static void on_peer_checked(grpc_exec_ctx *exec_ctx, void *user_data, grpc_security_status status, grpc_auth_context *auth_context) { grpc_security_handshake *h = user_data; tsi_frame_protector *protector; tsi_result result; if (status != GRPC_SECURITY_OK) { security_handshake_done( exec_ctx, h, grpc_error_set_int(GRPC_ERROR_CREATE("Error checking peer."), GRPC_ERROR_INT_SECURITY_STATUS, status)); return; } h->auth_context = GRPC_AUTH_CONTEXT_REF(auth_context, "handshake"); result = tsi_handshaker_create_frame_protector(h->handshaker, NULL, &protector); if (result != TSI_OK) { security_handshake_done( exec_ctx, h, grpc_set_tsi_error_result( GRPC_ERROR_CREATE("Frame protector creation failed"), result)); return; } h->secure_endpoint = grpc_secure_endpoint_create(protector, h->wrapped_endpoint, h->left_overs.slices, h->left_overs.count); h->left_overs.count = 0; h->left_overs.length = 0; security_handshake_done(exec_ctx, h, GRPC_ERROR_NONE); return; }
static void test_handshaker_invalid_state(void) { tsi_handshaker *h = tsi_create_fake_handshaker(0); tsi_peer peer; tsi_frame_protector *p; GPR_ASSERT(tsi_handshaker_extract_peer(h, &peer) == TSI_FAILED_PRECONDITION); GPR_ASSERT(tsi_handshaker_create_frame_protector(h, NULL, &p) == TSI_FAILED_PRECONDITION); tsi_handshaker_destroy(h); }
static void test_handshaker_invalid_args(void) { GPR_ASSERT(tsi_handshaker_get_result(NULL) == TSI_INVALID_ARGUMENT); GPR_ASSERT(tsi_handshaker_extract_peer(NULL, NULL) == TSI_INVALID_ARGUMENT); GPR_ASSERT(tsi_handshaker_create_frame_protector(NULL, NULL, NULL) == TSI_INVALID_ARGUMENT); GPR_ASSERT(tsi_handshaker_process_bytes_from_peer(NULL, NULL, NULL) == TSI_INVALID_ARGUMENT); GPR_ASSERT(tsi_handshaker_get_bytes_to_send_to_peer(NULL, NULL, NULL) == TSI_INVALID_ARGUMENT); }
static void on_peer_checked(grpc_exec_ctx *exec_ctx, void *arg, grpc_error *error) { security_handshaker *h = arg; gpr_mu_lock(&h->mu); if (error != GRPC_ERROR_NONE || h->shutdown) { security_handshake_failed_locked(exec_ctx, h, GRPC_ERROR_REF(error)); goto done; } // Get frame protector. tsi_frame_protector *protector; tsi_result result = tsi_handshaker_create_frame_protector(h->handshaker, NULL, &protector); if (result != TSI_OK) { error = grpc_set_tsi_error_result( GRPC_ERROR_CREATE("Frame protector creation failed"), result); security_handshake_failed_locked(exec_ctx, h, error); goto done; } // Success. // Create secure endpoint. h->args->endpoint = grpc_secure_endpoint_create( protector, h->args->endpoint, h->left_overs.slices, h->left_overs.count); h->left_overs.count = 0; h->left_overs.length = 0; // Clear out the read buffer before it gets passed to the transport, // since any excess bytes were already copied to h->left_overs. grpc_slice_buffer_reset_and_unref(h->args->read_buffer); // Add auth context to channel args. grpc_arg auth_context_arg = grpc_auth_context_to_arg(h->auth_context); grpc_channel_args *tmp_args = h->args->args; h->args->args = grpc_channel_args_copy_and_add(tmp_args, &auth_context_arg, 1); grpc_channel_args_destroy(tmp_args); // Invoke callback. grpc_exec_ctx_sched(exec_ctx, h->on_handshake_done, GRPC_ERROR_NONE, NULL); // Set shutdown to true so that subsequent calls to // security_handshaker_shutdown() do nothing. h->shutdown = true; done: gpr_mu_unlock(&h->mu); security_handshaker_unref(exec_ctx, h); }
static void on_peer_checked(void *user_data, grpc_security_status status) { grpc_secure_transport_setup *s = user_data; tsi_frame_protector *protector; tsi_result result; if (status != GRPC_SECURITY_OK) { gpr_log(GPR_ERROR, "Error checking peer."); secure_transport_setup_done(s, 0); return; } result = tsi_handshaker_create_frame_protector(s->handshaker, NULL, &protector); if (result != TSI_OK) { gpr_log(GPR_ERROR, "Frame protector creation failed with error %s.", tsi_result_to_string(result)); secure_transport_setup_done(s, 0); return; } s->endpoint = grpc_secure_endpoint_create( protector, s->endpoint, s->left_overs.slices, s->left_overs.count); secure_transport_setup_done(s, 1); return; }