grpc 1.12.0 → 1.13.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +314 -23
- data/include/grpc/impl/codegen/fork.h +4 -4
- data/include/grpc/impl/codegen/grpc_types.h +1 -1
- data/include/grpc/impl/codegen/port_platform.h +3 -0
- data/src/boringssl/err_data.c +256 -246
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +1 -1
- data/src/core/ext/filters/client_channel/client_channel.cc +367 -272
- data/src/core/ext/filters/client_channel/lb_policy.h +1 -3
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +11 -9
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +42 -32
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +36 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +36 -102
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +37 -32
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +22 -19
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver.h +1 -3
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +3 -3
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +0 -1
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +4 -4
- data/src/core/ext/filters/client_channel/subchannel.cc +3 -3
- data/src/core/ext/filters/http/client_authority_filter.cc +5 -4
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +4 -4
- data/src/core/ext/filters/http/server/http_server_filter.cc +123 -131
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +1 -1
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +9 -8
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +19 -19
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +10 -6
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +4 -3
- data/src/core/ext/transport/chttp2/transport/parsing.cc +14 -12
- data/src/core/ext/transport/chttp2/transport/writing.cc +6 -6
- data/src/core/lib/channel/channel_stack.cc +0 -5
- data/src/core/lib/channel/channel_stack.h +1 -1
- data/src/core/lib/channel/channel_stack_builder.cc +0 -3
- data/src/core/lib/channel/channel_stack_builder.h +0 -2
- data/src/core/lib/channel/channel_trace.cc +3 -3
- data/src/core/lib/channel/channelz_registry.cc +77 -0
- data/src/core/lib/channel/channelz_registry.h +99 -0
- data/src/core/lib/channel/handshaker.cc +20 -1
- data/src/core/lib/debug/stats.h +7 -0
- data/src/core/lib/debug/stats_data.cc +5 -0
- data/src/core/lib/debug/stats_data.h +120 -0
- data/src/core/lib/debug/trace.h +11 -9
- data/src/core/lib/gprpp/fork.cc +260 -0
- data/src/core/lib/gprpp/fork.h +79 -0
- data/src/core/lib/gprpp/memory.h +12 -0
- data/src/core/lib/gprpp/orphanable.h +2 -6
- data/src/core/lib/gprpp/ref_counted.h +2 -6
- data/src/core/lib/gprpp/thd.h +0 -3
- data/src/core/lib/gprpp/thd_posix.cc +4 -53
- data/src/core/lib/gprpp/thd_windows.cc +0 -7
- data/src/core/lib/http/httpcli_security_connector.cc +1 -3
- data/src/core/lib/iomgr/combiner.cc +19 -2
- data/src/core/lib/iomgr/combiner.h +1 -1
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +2 -2
- data/src/core/lib/iomgr/ev_epollex_linux.cc +59 -3
- data/src/core/lib/iomgr/ev_epollsig_linux.cc +1 -1
- data/src/core/lib/iomgr/ev_poll_posix.cc +2 -2
- data/src/core/lib/iomgr/ev_posix.cc +11 -4
- data/src/core/lib/iomgr/ev_posix.h +6 -0
- data/src/core/lib/iomgr/exec_ctx.cc +9 -9
- data/src/core/lib/iomgr/exec_ctx.h +39 -20
- data/src/core/lib/iomgr/fork_posix.cc +30 -18
- data/src/core/lib/iomgr/iomgr_posix.cc +2 -2
- data/src/core/lib/iomgr/polling_entity.cc +11 -2
- data/src/core/lib/iomgr/pollset_custom.cc +2 -2
- data/src/core/lib/iomgr/port.h +38 -1
- data/src/core/lib/iomgr/resolve_address.h +1 -1
- data/src/core/lib/iomgr/resolve_address_posix.cc +1 -1
- data/src/core/lib/iomgr/resource_quota.cc +1 -1
- data/src/core/lib/iomgr/sockaddr_posix.h +1 -1
- data/src/core/lib/iomgr/socket_factory_posix.cc +1 -1
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +1 -1
- data/src/core/lib/iomgr/tcp_client_custom.cc +3 -3
- data/src/core/lib/iomgr/tcp_client_posix.cc +3 -2
- data/src/core/lib/iomgr/tcp_custom.cc +1 -1
- data/src/core/lib/iomgr/tcp_posix.cc +18 -10
- data/src/core/lib/iomgr/tcp_server_posix.cc +9 -8
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +1 -1
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +16 -4
- data/src/core/lib/iomgr/timer.h +1 -1
- data/src/core/lib/iomgr/timer_generic.cc +113 -41
- data/src/core/lib/iomgr/timer_manager.cc +1 -1
- data/src/core/lib/security/credentials/credentials.h +1 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +88 -115
- data/src/core/lib/security/credentials/google_default/google_default_credentials.h +16 -0
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +10 -6
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
- data/src/core/lib/security/security_connector/alts_security_connector.cc +2 -1
- data/src/core/lib/security/security_connector/security_connector.cc +7 -7
- data/src/core/lib/security/transport/security_handshaker.cc +1 -0
- data/src/core/lib/security/util/json_util.cc +4 -0
- data/src/core/lib/slice/slice_buffer.cc +15 -3
- data/src/core/lib/surface/call.cc +31 -17
- data/src/core/lib/surface/call.h +5 -0
- data/src/core/lib/surface/channel.cc +2 -5
- data/src/core/lib/surface/completion_queue.cc +1 -3
- data/src/core/lib/surface/completion_queue.h +0 -1
- data/src/core/lib/surface/init.cc +7 -8
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/byte_stream.cc +1 -1
- data/src/core/lib/transport/transport.cc +2 -1
- data/src/core/lib/transport/transport.h +4 -8
- data/src/core/lib/transport/transport_op_string.cc +1 -1
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +19 -7
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +10 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +28 -2
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h +3 -0
- data/src/core/tsi/fake_transport_security.cc +1 -0
- data/src/core/tsi/ssl_transport_security.cc +238 -110
- data/src/core/tsi/transport_security.cc +14 -0
- data/src/core/tsi/transport_security.h +2 -0
- data/src/core/tsi/transport_security_interface.h +11 -1
- data/src/ruby/bin/math_client.rb +17 -9
- data/src/ruby/lib/grpc/generic/rpc_server.rb +2 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/grpc/health/v1/health_services_pb.rb +4 -1
- data/third_party/boringssl/crypto/asn1/a_int.c +33 -28
- data/third_party/boringssl/crypto/asn1/a_mbstr.c +24 -22
- data/third_party/boringssl/crypto/asn1/a_utf8.c +13 -11
- data/third_party/boringssl/crypto/asn1/asn1_locl.h +3 -0
- data/third_party/boringssl/crypto/bio/fd.c +1 -0
- data/third_party/boringssl/crypto/bio/file.c +2 -0
- data/third_party/boringssl/crypto/bn_extra/convert.c +6 -5
- data/third_party/boringssl/crypto/bytestring/ber.c +1 -4
- data/third_party/boringssl/crypto/bytestring/cbb.c +116 -16
- data/third_party/boringssl/crypto/bytestring/cbs.c +150 -20
- data/third_party/boringssl/crypto/cipher_extra/e_aesccm.c +171 -0
- data/third_party/boringssl/crypto/cipher_extra/e_rc2.c +2 -0
- data/third_party/boringssl/crypto/cipher_extra/e_tls.c +1 -2
- data/third_party/boringssl/crypto/cpu-aarch64-fuchsia.c +55 -0
- data/third_party/boringssl/crypto/cpu-aarch64-linux.c +2 -1
- data/third_party/boringssl/crypto/dsa/dsa.c +16 -54
- data/third_party/boringssl/crypto/fipsmodule/bcm.c +11 -542
- data/third_party/boringssl/crypto/fipsmodule/bn/add.c +33 -64
- data/third_party/boringssl/crypto/fipsmodule/bn/asm/x86_64-gcc.c +4 -3
- data/third_party/boringssl/crypto/fipsmodule/bn/bn.c +122 -70
- data/third_party/boringssl/crypto/fipsmodule/bn/bytes.c +32 -71
- data/third_party/boringssl/crypto/fipsmodule/bn/cmp.c +58 -112
- data/third_party/boringssl/crypto/fipsmodule/bn/div.c +198 -122
- data/third_party/boringssl/crypto/fipsmodule/bn/exponentiation.c +31 -65
- data/third_party/boringssl/crypto/fipsmodule/bn/generic.c +2 -1
- data/third_party/boringssl/crypto/fipsmodule/bn/internal.h +98 -15
- data/third_party/boringssl/crypto/fipsmodule/bn/jacobi.c +1 -1
- data/third_party/boringssl/crypto/fipsmodule/bn/montgomery.c +124 -81
- data/third_party/boringssl/crypto/fipsmodule/bn/montgomery_inv.c +8 -30
- data/third_party/boringssl/crypto/fipsmodule/bn/mul.c +303 -347
- data/third_party/boringssl/crypto/fipsmodule/bn/prime.c +2 -3
- data/third_party/boringssl/crypto/fipsmodule/bn/random.c +3 -4
- data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.c +199 -222
- data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.h +27 -47
- data/third_party/boringssl/crypto/fipsmodule/bn/shift.c +45 -28
- data/third_party/boringssl/crypto/fipsmodule/bn/sqrt.c +1 -1
- data/third_party/boringssl/crypto/fipsmodule/cipher/e_aes.c +10 -10
- data/third_party/boringssl/crypto/fipsmodule/des/internal.h +2 -0
- data/third_party/boringssl/crypto/fipsmodule/ec/ec.c +78 -47
- data/third_party/boringssl/crypto/fipsmodule/ec/ec_key.c +35 -54
- data/third_party/boringssl/crypto/fipsmodule/ec/ec_montgomery.c +3 -10
- data/third_party/boringssl/crypto/fipsmodule/ec/internal.h +36 -22
- data/third_party/boringssl/crypto/fipsmodule/ec/oct.c +59 -90
- data/third_party/boringssl/crypto/fipsmodule/ec/p224-64.c +29 -48
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.c +17 -26
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.h +15 -11
- data/third_party/boringssl/crypto/fipsmodule/ec/simple.c +45 -51
- data/third_party/boringssl/crypto/fipsmodule/ec/{util-64.c → util.c} +0 -5
- data/third_party/boringssl/crypto/fipsmodule/ec/wnaf.c +144 -264
- data/third_party/boringssl/crypto/fipsmodule/ecdsa/ecdsa.c +78 -56
- data/third_party/boringssl/crypto/fipsmodule/modes/ccm.c +256 -0
- data/third_party/boringssl/crypto/fipsmodule/modes/internal.h +36 -32
- data/third_party/boringssl/crypto/fipsmodule/rand/ctrdrbg.c +9 -7
- data/third_party/boringssl/crypto/fipsmodule/rsa/rsa.c +16 -10
- data/third_party/boringssl/crypto/fipsmodule/rsa/rsa_impl.c +255 -102
- data/third_party/boringssl/crypto/fipsmodule/self_check/self_check.c +581 -0
- data/third_party/boringssl/crypto/fipsmodule/tls/internal.h +39 -0
- data/third_party/boringssl/crypto/fipsmodule/tls/kdf.c +165 -0
- data/third_party/boringssl/crypto/internal.h +65 -2
- data/third_party/boringssl/crypto/mem.c +0 -2
- data/third_party/boringssl/crypto/obj/obj.c +6 -73
- data/third_party/boringssl/crypto/thread_pthread.c +35 -5
- data/third_party/boringssl/crypto/x509/a_strex.c +11 -11
- data/third_party/boringssl/crypto/x509/x_name.c +13 -0
- data/third_party/boringssl/include/openssl/aead.h +4 -0
- data/third_party/boringssl/include/openssl/asn1.h +1 -3
- data/third_party/boringssl/include/openssl/base.h +1 -14
- data/third_party/boringssl/include/openssl/bio.h +1 -1
- data/third_party/boringssl/include/openssl/bn.h +49 -15
- data/third_party/boringssl/include/openssl/bytestring.h +49 -24
- data/third_party/boringssl/include/openssl/crypto.h +4 -0
- data/third_party/boringssl/include/openssl/ec_key.h +7 -3
- data/third_party/boringssl/include/openssl/err.h +9 -9
- data/third_party/boringssl/include/openssl/evp.h +1 -1
- data/third_party/boringssl/include/openssl/rsa.h +34 -10
- data/third_party/boringssl/include/openssl/ssl.h +160 -17
- data/third_party/boringssl/include/openssl/stack.h +1 -1
- data/third_party/boringssl/include/openssl/tls1.h +10 -2
- data/third_party/boringssl/include/openssl/x509.h +3 -0
- data/third_party/boringssl/ssl/d1_both.cc +16 -2
- data/third_party/boringssl/ssl/dtls_method.cc +1 -1
- data/third_party/boringssl/ssl/handoff.cc +285 -0
- data/third_party/boringssl/ssl/handshake.cc +26 -12
- data/third_party/boringssl/ssl/handshake_client.cc +65 -31
- data/third_party/boringssl/ssl/handshake_server.cc +14 -2
- data/third_party/boringssl/ssl/internal.h +132 -79
- data/third_party/boringssl/ssl/s3_both.cc +2 -2
- data/third_party/boringssl/ssl/s3_lib.cc +3 -1
- data/third_party/boringssl/ssl/s3_pkt.cc +0 -18
- data/third_party/boringssl/ssl/ssl_aead_ctx.cc +1 -4
- data/third_party/boringssl/ssl/ssl_asn1.cc +47 -43
- data/third_party/boringssl/ssl/ssl_cipher.cc +8 -8
- data/third_party/boringssl/ssl/ssl_key_share.cc +3 -1
- data/third_party/boringssl/ssl/ssl_lib.cc +83 -14
- data/third_party/boringssl/ssl/ssl_privkey.cc +6 -0
- data/third_party/boringssl/ssl/ssl_stat.cc +6 -6
- data/third_party/boringssl/ssl/ssl_versions.cc +12 -85
- data/third_party/boringssl/ssl/ssl_x509.cc +59 -61
- data/third_party/boringssl/ssl/t1_enc.cc +73 -124
- data/third_party/boringssl/ssl/t1_lib.cc +367 -41
- data/third_party/boringssl/ssl/tls13_both.cc +8 -0
- data/third_party/boringssl/ssl/tls13_client.cc +98 -184
- data/third_party/boringssl/ssl/tls13_enc.cc +88 -158
- data/third_party/boringssl/ssl/tls13_server.cc +91 -137
- data/third_party/boringssl/ssl/tls_method.cc +0 -17
- data/third_party/boringssl/ssl/tls_record.cc +1 -10
- data/third_party/boringssl/third_party/fiat/curve25519.c +921 -2753
- data/third_party/boringssl/third_party/fiat/curve25519_tables.h +7880 -0
- data/third_party/boringssl/third_party/fiat/internal.h +32 -20
- data/third_party/boringssl/third_party/fiat/p256.c +1824 -0
- metadata +64 -64
- data/src/core/lib/channel/channel_trace_registry.cc +0 -80
- data/src/core/lib/channel/channel_trace_registry.h +0 -43
- data/src/core/lib/gpr/fork.cc +0 -78
- data/src/core/lib/gpr/fork.h +0 -35
- data/src/core/tsi/transport_security_adapter.cc +0 -235
- data/src/core/tsi/transport_security_adapter.h +0 -41
- data/src/ruby/bin/apis/google/protobuf/empty.rb +0 -29
- data/src/ruby/bin/apis/pubsub_demo.rb +0 -241
- data/src/ruby/bin/apis/tech/pubsub/proto/pubsub.rb +0 -159
- data/src/ruby/bin/apis/tech/pubsub/proto/pubsub_services.rb +0 -88
- data/src/ruby/pb/test/client.rb +0 -764
- data/src/ruby/pb/test/server.rb +0 -252
- data/third_party/boringssl/crypto/curve25519/x25519-x86_64.c +0 -247
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-64.c +0 -1674
@@ -738,6 +738,7 @@ static const tsi_handshaker_vtable handshaker_vtable = {
|
|
738
738
|
nullptr, /* create_frame_protector -- deprecated */
|
739
739
|
fake_handshaker_destroy,
|
740
740
|
fake_handshaker_next,
|
741
|
+
nullptr, /* shutdown */
|
741
742
|
};
|
742
743
|
|
743
744
|
tsi_handshaker* tsi_create_fake_handshaker(int is_client) {
|
@@ -57,6 +57,7 @@ extern "C" {
|
|
57
57
|
|
58
58
|
#define TSI_SSL_MAX_PROTECTED_FRAME_SIZE_UPPER_BOUND 16384
|
59
59
|
#define TSI_SSL_MAX_PROTECTED_FRAME_SIZE_LOWER_BOUND 1024
|
60
|
+
#define TSI_SSL_HANDSHAKER_OUTGOING_BUFFER_INITIAL_SIZE 1024
|
60
61
|
|
61
62
|
/* Putting a macro like this and littering the source file with #if is really
|
62
63
|
bad practice.
|
@@ -105,9 +106,19 @@ typedef struct {
|
|
105
106
|
SSL* ssl;
|
106
107
|
BIO* network_io;
|
107
108
|
tsi_result result;
|
109
|
+
unsigned char* outgoing_bytes_buffer;
|
110
|
+
size_t outgoing_bytes_buffer_size;
|
108
111
|
tsi_ssl_handshaker_factory* factory_ref;
|
109
112
|
} tsi_ssl_handshaker;
|
110
113
|
|
114
|
+
typedef struct {
|
115
|
+
tsi_handshaker_result base;
|
116
|
+
SSL* ssl;
|
117
|
+
BIO* network_io;
|
118
|
+
unsigned char* unused_bytes;
|
119
|
+
size_t unused_bytes_size;
|
120
|
+
} tsi_ssl_handshaker_result;
|
121
|
+
|
111
122
|
typedef struct {
|
112
123
|
tsi_frame_protector base;
|
113
124
|
SSL* ssl;
|
@@ -120,12 +131,14 @@ typedef struct {
|
|
120
131
|
/* --- Library Initialization. ---*/
|
121
132
|
|
122
133
|
static gpr_once g_init_openssl_once = GPR_ONCE_INIT;
|
123
|
-
static gpr_mu* g_openssl_mutexes = nullptr;
|
124
134
|
static int g_ssl_ctx_ex_factory_index = -1;
|
135
|
+
static const unsigned char kSslSessionIdContext[] = {'g', 'r', 'p', 'c'};
|
136
|
+
|
137
|
+
#if OPENSSL_VERSION_NUMBER < 0x10100000
|
138
|
+
static gpr_mu* g_openssl_mutexes = nullptr;
|
125
139
|
static void openssl_locking_cb(int mode, int type, const char* file,
|
126
140
|
int line) GRPC_UNUSED;
|
127
141
|
static unsigned long openssl_thread_id_cb(void) GRPC_UNUSED;
|
128
|
-
static const unsigned char kSslSessionIdContext[] = {'g', 'r', 'p', 'c'};
|
129
142
|
|
130
143
|
static void openssl_locking_cb(int mode, int type, const char* file, int line) {
|
131
144
|
if (mode & CRYPTO_LOCK) {
|
@@ -138,22 +151,27 @@ static void openssl_locking_cb(int mode, int type, const char* file, int line) {
|
|
138
151
|
static unsigned long openssl_thread_id_cb(void) {
|
139
152
|
return static_cast<unsigned long>(gpr_thd_currentid());
|
140
153
|
}
|
154
|
+
#endif
|
141
155
|
|
142
156
|
static void init_openssl(void) {
|
143
|
-
int i;
|
144
|
-
int num_locks;
|
145
157
|
SSL_library_init();
|
146
158
|
SSL_load_error_strings();
|
147
159
|
OpenSSL_add_all_algorithms();
|
148
|
-
|
149
|
-
|
150
|
-
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
|
160
|
+
#if OPENSSL_VERSION_NUMBER < 0x10100000
|
161
|
+
if (!CRYPTO_get_locking_callback()) {
|
162
|
+
int num_locks = CRYPTO_num_locks();
|
163
|
+
GPR_ASSERT(num_locks > 0);
|
164
|
+
g_openssl_mutexes = static_cast<gpr_mu*>(
|
165
|
+
gpr_malloc(static_cast<size_t>(num_locks) * sizeof(gpr_mu)));
|
166
|
+
for (int i = 0; i < num_locks; i++) {
|
167
|
+
gpr_mu_init(&g_openssl_mutexes[i]);
|
168
|
+
}
|
169
|
+
CRYPTO_set_locking_callback(openssl_locking_cb);
|
170
|
+
CRYPTO_set_id_callback(openssl_thread_id_cb);
|
171
|
+
} else {
|
172
|
+
gpr_log(GPR_INFO, "OpenSSL callback has already been set.");
|
173
|
+
}
|
174
|
+
#endif
|
157
175
|
g_ssl_ctx_ex_factory_index =
|
158
176
|
SSL_CTX_get_ex_new_index(0, nullptr, nullptr, nullptr, nullptr);
|
159
177
|
GPR_ASSERT(g_ssl_ctx_ex_factory_index != -1);
|
@@ -987,94 +1005,15 @@ static void tsi_ssl_handshaker_factory_init(
|
|
987
1005
|
gpr_ref_init(&factory->refcount, 1);
|
988
1006
|
}
|
989
1007
|
|
990
|
-
/* ---
|
991
|
-
|
992
|
-
static tsi_result ssl_handshaker_get_bytes_to_send_to_peer(tsi_handshaker* self,
|
993
|
-
unsigned char* bytes,
|
994
|
-
size_t* bytes_size) {
|
995
|
-
tsi_ssl_handshaker* impl = reinterpret_cast<tsi_ssl_handshaker*>(self);
|
996
|
-
int bytes_read_from_ssl = 0;
|
997
|
-
if (bytes == nullptr || bytes_size == nullptr || *bytes_size == 0 ||
|
998
|
-
*bytes_size > INT_MAX) {
|
999
|
-
return TSI_INVALID_ARGUMENT;
|
1000
|
-
}
|
1001
|
-
GPR_ASSERT(*bytes_size <= INT_MAX);
|
1002
|
-
bytes_read_from_ssl =
|
1003
|
-
BIO_read(impl->network_io, bytes, static_cast<int>(*bytes_size));
|
1004
|
-
if (bytes_read_from_ssl < 0) {
|
1005
|
-
*bytes_size = 0;
|
1006
|
-
if (!BIO_should_retry(impl->network_io)) {
|
1007
|
-
impl->result = TSI_INTERNAL_ERROR;
|
1008
|
-
return impl->result;
|
1009
|
-
} else {
|
1010
|
-
return TSI_OK;
|
1011
|
-
}
|
1012
|
-
}
|
1013
|
-
*bytes_size = static_cast<size_t>(bytes_read_from_ssl);
|
1014
|
-
return BIO_pending(impl->network_io) == 0 ? TSI_OK : TSI_INCOMPLETE_DATA;
|
1015
|
-
}
|
1016
|
-
|
1017
|
-
static tsi_result ssl_handshaker_get_result(tsi_handshaker* self) {
|
1018
|
-
tsi_ssl_handshaker* impl = reinterpret_cast<tsi_ssl_handshaker*>(self);
|
1019
|
-
if ((impl->result == TSI_HANDSHAKE_IN_PROGRESS) &&
|
1020
|
-
SSL_is_init_finished(impl->ssl)) {
|
1021
|
-
impl->result = TSI_OK;
|
1022
|
-
}
|
1023
|
-
return impl->result;
|
1024
|
-
}
|
1008
|
+
/* --- tsi_handshaker_result methods implementation. ---*/
|
1025
1009
|
|
1026
|
-
static tsi_result
|
1027
|
-
|
1028
|
-
tsi_ssl_handshaker* impl = reinterpret_cast<tsi_ssl_handshaker*>(self);
|
1029
|
-
int bytes_written_into_ssl_size = 0;
|
1030
|
-
if (bytes == nullptr || bytes_size == nullptr || *bytes_size > INT_MAX) {
|
1031
|
-
return TSI_INVALID_ARGUMENT;
|
1032
|
-
}
|
1033
|
-
GPR_ASSERT(*bytes_size <= INT_MAX);
|
1034
|
-
bytes_written_into_ssl_size =
|
1035
|
-
BIO_write(impl->network_io, bytes, static_cast<int>(*bytes_size));
|
1036
|
-
if (bytes_written_into_ssl_size < 0) {
|
1037
|
-
gpr_log(GPR_ERROR, "Could not write to memory BIO.");
|
1038
|
-
impl->result = TSI_INTERNAL_ERROR;
|
1039
|
-
return impl->result;
|
1040
|
-
}
|
1041
|
-
*bytes_size = static_cast<size_t>(bytes_written_into_ssl_size);
|
1042
|
-
|
1043
|
-
if (!tsi_handshaker_is_in_progress(self)) {
|
1044
|
-
impl->result = TSI_OK;
|
1045
|
-
return impl->result;
|
1046
|
-
} else {
|
1047
|
-
/* Get ready to get some bytes from SSL. */
|
1048
|
-
int ssl_result = SSL_do_handshake(impl->ssl);
|
1049
|
-
ssl_result = SSL_get_error(impl->ssl, ssl_result);
|
1050
|
-
switch (ssl_result) {
|
1051
|
-
case SSL_ERROR_WANT_READ:
|
1052
|
-
if (BIO_pending(impl->network_io) == 0) {
|
1053
|
-
/* We need more data. */
|
1054
|
-
return TSI_INCOMPLETE_DATA;
|
1055
|
-
} else {
|
1056
|
-
return TSI_OK;
|
1057
|
-
}
|
1058
|
-
case SSL_ERROR_NONE:
|
1059
|
-
return TSI_OK;
|
1060
|
-
default: {
|
1061
|
-
char err_str[256];
|
1062
|
-
ERR_error_string_n(ERR_get_error(), err_str, sizeof(err_str));
|
1063
|
-
gpr_log(GPR_ERROR, "Handshake failed with fatal error %s: %s.",
|
1064
|
-
ssl_error_string(ssl_result), err_str);
|
1065
|
-
impl->result = TSI_PROTOCOL_FAILURE;
|
1066
|
-
return impl->result;
|
1067
|
-
}
|
1068
|
-
}
|
1069
|
-
}
|
1070
|
-
}
|
1071
|
-
|
1072
|
-
static tsi_result ssl_handshaker_extract_peer(tsi_handshaker* self,
|
1073
|
-
tsi_peer* peer) {
|
1010
|
+
static tsi_result ssl_handshaker_result_extract_peer(
|
1011
|
+
const tsi_handshaker_result* self, tsi_peer* peer) {
|
1074
1012
|
tsi_result result = TSI_OK;
|
1075
1013
|
const unsigned char* alpn_selected = nullptr;
|
1076
1014
|
unsigned int alpn_selected_len;
|
1077
|
-
|
1015
|
+
const tsi_ssl_handshaker_result* impl =
|
1016
|
+
reinterpret_cast<const tsi_ssl_handshaker_result*>(self);
|
1078
1017
|
X509* peer_cert = SSL_get_peer_certificate(impl->ssl);
|
1079
1018
|
if (peer_cert != nullptr) {
|
1080
1019
|
result = peer_from_x509(peer_cert, 1, peer);
|
@@ -1120,12 +1059,14 @@ static tsi_result ssl_handshaker_extract_peer(tsi_handshaker* self,
|
|
1120
1059
|
return result;
|
1121
1060
|
}
|
1122
1061
|
|
1123
|
-
static tsi_result
|
1124
|
-
|
1062
|
+
static tsi_result ssl_handshaker_result_create_frame_protector(
|
1063
|
+
const tsi_handshaker_result* self, size_t* max_output_protected_frame_size,
|
1125
1064
|
tsi_frame_protector** protector) {
|
1126
1065
|
size_t actual_max_output_protected_frame_size =
|
1127
1066
|
TSI_SSL_MAX_PROTECTED_FRAME_SIZE_UPPER_BOUND;
|
1128
|
-
|
1067
|
+
tsi_ssl_handshaker_result* impl =
|
1068
|
+
reinterpret_cast<tsi_ssl_handshaker_result*>(
|
1069
|
+
const_cast<tsi_handshaker_result*>(self));
|
1129
1070
|
tsi_ssl_frame_protector* protector_impl =
|
1130
1071
|
static_cast<tsi_ssl_frame_protector*>(
|
1131
1072
|
gpr_zalloc(sizeof(*protector_impl)));
|
@@ -1153,35 +1094,218 @@ static tsi_result ssl_handshaker_create_frame_protector(
|
|
1153
1094
|
return TSI_INTERNAL_ERROR;
|
1154
1095
|
}
|
1155
1096
|
|
1156
|
-
/* Transfer ownership of ssl and network_io to the frame protector.
|
1157
|
-
* as the caller cannot call anything else but destroy on the handshaker
|
1158
|
-
* after this call. */
|
1097
|
+
/* Transfer ownership of ssl and network_io to the frame protector. */
|
1159
1098
|
protector_impl->ssl = impl->ssl;
|
1160
1099
|
impl->ssl = nullptr;
|
1161
1100
|
protector_impl->network_io = impl->network_io;
|
1162
1101
|
impl->network_io = nullptr;
|
1163
|
-
|
1164
1102
|
protector_impl->base.vtable = &frame_protector_vtable;
|
1165
1103
|
*protector = &protector_impl->base;
|
1166
1104
|
return TSI_OK;
|
1167
1105
|
}
|
1168
1106
|
|
1107
|
+
static tsi_result ssl_handshaker_result_get_unused_bytes(
|
1108
|
+
const tsi_handshaker_result* self, const unsigned char** bytes,
|
1109
|
+
size_t* bytes_size) {
|
1110
|
+
const tsi_ssl_handshaker_result* impl =
|
1111
|
+
reinterpret_cast<const tsi_ssl_handshaker_result*>(self);
|
1112
|
+
*bytes_size = impl->unused_bytes_size;
|
1113
|
+
*bytes = impl->unused_bytes;
|
1114
|
+
return TSI_OK;
|
1115
|
+
}
|
1116
|
+
|
1117
|
+
static void ssl_handshaker_result_destroy(tsi_handshaker_result* self) {
|
1118
|
+
tsi_ssl_handshaker_result* impl =
|
1119
|
+
reinterpret_cast<tsi_ssl_handshaker_result*>(self);
|
1120
|
+
SSL_free(impl->ssl);
|
1121
|
+
BIO_free(impl->network_io);
|
1122
|
+
gpr_free(impl->unused_bytes);
|
1123
|
+
gpr_free(impl);
|
1124
|
+
}
|
1125
|
+
|
1126
|
+
static const tsi_handshaker_result_vtable handshaker_result_vtable = {
|
1127
|
+
ssl_handshaker_result_extract_peer,
|
1128
|
+
nullptr, /* create_zero_copy_grpc_protector */
|
1129
|
+
ssl_handshaker_result_create_frame_protector,
|
1130
|
+
ssl_handshaker_result_get_unused_bytes,
|
1131
|
+
ssl_handshaker_result_destroy,
|
1132
|
+
};
|
1133
|
+
|
1134
|
+
static tsi_result ssl_handshaker_result_create(
|
1135
|
+
tsi_ssl_handshaker* handshaker, const unsigned char* unused_bytes,
|
1136
|
+
size_t unused_bytes_size, tsi_handshaker_result** handshaker_result) {
|
1137
|
+
if (handshaker == nullptr || handshaker_result == nullptr ||
|
1138
|
+
(unused_bytes_size > 0 && unused_bytes == nullptr)) {
|
1139
|
+
return TSI_INVALID_ARGUMENT;
|
1140
|
+
}
|
1141
|
+
tsi_ssl_handshaker_result* result =
|
1142
|
+
static_cast<tsi_ssl_handshaker_result*>(gpr_zalloc(sizeof(*result)));
|
1143
|
+
result->base.vtable = &handshaker_result_vtable;
|
1144
|
+
/* Transfer ownership of ssl and network_io to the handshaker result. */
|
1145
|
+
result->ssl = handshaker->ssl;
|
1146
|
+
handshaker->ssl = nullptr;
|
1147
|
+
result->network_io = handshaker->network_io;
|
1148
|
+
handshaker->network_io = nullptr;
|
1149
|
+
if (unused_bytes_size > 0) {
|
1150
|
+
result->unused_bytes =
|
1151
|
+
static_cast<unsigned char*>(gpr_malloc(unused_bytes_size));
|
1152
|
+
memcpy(result->unused_bytes, unused_bytes, unused_bytes_size);
|
1153
|
+
}
|
1154
|
+
result->unused_bytes_size = unused_bytes_size;
|
1155
|
+
*handshaker_result = &result->base;
|
1156
|
+
return TSI_OK;
|
1157
|
+
}
|
1158
|
+
|
1159
|
+
/* --- tsi_handshaker methods implementation. ---*/
|
1160
|
+
|
1161
|
+
static tsi_result ssl_handshaker_get_bytes_to_send_to_peer(
|
1162
|
+
tsi_ssl_handshaker* impl, unsigned char* bytes, size_t* bytes_size) {
|
1163
|
+
int bytes_read_from_ssl = 0;
|
1164
|
+
if (bytes == nullptr || bytes_size == nullptr || *bytes_size == 0 ||
|
1165
|
+
*bytes_size > INT_MAX) {
|
1166
|
+
return TSI_INVALID_ARGUMENT;
|
1167
|
+
}
|
1168
|
+
GPR_ASSERT(*bytes_size <= INT_MAX);
|
1169
|
+
bytes_read_from_ssl =
|
1170
|
+
BIO_read(impl->network_io, bytes, static_cast<int>(*bytes_size));
|
1171
|
+
if (bytes_read_from_ssl < 0) {
|
1172
|
+
*bytes_size = 0;
|
1173
|
+
if (!BIO_should_retry(impl->network_io)) {
|
1174
|
+
impl->result = TSI_INTERNAL_ERROR;
|
1175
|
+
return impl->result;
|
1176
|
+
} else {
|
1177
|
+
return TSI_OK;
|
1178
|
+
}
|
1179
|
+
}
|
1180
|
+
*bytes_size = static_cast<size_t>(bytes_read_from_ssl);
|
1181
|
+
return BIO_pending(impl->network_io) == 0 ? TSI_OK : TSI_INCOMPLETE_DATA;
|
1182
|
+
}
|
1183
|
+
|
1184
|
+
static tsi_result ssl_handshaker_get_result(tsi_ssl_handshaker* impl) {
|
1185
|
+
if ((impl->result == TSI_HANDSHAKE_IN_PROGRESS) &&
|
1186
|
+
SSL_is_init_finished(impl->ssl)) {
|
1187
|
+
impl->result = TSI_OK;
|
1188
|
+
}
|
1189
|
+
return impl->result;
|
1190
|
+
}
|
1191
|
+
|
1192
|
+
static tsi_result ssl_handshaker_process_bytes_from_peer(
|
1193
|
+
tsi_ssl_handshaker* impl, const unsigned char* bytes, size_t* bytes_size) {
|
1194
|
+
int bytes_written_into_ssl_size = 0;
|
1195
|
+
if (bytes == nullptr || bytes_size == nullptr || *bytes_size > INT_MAX) {
|
1196
|
+
return TSI_INVALID_ARGUMENT;
|
1197
|
+
}
|
1198
|
+
GPR_ASSERT(*bytes_size <= INT_MAX);
|
1199
|
+
bytes_written_into_ssl_size =
|
1200
|
+
BIO_write(impl->network_io, bytes, static_cast<int>(*bytes_size));
|
1201
|
+
if (bytes_written_into_ssl_size < 0) {
|
1202
|
+
gpr_log(GPR_ERROR, "Could not write to memory BIO.");
|
1203
|
+
impl->result = TSI_INTERNAL_ERROR;
|
1204
|
+
return impl->result;
|
1205
|
+
}
|
1206
|
+
*bytes_size = static_cast<size_t>(bytes_written_into_ssl_size);
|
1207
|
+
|
1208
|
+
if (ssl_handshaker_get_result(impl) != TSI_HANDSHAKE_IN_PROGRESS) {
|
1209
|
+
impl->result = TSI_OK;
|
1210
|
+
return impl->result;
|
1211
|
+
} else {
|
1212
|
+
/* Get ready to get some bytes from SSL. */
|
1213
|
+
int ssl_result = SSL_do_handshake(impl->ssl);
|
1214
|
+
ssl_result = SSL_get_error(impl->ssl, ssl_result);
|
1215
|
+
switch (ssl_result) {
|
1216
|
+
case SSL_ERROR_WANT_READ:
|
1217
|
+
if (BIO_pending(impl->network_io) == 0) {
|
1218
|
+
/* We need more data. */
|
1219
|
+
return TSI_INCOMPLETE_DATA;
|
1220
|
+
} else {
|
1221
|
+
return TSI_OK;
|
1222
|
+
}
|
1223
|
+
case SSL_ERROR_NONE:
|
1224
|
+
return TSI_OK;
|
1225
|
+
default: {
|
1226
|
+
char err_str[256];
|
1227
|
+
ERR_error_string_n(ERR_get_error(), err_str, sizeof(err_str));
|
1228
|
+
gpr_log(GPR_ERROR, "Handshake failed with fatal error %s: %s.",
|
1229
|
+
ssl_error_string(ssl_result), err_str);
|
1230
|
+
impl->result = TSI_PROTOCOL_FAILURE;
|
1231
|
+
return impl->result;
|
1232
|
+
}
|
1233
|
+
}
|
1234
|
+
}
|
1235
|
+
}
|
1236
|
+
|
1169
1237
|
static void ssl_handshaker_destroy(tsi_handshaker* self) {
|
1170
1238
|
tsi_ssl_handshaker* impl = reinterpret_cast<tsi_ssl_handshaker*>(self);
|
1171
1239
|
SSL_free(impl->ssl);
|
1172
1240
|
BIO_free(impl->network_io);
|
1241
|
+
gpr_free(impl->outgoing_bytes_buffer);
|
1173
1242
|
tsi_ssl_handshaker_factory_unref(impl->factory_ref);
|
1174
1243
|
gpr_free(impl);
|
1175
1244
|
}
|
1176
1245
|
|
1246
|
+
static tsi_result ssl_handshaker_next(
|
1247
|
+
tsi_handshaker* self, const unsigned char* received_bytes,
|
1248
|
+
size_t received_bytes_size, const unsigned char** bytes_to_send,
|
1249
|
+
size_t* bytes_to_send_size, tsi_handshaker_result** handshaker_result,
|
1250
|
+
tsi_handshaker_on_next_done_cb cb, void* user_data) {
|
1251
|
+
/* Input sanity check. */
|
1252
|
+
if ((received_bytes_size > 0 && received_bytes == nullptr) ||
|
1253
|
+
bytes_to_send == nullptr || bytes_to_send_size == nullptr ||
|
1254
|
+
handshaker_result == nullptr) {
|
1255
|
+
return TSI_INVALID_ARGUMENT;
|
1256
|
+
}
|
1257
|
+
/* If there are received bytes, process them first. */
|
1258
|
+
tsi_ssl_handshaker* impl = reinterpret_cast<tsi_ssl_handshaker*>(self);
|
1259
|
+
tsi_result status = TSI_OK;
|
1260
|
+
size_t bytes_consumed = received_bytes_size;
|
1261
|
+
if (received_bytes_size > 0) {
|
1262
|
+
status = ssl_handshaker_process_bytes_from_peer(impl, received_bytes,
|
1263
|
+
&bytes_consumed);
|
1264
|
+
if (status != TSI_OK) return status;
|
1265
|
+
}
|
1266
|
+
/* Get bytes to send to the peer, if available. */
|
1267
|
+
size_t offset = 0;
|
1268
|
+
do {
|
1269
|
+
size_t to_send_size = impl->outgoing_bytes_buffer_size - offset;
|
1270
|
+
status = ssl_handshaker_get_bytes_to_send_to_peer(
|
1271
|
+
impl, impl->outgoing_bytes_buffer + offset, &to_send_size);
|
1272
|
+
offset += to_send_size;
|
1273
|
+
if (status == TSI_INCOMPLETE_DATA) {
|
1274
|
+
impl->outgoing_bytes_buffer_size *= 2;
|
1275
|
+
impl->outgoing_bytes_buffer = static_cast<unsigned char*>(gpr_realloc(
|
1276
|
+
impl->outgoing_bytes_buffer, impl->outgoing_bytes_buffer_size));
|
1277
|
+
}
|
1278
|
+
} while (status == TSI_INCOMPLETE_DATA);
|
1279
|
+
if (status != TSI_OK) return status;
|
1280
|
+
*bytes_to_send = impl->outgoing_bytes_buffer;
|
1281
|
+
*bytes_to_send_size = offset;
|
1282
|
+
/* If handshake completes, create tsi_handshaker_result. */
|
1283
|
+
if (ssl_handshaker_get_result(impl) == TSI_HANDSHAKE_IN_PROGRESS) {
|
1284
|
+
*handshaker_result = nullptr;
|
1285
|
+
} else {
|
1286
|
+
size_t unused_bytes_size = received_bytes_size - bytes_consumed;
|
1287
|
+
const unsigned char* unused_bytes =
|
1288
|
+
unused_bytes_size == 0 ? nullptr : received_bytes + bytes_consumed;
|
1289
|
+
status = ssl_handshaker_result_create(impl, unused_bytes, unused_bytes_size,
|
1290
|
+
handshaker_result);
|
1291
|
+
if (status == TSI_OK) {
|
1292
|
+
/* Indicates that the handshake has completed and that a handshaker_result
|
1293
|
+
* has been created. */
|
1294
|
+
self->handshaker_result_created = true;
|
1295
|
+
}
|
1296
|
+
}
|
1297
|
+
return status;
|
1298
|
+
}
|
1299
|
+
|
1177
1300
|
static const tsi_handshaker_vtable handshaker_vtable = {
|
1178
|
-
|
1179
|
-
|
1180
|
-
|
1181
|
-
|
1182
|
-
|
1301
|
+
nullptr, /* get_bytes_to_send_to_peer -- deprecated */
|
1302
|
+
nullptr, /* process_bytes_from_peer -- deprecated */
|
1303
|
+
nullptr, /* get_result -- deprecated */
|
1304
|
+
nullptr, /* extract_peer -- deprecated */
|
1305
|
+
nullptr, /* create_frame_protector -- deprecated */
|
1183
1306
|
ssl_handshaker_destroy,
|
1184
|
-
|
1307
|
+
ssl_handshaker_next,
|
1308
|
+
nullptr, /* shutdown */
|
1185
1309
|
};
|
1186
1310
|
|
1187
1311
|
/* --- tsi_ssl_handshaker_factory common methods. --- */
|
@@ -1259,6 +1383,10 @@ static tsi_result create_tsi_ssl_handshaker(SSL_CTX* ctx, int is_client,
|
|
1259
1383
|
impl->ssl = ssl;
|
1260
1384
|
impl->network_io = network_io;
|
1261
1385
|
impl->result = TSI_HANDSHAKE_IN_PROGRESS;
|
1386
|
+
impl->outgoing_bytes_buffer_size =
|
1387
|
+
TSI_SSL_HANDSHAKER_OUTGOING_BUFFER_INITIAL_SIZE;
|
1388
|
+
impl->outgoing_bytes_buffer =
|
1389
|
+
static_cast<unsigned char*>(gpr_zalloc(impl->outgoing_bytes_buffer_size));
|
1262
1390
|
impl->base.vtable = &handshaker_vtable;
|
1263
1391
|
impl->factory_ref = tsi_ssl_handshaker_factory_ref(factory);
|
1264
1392
|
|
@@ -136,6 +136,7 @@ tsi_result tsi_handshaker_get_bytes_to_send_to_peer(tsi_handshaker* self,
|
|
136
136
|
return TSI_INVALID_ARGUMENT;
|
137
137
|
}
|
138
138
|
if (self->frame_protector_created) return TSI_FAILED_PRECONDITION;
|
139
|
+
if (self->handshake_shutdown) return TSI_HANDSHAKE_SHUTDOWN;
|
139
140
|
if (self->vtable->get_bytes_to_send_to_peer == nullptr)
|
140
141
|
return TSI_UNIMPLEMENTED;
|
141
142
|
return self->vtable->get_bytes_to_send_to_peer(self, bytes, bytes_size);
|
@@ -149,6 +150,7 @@ tsi_result tsi_handshaker_process_bytes_from_peer(tsi_handshaker* self,
|
|
149
150
|
return TSI_INVALID_ARGUMENT;
|
150
151
|
}
|
151
152
|
if (self->frame_protector_created) return TSI_FAILED_PRECONDITION;
|
153
|
+
if (self->handshake_shutdown) return TSI_HANDSHAKE_SHUTDOWN;
|
152
154
|
if (self->vtable->process_bytes_from_peer == nullptr)
|
153
155
|
return TSI_UNIMPLEMENTED;
|
154
156
|
return self->vtable->process_bytes_from_peer(self, bytes, bytes_size);
|
@@ -157,6 +159,7 @@ tsi_result tsi_handshaker_process_bytes_from_peer(tsi_handshaker* self,
|
|
157
159
|
tsi_result tsi_handshaker_get_result(tsi_handshaker* self) {
|
158
160
|
if (self == nullptr || self->vtable == nullptr) return TSI_INVALID_ARGUMENT;
|
159
161
|
if (self->frame_protector_created) return TSI_FAILED_PRECONDITION;
|
162
|
+
if (self->handshake_shutdown) return TSI_HANDSHAKE_SHUTDOWN;
|
160
163
|
if (self->vtable->get_result == nullptr) return TSI_UNIMPLEMENTED;
|
161
164
|
return self->vtable->get_result(self);
|
162
165
|
}
|
@@ -167,6 +170,7 @@ tsi_result tsi_handshaker_extract_peer(tsi_handshaker* self, tsi_peer* peer) {
|
|
167
170
|
}
|
168
171
|
memset(peer, 0, sizeof(tsi_peer));
|
169
172
|
if (self->frame_protector_created) return TSI_FAILED_PRECONDITION;
|
173
|
+
if (self->handshake_shutdown) return TSI_HANDSHAKE_SHUTDOWN;
|
170
174
|
if (tsi_handshaker_get_result(self) != TSI_OK) {
|
171
175
|
return TSI_FAILED_PRECONDITION;
|
172
176
|
}
|
@@ -182,6 +186,7 @@ tsi_result tsi_handshaker_create_frame_protector(
|
|
182
186
|
return TSI_INVALID_ARGUMENT;
|
183
187
|
}
|
184
188
|
if (self->frame_protector_created) return TSI_FAILED_PRECONDITION;
|
189
|
+
if (self->handshake_shutdown) return TSI_HANDSHAKE_SHUTDOWN;
|
185
190
|
if (tsi_handshaker_get_result(self) != TSI_OK) return TSI_FAILED_PRECONDITION;
|
186
191
|
if (self->vtable->create_frame_protector == nullptr) return TSI_UNIMPLEMENTED;
|
187
192
|
result = self->vtable->create_frame_protector(self, max_protected_frame_size,
|
@@ -199,12 +204,21 @@ tsi_result tsi_handshaker_next(
|
|
199
204
|
tsi_handshaker_on_next_done_cb cb, void* user_data) {
|
200
205
|
if (self == nullptr || self->vtable == nullptr) return TSI_INVALID_ARGUMENT;
|
201
206
|
if (self->handshaker_result_created) return TSI_FAILED_PRECONDITION;
|
207
|
+
if (self->handshake_shutdown) return TSI_HANDSHAKE_SHUTDOWN;
|
202
208
|
if (self->vtable->next == nullptr) return TSI_UNIMPLEMENTED;
|
203
209
|
return self->vtable->next(self, received_bytes, received_bytes_size,
|
204
210
|
bytes_to_send, bytes_to_send_size,
|
205
211
|
handshaker_result, cb, user_data);
|
206
212
|
}
|
207
213
|
|
214
|
+
void tsi_handshaker_shutdown(tsi_handshaker* self) {
|
215
|
+
if (self == nullptr || self->vtable == nullptr) return;
|
216
|
+
self->handshake_shutdown = true;
|
217
|
+
if (self->vtable->shutdown != nullptr) {
|
218
|
+
self->vtable->shutdown(self);
|
219
|
+
}
|
220
|
+
}
|
221
|
+
|
208
222
|
void tsi_handshaker_destroy(tsi_handshaker* self) {
|
209
223
|
if (self == nullptr) return;
|
210
224
|
self->vtable->destroy(self);
|