1 // 2 // 3 // Copyright 2020 gRPC authors. 4 // 5 // Licensed under the Apache License, Version 2.0 (the "License"); 6 // you may not use this file except in compliance with the License. 7 // You may obtain a copy of the License at 8 // 9 // http://www.apache.org/licenses/LICENSE-2.0 10 // 11 // Unless required by applicable law or agreed to in writing, software 12 // distributed under the License is distributed on an "AS IS" BASIS, 13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 // See the License for the specific language governing permissions and 15 // limitations under the License. 16 // 17 // 18 19 #ifndef GRPC_SRC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_INSECURE_INSECURE_SECURITY_CONNECTOR_H 20 #define GRPC_SRC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_INSECURE_INSECURE_SECURITY_CONNECTOR_H 21 22 #include <grpc/support/port_platform.h> 23 24 #include <utility> 25 26 #include "absl/status/status.h" 27 #include "absl/strings/string_view.h" 28 29 #include <grpc/grpc.h> 30 #include <grpc/grpc_security.h> 31 32 #include "src/core/lib/channel/channel_args.h" 33 #include "src/core/lib/gprpp/ref_counted_ptr.h" 34 #include "src/core/lib/iomgr/closure.h" 35 #include "src/core/lib/iomgr/endpoint.h" 36 #include "src/core/lib/iomgr/error.h" 37 #include "src/core/lib/iomgr/iomgr_fwd.h" 38 #include "src/core/lib/promise/arena_promise.h" 39 #include "src/core/lib/security/credentials/credentials.h" 40 #include "src/core/lib/security/security_connector/security_connector.h" 41 #include "src/core/lib/transport/handshaker.h" 42 #include "src/core/tsi/transport_security_interface.h" 43 44 namespace grpc_core { 45 46 extern const char kInsecureTransportSecurityType[]; 47 48 // Exposed for testing purposes only. 49 // Create an auth context which is necessary to pass the santiy check in 50 // client_auth_filter that verifies if the peer's auth context is obtained 51 // during handshakes. 52 RefCountedPtr<grpc_auth_context> TestOnlyMakeInsecureAuthContext(); 53 54 class InsecureChannelSecurityConnector 55 : public grpc_channel_security_connector { 56 public: InsecureChannelSecurityConnector(RefCountedPtr<grpc_channel_credentials> channel_creds,RefCountedPtr<grpc_call_credentials> request_metadata_creds)57 InsecureChannelSecurityConnector( 58 RefCountedPtr<grpc_channel_credentials> channel_creds, 59 RefCountedPtr<grpc_call_credentials> request_metadata_creds) 60 : grpc_channel_security_connector("", std::move(channel_creds), 61 std::move(request_metadata_creds)) {} 62 63 ArenaPromise<absl::Status> CheckCallHost( 64 absl::string_view host, grpc_auth_context* auth_context) override; 65 66 void add_handshakers(const ChannelArgs& args, 67 grpc_pollset_set* /* interested_parties */, 68 HandshakeManager* handshake_manager) override; 69 70 void check_peer(tsi_peer peer, grpc_endpoint* ep, const ChannelArgs& /*args*/, 71 RefCountedPtr<grpc_auth_context>* auth_context, 72 grpc_closure* on_peer_checked) override; 73 cancel_check_peer(grpc_closure *,grpc_error_handle)74 void cancel_check_peer(grpc_closure* /*on_peer_checked*/, 75 grpc_error_handle /*error*/) override {} 76 77 int cmp(const grpc_security_connector* other_sc) const override; 78 }; 79 80 class InsecureServerSecurityConnector : public grpc_server_security_connector { 81 public: InsecureServerSecurityConnector(RefCountedPtr<grpc_server_credentials> server_creds)82 explicit InsecureServerSecurityConnector( 83 RefCountedPtr<grpc_server_credentials> server_creds) 84 : grpc_server_security_connector("" /* url_scheme */, 85 std::move(server_creds)) {} 86 87 void add_handshakers(const ChannelArgs& args, 88 grpc_pollset_set* /* interested_parties */, 89 HandshakeManager* handshake_manager) override; 90 91 void check_peer(tsi_peer peer, grpc_endpoint* ep, const ChannelArgs& /*args*/, 92 RefCountedPtr<grpc_auth_context>* auth_context, 93 grpc_closure* on_peer_checked) override; 94 cancel_check_peer(grpc_closure *,grpc_error_handle)95 void cancel_check_peer(grpc_closure* /*on_peer_checked*/, 96 grpc_error_handle /*error*/) override {} 97 98 int cmp(const grpc_security_connector* other) const override; 99 }; 100 101 } // namespace grpc_core 102 103 #endif // GRPC_SRC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_INSECURE_INSECURE_SECURITY_CONNECTOR_H 104