1 // 2 // 3 // Copyright 2020 gRPC authors. 4 // 5 // Licensed under the Apache License, Version 2.0 (the "License"); 6 // you may not use this file except in compliance with the License. 7 // You may obtain a copy of the License at 8 // 9 // http://www.apache.org/licenses/LICENSE-2.0 10 // 11 // Unless required by applicable law or agreed to in writing, software 12 // distributed under the License is distributed on an "AS IS" BASIS, 13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 // See the License for the specific language governing permissions and 15 // limitations under the License. 16 // 17 // 18 19 #ifndef GRPC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_INSECURE_INSECURE_SECURITY_CONNECTOR_H 20 #define GRPC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_INSECURE_INSECURE_SECURITY_CONNECTOR_H 21 22 #include <grpc/support/port_platform.h> 23 24 #include "src/core/lib/security/context/security_context.h" 25 #include "src/core/lib/security/credentials/credentials.h" 26 #include "src/core/lib/security/security_connector/security_connector.h" 27 28 namespace grpc_core { 29 30 extern const char kInsecureTransportSecurityType[]; 31 32 // Exposed for testing purposes only. 33 // Create an auth context which is necessary to pass the santiy check in 34 // client_auth_filter that verifies if the peer's auth context is obtained 35 // during handshakes. 36 RefCountedPtr<grpc_auth_context> TestOnlyMakeInsecureAuthContext(); 37 38 class InsecureChannelSecurityConnector 39 : public grpc_channel_security_connector { 40 public: InsecureChannelSecurityConnector(grpc_core::RefCountedPtr<grpc_channel_credentials> channel_creds,grpc_core::RefCountedPtr<grpc_call_credentials> request_metadata_creds)41 InsecureChannelSecurityConnector( 42 grpc_core::RefCountedPtr<grpc_channel_credentials> channel_creds, 43 grpc_core::RefCountedPtr<grpc_call_credentials> request_metadata_creds) 44 : grpc_channel_security_connector(/* url_scheme */ nullptr, 45 std::move(channel_creds), 46 std::move(request_metadata_creds)) {} 47 48 bool check_call_host(absl::string_view host, grpc_auth_context* auth_context, 49 grpc_closure* on_call_host_checked, 50 grpc_error** error) override; 51 52 void cancel_check_call_host(grpc_closure* on_call_host_checked, 53 grpc_error* error) override; 54 55 void add_handshakers(const grpc_channel_args* args, 56 grpc_pollset_set* /* interested_parties */, 57 grpc_core::HandshakeManager* handshake_manager) override; 58 59 void check_peer(tsi_peer peer, grpc_endpoint* ep, 60 grpc_core::RefCountedPtr<grpc_auth_context>* auth_context, 61 grpc_closure* on_peer_checked) override; 62 63 int cmp(const grpc_security_connector* other_sc) const override; 64 }; 65 66 class InsecureServerSecurityConnector : public grpc_server_security_connector { 67 public: InsecureServerSecurityConnector(grpc_core::RefCountedPtr<grpc_server_credentials> server_creds)68 explicit InsecureServerSecurityConnector( 69 grpc_core::RefCountedPtr<grpc_server_credentials> server_creds) 70 : grpc_server_security_connector(nullptr /* url_scheme */, 71 std::move(server_creds)) {} 72 73 void add_handshakers(const grpc_channel_args* args, 74 grpc_pollset_set* /* interested_parties */, 75 grpc_core::HandshakeManager* handshake_manager) override; 76 77 void check_peer(tsi_peer peer, grpc_endpoint* ep, 78 grpc_core::RefCountedPtr<grpc_auth_context>* auth_context, 79 grpc_closure* on_peer_checked) override; 80 81 int cmp(const grpc_security_connector* other) const override; 82 }; 83 84 } // namespace grpc_core 85 86 #endif /* GRPC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_INSECURE_INSECURE_SECURITY_CONNECTOR_H \ 87 */ 88