diff --git a/src/core/lib/security/transport/security_handshaker.cc b/src/core/lib/security/transport/security_handshaker.cc index 885b35fc9d2..8014ce03063 100644 --- a/src/core/lib/security/transport/security_handshaker.cc +++ b/src/core/lib/security/transport/security_handshaker.cc @@ -27,6 +27,7 @@ #include #include #include +#include #include "absl/base/attributes.h" #include "absl/status/status.h" @@ -585,25 +586,25 @@ void SecurityHandshaker::DoHandshake(grpc_tcp_server_acceptor* /*acceptor*/, class FailHandshaker : public Handshaker { public: + explicit FailHandshaker(absl::Status status) : status_(std::move(status)) {} const char* name() const override { return "security_fail"; } void Shutdown(grpc_error_handle /*why*/) override {} void DoHandshake(grpc_tcp_server_acceptor* /*acceptor*/, grpc_closure* on_handshake_done, HandshakerArgs* args) override { - grpc_error_handle error = - GRPC_ERROR_CREATE("Failed to create security handshaker"); - grpc_endpoint_shutdown(args->endpoint, error); + grpc_endpoint_shutdown(args->endpoint, status_); grpc_endpoint_destroy(args->endpoint); args->endpoint = nullptr; args->args = ChannelArgs(); grpc_slice_buffer_destroy(args->read_buffer); gpr_free(args->read_buffer); args->read_buffer = nullptr; - ExecCtx::Run(DEBUG_LOCATION, on_handshake_done, error); + ExecCtx::Run(DEBUG_LOCATION, on_handshake_done, status_); } private: ~FailHandshaker() override = default; + absl::Status status_; }; // @@ -652,14 +653,22 @@ class ServerSecurityHandshakerFactory : public HandshakerFactory { // RefCountedPtr SecurityHandshakerCreate( - tsi_handshaker* handshaker, grpc_security_connector* connector, - const ChannelArgs& args) { + absl::StatusOr handshaker, + grpc_security_connector* connector, const ChannelArgs& args) { // If no TSI handshaker was created, return a handshaker that always fails. // Otherwise, return a real security handshaker. - if (handshaker == nullptr) { - return MakeRefCounted(); + if (!handshaker.ok()) { + return MakeRefCounted( + absl::Status(handshaker.status().code(), + absl::StrCat("Failed to create security handshaker: ", + handshaker.status().message()))); + } else if (*handshaker == nullptr) { + // TODO(gtcooke94) Once all TSI impls are updated to pass StatusOr<> instead + // of null, we should change this to use absl::InternalError(). + return MakeRefCounted( + absl::UnknownError("Failed to create security handshaker.")); } else { - return MakeRefCounted(handshaker, connector, args); + return MakeRefCounted(*handshaker, connector, args); } } diff --git a/src/core/lib/security/transport/security_handshaker.h b/src/core/lib/security/transport/security_handshaker.h index f6f5d42a462..725584f37b3 100644 --- a/src/core/lib/security/transport/security_handshaker.h +++ b/src/core/lib/security/transport/security_handshaker.h @@ -21,6 +21,8 @@ #include +#include "absl/status/statusor.h" + #include #include "src/core/lib/channel/channel_args.h" @@ -34,8 +36,8 @@ namespace grpc_core { /// Creates a security handshaker using \a handshaker. RefCountedPtr SecurityHandshakerCreate( - tsi_handshaker* handshaker, grpc_security_connector* connector, - const ChannelArgs& args); + absl::StatusOr handshaker, + grpc_security_connector* connector, const ChannelArgs& args); /// Registers security handshaker factories. void SecurityRegisterHandshakerFactories(CoreConfiguration::Builder*);