Starting on low level changes to support server side authentication.

yczcc · May 20, 2015 · c6f8d0a · c6f8d0a
1 parent aa253c3
commit c6f8d0a
Show file tree

Hide file tree

Showing 19 changed files with 224 additions and 51 deletions.
diff --git a/BUILD b/BUILD
@@ -131,7 +131,7 @@ cc_library(
     "src/core/httpcli/httpcli.h",
     "src/core/httpcli/httpcli_security_connector.h",
     "src/core/httpcli/parser.h",
-    "src/core/security/auth.h",
+    "src/core/security/auth_filters.h",
     "src/core/security/base64.h",
     "src/core/security/credentials.h",
     "src/core/security/json_token.h",
@@ -234,8 +234,8 @@ cc_library(
     "src/core/httpcli/httpcli.c",
     "src/core/httpcli/httpcli_security_connector.c",
     "src/core/httpcli/parser.c",
-    "src/core/security/auth.c",
     "src/core/security/base64.c",
+    "src/core/security/client_auth_filter.c",
     "src/core/security/credentials.c",
     "src/core/security/credentials_posix.c",
     "src/core/security/credentials_win32.c",
@@ -245,6 +245,7 @@ cc_library(
     "src/core/security/secure_transport_setup.c",
     "src/core/security/security_connector.c",
     "src/core/security/security_context.c",
+    "src/core/security/server_auth_filter.c",
     "src/core/security/server_secure_chttp2.c",
     "src/core/surface/init_secure.c",
     "src/core/surface/secure_channel_create.c",

diff --git a/Makefile b/Makefile
@@ -2616,8 +2616,8 @@ LIBGRPC_SRC = \
     src/core/httpcli/httpcli.c \
     src/core/httpcli/httpcli_security_connector.c \
     src/core/httpcli/parser.c \
-    src/core/security/auth.c \
     src/core/security/base64.c \
+    src/core/security/client_auth_filter.c \
     src/core/security/credentials.c \
     src/core/security/credentials_posix.c \
     src/core/security/credentials_win32.c \
@@ -2627,6 +2627,7 @@ LIBGRPC_SRC = \
     src/core/security/secure_transport_setup.c \
     src/core/security/security_connector.c \
     src/core/security/security_context.c \
+    src/core/security/server_auth_filter.c \
     src/core/security/server_secure_chttp2.c \
     src/core/surface/init_secure.c \
     src/core/surface/secure_channel_create.c \
@@ -13184,8 +13185,8 @@ src/core/httpcli/format_request.c: $(OPENSSL_DEP)
 src/core/httpcli/httpcli.c: $(OPENSSL_DEP)
 src/core/httpcli/httpcli_security_connector.c: $(OPENSSL_DEP)
 src/core/httpcli/parser.c: $(OPENSSL_DEP)
-src/core/security/auth.c: $(OPENSSL_DEP)
 src/core/security/base64.c: $(OPENSSL_DEP)
+src/core/security/client_auth_filter.c: $(OPENSSL_DEP)
 src/core/security/credentials.c: $(OPENSSL_DEP)
 src/core/security/credentials_posix.c: $(OPENSSL_DEP)
 src/core/security/credentials_win32.c: $(OPENSSL_DEP)
@@ -13195,6 +13196,7 @@ src/core/security/secure_endpoint.c: $(OPENSSL_DEP)
 src/core/security/secure_transport_setup.c: $(OPENSSL_DEP)
 src/core/security/security_connector.c: $(OPENSSL_DEP)
 src/core/security/security_context.c: $(OPENSSL_DEP)
+src/core/security/server_auth_filter.c: $(OPENSSL_DEP)
 src/core/security/server_secure_chttp2.c: $(OPENSSL_DEP)
 src/core/surface/init_secure.c: $(OPENSSL_DEP)
 src/core/surface/secure_channel_create.c: $(OPENSSL_DEP)

diff --git a/build.json b/build.json
@@ -405,7 +405,7 @@
         "src/core/httpcli/httpcli.h",
         "src/core/httpcli/httpcli_security_connector.h",
         "src/core/httpcli/parser.h",
-        "src/core/security/auth.h",
+        "src/core/security/auth_filters.h",
         "src/core/security/base64.h",
         "src/core/security/credentials.h",
         "src/core/security/json_token.h",
@@ -423,8 +423,8 @@
         "src/core/httpcli/httpcli.c",
         "src/core/httpcli/httpcli_security_connector.c",
         "src/core/httpcli/parser.c",
-        "src/core/security/auth.c",
         "src/core/security/base64.c",
+        "src/core/security/client_auth_filter.c",
         "src/core/security/credentials.c",
         "src/core/security/credentials_posix.c",
         "src/core/security/credentials_win32.c",
@@ -434,6 +434,7 @@
         "src/core/security/secure_transport_setup.c",
         "src/core/security/security_connector.c",
         "src/core/security/security_context.c",
+        "src/core/security/server_auth_filter.c",
         "src/core/security/server_secure_chttp2.c",
         "src/core/surface/init_secure.c",
         "src/core/surface/secure_channel_create.c",

diff --git a/src/core/channel/context.h b/src/core/channel/context.h
@@ -41,4 +41,9 @@ typedef enum {
   GRPC_CONTEXT_COUNT
 } grpc_context_index;
 
-#endif
+typedef struct {
+  void *value;
+  void (*destroy)(void *);
+} grpc_call_context;
+
+#endif /* GRPC_INTERNAL_CORE_CHANNEL_CONTEXT_H */
diff --git a/src/core/security/auth.h → src/core/security/auth_filters.h b/src/core/security/auth.h → src/core/security/auth_filters.h
@@ -31,11 +31,12 @@
  *
  */
 
-#ifndef GRPC_INTERNAL_CORE_SECURITY_AUTH_H
-#define GRPC_INTERNAL_CORE_SECURITY_AUTH_H
+#ifndef GRPC_INTERNAL_CORE_SECURITY_AUTH_FILTERS_H
+#define GRPC_INTERNAL_CORE_SECURITY_AUTH_FILTERS_H
 
 #include "src/core/channel/channel_stack.h"
 
 extern const grpc_channel_filter grpc_client_auth_filter;
+extern const grpc_channel_filter grpc_server_auth_filter;
 
-#endif  /* GRPC_INTERNAL_CORE_SECURITY_AUTH_H */
+#endif  /* GRPC_INTERNAL_CORE_SECURITY_AUTH_FILTERS_H */
diff --git a/src/core/security/auth.c → src/core/security/client_auth_filter.c b/src/core/security/auth.c → src/core/security/client_auth_filter.c
@@ -31,7 +31,7 @@
  *
  */
 
-#include "src/core/security/auth.h"
+#include "src/core/security/auth_filters.h"
 
 #include <string.h>
 
@@ -125,7 +125,7 @@ static void send_security_metadata(grpc_call_element *elem,
   call_data *calld = elem->call_data;
   channel_data *chand = elem->channel_data;
   grpc_client_security_context *ctx =
-      (grpc_client_security_context *)op->context[GRPC_CONTEXT_SECURITY];
+      (grpc_client_security_context *)op->contexts[GRPC_CONTEXT_SECURITY].value;
   char *service_url = NULL;
   grpc_credentials *channel_creds =
       chand->security_connector->request_metadata_creds;
@@ -273,7 +273,7 @@ static void init_channel_elem(grpc_channel_element *elem,
                               const grpc_channel_args *args,
                               grpc_mdctx *metadata_context, int is_first,
                               int is_last) {
-  grpc_security_connector *ctx = grpc_find_security_connector_in_args(args);
+  grpc_security_connector *sc = grpc_find_security_connector_in_args(args);
   /* grab pointers to our data from the channel element */
   channel_data *chand = elem->channel_data;
 
@@ -282,12 +282,12 @@ static void init_channel_elem(grpc_channel_element *elem,
      path */
   GPR_ASSERT(!is_first);
   GPR_ASSERT(!is_last);
-  GPR_ASSERT(ctx != NULL);
+  GPR_ASSERT(sc != NULL);
 
   /* initialize members */
-  GPR_ASSERT(ctx->is_client_side);
+  GPR_ASSERT(sc->is_client_side);
   chand->security_connector =
-      (grpc_channel_security_connector *)grpc_security_connector_ref(ctx);
+      (grpc_channel_security_connector *)grpc_security_connector_ref(sc);
   chand->md_ctx = metadata_context;
   chand->authority_string =
       grpc_mdstr_from_string(chand->md_ctx, ":authority");
@@ -321,4 +321,4 @@ static void destroy_channel_elem(grpc_channel_element *elem) {
 const grpc_channel_filter grpc_client_auth_filter = {
     auth_start_transport_op, channel_op, sizeof(call_data), init_call_elem,
     destroy_call_elem, sizeof(channel_data), init_channel_elem,
-    destroy_channel_elem, "auth"};
+    destroy_channel_elem, "client-auth"};
diff --git a/src/core/security/security_connector.c b/src/core/security/security_connector.c
@@ -278,6 +278,7 @@ grpc_channel_security_connector *grpc_fake_channel_security_connector_create(
 grpc_security_connector *grpc_fake_server_security_connector_create(void) {
   grpc_security_connector *c = gpr_malloc(sizeof(grpc_security_connector));
   gpr_ref_init(&c->refcount, 1);
+  c->is_client_side = 0;
   c->vtable = &fake_server_vtable;
   c->url_scheme = GRPC_FAKE_SECURITY_URL_SCHEME;
   return c;

diff --git a/src/core/security/server_auth_filter.c b/src/core/security/server_auth_filter.c
@@ -0,0 +1,144 @@
+/*
+ *
+ * Copyright 2015, Google Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ *     * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "src/core/security/auth_filters.h"
+#include "src/core/security/security_connector.h"
+
+#include <grpc/support/log.h>
+
+typedef struct call_data {
+  int unused; /* C89 requires at least one struct element */
+} call_data;
+
+typedef struct channel_data {
+  grpc_security_connector *security_connector;
+} channel_data;
+
+/* used to silence 'variable not used' warnings */
+static void ignore_unused(void *ignored) {}
+
+static void noop_mutate_op(grpc_call_element *elem, grpc_transport_op *op) {
+  /* grab pointers to our data from the call element */
+  call_data *calld = elem->call_data;
+  channel_data *chand = elem->channel_data;
+
+  ignore_unused(calld);
+  ignore_unused(chand);
+
+  /* do nothing */
+}
+
+/* Called either:
+     - in response to an API call (or similar) from above, to send something
+     - a network event (or similar) from below, to receive something
+   op contains type and call direction information, in addition to the data
+   that is being sent or received. */
+static void auth_start_transport_op(grpc_call_element *elem,
+                                    grpc_transport_op *op) {
+  noop_mutate_op(elem, op);
+
+  /* pass control down the stack */
+  grpc_call_next_op(elem, op);
+}
+
+/* Called on special channel events, such as disconnection or new incoming
+   calls on the server */
+static void channel_op(grpc_channel_element *elem,
+                       grpc_channel_element *from_elem, grpc_channel_op *op) {
+  /* grab pointers to our data from the channel element */
+  channel_data *chand = elem->channel_data;
+
+  ignore_unused(chand);
+
+  switch (op->type) {
+    default:
+      /* pass control up or down the stack depending on op->dir */
+      grpc_channel_next_op(elem, op);
+      break;
+  }
+}
+
+/* Constructor for call_data */
+static void init_call_elem(grpc_call_element *elem,
+                           const void *server_transport_data,
+                           grpc_transport_op *initial_op) {
+  /* grab pointers to our data from the call element */
+  call_data *calld = elem->call_data;
+
+  /* initialize members */
+  calld->unused = 0;
+
+  if (initial_op) noop_mutate_op(elem, initial_op);
+}
+
+/* Destructor for call_data */
+static void destroy_call_elem(grpc_call_element *elem) {
+  /* grab pointers to our data from the call element */
+  call_data *calld = elem->call_data;
+  channel_data *chand = elem->channel_data;
+
+  ignore_unused(calld);
+  ignore_unused(chand);
+}
+
+/* Constructor for channel_data */
+static void init_channel_elem(grpc_channel_element *elem,
+                              const grpc_channel_args *args, grpc_mdctx *mdctx,
+                              int is_first, int is_last) {
+  grpc_security_connector *sc = grpc_find_security_connector_in_args(args);
+  /* grab pointers to our data from the channel element */
+  channel_data *chand = elem->channel_data;
+
+  /* The first and the last filters tend to be implemented differently to
+     handle the case that there's no 'next' filter to call on the up or down
+     path */
+  GPR_ASSERT(!is_first);
+  GPR_ASSERT(!is_last);
+  GPR_ASSERT(sc != NULL);
+
+  /* initialize members */
+  GPR_ASSERT(!sc->is_client_side);
+  chand->security_connector = grpc_security_connector_ref(sc);
+}
+
+/* Destructor for channel data */
+static void destroy_channel_elem(grpc_channel_element *elem) {
+  /* grab pointers to our data from the channel element */
+  channel_data *chand = elem->channel_data;
+  grpc_security_connector_unref(chand->security_connector);
+}
+
+const grpc_channel_filter grpc_server_auth_filter = {
+    auth_start_transport_op, channel_op, sizeof(call_data), init_call_elem,
+    destroy_call_elem, sizeof(channel_data), init_channel_elem,
+    destroy_channel_elem, "server-auth"};
diff --git a/src/core/security/server_secure_chttp2.c b/src/core/security/server_secure_chttp2.c
@@ -35,10 +35,12 @@
 
 #include <string.h>
 
+#include "src/core/channel/channel_args.h"
 #include "src/core/channel/http_server_filter.h"
 #include "src/core/iomgr/endpoint.h"
 #include "src/core/iomgr/resolve_address.h"
 #include "src/core/iomgr/tcp_server.h"
+#include "src/core/security/auth_filters.h"
 #include "src/core/security/credentials.h"
 #include "src/core/security/security_connector.h"
 #include "src/core/security/secure_transport_setup.h"
@@ -69,13 +71,21 @@ static void state_unref(grpc_server_secure_state *state) {
   }
 }
 
-static grpc_transport_setup_result setup_transport(void *server,
+static grpc_transport_setup_result setup_transport(void *statep,
                                                    grpc_transport *transport,
                                                    grpc_mdctx *mdctx) {
   static grpc_channel_filter const *extra_filters[] = {
-      &grpc_http_server_filter};
-  return grpc_server_setup_transport(server, transport, extra_filters,
-                                     GPR_ARRAY_SIZE(extra_filters), mdctx);
+      &grpc_server_auth_filter, &grpc_http_server_filter};
+  grpc_server_secure_state *state = statep;
+  grpc_transport_setup_result result;
+  grpc_arg connector_arg = grpc_security_connector_to_arg(state->sc);
+  grpc_channel_args *args_copy = grpc_channel_args_copy_and_add(
+      grpc_server_get_channel_args(state->server), &connector_arg);
+  result = grpc_server_setup_transport(state->server, transport, extra_filters,
+                                       GPR_ARRAY_SIZE(extra_filters), mdctx,
+                                       args_copy);
+  grpc_channel_args_destroy(args_copy);
+  return result;
 }
 
 static void on_secure_transport_setup_done(void *statep,
@@ -85,10 +95,9 @@ static void on_secure_transport_setup_done(void *statep,
   if (status == GRPC_SECURITY_OK) {
     gpr_mu_lock(&state->mu);
     if (!state->is_shutdown) {
-      grpc_create_chttp2_transport(setup_transport, state->server,
-                                   grpc_server_get_channel_args(state->server),
-                                   secure_endpoint, NULL, 0,
-                                   grpc_mdctx_create(), 0);
+      grpc_create_chttp2_transport(
+          setup_transport, state, grpc_server_get_channel_args(state->server),
+          secure_endpoint, NULL, 0, grpc_mdctx_create(), 0);
     } else {
       /* We need to consume this here, because the server may already have gone
        * away. */