static grpc_security_status composite_channel_create_security_connector( grpc_channel_credentials *creds, grpc_call_credentials *call_creds, const char *target, const grpc_channel_args *args, grpc_channel_security_connector **sc, grpc_channel_args **new_args) { grpc_composite_channel_credentials *c = (grpc_composite_channel_credentials *)creds; grpc_security_status status = GRPC_SECURITY_ERROR; GPR_ASSERT(c->inner_creds != NULL && c->call_creds != NULL && c->inner_creds->vtable != NULL && c->inner_creds->vtable->create_security_connector != NULL); /* If we are passed a call_creds, create a call composite to pass it downstream. */ if (call_creds != NULL) { grpc_call_credentials *composite_call_creds = grpc_composite_call_credentials_create(c->call_creds, call_creds, NULL); status = c->inner_creds->vtable->create_security_connector( c->inner_creds, composite_call_creds, target, args, sc, new_args); grpc_call_credentials_unref(composite_call_creds); } else { status = c->inner_creds->vtable->create_security_connector( c->inner_creds, c->call_creds, target, args, sc, new_args); } return status; }
static void composite_channel_destruct(grpc_exec_ctx *exec_ctx, grpc_channel_credentials *creds) { grpc_composite_channel_credentials *c = (grpc_composite_channel_credentials *)creds; grpc_channel_credentials_unref(exec_ctx, c->inner_creds); grpc_call_credentials_unref(exec_ctx, c->call_creds); }
static void composite_call_destruct(grpc_call_credentials *creds) { grpc_composite_call_credentials *c = (grpc_composite_call_credentials *)creds; size_t i; for (i = 0; i < c->inner.num_creds; i++) { grpc_call_credentials_unref(c->inner.creds_array[i]); } gpr_free(c->inner.creds_array); }
grpc_channel_credentials *grpc_google_default_credentials_create(void) { grpc_channel_credentials *result = NULL; grpc_call_credentials *call_creds = NULL; GRPC_API_TRACE("grpc_google_default_credentials_create(void)", 0, ()); gpr_once_init(&g_once, init_default_credentials); gpr_mu_lock(&g_mu); if (default_credentials != NULL) { result = grpc_channel_credentials_ref(default_credentials); goto end; } /* First, try the environment variable. */ call_creds = create_default_creds_from_path( gpr_getenv(GRPC_GOOGLE_CREDENTIALS_ENV_VAR)); if (call_creds != NULL) goto end; /* Then the well-known file. */ call_creds = create_default_creds_from_path( grpc_get_well_known_google_credentials_file_path()); if (call_creds != NULL) goto end; /* At last try to see if we're on compute engine (do the detection only once since it requires a network test). */ if (!compute_engine_detection_done) { int need_compute_engine_creds = is_stack_running_on_compute_engine(); compute_engine_detection_done = 1; if (need_compute_engine_creds) { call_creds = grpc_google_compute_engine_credentials_create(NULL); } } end: if (result == NULL) { if (call_creds != NULL) { /* Blend with default ssl credentials and add a global reference so that it can be cached and re-served. */ grpc_channel_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL, NULL); default_credentials = grpc_channel_credentials_ref( grpc_composite_channel_credentials_create(ssl_creds, call_creds, NULL)); GPR_ASSERT(default_credentials != NULL); grpc_channel_credentials_unref(ssl_creds); grpc_call_credentials_unref(call_creds); result = default_credentials; } else { gpr_log(GPR_ERROR, "Could not create google default credentials."); } } gpr_mu_unlock(&g_mu); return result; }
void grpc_client_security_context_destroy(void *ctx) { grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT; grpc_client_security_context *c = (grpc_client_security_context *)ctx; grpc_call_credentials_unref(&exec_ctx, c->creds); GRPC_AUTH_CONTEXT_UNREF(c->auth_context, "client_security_context"); if (c->extension.instance != NULL && c->extension.destroy != NULL) { c->extension.destroy(c->extension.instance); } gpr_free(ctx); grpc_exec_ctx_finish(&exec_ctx); }
static void ssl_channel_destroy(grpc_security_connector *sc) { grpc_ssl_channel_security_connector *c = (grpc_ssl_channel_security_connector *)sc; grpc_call_credentials_unref(c->base.request_metadata_creds); if (c->handshaker_factory != NULL) { tsi_ssl_handshaker_factory_destroy(c->handshaker_factory); } if (c->target_name != NULL) gpr_free(c->target_name); if (c->overridden_target_name != NULL) gpr_free(c->overridden_target_name); gpr_free(sc); }
/* Destructor for call_data */ static void destroy_call_elem(grpc_exec_ctx *exec_ctx, grpc_call_element *elem, const grpc_call_stats *stats, void *ignored) { call_data *calld = elem->call_data; grpc_call_credentials_unref(calld->creds); if (calld->host != NULL) { GRPC_MDSTR_UNREF(calld->host); } if (calld->method != NULL) { GRPC_MDSTR_UNREF(calld->method); } reset_auth_metadata_context(&calld->auth_md_context); }
/* Destructor for call_data */ static void destroy_call_elem(grpc_exec_ctx *exec_ctx, grpc_call_element *elem, const grpc_call_final_info *final_info, void *ignored) { call_data *calld = elem->call_data; grpc_call_credentials_unref(exec_ctx, calld->creds); if (calld->have_host) { grpc_slice_unref_internal(exec_ctx, calld->host); } if (calld->have_method) { grpc_slice_unref_internal(exec_ctx, calld->method); } reset_auth_metadata_context(&calld->auth_md_context); }
/* Destructor for call_data */ static void destroy_call_elem(grpc_exec_ctx *exec_ctx, grpc_call_element *elem, const grpc_call_final_info *final_info, grpc_closure *ignored) { call_data *calld = elem->call_data; grpc_credentials_mdelem_array_destroy(exec_ctx, &calld->md_array); grpc_call_credentials_unref(exec_ctx, calld->creds); if (calld->have_host) { grpc_slice_unref_internal(exec_ctx, calld->host); } if (calld->have_method) { grpc_slice_unref_internal(exec_ctx, calld->method); } reset_auth_metadata_context(&calld->auth_md_context); gpr_mu_destroy(&calld->security_context_mu); gpr_atm cancel_state = gpr_atm_acq_load(&calld->cancellation_state); grpc_error *cancel_error = GRPC_ERROR_NONE; grpc_closure *cancel_func = NULL; decode_cancel_state(cancel_state, &cancel_func, &cancel_error); GRPC_ERROR_UNREF(cancel_error); }
grpc_call_error grpc_call_set_credentials(grpc_call *call, grpc_call_credentials *creds) { grpc_client_security_context *ctx = NULL; GRPC_API_TRACE("grpc_call_set_credentials(call=%p, creds=%p)", 2, (call, creds)); if (!grpc_call_is_client(call)) { gpr_log(GPR_ERROR, "Method is client-side only."); return GRPC_CALL_ERROR_NOT_ON_SERVER; } ctx = (grpc_client_security_context *)grpc_call_context_get( call, GRPC_CONTEXT_SECURITY); if (ctx == NULL) { ctx = grpc_client_security_context_create(); ctx->creds = grpc_call_credentials_ref(creds); grpc_call_context_set(call, GRPC_CONTEXT_SECURITY, ctx, grpc_client_security_context_destroy); } else { grpc_call_credentials_unref(ctx->creds); ctx->creds = grpc_call_credentials_ref(creds); } return GRPC_CALL_OK; }
static void fake_channel_destroy(grpc_security_connector *sc) { grpc_channel_security_connector *c = (grpc_channel_security_connector *)sc; grpc_call_credentials_unref(c->request_metadata_creds); gpr_free(sc); }
grpc_channel_credentials *grpc_google_default_credentials_create(void) { grpc_channel_credentials *result = NULL; grpc_call_credentials *call_creds = NULL; grpc_error *error = GRPC_ERROR_CREATE("Failed to create Google credentials"); grpc_error *err; grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT; GRPC_API_TRACE("grpc_google_default_credentials_create(void)", 0, ()); gpr_once_init(&g_once, init_default_credentials); gpr_mu_lock(&g_state_mu); if (default_credentials != NULL) { result = grpc_channel_credentials_ref(default_credentials); goto end; } /* First, try the environment variable. */ err = create_default_creds_from_path( &exec_ctx, gpr_getenv(GRPC_GOOGLE_CREDENTIALS_ENV_VAR), &call_creds); if (err == GRPC_ERROR_NONE) goto end; error = grpc_error_add_child(error, err); /* Then the well-known file. */ err = create_default_creds_from_path( &exec_ctx, grpc_get_well_known_google_credentials_file_path(), &call_creds); if (err == GRPC_ERROR_NONE) goto end; error = grpc_error_add_child(error, err); /* At last try to see if we're on compute engine (do the detection only once since it requires a network test). */ if (!compute_engine_detection_done) { int need_compute_engine_creds = is_stack_running_on_compute_engine(&exec_ctx); compute_engine_detection_done = 1; if (need_compute_engine_creds) { call_creds = grpc_google_compute_engine_credentials_create(NULL); if (call_creds == NULL) { error = grpc_error_add_child( error, GRPC_ERROR_CREATE("Failed to get credentials from network")); } } } end: if (result == NULL) { if (call_creds != NULL) { /* Blend with default ssl credentials and add a global reference so that it can be cached and re-served. */ grpc_channel_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL, NULL); default_credentials = grpc_channel_credentials_ref( grpc_composite_channel_credentials_create(ssl_creds, call_creds, NULL)); GPR_ASSERT(default_credentials != NULL); grpc_channel_credentials_unref(&exec_ctx, ssl_creds); grpc_call_credentials_unref(&exec_ctx, call_creds); result = default_credentials; } else { gpr_log(GPR_ERROR, "Could not create google default credentials."); } } gpr_mu_unlock(&g_state_mu); if (result == NULL) { GRPC_LOG_IF_ERROR("grpc_google_default_credentials_create", error); } else { GRPC_ERROR_UNREF(error); } grpc_exec_ctx_finish(&exec_ctx); return result; }
static void grpc_credentials_metadata_request_destroy( grpc_credentials_metadata_request *r) { grpc_call_credentials_unref(r->creds); gpr_free(r); }
void grpc_call_credentials_release(grpc_call_credentials *creds) { GRPC_API_TRACE("grpc_call_credentials_release(creds=%p)", 1, (creds)); grpc_call_credentials_unref(creds); }
void grpc_credentials_metadata_request_destroy( grpc_credentials_metadata_request *r) { grpc_call_credentials_unref(r->creds); grpc_http_response_destroy(&r->response); gpr_free(r); }
void grpc_client_security_context_destroy(void *ctx) { grpc_client_security_context *c = (grpc_client_security_context *)ctx; grpc_call_credentials_unref(c->creds); GRPC_AUTH_CONTEXT_UNREF(c->auth_context, "client_security_context"); gpr_free(ctx); }