diff --git a/BUILD b/BUILD
index 1991c867432..70ce0ecb6bd 100644
--- a/BUILD
+++ b/BUILD
@@ -1149,12 +1149,14 @@ grpc_cc_library(
"src/core/tsi/fake_transport_security.c",
"src/core/tsi/ssl_transport_security.c",
"src/core/tsi/transport_security.c",
+ "src/core/tsi/transport_security_adapter.c",
],
hdrs = [
"src/core/tsi/fake_transport_security.h",
"src/core/tsi/ssl_transport_security.h",
"src/core/tsi/ssl_types.h",
"src/core/tsi/transport_security.h",
+ "src/core/tsi/transport_security_adapter.h",
"src/core/tsi/transport_security_interface.h",
],
external_deps = [
diff --git a/CMakeLists.txt b/CMakeLists.txt
index f8b88645cb1..3b11066625c 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1080,6 +1080,7 @@ add_library(grpc
src/core/tsi/fake_transport_security.c
src/core/tsi/ssl_transport_security.c
src/core/tsi/transport_security.c
+ src/core/tsi/transport_security_adapter.c
src/core/ext/transport/chttp2/server/chttp2_server.c
src/core/ext/transport/chttp2/client/secure/secure_channel_create.c
src/core/ext/filters/client_channel/channel_connectivity.c
@@ -1425,6 +1426,7 @@ add_library(grpc_cronet
src/core/tsi/fake_transport_security.c
src/core/tsi/ssl_transport_security.c
src/core/tsi/transport_security.c
+ src/core/tsi/transport_security_adapter.c
src/core/ext/transport/chttp2/client/chttp2_connector.c
src/core/ext/filters/load_reporting/load_reporting.c
src/core/ext/filters/load_reporting/load_reporting_filter.c
diff --git a/binding.gyp b/binding.gyp
index 3444fa53dba..b64ff58f5c5 100644
--- a/binding.gyp
+++ b/binding.gyp
@@ -822,6 +822,7 @@
'src/core/tsi/fake_transport_security.c',
'src/core/tsi/ssl_transport_security.c',
'src/core/tsi/transport_security.c',
+ 'src/core/tsi/transport_security_adapter.c',
'src/core/ext/transport/chttp2/server/chttp2_server.c',
'src/core/ext/transport/chttp2/client/secure/secure_channel_create.c',
'src/core/ext/filters/client_channel/channel_connectivity.c',
diff --git a/build.yaml b/build.yaml
index 6fbc8d91666..e5bec63ed0a 100644
--- a/build.yaml
+++ b/build.yaml
@@ -783,11 +783,13 @@ filegroups:
- src/core/tsi/ssl_transport_security.h
- src/core/tsi/ssl_types.h
- src/core/tsi/transport_security.h
+ - src/core/tsi/transport_security_adapter.h
- src/core/tsi/transport_security_interface.h
src:
- src/core/tsi/fake_transport_security.c
- src/core/tsi/ssl_transport_security.c
- src/core/tsi/transport_security.c
+ - src/core/tsi/transport_security_adapter.c
deps:
- gpr
secure: true
diff --git a/config.m4 b/config.m4
index 28467810313..1be815e3f34 100644
--- a/config.m4
+++ b/config.m4
@@ -256,6 +256,7 @@ if test "$PHP_GRPC" != "no"; then
src/core/tsi/fake_transport_security.c \
src/core/tsi/ssl_transport_security.c \
src/core/tsi/transport_security.c \
+ src/core/tsi/transport_security_adapter.c \
src/core/ext/transport/chttp2/server/chttp2_server.c \
src/core/ext/transport/chttp2/client/secure/secure_channel_create.c \
src/core/ext/filters/client_channel/channel_connectivity.c \
diff --git a/gRPC-Core.podspec b/gRPC-Core.podspec
index 83c19afc243..78d2f157789 100644
--- a/gRPC-Core.podspec
+++ b/gRPC-Core.podspec
@@ -407,6 +407,7 @@ Pod::Spec.new do |s|
'src/core/tsi/ssl_transport_security.h',
'src/core/tsi/ssl_types.h',
'src/core/tsi/transport_security.h',
+ 'src/core/tsi/transport_security_adapter.h',
'src/core/tsi/transport_security_interface.h',
'src/core/ext/transport/chttp2/server/chttp2_server.h',
'src/core/ext/filters/client_channel/client_channel.h',
@@ -631,6 +632,7 @@ Pod::Spec.new do |s|
'src/core/tsi/fake_transport_security.c',
'src/core/tsi/ssl_transport_security.c',
'src/core/tsi/transport_security.c',
+ 'src/core/tsi/transport_security_adapter.c',
'src/core/ext/transport/chttp2/server/chttp2_server.c',
'src/core/ext/transport/chttp2/client/secure/secure_channel_create.c',
'src/core/ext/filters/client_channel/channel_connectivity.c',
@@ -857,6 +859,7 @@ Pod::Spec.new do |s|
'src/core/tsi/ssl_transport_security.h',
'src/core/tsi/ssl_types.h',
'src/core/tsi/transport_security.h',
+ 'src/core/tsi/transport_security_adapter.h',
'src/core/tsi/transport_security_interface.h',
'src/core/ext/transport/chttp2/server/chttp2_server.h',
'src/core/ext/filters/client_channel/client_channel.h',
diff --git a/grpc.gemspec b/grpc.gemspec
index 6a204685a03..abbd6f42518 100755
--- a/grpc.gemspec
+++ b/grpc.gemspec
@@ -323,6 +323,7 @@ Gem::Specification.new do |s|
s.files += %w( src/core/tsi/ssl_transport_security.h )
s.files += %w( src/core/tsi/ssl_types.h )
s.files += %w( src/core/tsi/transport_security.h )
+ s.files += %w( src/core/tsi/transport_security_adapter.h )
s.files += %w( src/core/tsi/transport_security_interface.h )
s.files += %w( src/core/ext/transport/chttp2/server/chttp2_server.h )
s.files += %w( src/core/ext/filters/client_channel/client_channel.h )
@@ -547,6 +548,7 @@ Gem::Specification.new do |s|
s.files += %w( src/core/tsi/fake_transport_security.c )
s.files += %w( src/core/tsi/ssl_transport_security.c )
s.files += %w( src/core/tsi/transport_security.c )
+ s.files += %w( src/core/tsi/transport_security_adapter.c )
s.files += %w( src/core/ext/transport/chttp2/server/chttp2_server.c )
s.files += %w( src/core/ext/transport/chttp2/client/secure/secure_channel_create.c )
s.files += %w( src/core/ext/filters/client_channel/channel_connectivity.c )
diff --git a/package.xml b/package.xml
index 6957ecca731..7a301aa8300 100644
--- a/package.xml
+++ b/package.xml
@@ -332,6 +332,7 @@
+
@@ -556,6 +557,7 @@
+
diff --git a/src/core/tsi/transport_security.c b/src/core/tsi/transport_security.c
index a9cb6a107ca..aa8808ab74c 100644
--- a/src/core/tsi/transport_security.c
+++ b/src/core/tsi/transport_security.c
@@ -182,7 +182,7 @@ tsi_result tsi_handshaker_create_frame_protector(
result = self->vtable->create_frame_protector(self, max_protected_frame_size,
protector);
if (result == TSI_OK) {
- self->frame_protector_created = 1;
+ self->frame_protector_created = true;
}
return result;
}
@@ -206,7 +206,7 @@ void tsi_handshaker_destroy(tsi_handshaker *self) {
/* --- tsi_handshaker_result implementation. --- */
-tsi_result tsi_handshaker_result_extract_peer(tsi_handshaker_result *self,
+tsi_result tsi_handshaker_result_extract_peer(const tsi_handshaker_result *self,
tsi_peer *peer) {
if (self == NULL || peer == NULL) return TSI_INVALID_ARGUMENT;
memset(peer, 0, sizeof(tsi_peer));
@@ -214,7 +214,7 @@ tsi_result tsi_handshaker_result_extract_peer(tsi_handshaker_result *self,
}
tsi_result tsi_handshaker_result_create_frame_protector(
- tsi_handshaker_result *self, size_t *max_protected_frame_size,
+ const tsi_handshaker_result *self, size_t *max_protected_frame_size,
tsi_frame_protector **protector) {
if (self == NULL || protector == NULL) return TSI_INVALID_ARGUMENT;
return self->vtable->create_frame_protector(self, max_protected_frame_size,
@@ -222,7 +222,8 @@ tsi_result tsi_handshaker_result_create_frame_protector(
}
tsi_result tsi_handshaker_result_get_unused_bytes(
- tsi_handshaker_result *self, unsigned char **bytes, size_t *bytes_size) {
+ const tsi_handshaker_result *self, unsigned char **bytes,
+ size_t *bytes_size) {
if (self == NULL || bytes == NULL || bytes_size == NULL) {
return TSI_INVALID_ARGUMENT;
}
diff --git a/src/core/tsi/transport_security.h b/src/core/tsi/transport_security.h
index 2e821108279..a4c9cbc0011 100644
--- a/src/core/tsi/transport_security.h
+++ b/src/core/tsi/transport_security.h
@@ -34,6 +34,8 @@
#ifndef GRPC_CORE_TSI_TRANSPORT_SECURITY_H
#define GRPC_CORE_TSI_TRANSPORT_SECURITY_H
+#include
+
#include "src/core/tsi/transport_security_interface.h"
#ifdef __cplusplus
@@ -90,18 +92,18 @@ typedef struct {
struct tsi_handshaker {
const tsi_handshaker_vtable *vtable;
- int frame_protector_created;
- int handshaker_result_created;
+ bool frame_protector_created;
+ bool handshaker_result_created;
};
/* Base for tsi_handshaker_result implementations.
See transport_security_interface.h for documentation. */
typedef struct {
- tsi_result (*extract_peer)(tsi_handshaker_result *self, tsi_peer *peer);
- tsi_result (*create_frame_protector)(tsi_handshaker_result *self,
+ tsi_result (*extract_peer)(const tsi_handshaker_result *self, tsi_peer *peer);
+ tsi_result (*create_frame_protector)(const tsi_handshaker_result *self,
size_t *max_output_protected_frame_size,
tsi_frame_protector **protector);
- tsi_result (*get_unused_bytes)(tsi_handshaker_result *self,
+ tsi_result (*get_unused_bytes)(const tsi_handshaker_result *self,
unsigned char **bytes, size_t *bytes_size);
void (*destroy)(tsi_handshaker_result *self);
} tsi_handshaker_result_vtable;
diff --git a/src/core/tsi/transport_security_adapter. b/src/core/tsi/transport_security_adapter.
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/src/core/tsi/transport_security_adapter.c b/src/core/tsi/transport_security_adapter.c
index 7e0b8f574a0..60cebdd6f25 100644
--- a/src/core/tsi/transport_security_adapter.c
+++ b/src/core/tsi/transport_security_adapter.c
@@ -50,14 +50,14 @@ typedef struct {
size_t unused_bytes_size;
} tsi_adapter_handshaker_result;
-static tsi_result tsi_adapter_result_extract_peer(tsi_handshaker_result *self,
- tsi_peer *peer) {
+static tsi_result tsi_adapter_result_extract_peer(
+ const tsi_handshaker_result *self, tsi_peer *peer) {
tsi_adapter_handshaker_result *impl = (tsi_adapter_handshaker_result *)self;
return tsi_handshaker_extract_peer(impl->handshaker, peer);
}
static tsi_result tsi_adapter_result_create_frame_protector(
- tsi_handshaker_result *self, size_t *max_output_protected_frame_size,
+ const tsi_handshaker_result *self, size_t *max_output_protected_frame_size,
tsi_frame_protector **protector) {
tsi_adapter_handshaker_result *impl = (tsi_adapter_handshaker_result *)self;
return tsi_handshaker_create_frame_protector(
@@ -65,7 +65,8 @@ static tsi_result tsi_adapter_result_create_frame_protector(
}
static tsi_result tsi_adapter_result_get_unused_bytes(
- tsi_handshaker_result *self, unsigned char **bytes, size_t *byte_size) {
+ const tsi_handshaker_result *self, unsigned char **bytes,
+ size_t *byte_size) {
tsi_adapter_handshaker_result *impl = (tsi_adapter_handshaker_result *)self;
*bytes = impl->unused_bytes;
*byte_size = impl->unused_bytes_size;
@@ -74,9 +75,7 @@ static tsi_result tsi_adapter_result_get_unused_bytes(
static void tsi_adapter_result_destroy(tsi_handshaker_result *self) {
tsi_adapter_handshaker_result *impl = (tsi_adapter_handshaker_result *)self;
- if (impl->unused_bytes != NULL) {
- gpr_free(impl->unused_bytes);
- }
+ gpr_free(impl->unused_bytes);
gpr_free(self);
}
@@ -114,45 +113,45 @@ typedef struct {
size_t adapter_buffer_size;
} tsi_adapter_handshaker;
-tsi_result tsi_adapter_get_bytes_to_send_to_peer(tsi_handshaker *self,
- unsigned char *bytes,
- size_t *bytes_size) {
+static tsi_result tsi_adapter_get_bytes_to_send_to_peer(tsi_handshaker *self,
+ unsigned char *bytes,
+ size_t *bytes_size) {
return tsi_handshaker_get_bytes_to_send_to_peer(
tsi_adapter_handshaker_get_wrapped(self), bytes, bytes_size);
}
-tsi_result tsi_adapter_process_bytes_from_peer(tsi_handshaker *self,
- const unsigned char *bytes,
- size_t *bytes_size) {
+static tsi_result tsi_adapter_process_bytes_from_peer(
+ tsi_handshaker *self, const unsigned char *bytes, size_t *bytes_size) {
return tsi_handshaker_process_bytes_from_peer(
tsi_adapter_handshaker_get_wrapped(self), bytes, bytes_size);
}
-tsi_result tsi_adapter_get_result(tsi_handshaker *self) {
+static tsi_result tsi_adapter_get_result(tsi_handshaker *self) {
return tsi_handshaker_get_result(tsi_adapter_handshaker_get_wrapped(self));
}
-tsi_result tsi_adapter_extract_peer(tsi_handshaker *self, tsi_peer *peer) {
+static tsi_result tsi_adapter_extract_peer(tsi_handshaker *self,
+ tsi_peer *peer) {
return tsi_handshaker_extract_peer(tsi_adapter_handshaker_get_wrapped(self),
peer);
}
-tsi_result tsi_adapter_create_frame_protector(tsi_handshaker *self,
- size_t *max_protected_frame_size,
- tsi_frame_protector **protector) {
+static tsi_result tsi_adapter_create_frame_protector(
+ tsi_handshaker *self, size_t *max_protected_frame_size,
+ tsi_frame_protector **protector) {
return tsi_handshaker_create_frame_protector(
tsi_adapter_handshaker_get_wrapped(self), max_protected_frame_size,
protector);
}
-void tsi_adapter_destroy(tsi_handshaker *self) {
+static void tsi_adapter_destroy(tsi_handshaker *self) {
tsi_adapter_handshaker *impl = (tsi_adapter_handshaker *)self;
tsi_handshaker_destroy(impl->wrapped);
gpr_free(impl->adapter_buffer);
gpr_free(self);
}
-tsi_result tsi_adapter_next(
+static tsi_result tsi_adapter_next(
tsi_handshaker *self, const unsigned char *received_bytes,
size_t received_bytes_size, unsigned char **bytes_to_send,
size_t *bytes_to_send_size, tsi_handshaker_result **handshaker_result,
@@ -196,11 +195,15 @@ tsi_result tsi_adapter_next(
size_t unused_bytes_size = received_bytes_size - bytes_consumed;
const unsigned char *unused_bytes =
unused_bytes_size == 0 ? NULL : received_bytes + bytes_consumed;
- return tsi_adapter_create_handshaker_result(
+ status = tsi_adapter_create_handshaker_result(
impl->wrapped, unused_bytes, unused_bytes_size, handshaker_result);
+ if (status == TSI_OK) {
+ impl->base.handshaker_result_created = true;
+ }
+ } else {
+ *handshaker_result = NULL;
}
- *handshaker_result = NULL;
- return TSI_OK;
+ return status;
}
static const tsi_handshaker_vtable handshaker_vtable = {
diff --git a/src/core/tsi/transport_security_interface.h b/src/core/tsi/transport_security_interface.h
index be04810e24f..c9495f80b6d 100644
--- a/src/core/tsi/transport_security_interface.h
+++ b/src/core/tsi/transport_security_interface.h
@@ -220,22 +220,22 @@ typedef struct tsi_handshaker_result tsi_handshaker_result;
/* This method extracts tsi peer. It returns TSI_OK assuming there is no fatal
error.
The caller is responsible for destructing the peer. */
-tsi_result tsi_handshaker_result_extract_peer(tsi_handshaker_result *self,
+tsi_result tsi_handshaker_result_extract_peer(const tsi_handshaker_result *self,
tsi_peer *peer);
/* This method creates a tsi_frame_protector object. It returns TSI_OK assuming
there is no fatal error.
The caller is responsible for destroying the protector. */
tsi_result tsi_handshaker_result_create_frame_protector(
- tsi_handshaker_result *self, size_t *max_output_protected_frame_size,
+ const tsi_handshaker_result *self, size_t *max_output_protected_frame_size,
tsi_frame_protector **protector);
/* This method returns the unused bytes from the handshake. It returns TSI_OK
assuming there is no fatal error.
The caller should not free the bytes. */
-tsi_result tsi_handshaker_result_get_unused_bytes(tsi_handshaker_result *self,
- unsigned char **bytes,
- size_t *byte_size);
+tsi_result tsi_handshaker_result_get_unused_bytes(
+ const tsi_handshaker_result *self, unsigned char **bytes,
+ size_t *byte_size);
/* This method releases the tsi_handshaker_handshaker object. After this method
is called, no other method can be called on the object. */
@@ -305,8 +305,8 @@ void tsi_handshaker_result_destroy(tsi_handshaker_result *self);
...
------------------------------------------------------------------------
- A typical usage of the new TSI would be as follows, supporting both
- synchronous and asynchrnous TSI handshaker implementations:
+ A typical usage supporting both synchronous and asynchronous TSI handshaker
+ implementations would be:
------------------------------------------------------------------------
@@ -324,17 +324,6 @@ void tsi_handshaker_result_destroy(tsi_handshaker_result *self);
...
}
- // This method is a wrapper of the callback function to execute when
- // tsi_handshaker_next finishes. It is passed to tsi_handshaker_next as
- // the callback function.
- void on_handshake_next_done_wrapper(
- tsi_result status, void *user_data, const unsigned char *bytes_to_send,
- size_t bytes_to_send_size, tsi_handshaker_result *result) {
- security_handshaker *h = (security_handshaker *)user_data;
- on_handshake_next_done(h, status, bytes_to_send,
- bytes_to_send_size, result);
- }
-
// This method is the callback function when there are data received from
// the peer. This method will read bytes into the handshake buffer and call
// do_handshake_next.
@@ -355,19 +344,22 @@ void tsi_handshaker_result_destroy(tsi_handshaker_result *self);
tsi_handshaker_result *result = NULL;
status = tsi_handshaker_next(
handshaker, bytes_received, bytes_received_size, &bytes_to_send,
- &bytes_to_send_size, &result, on_handshake_next_done_wrapper, h);
+ &bytes_to_send_size, &result, on_handshake_next_done, h);
// If TSI handshaker is asynchronous, on_handshake_next_done will be
- // called during the execution of the callback function.
+ // executed inside tsi_handshaker_next.
if (status == TSI_ASYNC) return;
- on_handshake_next_done(h, status, bytes_to_send,
+ // If TSI handshaker is synchronous, invoke callback directly in this
+ // thread.
+ on_handshake_next_done(status, (void *)h, bytes_to_send,
bytes_to_send_size, result);
}
- // This is the real function to execute after tsi_handshaker_next.
+ // This is the callback function to execute after tsi_handshaker_next.
+ // It is passed to tsi_handshaker_next as a function parameter.
void on_handshake_next_done(
- security_handshaker *h, tsi_result status,
- const unsigned char *bytes_to_send, size_t bytes_to_send_size,
- tsi_handshaker_result *result) {
+ tsi_result status, void *user_data, const unsigned char *bytes_to_send,
+ size_t bytes_to_send_size, tsi_handshaker_result *result) {
+ security_handshaker *h = (security_handshaker *)user_data;
if (status == TSI_INCOMPLETE_DATA) {
// Schedule an asynchronous read from the peer. If handshake data are
// received, on_handshake_data_received_from_peer will be called.
@@ -386,7 +378,7 @@ void tsi_handshaker_result_destroy(tsi_handshaker_result *self);
// Check the Peer.
tsi_peer peer;
status = tsi_handshaker_result_extract_peer(result, &peer);
- if (status != TSI_OK) return status;
+ if (status != TSI_OK) return;
status = check_peer(&peer);
tsi_peer_destruct(&peer);
if (status != TSI_OK) return;
diff --git a/src/python/grpcio/grpc_core_dependencies.py b/src/python/grpcio/grpc_core_dependencies.py
index 3bcbe667e2c..88e783815c7 100644
--- a/src/python/grpcio/grpc_core_dependencies.py
+++ b/src/python/grpcio/grpc_core_dependencies.py
@@ -250,6 +250,7 @@ CORE_SOURCE_FILES = [
'src/core/tsi/fake_transport_security.c',
'src/core/tsi/ssl_transport_security.c',
'src/core/tsi/transport_security.c',
+ 'src/core/tsi/transport_security_adapter.c',
'src/core/ext/transport/chttp2/server/chttp2_server.c',
'src/core/ext/transport/chttp2/client/secure/secure_channel_create.c',
'src/core/ext/filters/client_channel/channel_connectivity.c',
diff --git a/tools/doxygen/Doxyfile.core.internal b/tools/doxygen/Doxyfile.core.internal
index 6903a0e5d5a..55a707d9197 100644
--- a/tools/doxygen/Doxyfile.core.internal
+++ b/tools/doxygen/Doxyfile.core.internal
@@ -1369,6 +1369,8 @@ src/core/tsi/ssl_transport_security.h \
src/core/tsi/ssl_types.h \
src/core/tsi/transport_security.c \
src/core/tsi/transport_security.h \
+src/core/tsi/transport_security_adapter.c \
+src/core/tsi/transport_security_adapter.h \
src/core/tsi/transport_security_interface.h \
third_party/nanopb/pb.h \
third_party/nanopb/pb_common.c \
diff --git a/tools/run_tests/generated/sources_and_headers.json b/tools/run_tests/generated/sources_and_headers.json
index 11176d97567..c871256d6ed 100644
--- a/tools/run_tests/generated/sources_and_headers.json
+++ b/tools/run_tests/generated/sources_and_headers.json
@@ -8578,6 +8578,7 @@
"src/core/tsi/ssl_transport_security.h",
"src/core/tsi/ssl_types.h",
"src/core/tsi/transport_security.h",
+ "src/core/tsi/transport_security_adapter.h",
"src/core/tsi/transport_security_interface.h"
],
"is_filegroup": true,
@@ -8591,6 +8592,8 @@
"src/core/tsi/ssl_types.h",
"src/core/tsi/transport_security.c",
"src/core/tsi/transport_security.h",
+ "src/core/tsi/transport_security_adapter.c",
+ "src/core/tsi/transport_security_adapter.h",
"src/core/tsi/transport_security_interface.h"
],
"third_party": false,
diff --git a/vsprojects/vcxproj/grpc/grpc.vcxproj b/vsprojects/vcxproj/grpc/grpc.vcxproj
index 948af2f29ee..1fec7fb353d 100644
--- a/vsprojects/vcxproj/grpc/grpc.vcxproj
+++ b/vsprojects/vcxproj/grpc/grpc.vcxproj
@@ -452,6 +452,7 @@
+
@@ -852,6 +853,8 @@
+
+
diff --git a/vsprojects/vcxproj/grpc/grpc.vcxproj.filters b/vsprojects/vcxproj/grpc/grpc.vcxproj.filters
index d43b0e3f83e..28776121ecd 100644
--- a/vsprojects/vcxproj/grpc/grpc.vcxproj.filters
+++ b/vsprojects/vcxproj/grpc/grpc.vcxproj.filters
@@ -523,6 +523,9 @@
src\core\tsi
+
+ src\core\tsi
+
src\core\ext\transport\chttp2\server
@@ -1253,6 +1256,9 @@
src\core\tsi
+
+ src\core\tsi
+
src\core\tsi