grpc 1.34.0 → 1.35.0.pre1

data/src/core/lib/security/security_connector/alts/alts_security_connector.cc

@@ -134,7 +134,7 @@ class grpc_alts_channel_security_connector final
 class grpc_alts_server_security_connector final
     : public grpc_server_security_connector {
  public:
-  grpc_alts_server_security_connector(
+  explicit grpc_alts_server_security_connector(
       grpc_core::RefCountedPtr<grpc_server_credentials> server_creds)
       : grpc_server_security_connector(GRPC_ALTS_URL_SCHEME,
                                        std::move(server_creds)) {}

data/src/core/lib/security/security_connector/fake/fake_security_connector.cc

@@ -275,7 +275,7 @@ void grpc_fake_channel_security_connector::check_peer(
 class grpc_fake_server_security_connector
     : public grpc_server_security_connector {
  public:
-  grpc_fake_server_security_connector(
+  explicit grpc_fake_server_security_connector(
       grpc_core::RefCountedPtr<grpc_server_credentials> server_creds)
       : grpc_server_security_connector(GRPC_FAKE_SECURITY_URL_SCHEME,
                                        std::move(server_creds)) {}

data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc

@@ -28,6 +28,26 @@ namespace grpc_core {
 
 const char kInsecureTransportSecurityType[] = "insecure";
 
+namespace {
+
+RefCountedPtr<grpc_auth_context> MakeAuthContext() {
+  auto ctx = MakeRefCounted<grpc_auth_context>(nullptr);
+  grpc_auth_context_add_cstring_property(
+      ctx.get(), GRPC_TRANSPORT_SECURITY_TYPE_PROPERTY_NAME,
+      kInsecureTransportSecurityType);
+  const char* security_level = tsi_security_level_to_string(TSI_SECURITY_NONE);
+  grpc_auth_context_add_property(ctx.get(),
+                                 GRPC_TRANSPORT_SECURITY_LEVEL_PROPERTY_NAME,
+                                 security_level, strlen(security_level));
+  return ctx;
+}
+
+}  // namespace
+
+RefCountedPtr<grpc_auth_context> TestOnlyMakeInsecureAuthContext() {
+  return MakeAuthContext();
+}
+
 // check_call_host and cancel_check_call_host are no-ops since we want to
 // provide an insecure channel.
 bool InsecureChannelSecurityConnector::check_call_host(
@@ -70,19 +90,32 @@ int InsecureChannelSecurityConnector::cmp(
       static_cast<const grpc_channel_security_connector*>(other_sc));
 }
 
-RefCountedPtr<grpc_auth_context>
-InsecureChannelSecurityConnector::MakeAuthContext() {
-  auto ctx = MakeRefCounted<grpc_auth_context>(nullptr);
-  grpc_auth_context_add_cstring_property(
-      ctx.get(), GRPC_TRANSPORT_SECURITY_TYPE_PROPERTY_NAME,
-      kInsecureTransportSecurityType);
-  GPR_ASSERT(grpc_auth_context_set_peer_identity_property_name(
-                 ctx.get(), GRPC_TRANSPORT_SECURITY_TYPE_PROPERTY_NAME) == 1);
-  const char* security_level = tsi_security_level_to_string(TSI_SECURITY_NONE);
-  grpc_auth_context_add_property(ctx.get(),
-                                 GRPC_TRANSPORT_SECURITY_LEVEL_PROPERTY_NAME,
-                                 security_level, strlen(security_level));
-  return ctx;
+// add_handshakers should have been a no-op but we need to add a minimalist
+// security handshaker so that check_peer is invoked and an auth_context is
+// created with the security level of TSI_SECURITY_NONE.
+void InsecureServerSecurityConnector::add_handshakers(
+    const grpc_channel_args* args, grpc_pollset_set* /* interested_parties */,
+    grpc_core::HandshakeManager* handshake_manager) {
+  tsi_handshaker* handshaker = nullptr;
+  // Re-use local_tsi_handshaker_create as a minimalist handshaker.
+  GPR_ASSERT(tsi_local_handshaker_create(false /* is_client */, &handshaker) ==
+             TSI_OK);
+  handshake_manager->Add(SecurityHandshakerCreate(handshaker, this, args));
+}
+
+void InsecureServerSecurityConnector::check_peer(
+    tsi_peer peer, grpc_endpoint* ep,
+    grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
+    grpc_closure* on_peer_checked) {
+  *auth_context = MakeAuthContext();
+  tsi_peer_destruct(&peer);
+  ExecCtx::Run(DEBUG_LOCATION, on_peer_checked, GRPC_ERROR_NONE);
+}
+
+int InsecureServerSecurityConnector::cmp(
+    const grpc_security_connector* other) const {
+  return server_security_connector_cmp(
+      static_cast<const grpc_server_security_connector*>(other));
 }
 
 }  // namespace grpc_core

data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h

@@ -29,6 +29,12 @@ namespace grpc_core {
 
 extern const char kInsecureTransportSecurityType[];
 
+// Exposed for testing purposes only.
+// Create an auth context which is necessary to pass the santiy check in
+// client_auth_filter that verifies if the peer's auth context is obtained
+// during handshakes.
+RefCountedPtr<grpc_auth_context> TestOnlyMakeInsecureAuthContext();
+
 class InsecureChannelSecurityConnector
     : public grpc_channel_security_connector {
  public:
@@ -55,13 +61,24 @@ class InsecureChannelSecurityConnector
                   grpc_closure* on_peer_checked) override;
 
   int cmp(const grpc_security_connector* other_sc) const override;
+};
+
+class InsecureServerSecurityConnector : public grpc_server_security_connector {
+ public:
+  explicit InsecureServerSecurityConnector(
+      grpc_core::RefCountedPtr<grpc_server_credentials> server_creds)
+      : grpc_server_security_connector(nullptr /* url_scheme */,
+                                       std::move(server_creds)) {}
+
+  void add_handshakers(const grpc_channel_args* args,
+                       grpc_pollset_set* /* interested_parties */,
+                       grpc_core::HandshakeManager* handshake_manager) override;
+
+  void check_peer(tsi_peer peer, grpc_endpoint* ep,
+                  grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
+                  grpc_closure* on_peer_checked) override;
 
-  // Exposed for testing purposes only.
-  // Create an auth context which is necessary to pass the santiy check in
-  // client_auth_filter that verifies if the peer's auth context is obtained
-  // during handshakes. The auth context is only checked for its existence and
-  // not actually used.
-  static RefCountedPtr<grpc_auth_context> MakeAuthContext();
+  int cmp(const grpc_security_connector* other) const override;
 };
 
 }  // namespace grpc_core

data/src/core/lib/security/security_connector/local/local_security_connector.cc

@@ -206,7 +206,7 @@ class grpc_local_channel_security_connector final
 class grpc_local_server_security_connector final
     : public grpc_server_security_connector {
  public:
-  grpc_local_server_security_connector(
+  explicit grpc_local_server_security_connector(
       grpc_core::RefCountedPtr<grpc_server_credentials> server_creds)
       : grpc_server_security_connector(nullptr, std::move(server_creds)) {}
   ~grpc_local_server_security_connector() override = default;

data/src/core/lib/security/security_connector/security_connector.cc

@@ -104,8 +104,9 @@ static const grpc_arg_pointer_vtable connector_arg_vtable = {
     connector_arg_copy, connector_arg_destroy, connector_cmp};
 
 grpc_arg grpc_security_connector_to_arg(grpc_security_connector* sc) {
-  return grpc_channel_arg_pointer_create((char*)GRPC_ARG_SECURITY_CONNECTOR, sc,
-                                         &connector_arg_vtable);
+  return grpc_channel_arg_pointer_create(
+      const_cast<char*>(GRPC_ARG_SECURITY_CONNECTOR), sc,
+      &connector_arg_vtable);
 }
 
 grpc_security_connector* grpc_security_connector_from_arg(const grpc_arg* arg) {

data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc

@@ -111,7 +111,7 @@ class grpc_ssl_channel_security_connector final
     const tsi_result result =
         tsi_create_ssl_client_handshaker_factory_with_options(
             &options, &client_handshaker_factory_);
-    gpr_free((void*)options.alpn_protocols);
+    gpr_free(options.alpn_protocols);
     if (result != TSI_OK) {
       gpr_log(GPR_ERROR, "Handshaker factory creation failed with %s.",
               tsi_result_to_string(result));
@@ -206,7 +206,7 @@ class grpc_ssl_channel_security_connector final
 class grpc_ssl_server_security_connector
     : public grpc_server_security_connector {
  public:
-  grpc_ssl_server_security_connector(
+  explicit grpc_ssl_server_security_connector(
       grpc_core::RefCountedPtr<grpc_server_credentials> server_creds)
       : grpc_server_security_connector(GRPC_SSL_URL_SCHEME,
                                        std::move(server_creds)) {}
@@ -258,7 +258,7 @@ class grpc_ssl_server_security_connector
       const tsi_result result =
           tsi_create_ssl_server_handshaker_factory_with_options(
               &options, &server_handshaker_factory_);
-      gpr_free((void*)alpn_protocol_strings);
+      gpr_free(alpn_protocol_strings);
       if (result != TSI_OK) {
         gpr_log(GPR_ERROR, "Handshaker factory creation failed with %s.",
                 tsi_result_to_string(result));
@@ -368,7 +368,7 @@ class grpc_ssl_server_security_connector
     grpc_tsi_ssl_pem_key_cert_pairs_destroy(
         const_cast<tsi_ssl_pem_key_cert_pair*>(options.pem_key_cert_pairs),
         options.num_key_cert_pairs);
-    gpr_free((void*)alpn_protocol_strings);
+    gpr_free(alpn_protocol_strings);
 
     if (result != TSI_OK) {
       gpr_log(GPR_ERROR, "Handshaker factory creation failed with %s.",

data/src/core/lib/security/security_connector/ssl_utils.cc

@@ -427,7 +427,7 @@ grpc_security_status grpc_ssl_tsi_client_handshaker_factory_init(
   const tsi_result result =
       tsi_create_ssl_client_handshaker_factory_with_options(&options,
                                                             handshaker_factory);
-  gpr_free((void*)options.alpn_protocols);
+  gpr_free(options.alpn_protocols);
   if (result != TSI_OK) {
     gpr_log(GPR_ERROR, "Handshaker factory creation failed with %s.",
             tsi_result_to_string(result));
@@ -459,7 +459,7 @@ grpc_security_status grpc_ssl_tsi_server_handshaker_factory_init(
   const tsi_result result =
       tsi_create_ssl_server_handshaker_factory_with_options(&options,
                                                             handshaker_factory);
-  gpr_free((void*)alpn_protocol_strings);
+  gpr_free(alpn_protocol_strings);
   if (result != TSI_OK) {
     gpr_log(GPR_ERROR, "Handshaker factory creation failed with %s.",
             tsi_result_to_string(result));

data/src/core/lib/security/security_connector/ssl_utils.h

@@ -145,13 +145,8 @@ class DefaultSslRootStore {
 
 class PemKeyCertPair {
  public:
-  // Construct from the C struct.  We steal its members and then immediately
-  // free it.
-  explicit PemKeyCertPair(grpc_ssl_pem_key_cert_pair* pair)
-      : private_key_(const_cast<char*>(pair->private_key)),
-        cert_chain_(const_cast<char*>(pair->cert_chain)) {
-    gpr_free(pair);
-  }
+  PemKeyCertPair(absl::string_view private_key, absl::string_view cert_chain)
+      : private_key_(private_key), cert_chain_(cert_chain) {}
 
   // Movable.
   PemKeyCertPair(PemKeyCertPair&& other) noexcept {
@@ -166,30 +161,28 @@ class PemKeyCertPair {
 
   // Copyable.
   PemKeyCertPair(const PemKeyCertPair& other)
-      : private_key_(gpr_strdup(other.private_key())),
-        cert_chain_(gpr_strdup(other.cert_chain())) {}
+      : private_key_(other.private_key()), cert_chain_(other.cert_chain()) {}
   PemKeyCertPair& operator=(const PemKeyCertPair& other) {
-    private_key_ = grpc_core::UniquePtr<char>(gpr_strdup(other.private_key()));
-    cert_chain_ = grpc_core::UniquePtr<char>(gpr_strdup(other.cert_chain()));
+    private_key_ = other.private_key();
+    cert_chain_ = other.cert_chain();
     return *this;
   }
 
   bool operator==(const PemKeyCertPair& other) const {
-    return std::strcmp(this->private_key(), other.private_key()) == 0 &&
-           std::strcmp(this->cert_chain(), other.cert_chain()) == 0;
+    return this->private_key() == other.private_key() &&
+           this->cert_chain() == other.cert_chain();
   }
 
-  char* private_key() const { return private_key_.get(); }
-  char* cert_chain() const { return cert_chain_.get(); }
+  const std::string& private_key() const { return private_key_; }
+  const std::string& cert_chain() const { return cert_chain_; }
 
  private:
-  grpc_core::UniquePtr<char> private_key_;
-  grpc_core::UniquePtr<char> cert_chain_;
+  std::string private_key_;
+  std::string cert_chain_;
 };
 
 typedef absl::InlinedVector<grpc_core::PemKeyCertPair, 1> PemKeyCertPairList;
 
 }  // namespace grpc_core
 
-#endif /* GRPC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_SSL_UTILS_H \
-        */
+#endif  // GRPC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_SSL_UTILS_H

data/src/core/lib/security/security_connector/tls/tls_security_connector.cc

@@ -55,10 +55,12 @@ tsi_ssl_pem_key_cert_pair* ConvertToTsiPemKeyCertPair(
         gpr_zalloc(num_key_cert_pairs * sizeof(tsi_ssl_pem_key_cert_pair)));
   }
   for (size_t i = 0; i < num_key_cert_pairs; i++) {
-    GPR_ASSERT(cert_pair_list[i].private_key() != nullptr);
-    GPR_ASSERT(cert_pair_list[i].cert_chain() != nullptr);
-    tsi_pairs[i].cert_chain = gpr_strdup(cert_pair_list[i].cert_chain());
-    tsi_pairs[i].private_key = gpr_strdup(cert_pair_list[i].private_key());
+    GPR_ASSERT(!cert_pair_list[i].private_key().empty());
+    GPR_ASSERT(!cert_pair_list[i].cert_chain().empty());
+    tsi_pairs[i].cert_chain =
+        gpr_strdup(cert_pair_list[i].cert_chain().c_str());
+    tsi_pairs[i].private_key =
+        gpr_strdup(cert_pair_list[i].private_key().c_str());
   }
   return tsi_pairs;
 }
@@ -68,12 +70,12 @@ tsi_ssl_pem_key_cert_pair* ConvertToTsiPemKeyCertPair(
 // -------------------channel security connector-------------------
 grpc_core::RefCountedPtr<grpc_channel_security_connector>
 TlsChannelSecurityConnector::CreateTlsChannelSecurityConnector(
-    grpc_core::RefCountedPtr<grpc_channel_credentials> ch_creds,
+    grpc_core::RefCountedPtr<grpc_channel_credentials> channel_creds,
     grpc_core::RefCountedPtr<grpc_tls_credentials_options> options,
     grpc_core::RefCountedPtr<grpc_call_credentials> request_metadata_creds,
     const char* target_name, const char* overridden_target_name,
     tsi_ssl_session_cache* ssl_session_cache) {
-  if (ch_creds == nullptr) {
+  if (channel_creds == nullptr) {
     gpr_log(GPR_ERROR,
             "channel_creds is nullptr in "
             "TlsChannelSecurityConnectorCreate()");
@@ -93,19 +95,20 @@ TlsChannelSecurityConnector::CreateTlsChannelSecurityConnector(
   }
   grpc_core::RefCountedPtr<TlsChannelSecurityConnector> c =
       grpc_core::MakeRefCounted<TlsChannelSecurityConnector>(
-          std::move(ch_creds), std::move(options),
+          std::move(channel_creds), std::move(options),
           std::move(request_metadata_creds), target_name,
           overridden_target_name, ssl_session_cache);
   return c;
 }
 
 TlsChannelSecurityConnector::TlsChannelSecurityConnector(
-    grpc_core::RefCountedPtr<grpc_channel_credentials> ch_creds,
+    grpc_core::RefCountedPtr<grpc_channel_credentials> channel_creds,
     grpc_core::RefCountedPtr<grpc_tls_credentials_options> options,
     grpc_core::RefCountedPtr<grpc_call_credentials> request_metadata_creds,
     const char* target_name, const char* overridden_target_name,
     tsi_ssl_session_cache* ssl_session_cache)
-    : grpc_channel_security_connector(GRPC_SSL_URL_SCHEME, std::move(ch_creds),
+    : grpc_channel_security_connector(GRPC_SSL_URL_SCHEME,
+                                      std::move(channel_creds),
                                       std::move(request_metadata_creds)),
       options_(std::move(options)),
       overridden_target_name_(
@@ -240,6 +243,39 @@ void TlsChannelSecurityConnector::check_peer(
                 : check_arg_->peer_cert_full_chain;
         gpr_free(peer_pem_chain);
       }
+      // TODO(zhenlian) - This should be cleaned up as part of the custom
+      // verification changes. Fill in the subject alternative names
+      std::vector<char*> subject_alternative_names;
+      for (size_t i = 0; i < peer.property_count; i++) {
+        const tsi_peer_property* prop = &peer.properties[i];
+        if (strcmp(prop->name,
+                   TSI_X509_SUBJECT_ALTERNATIVE_NAME_PEER_PROPERTY) == 0) {
+          char* san = new char[prop->value.length + 1];
+          memcpy(san, prop->value.data, prop->value.length);
+          san[prop->value.length] = '\0';
+          subject_alternative_names.emplace_back(san);
+        }
+      }
+      if (check_arg_->subject_alternative_names != nullptr) {
+        for (size_t i = 0; i < check_arg_->subject_alternative_names_size;
+             ++i) {
+          delete[] check_arg_->subject_alternative_names[i];
+        }
+        delete[] check_arg_->subject_alternative_names;
+      }
+      check_arg_->subject_alternative_names_size =
+          subject_alternative_names.size();
+      if (subject_alternative_names.empty()) {
+        check_arg_->subject_alternative_names = nullptr;
+      } else {
+        check_arg_->subject_alternative_names =
+            new char*[check_arg_->subject_alternative_names_size];
+        for (size_t i = 0; i < check_arg_->subject_alternative_names_size;
+             ++i) {
+          check_arg_->subject_alternative_names[i] =
+              subject_alternative_names[i];
+        }
+      }
       int callback_status = config->Schedule(check_arg_);
       /* Server authorization check is handled asynchronously. */
       if (callback_status) {
@@ -406,6 +442,11 @@ TlsChannelSecurityConnector::ServerAuthorizationCheckArgCreate(
     void* user_data) {
   grpc_tls_server_authorization_check_arg* arg =
       new grpc_tls_server_authorization_check_arg();
+  arg->target_name = nullptr;
+  arg->peer_cert = nullptr;
+  arg->peer_cert_full_chain = nullptr;
+  arg->subject_alternative_names = nullptr;
+  arg->subject_alternative_names_size = 0;
   arg->error_details = new grpc_tls_error_details();
   arg->cb = ServerAuthorizationCheckDone;
   arg->cb_user_data = user_data;
@@ -418,9 +459,13 @@ void TlsChannelSecurityConnector::ServerAuthorizationCheckArgDestroy(
   if (arg == nullptr) {
     return;
   }
-  gpr_free((void*)arg->target_name);
-  gpr_free((void*)arg->peer_cert);
-  if (arg->peer_cert_full_chain) gpr_free((void*)arg->peer_cert_full_chain);
+  gpr_free(const_cast<char*>(arg->target_name));
+  gpr_free(const_cast<char*>(arg->peer_cert));
+  gpr_free(const_cast<char*>(arg->peer_cert_full_chain));
+  for (size_t i = 0; i < arg->subject_alternative_names_size; ++i) {
+    delete[] arg->subject_alternative_names[i];
+  }
+  delete[] arg->subject_alternative_names;
   delete arg->error_details;
   if (arg->destroy_context != nullptr) {
     arg->destroy_context(arg->context);

data/src/core/lib/security/security_connector/tls/tls_security_connector.h

@@ -74,13 +74,12 @@ class TlsChannelSecurityConnector final
     return client_handshaker_factory_;
   };
 
-  const absl::optional<absl::string_view>& RootCertsForTesting() {
+  absl::optional<absl::string_view> RootCertsForTesting() {
     grpc_core::MutexLock lock(&mu_);
     return pem_root_certs_;
   }
 
-  const absl::optional<grpc_core::PemKeyCertPairList>&
-  KeyCertPairListForTesting() {
+  absl::optional<grpc_core::PemKeyCertPairList> KeyCertPairListForTesting() {
     grpc_core::MutexLock lock(&mu_);
     return pem_key_cert_pair_list_;
   }

data/src/core/lib/security/transport/secure_endpoint.cc

@@ -443,10 +443,10 @@ static const grpc_endpoint_vtable vtable = {endpoint_read,
 grpc_endpoint* grpc_secure_endpoint_create(
     struct tsi_frame_protector* protector,
     struct tsi_zero_copy_grpc_protector* zero_copy_protector,
-    grpc_endpoint* transport, grpc_slice* leftover_slices,
+    grpc_endpoint* to_wrap, grpc_slice* leftover_slices,
     size_t leftover_nslices) {
   secure_endpoint* ep =
-      new secure_endpoint(&vtable, protector, zero_copy_protector, transport,
+      new secure_endpoint(&vtable, protector, zero_copy_protector, to_wrap,
                           leftover_slices, leftover_nslices);
   return &ep->base;
 }

data/src/core/lib/security/transport/security_handshaker.cc

@@ -241,8 +241,8 @@ void SecurityHandshaker::OnPeerCheckedInner(grpc_error* error) {
       handshaker_result_, &unused_bytes, &unused_bytes_size);
   // Create secure endpoint.
   if (unused_bytes_size > 0) {
-    grpc_slice slice =
-        grpc_slice_from_copied_buffer((char*)unused_bytes, unused_bytes_size);
+    grpc_slice slice = grpc_slice_from_copied_buffer(
+        reinterpret_cast<const char*>(unused_bytes), unused_bytes_size);
     args_->endpoint = grpc_secure_endpoint_create(
         protector, zero_copy_protector, args_->endpoint, &slice, 1);
     grpc_slice_unref_internal(slice);

data/src/core/lib/slice/slice_intern.cc

@@ -273,17 +273,16 @@ grpc_core::ManagedMemorySlice::ManagedMemorySlice(const char* string)
     : grpc_core::ManagedMemorySlice::ManagedMemorySlice(string,
                                                         strlen(string)) {}
 
-grpc_core::ManagedMemorySlice::ManagedMemorySlice(const char* string,
-                                                  size_t len) {
+grpc_core::ManagedMemorySlice::ManagedMemorySlice(const char* buf, size_t len) {
   GPR_TIMER_SCOPE("grpc_slice_intern", 0);
-  const uint32_t hash = gpr_murmur_hash3(string, len, g_hash_seed);
+  const uint32_t hash = gpr_murmur_hash3(buf, len, g_hash_seed);
   const StaticMetadataSlice* static_slice =
-      MatchStaticSlice(hash, std::pair<const char*, size_t>(string, len));
+      MatchStaticSlice(hash, std::pair<const char*, size_t>(buf, len));
   if (static_slice) {
     *this = *static_slice;
   } else {
     *this = grpc_core::InternedSlice(FindOrCreateInternedSlice(
-        hash, std::pair<const char*, size_t>(string, len)));
+        hash, std::pair<const char*, size_t>(buf, len)));
   }
 }