cancel_error);
    return;
  }
  GPR_ASSERT(calld->pollent != NULL);
  GRPC_CLOSURE_INIT(&calld->closure, on_credentials_metadata, batch,
                    grpc_schedule_on_exec_ctx);
  grpc_error *error = GRPC_ERROR_NONE;
  if (grpc_call_credentials_get_request_metadata(
          exec_ctx, calld->creds, calld->pollent, calld->auth_md_context,
          &calld->md_array, &calld->closure, &error)) {
    // Synchronous return; invoke on_credentials_metadata() directly.
    on_credentials_metadata(exec_ctx, batch, error);
    GRPC_ERROR_UNREF(error);
  }
}
Exemplo n.º 3
0
static VALUE grpc_rb_call_credentials_compose(int argc, VALUE *argv,
                                              VALUE self) {
  grpc_call_credentials *creds;
  grpc_call_credentials *other;
  if (argc == 0) {
    return self;
  }
  creds = grpc_rb_get_wrapped_call_credentials(self);
  for (int i = 0; i < argc; i++) {
    other = grpc_rb_get_wrapped_call_credentials(argv[i]);
    creds = grpc_composite_call_credentials_create(creds, other, NULL);
  }
  return grpc_rb_wrap_call_credentials(creds);
}
Exemplo n.º 4
0
static VALUE grpc_rb_call_credentials_compose(int argc, VALUE *argv,
                                              VALUE self) {
  grpc_call_credentials *creds;
  grpc_call_credentials *other;
  VALUE mark;
  if (argc == 0) {
    return self;
  }
  mark = rb_ary_new();
  creds = grpc_rb_get_wrapped_call_credentials(self);
  for (int i = 0; i < argc; i++) {
    rb_ary_push(mark, argv[i]);
    other = grpc_rb_get_wrapped_call_credentials(argv[i]);
    creds = grpc_composite_call_credentials_create(creds, other, NULL);
  }
  return grpc_rb_wrap_call_credentials(creds, mark);
}
Exemplo n.º 5
0
static void send_security_metadata(grpc_exec_ctx *exec_ctx,
                                   grpc_call_element *elem,
                                   grpc_transport_stream_op *op) {
  call_data *calld = elem->call_data;
  channel_data *chand = elem->channel_data;
  grpc_client_security_context *ctx =
      (grpc_client_security_context *)op->context[GRPC_CONTEXT_SECURITY].value;
  grpc_call_credentials *channel_call_creds =
      chand->security_connector->request_metadata_creds;
  int call_creds_has_md = (ctx != NULL) && (ctx->creds != NULL);

  if (channel_call_creds == NULL && !call_creds_has_md) {
    /* Skip sending metadata altogether. */
    grpc_call_next_op(exec_ctx, elem, op);
    return;
  }

  if (channel_call_creds != NULL && call_creds_has_md) {
    calld->creds = grpc_composite_call_credentials_create(channel_call_creds,
                                                          ctx->creds, NULL);
    if (calld->creds == NULL) {
      grpc_transport_stream_op_finish_with_failure(
          exec_ctx, op,
          grpc_error_set_int(
              GRPC_ERROR_CREATE(
                  "Incompatible credentials set on channel and call."),
              GRPC_ERROR_INT_GRPC_STATUS, GRPC_STATUS_UNAUTHENTICATED));
      return;
    }
  } else {
    calld->creds = grpc_call_credentials_ref(
        call_creds_has_md ? ctx->creds : channel_call_creds);
  }

  build_auth_metadata_context(&chand->security_connector->base,
                              chand->auth_context, calld);
  calld->op = *op; /* Copy op (originates from the caller's stack). */
  GPR_ASSERT(calld->pollent != NULL);
  grpc_call_credentials_get_request_metadata(
      exec_ctx, calld->creds, calld->pollent, calld->auth_md_context,
      on_credentials_metadata, elem);
}
Exemplo n.º 6
0
CallCredentials *pygrpc_CallCredentials_composite(
    PyTypeObject *type, PyObject *args, PyObject *kwargs) {
  CallCredentials *self;
  CallCredentials *creds1;
  CallCredentials *creds2;
  static char *keywords[] = {"creds1", "creds2", NULL};
  if (!PyArg_ParseTupleAndKeywords(args, kwargs, "O!O!:composite", keywords,
        &pygrpc_CallCredentials_type, &creds1,
        &pygrpc_CallCredentials_type, &creds2)) {
    return NULL;
  }
  self = (CallCredentials *)type->tp_alloc(type, 0);
  self->c_creds =
      grpc_composite_call_credentials_create(
          creds1->c_creds, creds2->c_creds, NULL);
  if (!self->c_creds) {
    Py_DECREF(self);
    PyErr_SetString(PyExc_RuntimeError, "couldn't create composite credentials");
    return NULL;
  }
  return self;
}
Exemplo n.º 7
0
GPR_EXPORT grpc_call_credentials *GPR_CALLTYPE grpcsharp_composite_call_credentials_create(
  grpc_call_credentials *creds1,
  grpc_call_credentials *creds2) {
  return grpc_composite_call_credentials_create(creds1, creds2, NULL);
}