diff --git a/include/grpc/grpc_security.h b/include/grpc/grpc_security.h index ead708b2840..9b907ea3eba 100644 --- a/include/grpc/grpc_security.h +++ b/include/grpc/grpc_security.h @@ -300,14 +300,8 @@ typedef struct { void *state; } grpc_auth_metadata_processor; -/* XXXX: this is a temporarty interface. Please do NOT use. - This function will be moved to the server_credentials in a subsequent - pull request. XXXX - - Registration function for metadata processing. - Should be called before the server is started. */ -void grpc_server_register_auth_metadata_processor( - grpc_auth_metadata_processor processor); +void grpc_server_credentials_set_auth_metadata_processor( + grpc_server_credentials *creds, grpc_auth_metadata_processor processor); #ifdef __cplusplus } diff --git a/src/core/security/credentials.c b/src/core/security/credentials.c index 71513bcc25b..eb178ececba 100644 --- a/src/core/security/credentials.c +++ b/src/core/security/credentials.c @@ -149,6 +149,12 @@ grpc_security_status grpc_server_credentials_create_security_connector( return creds->vtable->create_security_connector(creds, sc); } +void grpc_server_credentials_set_auth_metadata_processor( + grpc_server_credentials *creds, grpc_auth_metadata_processor processor) { + if (creds == NULL) return; + creds->processor = processor; +} + /* -- Ssl credentials. -- */ static void ssl_destroy(grpc_credentials *creds) { diff --git a/src/core/security/credentials.h b/src/core/security/credentials.h index 664524522ba..cee04b2120c 100644 --- a/src/core/security/credentials.h +++ b/src/core/security/credentials.h @@ -208,6 +208,7 @@ typedef struct { struct grpc_server_credentials { const grpc_server_credentials_vtable *vtable; const char *type; + grpc_auth_metadata_processor processor; }; grpc_security_status grpc_server_credentials_create_security_connector( diff --git a/src/core/security/security_context.h b/src/core/security/security_context.h index d4351cb74c5..5df5311d705 100644 --- a/src/core/security/security_context.h +++ b/src/core/security/security_context.h @@ -105,8 +105,11 @@ grpc_server_security_context *grpc_server_security_context_create(void); void grpc_server_security_context_destroy(void *ctx); /* --- Auth metadata processing. --- */ +#define GRPC_AUTH_METADATA_PROCESSOR_ARG "grpc.auth_metadata_processor" -grpc_auth_metadata_processor grpc_server_get_auth_metadata_processor(void); +grpc_arg grpc_auth_metadata_processor_to_arg(grpc_auth_metadata_processor *p); +grpc_auth_metadata_processor grpc_auth_metadata_processor_from_arg( + const grpc_arg *arg); #endif /* GRPC_INTERNAL_CORE_SECURITY_SECURITY_CONTEXT_H */ diff --git a/src/core/security/server_secure_chttp2.c b/src/core/security/server_secure_chttp2.c index 3717b8989f4..5dcd7e2f92f 100644 --- a/src/core/security/server_secure_chttp2.c +++ b/src/core/security/server_secure_chttp2.c @@ -60,6 +60,7 @@ typedef struct grpc_server_secure_state { grpc_server *server; grpc_tcp_server *tcp; grpc_security_connector *sc; + grpc_auth_metadata_processor processor; tcp_endpoint_list *handshaking_tcp_endpoints; int is_shutdown; gpr_mu mu; @@ -252,9 +253,11 @@ int grpc_server_add_secure_http2_port(grpc_server *server, const char *addr, grpc_resolved_addresses_destroy(resolved); state = gpr_malloc(sizeof(*state)); + memset(state, 0, sizeof(*state)); state->server = server; state->tcp = tcp; state->sc = sc; + state->processor = creds->processor; state->handshaking_tcp_endpoints = NULL; state->is_shutdown = 0; gpr_mu_init(&state->mu);