| 1 | /* |
|---|---|
| 2 | * |
| 3 | * Copyright 2015 gRPC authors. |
| 4 | * |
| 5 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 6 | * you may not use this file except in compliance with the License. |
| 7 | * You may obtain a copy of the License at |
| 8 | * |
| 9 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 10 | * |
| 11 | * Unless required by applicable law or agreed to in writing, software |
| 12 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 14 | * See the License for the specific language governing permissions and |
| 15 | * limitations under the License. |
| 16 | * |
| 17 | */ |
| 18 | |
| 19 | #ifndef GRPC_GRPC_SECURITY_H |
| 20 | #define GRPC_GRPC_SECURITY_H |
| 21 | |
| 22 | #include <grpc/support/port_platform.h> |
| 23 | |
| 24 | #include <grpc/grpc.h> |
| 25 | #include <grpc/grpc_security_constants.h> |
| 26 | #include <grpc/status.h> |
| 27 | |
| 28 | #ifdef __cplusplus |
| 29 | extern "C"{ |
| 30 | #endif |
| 31 | |
| 32 | /** --- Authentication Context. --- */ |
| 33 | |
| 34 | typedef struct grpc_auth_context grpc_auth_context; |
| 35 | |
| 36 | typedef struct grpc_auth_property_iterator { |
| 37 | const grpc_auth_context* ctx; |
| 38 | size_t index; |
| 39 | const char* name; |
| 40 | } grpc_auth_property_iterator; |
| 41 | |
| 42 | /** value, if not NULL, is guaranteed to be NULL terminated. */ |
| 43 | typedef struct grpc_auth_property { |
| 44 | char* name; |
| 45 | char* value; |
| 46 | size_t value_length; |
| 47 | } grpc_auth_property; |
| 48 | |
| 49 | /** Returns NULL when the iterator is at the end. */ |
| 50 | GRPCAPI const grpc_auth_property* grpc_auth_property_iterator_next( |
| 51 | grpc_auth_property_iterator* it); |
| 52 | |
| 53 | /** Iterates over the auth context. */ |
| 54 | GRPCAPI grpc_auth_property_iterator |
| 55 | grpc_auth_context_property_iterator(const grpc_auth_context* ctx); |
| 56 | |
| 57 | /** Gets the peer identity. Returns an empty iterator (first _next will return |
| 58 | NULL) if the peer is not authenticated. */ |
| 59 | GRPCAPI grpc_auth_property_iterator |
| 60 | grpc_auth_context_peer_identity(const grpc_auth_context* ctx); |
| 61 | |
| 62 | /** Finds a property in the context. May return an empty iterator (first _next |
| 63 | will return NULL) if no property with this name was found in the context. */ |
| 64 | GRPCAPI grpc_auth_property_iterator grpc_auth_context_find_properties_by_name( |
| 65 | const grpc_auth_context* ctx, const char* name); |
| 66 | |
| 67 | /** Gets the name of the property that indicates the peer identity. Will return |
| 68 | NULL if the peer is not authenticated. */ |
| 69 | GRPCAPI const char* grpc_auth_context_peer_identity_property_name( |
| 70 | const grpc_auth_context* ctx); |
| 71 | |
| 72 | /** Returns 1 if the peer is authenticated, 0 otherwise. */ |
| 73 | GRPCAPI int grpc_auth_context_peer_is_authenticated( |
| 74 | const grpc_auth_context* ctx); |
| 75 | |
| 76 | /** Gets the auth context from the call. Caller needs to call |
| 77 | grpc_auth_context_release on the returned context. */ |
| 78 | GRPCAPI grpc_auth_context* grpc_call_auth_context(grpc_call* call); |
| 79 | |
| 80 | /** Releases the auth context returned from grpc_call_auth_context. */ |
| 81 | GRPCAPI void grpc_auth_context_release(grpc_auth_context* context); |
| 82 | |
| 83 | /** -- |
| 84 | The following auth context methods should only be called by a server metadata |
| 85 | processor to set properties extracted from auth metadata. |
| 86 | -- */ |
| 87 | |
| 88 | /** Add a property. */ |
| 89 | GRPCAPI void grpc_auth_context_add_property(grpc_auth_context* ctx, |
| 90 | const char* name, const char* value, |
| 91 | size_t value_length); |
| 92 | |
| 93 | /** Add a C string property. */ |
| 94 | GRPCAPI void grpc_auth_context_add_cstring_property(grpc_auth_context* ctx, |
| 95 | const char* name, |
| 96 | const char* value); |
| 97 | |
| 98 | /** Sets the property name. Returns 1 if successful or 0 in case of failure |
| 99 | (which means that no property with this name exists). */ |
| 100 | GRPCAPI int grpc_auth_context_set_peer_identity_property_name( |
| 101 | grpc_auth_context* ctx, const char* name); |
| 102 | |
| 103 | /** --- SSL Session Cache. --- |
| 104 | |
| 105 | A SSL session cache object represents a way to cache client sessions |
| 106 | between connections. Only ticket-based resumption is supported. */ |
| 107 | |
| 108 | typedef struct grpc_ssl_session_cache grpc_ssl_session_cache; |
| 109 | |
| 110 | /** Create LRU cache for client-side SSL sessions with the given capacity. |
| 111 | If capacity is < 1, a default capacity is used instead. */ |
| 112 | GRPCAPI grpc_ssl_session_cache* grpc_ssl_session_cache_create_lru( |
| 113 | size_t capacity); |
| 114 | |
| 115 | /** Destroy SSL session cache. */ |
| 116 | GRPCAPI void grpc_ssl_session_cache_destroy(grpc_ssl_session_cache* cache); |
| 117 | |
| 118 | /** Create a channel arg with the given cache object. */ |
| 119 | GRPCAPI grpc_arg |
| 120 | grpc_ssl_session_cache_create_channel_arg(grpc_ssl_session_cache* cache); |
| 121 | |
| 122 | /** --- grpc_channel_credentials object. --- |
| 123 | |
| 124 | A channel credentials object represents a way to authenticate a client on a |
| 125 | channel. */ |
| 126 | |
| 127 | typedef struct grpc_channel_credentials grpc_channel_credentials; |
| 128 | |
| 129 | /** Releases a channel credentials object. |
| 130 | The creator of the credentials object is responsible for its release. */ |
| 131 | GRPCAPI void grpc_channel_credentials_release(grpc_channel_credentials* creds); |
| 132 | |
| 133 | /** Creates default credentials to connect to a google gRPC service. |
| 134 | WARNING: Do NOT use this credentials to connect to a non-google service as |
| 135 | this could result in an oauth2 token leak. The security level of the |
| 136 | resulting connection is GRPC_PRIVACY_AND_INTEGRITY. */ |
| 137 | GRPCAPI grpc_channel_credentials* grpc_google_default_credentials_create(void); |
| 138 | |
| 139 | /** Callback for getting the SSL roots override from the application. |
| 140 | In case of success, *pem_roots_certs must be set to a NULL terminated string |
| 141 | containing the list of PEM encoded root certificates. The ownership is passed |
| 142 | to the core and freed (laster by the core) with gpr_free. |
| 143 | If this function fails and GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment is |
| 144 | set to a valid path, it will override the roots specified this func */ |
| 145 | typedef grpc_ssl_roots_override_result (*grpc_ssl_roots_override_callback)( |
| 146 | char** pem_root_certs); |
| 147 | |
| 148 | /** Setup a callback to override the default TLS/SSL roots. |
| 149 | This function is not thread-safe and must be called at initialization time |
| 150 | before any ssl credentials are created to have the desired side effect. |
| 151 | If GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment is set to a valid path, the |
| 152 | callback will not be called. */ |
| 153 | GRPCAPI void grpc_set_ssl_roots_override_callback( |
| 154 | grpc_ssl_roots_override_callback cb); |
| 155 | |
| 156 | /** Object that holds a private key / certificate chain pair in PEM format. */ |
| 157 | typedef struct { |
| 158 | /** private_key is the NULL-terminated string containing the PEM encoding of |
| 159 | the client's private key. */ |
| 160 | const char* private_key; |
| 161 | |
| 162 | /** cert_chain is the NULL-terminated string containing the PEM encoding of |
| 163 | the client's certificate chain. */ |
| 164 | const char* cert_chain; |
| 165 | } grpc_ssl_pem_key_cert_pair; |
| 166 | |
| 167 | /** Deprecated in favor of grpc_ssl_verify_peer_options. It will be removed |
| 168 | after all of its call sites are migrated to grpc_ssl_verify_peer_options. |
| 169 | Object that holds additional peer-verification options on a secure |
| 170 | channel. */ |
| 171 | typedef struct { |
| 172 | /** If non-NULL this callback will be invoked with the expected |
| 173 | target_name, the peer's certificate (in PEM format), and whatever |
| 174 | userdata pointer is set below. If a non-zero value is returned by this |
| 175 | callback then it is treated as a verification failure. Invocation of |
| 176 | the callback is blocking, so any implementation should be light-weight. |
| 177 | */ |
| 178 | int (*verify_peer_callback)(const char* target_name, const char* peer_pem, |
| 179 | void* userdata); |
| 180 | /** Arbitrary userdata that will be passed as the last argument to |
| 181 | verify_peer_callback. */ |
| 182 | void* verify_peer_callback_userdata; |
| 183 | /** A destruct callback that will be invoked when the channel is being |
| 184 | cleaned up. The userdata argument will be passed to it. The intent is |
| 185 | to perform any cleanup associated with that userdata. */ |
| 186 | void (*verify_peer_destruct)(void* userdata); |
| 187 | } verify_peer_options; |
| 188 | |
| 189 | /** Object that holds additional peer-verification options on a secure |
| 190 | channel. */ |
| 191 | typedef struct { |
| 192 | /** If non-NULL this callback will be invoked with the expected |
| 193 | target_name, the peer's certificate (in PEM format), and whatever |
| 194 | userdata pointer is set below. If a non-zero value is returned by this |
| 195 | callback then it is treated as a verification failure. Invocation of |
| 196 | the callback is blocking, so any implementation should be light-weight. |
| 197 | */ |
| 198 | int (*verify_peer_callback)(const char* target_name, const char* peer_pem, |
| 199 | void* userdata); |
| 200 | /** Arbitrary userdata that will be passed as the last argument to |
| 201 | verify_peer_callback. */ |
| 202 | void* verify_peer_callback_userdata; |
| 203 | /** A destruct callback that will be invoked when the channel is being |
| 204 | cleaned up. The userdata argument will be passed to it. The intent is |
| 205 | to perform any cleanup associated with that userdata. */ |
| 206 | void (*verify_peer_destruct)(void* userdata); |
| 207 | } grpc_ssl_verify_peer_options; |
| 208 | |
| 209 | /** Deprecated in favor of grpc_ssl_server_credentials_create_ex. It will be |
| 210 | removed after all of its call sites are migrated to |
| 211 | grpc_ssl_server_credentials_create_ex. Creates an SSL credentials object. |
| 212 | The security level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY. |
| 213 | - pem_root_certs is the NULL-terminated string containing the PEM encoding |
| 214 | of the server root certificates. If this parameter is NULL, the |
| 215 | implementation will first try to dereference the file pointed by the |
| 216 | GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment variable, and if that fails, |
| 217 | try to get the roots set by grpc_override_ssl_default_roots. Eventually, |
| 218 | if all these fail, it will try to get the roots from a well-known place on |
| 219 | disk (in the grpc install directory). |
| 220 | |
| 221 | gRPC has implemented root cache if the underlying OpenSSL library supports |
| 222 | it. The gRPC root certificates cache is only applicable on the default |
| 223 | root certificates, which is used when this parameter is nullptr. If user |
| 224 | provides their own pem_root_certs, when creating an SSL credential object, |
| 225 | gRPC would not be able to cache it, and each subchannel will generate a |
| 226 | copy of the root store. So it is recommended to avoid providing large room |
| 227 | pem with pem_root_certs parameter to avoid excessive memory consumption, |
| 228 | particularly on mobile platforms such as iOS. |
| 229 | - pem_key_cert_pair is a pointer on the object containing client's private |
| 230 | key and certificate chain. This parameter can be NULL if the client does |
| 231 | not have such a key/cert pair. |
| 232 | - verify_options is an optional verify_peer_options object which holds |
| 233 | additional options controlling how peer certificates are verified. For |
| 234 | example, you can supply a callback which receives the peer's certificate |
| 235 | with which you can do additional verification. Can be NULL, in which |
| 236 | case verification will retain default behavior. Any settings in |
| 237 | verify_options are copied during this call, so the verify_options |
| 238 | object can be released afterwards. */ |
| 239 | GRPCAPI grpc_channel_credentials* grpc_ssl_credentials_create( |
| 240 | const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pair, |
| 241 | const verify_peer_options* verify_options, void* reserved); |
| 242 | |
| 243 | /* Creates an SSL credentials object. |
| 244 | The security level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY. |
| 245 | - pem_root_certs is the NULL-terminated string containing the PEM encoding |
| 246 | of the server root certificates. If this parameter is NULL, the |
| 247 | implementation will first try to dereference the file pointed by the |
| 248 | GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment variable, and if that fails, |
| 249 | try to get the roots set by grpc_override_ssl_default_roots. Eventually, |
| 250 | if all these fail, it will try to get the roots from a well-known place on |
| 251 | disk (in the grpc install directory). |
| 252 | |
| 253 | gRPC has implemented root cache if the underlying OpenSSL library supports |
| 254 | it. The gRPC root certificates cache is only applicable on the default |
| 255 | root certificates, which is used when this parameter is nullptr. If user |
| 256 | provides their own pem_root_certs, when creating an SSL credential object, |
| 257 | gRPC would not be able to cache it, and each subchannel will generate a |
| 258 | copy of the root store. So it is recommended to avoid providing large room |
| 259 | pem with pem_root_certs parameter to avoid excessive memory consumption, |
| 260 | particularly on mobile platforms such as iOS. |
| 261 | - pem_key_cert_pair is a pointer on the object containing client's private |
| 262 | key and certificate chain. This parameter can be NULL if the client does |
| 263 | not have such a key/cert pair. |
| 264 | - verify_options is an optional verify_peer_options object which holds |
| 265 | additional options controlling how peer certificates are verified. For |
| 266 | example, you can supply a callback which receives the peer's certificate |
| 267 | with which you can do additional verification. Can be NULL, in which |
| 268 | case verification will retain default behavior. Any settings in |
| 269 | verify_options are copied during this call, so the verify_options |
| 270 | object can be released afterwards. */ |
| 271 | GRPCAPI grpc_channel_credentials* grpc_ssl_credentials_create_ex( |
| 272 | const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pair, |
| 273 | const grpc_ssl_verify_peer_options* verify_options, void* reserved); |
| 274 | |
| 275 | /** --- grpc_call_credentials object. |
| 276 | |
| 277 | A call credentials object represents a way to authenticate on a particular |
| 278 | call. These credentials can be composed with a channel credentials object |
| 279 | so that they are sent with every call on this channel. */ |
| 280 | |
| 281 | typedef struct grpc_call_credentials grpc_call_credentials; |
| 282 | |
| 283 | /** Releases a call credentials object. |
| 284 | The creator of the credentials object is responsible for its release. */ |
| 285 | GRPCAPI void grpc_call_credentials_release(grpc_call_credentials* creds); |
| 286 | |
| 287 | /** Creates a composite channel credentials object. The security level of |
| 288 | * resulting connection is determined by channel_creds. */ |
| 289 | GRPCAPI grpc_channel_credentials* grpc_composite_channel_credentials_create( |
| 290 | grpc_channel_credentials* channel_creds, grpc_call_credentials* call_creds, |
| 291 | void* reserved); |
| 292 | |
| 293 | /** Creates a composite call credentials object. */ |
| 294 | GRPCAPI grpc_call_credentials* grpc_composite_call_credentials_create( |
| 295 | grpc_call_credentials* creds1, grpc_call_credentials* creds2, |
| 296 | void* reserved); |
| 297 | |
| 298 | /** Creates a compute engine credentials object for connecting to Google. |
| 299 | WARNING: Do NOT use this credentials to connect to a non-google service as |
| 300 | this could result in an oauth2 token leak. */ |
| 301 | GRPCAPI grpc_call_credentials* grpc_google_compute_engine_credentials_create( |
| 302 | void* reserved); |
| 303 | |
| 304 | GRPCAPI gpr_timespec grpc_max_auth_token_lifetime(void); |
| 305 | |
| 306 | /** Creates a JWT credentials object. May return NULL if the input is invalid. |
| 307 | - json_key is the JSON key string containing the client's private key. |
| 308 | - token_lifetime is the lifetime of each Json Web Token (JWT) created with |
| 309 | this credentials. It should not exceed grpc_max_auth_token_lifetime or |
| 310 | will be cropped to this value. */ |
| 311 | GRPCAPI grpc_call_credentials* |
| 312 | grpc_service_account_jwt_access_credentials_create(const char* json_key, |
| 313 | gpr_timespec token_lifetime, |
| 314 | void* reserved); |
| 315 | |
| 316 | /** Creates an Oauth2 Refresh Token credentials object for connecting to Google. |
| 317 | May return NULL if the input is invalid. |
| 318 | WARNING: Do NOT use this credentials to connect to a non-google service as |
| 319 | this could result in an oauth2 token leak. |
| 320 | - json_refresh_token is the JSON string containing the refresh token itself |
| 321 | along with a client_id and client_secret. */ |
| 322 | GRPCAPI grpc_call_credentials* grpc_google_refresh_token_credentials_create( |
| 323 | const char* json_refresh_token, void* reserved); |
| 324 | |
| 325 | /** Creates an Oauth2 Access Token credentials with an access token that was |
| 326 | acquired by an out of band mechanism. */ |
| 327 | GRPCAPI grpc_call_credentials* grpc_access_token_credentials_create( |
| 328 | const char* access_token, void* reserved); |
| 329 | |
| 330 | /** Creates an IAM credentials object for connecting to Google. */ |
| 331 | GRPCAPI grpc_call_credentials* grpc_google_iam_credentials_create( |
| 332 | const char* authorization_token, const char* authority_selector, |
| 333 | void* reserved); |
| 334 | |
| 335 | /** Options for creating STS Oauth Token Exchange credentials following the IETF |
| 336 | draft https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16. |
| 337 | Optional fields may be set to NULL or empty string. It is the responsibility |
| 338 | of the caller to ensure that the subject and actor tokens are refreshed on |
| 339 | disk at the specified paths. This API is used for experimental purposes for |
| 340 | now and may change in the future. */ |
| 341 | typedef struct { |
| 342 | const char* token_exchange_service_uri; /* Required. */ |
| 343 | const char* resource; /* Optional. */ |
| 344 | const char* audience; /* Optional. */ |
| 345 | const char* scope; /* Optional. */ |
| 346 | const char* requested_token_type; /* Optional. */ |
| 347 | const char* subject_token_path; /* Required. */ |
| 348 | const char* subject_token_type; /* Required. */ |
| 349 | const char* actor_token_path; /* Optional. */ |
| 350 | const char* actor_token_type; /* Optional. */ |
| 351 | } grpc_sts_credentials_options; |
| 352 | |
| 353 | /** Creates an STS credentials following the STS Token Exchanged specifed in the |
| 354 | IETF draft https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16. |
| 355 | This API is used for experimental purposes for now and may change in the |
| 356 | future. */ |
| 357 | GRPCAPI grpc_call_credentials* grpc_sts_credentials_create( |
| 358 | const grpc_sts_credentials_options* options, void* reserved); |
| 359 | |
| 360 | /** Callback function to be called by the metadata credentials plugin |
| 361 | implementation when the metadata is ready. |
| 362 | - user_data is the opaque pointer that was passed in the get_metadata method |
| 363 | of the grpc_metadata_credentials_plugin (see below). |
| 364 | - creds_md is an array of credentials metadata produced by the plugin. It |
| 365 | may be set to NULL in case of an error. |
| 366 | - num_creds_md is the number of items in the creds_md array. |
| 367 | - status must be GRPC_STATUS_OK in case of success or another specific error |
| 368 | code otherwise. |
| 369 | - error_details contains details about the error if any. In case of success |
| 370 | it should be NULL and will be otherwise ignored. */ |
| 371 | typedef void (*grpc_credentials_plugin_metadata_cb)( |
| 372 | void* user_data, const grpc_metadata* creds_md, size_t num_creds_md, |
| 373 | grpc_status_code status, const char* error_details); |
| 374 | |
| 375 | /** Context that can be used by metadata credentials plugin in order to create |
| 376 | auth related metadata. */ |
| 377 | typedef struct { |
| 378 | /** The fully qualifed service url. */ |
| 379 | const char* service_url; |
| 380 | |
| 381 | /** The method name of the RPC being called (not fully qualified). |
| 382 | The fully qualified method name can be built from the service_url: |
| 383 | full_qualified_method_name = ctx->service_url + '/' + ctx->method_name. */ |
| 384 | const char* method_name; |
| 385 | |
| 386 | /** The auth_context of the channel which gives the server's identity. */ |
| 387 | const grpc_auth_context* channel_auth_context; |
| 388 | |
| 389 | /** Reserved for future use. */ |
| 390 | void* reserved; |
| 391 | } grpc_auth_metadata_context; |
| 392 | |
| 393 | /** Maximum number of metadata entries returnable by a credentials plugin via |
| 394 | a synchronous return. */ |
| 395 | #define GRPC_METADATA_CREDENTIALS_PLUGIN_SYNC_MAX 4 |
| 396 | |
| 397 | /** grpc_metadata_credentials plugin is an API user provided structure used to |
| 398 | create grpc_credentials objects that can be set on a channel (composed) or |
| 399 | a call. See grpc_credentials_metadata_create_from_plugin below. |
| 400 | The grpc client stack will call the get_metadata method of the plugin for |
| 401 | every call in scope for the credentials created from it. */ |
| 402 | typedef struct { |
| 403 | /** The implementation of this method has to be non-blocking, but can |
| 404 | be performed synchronously or asynchronously. |
| 405 | |
| 406 | If processing occurs synchronously, returns non-zero and populates |
| 407 | creds_md, num_creds_md, status, and error_details. In this case, |
| 408 | the caller takes ownership of the entries in creds_md and of |
| 409 | error_details. Note that if the plugin needs to return more than |
| 410 | GRPC_METADATA_CREDENTIALS_PLUGIN_SYNC_MAX entries in creds_md, it must |
| 411 | return asynchronously. |
| 412 | |
| 413 | If processing occurs asynchronously, returns zero and invokes \a cb |
| 414 | when processing is completed. \a user_data will be passed as the |
| 415 | first parameter of the callback. NOTE: \a cb MUST be invoked in a |
| 416 | different thread, not from the thread in which \a get_metadata() is |
| 417 | invoked. |
| 418 | |
| 419 | \a context is the information that can be used by the plugin to create |
| 420 | auth metadata. */ |
| 421 | int (*get_metadata)( |
| 422 | void* state, grpc_auth_metadata_context context, |
| 423 | grpc_credentials_plugin_metadata_cb cb, void* user_data, |
| 424 | grpc_metadata creds_md[GRPC_METADATA_CREDENTIALS_PLUGIN_SYNC_MAX], |
| 425 | size_t* num_creds_md, grpc_status_code* status, |
| 426 | const char** error_details); |
| 427 | |
| 428 | /** Destroys the plugin state. */ |
| 429 | void (*destroy)(void* state); |
| 430 | |
| 431 | /** State that will be set as the first parameter of the methods above. */ |
| 432 | void* state; |
| 433 | |
| 434 | /** Type of credentials that this plugin is implementing. */ |
| 435 | const char* type; |
| 436 | } grpc_metadata_credentials_plugin; |
| 437 | |
| 438 | /** Creates a credentials object from a plugin with a specified minimum security |
| 439 | * level. */ |
| 440 | GRPCAPI grpc_call_credentials* grpc_metadata_credentials_create_from_plugin( |
| 441 | grpc_metadata_credentials_plugin plugin, |
| 442 | grpc_security_level min_security_level, void* reserved); |
| 443 | |
| 444 | /** --- Secure channel creation. --- */ |
| 445 | |
| 446 | /** Creates a secure channel using the passed-in credentials. Additional |
| 447 | channel level configuration MAY be provided by grpc_channel_args, though |
| 448 | the expectation is that most clients will want to simply pass NULL. The |
| 449 | user data in 'args' need only live through the invocation of this function. |
| 450 | However, if any args of the 'pointer' type are passed, then the referenced |
| 451 | vtable must be maintained by the caller until grpc_channel_destroy |
| 452 | terminates. See grpc_channel_args definition for more on this. */ |
| 453 | GRPCAPI grpc_channel* grpc_secure_channel_create( |
| 454 | grpc_channel_credentials* creds, const char* target, |
| 455 | const grpc_channel_args* args, void* reserved); |
| 456 | |
| 457 | /** --- grpc_server_credentials object. --- |
| 458 | |
| 459 | A server credentials object represents a way to authenticate a server. */ |
| 460 | |
| 461 | typedef struct grpc_server_credentials grpc_server_credentials; |
| 462 | |
| 463 | /** Releases a server_credentials object. |
| 464 | The creator of the server_credentials object is responsible for its release. |
| 465 | */ |
| 466 | GRPCAPI void grpc_server_credentials_release(grpc_server_credentials* creds); |
| 467 | |
| 468 | /** Server certificate config object holds the server's public certificates and |
| 469 | associated private keys, as well as any CA certificates needed for client |
| 470 | certificate validation (if applicable). Create using |
| 471 | grpc_ssl_server_certificate_config_create(). */ |
| 472 | typedef struct grpc_ssl_server_certificate_config |
| 473 | grpc_ssl_server_certificate_config; |
| 474 | |
| 475 | /** Creates a grpc_ssl_server_certificate_config object. |
| 476 | - pem_roots_cert is the NULL-terminated string containing the PEM encoding of |
| 477 | the client root certificates. This parameter may be NULL if the server does |
| 478 | not want the client to be authenticated with SSL. |
| 479 | - pem_key_cert_pairs is an array private key / certificate chains of the |
| 480 | server. This parameter cannot be NULL. |
| 481 | - num_key_cert_pairs indicates the number of items in the private_key_files |
| 482 | and cert_chain_files parameters. It must be at least 1. |
| 483 | - It is the caller's responsibility to free this object via |
| 484 | grpc_ssl_server_certificate_config_destroy(). */ |
| 485 | GRPCAPI grpc_ssl_server_certificate_config* |
| 486 | grpc_ssl_server_certificate_config_create( |
| 487 | const char* pem_root_certs, |
| 488 | const grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs, |
| 489 | size_t num_key_cert_pairs); |
| 490 | |
| 491 | /** Destroys a grpc_ssl_server_certificate_config object. */ |
| 492 | GRPCAPI void grpc_ssl_server_certificate_config_destroy( |
| 493 | grpc_ssl_server_certificate_config* config); |
| 494 | |
| 495 | /** Callback to retrieve updated SSL server certificates, private keys, and |
| 496 | trusted CAs (for client authentication). |
| 497 | - user_data parameter, if not NULL, contains opaque data to be used by the |
| 498 | callback. |
| 499 | - Use grpc_ssl_server_certificate_config_create to create the config. |
| 500 | - The caller assumes ownership of the config. */ |
| 501 | typedef grpc_ssl_certificate_config_reload_status ( |
| 502 | *grpc_ssl_server_certificate_config_callback)( |
| 503 | void* user_data, grpc_ssl_server_certificate_config** config); |
| 504 | |
| 505 | /** Deprecated in favor of grpc_ssl_server_credentials_create_ex. |
| 506 | Creates an SSL server_credentials object. |
| 507 | - pem_roots_cert is the NULL-terminated string containing the PEM encoding of |
| 508 | the client root certificates. This parameter may be NULL if the server does |
| 509 | not want the client to be authenticated with SSL. |
| 510 | - pem_key_cert_pairs is an array private key / certificate chains of the |
| 511 | server. This parameter cannot be NULL. |
| 512 | - num_key_cert_pairs indicates the number of items in the private_key_files |
| 513 | and cert_chain_files parameters. It should be at least 1. |
| 514 | - force_client_auth, if set to non-zero will force the client to authenticate |
| 515 | with an SSL cert. Note that this option is ignored if pem_root_certs is |
| 516 | NULL. */ |
| 517 | GRPCAPI grpc_server_credentials* grpc_ssl_server_credentials_create( |
| 518 | const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs, |
| 519 | size_t num_key_cert_pairs, int force_client_auth, void* reserved); |
| 520 | |
| 521 | /** Deprecated in favor of grpc_ssl_server_credentials_create_with_options. |
| 522 | Same as grpc_ssl_server_credentials_create method except uses |
| 523 | grpc_ssl_client_certificate_request_type enum to support more ways to |
| 524 | authenticate client certificates.*/ |
| 525 | GRPCAPI grpc_server_credentials* grpc_ssl_server_credentials_create_ex( |
| 526 | const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs, |
| 527 | size_t num_key_cert_pairs, |
| 528 | grpc_ssl_client_certificate_request_type client_certificate_request, |
| 529 | void* reserved); |
| 530 | |
| 531 | typedef struct grpc_ssl_server_credentials_options |
| 532 | grpc_ssl_server_credentials_options; |
| 533 | |
| 534 | /** Creates an options object using a certificate config. Use this method when |
| 535 | the certificates and keys of the SSL server will not change during the |
| 536 | server's lifetime. |
| 537 | - Takes ownership of the certificate_config parameter. */ |
| 538 | GRPCAPI grpc_ssl_server_credentials_options* |
| 539 | grpc_ssl_server_credentials_create_options_using_config( |
| 540 | grpc_ssl_client_certificate_request_type client_certificate_request, |
| 541 | grpc_ssl_server_certificate_config* certificate_config); |
| 542 | |
| 543 | /** Creates an options object using a certificate config fetcher. Use this |
| 544 | method to reload the certificates and keys of the SSL server without |
| 545 | interrupting the operation of the server. Initial certificate config will be |
| 546 | fetched during server initialization. |
| 547 | - user_data parameter, if not NULL, contains opaque data which will be passed |
| 548 | to the fetcher (see definition of |
| 549 | grpc_ssl_server_certificate_config_callback). */ |
| 550 | GRPCAPI grpc_ssl_server_credentials_options* |
| 551 | grpc_ssl_server_credentials_create_options_using_config_fetcher( |
| 552 | grpc_ssl_client_certificate_request_type client_certificate_request, |
| 553 | grpc_ssl_server_certificate_config_callback cb, void* user_data); |
| 554 | |
| 555 | /** Destroys a grpc_ssl_server_credentials_options object. */ |
| 556 | GRPCAPI void grpc_ssl_server_credentials_options_destroy( |
| 557 | grpc_ssl_server_credentials_options* options); |
| 558 | |
| 559 | /** Creates an SSL server_credentials object using the provided options struct. |
| 560 | - Takes ownership of the options parameter. */ |
| 561 | GRPCAPI grpc_server_credentials* |
| 562 | grpc_ssl_server_credentials_create_with_options( |
| 563 | grpc_ssl_server_credentials_options* options); |
| 564 | |
| 565 | /** --- Server-side secure ports. --- */ |
| 566 | |
| 567 | /** Add a HTTP2 over an encrypted link over tcp listener. |
| 568 | Returns bound port number on success, 0 on failure. |
| 569 | REQUIRES: server not started */ |
| 570 | GRPCAPI int grpc_server_add_secure_http2_port(grpc_server* server, |
| 571 | const char* addr, |
| 572 | grpc_server_credentials* creds); |
| 573 | |
| 574 | /** --- Call specific credentials. --- */ |
| 575 | |
| 576 | /** Sets a credentials to a call. Can only be called on the client side before |
| 577 | grpc_call_start_batch. */ |
| 578 | GRPCAPI grpc_call_error grpc_call_set_credentials(grpc_call* call, |
| 579 | grpc_call_credentials* creds); |
| 580 | |
| 581 | /** --- Auth Metadata Processing --- */ |
| 582 | |
| 583 | /** Callback function that is called when the metadata processing is done. |
| 584 | - Consumed metadata will be removed from the set of metadata available on the |
| 585 | call. consumed_md may be NULL if no metadata has been consumed. |
| 586 | - Response metadata will be set on the response. response_md may be NULL. |
| 587 | - status is GRPC_STATUS_OK for success or a specific status for an error. |
| 588 | Common error status for auth metadata processing is either |
| 589 | GRPC_STATUS_UNAUTHENTICATED in case of an authentication failure or |
| 590 | GRPC_STATUS PERMISSION_DENIED in case of an authorization failure. |
| 591 | - error_details gives details about the error. May be NULL. */ |
| 592 | typedef void (*grpc_process_auth_metadata_done_cb)( |
| 593 | void* user_data, const grpc_metadata* consumed_md, size_t num_consumed_md, |
| 594 | const grpc_metadata* response_md, size_t num_response_md, |
| 595 | grpc_status_code status, const char* error_details); |
| 596 | |
| 597 | /** Pluggable server-side metadata processor object. */ |
| 598 | typedef struct { |
| 599 | /** The context object is read/write: it contains the properties of the |
| 600 | channel peer and it is the job of the process function to augment it with |
| 601 | properties derived from the passed-in metadata. |
| 602 | The lifetime of these objects is guaranteed until cb is invoked. */ |
| 603 | void (*process)(void* state, grpc_auth_context* context, |
| 604 | const grpc_metadata* md, size_t num_md, |
| 605 | grpc_process_auth_metadata_done_cb cb, void* user_data); |
| 606 | void (*destroy)(void* state); |
| 607 | void* state; |
| 608 | } grpc_auth_metadata_processor; |
| 609 | |
| 610 | GRPCAPI void grpc_server_credentials_set_auth_metadata_processor( |
| 611 | grpc_server_credentials* creds, grpc_auth_metadata_processor processor); |
| 612 | |
| 613 | /** --- ALTS channel/server credentials --- **/ |
| 614 | |
| 615 | /** |
| 616 | * Main interface for ALTS credentials options. The options will contain |
| 617 | * information that will be passed from grpc to TSI layer such as RPC protocol |
| 618 | * versions. ALTS client (channel) and server credentials will have their own |
| 619 | * implementation of this interface. The APIs listed in this header are |
| 620 | * thread-compatible. It is used for experimental purpose for now and subject |
| 621 | * to change. |
| 622 | */ |
| 623 | typedef struct grpc_alts_credentials_options grpc_alts_credentials_options; |
| 624 | |
| 625 | /** |
| 626 | * This method creates a grpc ALTS credentials client options instance. |
| 627 | * It is used for experimental purpose for now and subject to change. |
| 628 | */ |
| 629 | GRPCAPI grpc_alts_credentials_options* |
| 630 | grpc_alts_credentials_client_options_create(void); |
| 631 | |
| 632 | /** |
| 633 | * This method creates a grpc ALTS credentials server options instance. |
| 634 | * It is used for experimental purpose for now and subject to change. |
| 635 | */ |
| 636 | GRPCAPI grpc_alts_credentials_options* |
| 637 | grpc_alts_credentials_server_options_create(void); |
| 638 | |
| 639 | /** |
| 640 | * This method adds a target service account to grpc client's ALTS credentials |
| 641 | * options instance. It is used for experimental purpose for now and subject |
| 642 | * to change. |
| 643 | * |
| 644 | * - options: grpc ALTS credentials options instance. |
| 645 | * - service_account: service account of target endpoint. |
| 646 | */ |
| 647 | GRPCAPI void grpc_alts_credentials_client_options_add_target_service_account( |
| 648 | grpc_alts_credentials_options* options, const char* service_account); |
| 649 | |
| 650 | /** |
| 651 | * This method destroys a grpc_alts_credentials_options instance by |
| 652 | * de-allocating all of its occupied memory. It is used for experimental purpose |
| 653 | * for now and subject to change. |
| 654 | * |
| 655 | * - options: a grpc_alts_credentials_options instance that needs to be |
| 656 | * destroyed. |
| 657 | */ |
| 658 | GRPCAPI void grpc_alts_credentials_options_destroy( |
| 659 | grpc_alts_credentials_options* options); |
| 660 | |
| 661 | /** |
| 662 | * This method creates an ALTS channel credential object. The security |
| 663 | * level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY. |
| 664 | * It is used for experimental purpose for now and subject to change. |
| 665 | * |
| 666 | * - options: grpc ALTS credentials options instance for client. |
| 667 | * |
| 668 | * It returns the created ALTS channel credential object. |
| 669 | */ |
| 670 | GRPCAPI grpc_channel_credentials* grpc_alts_credentials_create( |
| 671 | const grpc_alts_credentials_options* options); |
| 672 | |
| 673 | /** |
| 674 | * This method creates an ALTS server credential object. It is used for |
| 675 | * experimental purpose for now and subject to change. |
| 676 | * |
| 677 | * - options: grpc ALTS credentials options instance for server. |
| 678 | * |
| 679 | * It returns the created ALTS server credential object. |
| 680 | */ |
| 681 | GRPCAPI grpc_server_credentials* grpc_alts_server_credentials_create( |
| 682 | const grpc_alts_credentials_options* options); |
| 683 | |
| 684 | /** --- Local channel/server credentials --- **/ |
| 685 | |
| 686 | /** |
| 687 | * This method creates a local channel credential object. The security level |
| 688 | * of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY for UDS and |
| 689 | * GRPC_SECURITY_NONE for LOCAL_TCP. It is used for experimental purpose |
| 690 | * for now and subject to change. |
| 691 | * |
| 692 | * - type: local connection type |
| 693 | * |
| 694 | * It returns the created local channel credential object. |
| 695 | */ |
| 696 | GRPCAPI grpc_channel_credentials* grpc_local_credentials_create( |
| 697 | grpc_local_connect_type type); |
| 698 | |
| 699 | /** |
| 700 | * This method creates a local server credential object. It is used for |
| 701 | * experimental purpose for now and subject to change. |
| 702 | * |
| 703 | * - type: local connection type |
| 704 | * |
| 705 | * It returns the created local server credential object. |
| 706 | */ |
| 707 | GRPCAPI grpc_server_credentials* grpc_local_server_credentials_create( |
| 708 | grpc_local_connect_type type); |
| 709 | |
| 710 | /** --- TLS channel/server credentials --- |
| 711 | * It is used for experimental purpose for now and subject to change. */ |
| 712 | |
| 713 | /** Config for TLS key materials. It is used for |
| 714 | * experimental purpose for now and subject to change. */ |
| 715 | typedef struct grpc_tls_key_materials_config grpc_tls_key_materials_config; |
| 716 | |
| 717 | /** Config for TLS credential reload. It is used for |
| 718 | * experimental purpose for now and subject to change. */ |
| 719 | typedef struct grpc_tls_credential_reload_config |
| 720 | grpc_tls_credential_reload_config; |
| 721 | |
| 722 | /** Config for TLS server authorization check. It is used for |
| 723 | * experimental purpose for now and subject to change. */ |
| 724 | typedef struct grpc_tls_server_authorization_check_config |
| 725 | grpc_tls_server_authorization_check_config; |
| 726 | |
| 727 | /** TLS credentials options. It is used for |
| 728 | * experimental purpose for now and subject to change. */ |
| 729 | typedef struct grpc_tls_credentials_options grpc_tls_credentials_options; |
| 730 | |
| 731 | /** Create an empty TLS credentials options. It is used for |
| 732 | * experimental purpose for now and subject to change. */ |
| 733 | GRPCAPI grpc_tls_credentials_options* grpc_tls_credentials_options_create(void); |
| 734 | |
| 735 | /** Set grpc_ssl_client_certificate_request_type field in credentials options |
| 736 | with the provided type. options should not be NULL. |
| 737 | It returns 1 on success and 0 on failure. It is used for |
| 738 | experimental purpose for now and subject to change. */ |
| 739 | GRPCAPI int grpc_tls_credentials_options_set_cert_request_type( |
| 740 | grpc_tls_credentials_options* options, |
| 741 | grpc_ssl_client_certificate_request_type type); |
| 742 | |
| 743 | /** Set grpc_tls_server_verification_option field in credentials options |
| 744 | with the provided server_verification_option. options should not be NULL. |
| 745 | This should be called only on the client side. |
| 746 | If grpc_tls_server_verification_option is not |
| 747 | GRPC_TLS_SERVER_VERIFICATION, use of a customer server |
| 748 | authorization check (grpc_tls_server_authorization_check_config) |
| 749 | will be mandatory. |
| 750 | It returns 1 on success and 0 on failure. It is used for |
| 751 | experimental purpose for now and subject to change. */ |
| 752 | GRPCAPI int grpc_tls_credentials_options_set_server_verification_option( |
| 753 | grpc_tls_credentials_options* options, |
| 754 | grpc_tls_server_verification_option server_verification_option); |
| 755 | |
| 756 | /** Set grpc_tls_key_materials_config field in credentials options |
| 757 | with the provided config struct whose ownership is transferred. |
| 758 | Both parameters should not be NULL. |
| 759 | It returns 1 on success and 0 on failure. It is used for |
| 760 | experimental purpose for now and subject to change. */ |
| 761 | GRPCAPI int grpc_tls_credentials_options_set_key_materials_config( |
| 762 | grpc_tls_credentials_options* options, |
| 763 | grpc_tls_key_materials_config* config); |
| 764 | |
| 765 | /** Set grpc_tls_credential_reload_config field in credentials options |
| 766 | with the provided config struct whose ownership is transferred. |
| 767 | Both parameters should not be NULL. |
| 768 | It returns 1 on success and 0 on failure. It is used for |
| 769 | experimental purpose for now and subject to change. */ |
| 770 | GRPCAPI int grpc_tls_credentials_options_set_credential_reload_config( |
| 771 | grpc_tls_credentials_options* options, |
| 772 | grpc_tls_credential_reload_config* config); |
| 773 | |
| 774 | /** Set grpc_tls_server_authorization_check_config field in credentials options |
| 775 | with the provided config struct whose ownership is transferred. |
| 776 | Both parameters should not be NULL. |
| 777 | It returns 1 on success and 0 on failure. It is used for |
| 778 | experimental purpose for now and subject to change. */ |
| 779 | GRPCAPI int grpc_tls_credentials_options_set_server_authorization_check_config( |
| 780 | grpc_tls_credentials_options* options, |
| 781 | grpc_tls_server_authorization_check_config* config); |
| 782 | |
| 783 | /** --- TLS key materials config. --- |
| 784 | It is used for experimental purpose for now and subject to change. */ |
| 785 | |
| 786 | /** Create an empty grpc_tls_key_materials_config instance. |
| 787 | * It is used for experimental purpose for now and subject to change. */ |
| 788 | GRPCAPI grpc_tls_key_materials_config* grpc_tls_key_materials_config_create( |
| 789 | void); |
| 790 | |
| 791 | /** Set grpc_tls_key_materials_config instance with provided a TLS certificate. |
| 792 | config will take the ownership of pem_root_certs and pem_key_cert_pairs. |
| 793 | It's valid for the caller to provide nullptr pem_root_certs, in which case |
| 794 | the gRPC-provided root cert will be used. pem_key_cert_pairs should not be |
| 795 | NULL. It returns 1 on success and 0 on failure. It is used for |
| 796 | experimental purpose for now and subject to change. |
| 797 | */ |
| 798 | GRPCAPI int grpc_tls_key_materials_config_set_key_materials( |
| 799 | grpc_tls_key_materials_config* config, const char* pem_root_certs, |
| 800 | const grpc_ssl_pem_key_cert_pair** pem_key_cert_pairs, |
| 801 | size_t num_key_cert_pairs); |
| 802 | |
| 803 | /** Set grpc_tls_key_materials_config instance with a provided version number, |
| 804 | which is used to keep track of the version of key materials. |
| 805 | It returns 1 on success and 0 on failure. It is used for |
| 806 | experimental purpose for now and subject to change. |
| 807 | */ |
| 808 | GRPCAPI int grpc_tls_key_materials_config_set_version( |
| 809 | grpc_tls_key_materials_config* config, int version); |
| 810 | |
| 811 | /** Get the version number of a grpc_tls_key_materials_config instance. |
| 812 | It returns the version number on success and -1 on failure. |
| 813 | It is used for experimental purpose for now and subject to change. |
| 814 | */ |
| 815 | GRPCAPI int grpc_tls_key_materials_config_get_version( |
| 816 | grpc_tls_key_materials_config* config); |
| 817 | |
| 818 | /** --- TLS credential reload config. --- |
| 819 | It is used for experimental purpose for now and subject to change.*/ |
| 820 | |
| 821 | typedef struct grpc_tls_credential_reload_arg grpc_tls_credential_reload_arg; |
| 822 | |
| 823 | /** A callback function provided by gRPC to handle the result of credential |
| 824 | reload. It is used when schedule API is implemented asynchronously and |
| 825 | serves to bring the control back to grpc C core. It is used for |
| 826 | experimental purpose for now and subject to change. */ |
| 827 | typedef void (*grpc_tls_on_credential_reload_done_cb)( |
| 828 | grpc_tls_credential_reload_arg* arg); |
| 829 | |
| 830 | /** A struct containing all information necessary to schedule/cancel a |
| 831 | credential reload request. |
| 832 | - cb and cb_user_data represent a gRPC-provided |
| 833 | callback and an argument passed to it. |
| 834 | - key_materials_config is an in/output parameter containing currently |
| 835 | used/newly reloaded credentials. If credential reload does not result |
| 836 | in a new credential, key_materials_config should not be modified. |
| 837 | - status and error_details are used to hold information about |
| 838 | errors occurred when a credential reload request is scheduled/cancelled. |
| 839 | - config is a pointer to the unique grpc_tls_credential_reload_config |
| 840 | instance that this argument corresponds to. |
| 841 | - context is a pointer to a wrapped language implementation of this |
| 842 | grpc_tls_credential_reload_arg instance. |
| 843 | - destroy_context is a pointer to a caller-provided method that cleans |
| 844 | up any data associated with the context pointer. |
| 845 | It is used for experimental purposes for now and subject to change. |
| 846 | */ |
| 847 | struct grpc_tls_credential_reload_arg { |
| 848 | grpc_tls_on_credential_reload_done_cb cb; |
| 849 | void* cb_user_data; |
| 850 | grpc_tls_key_materials_config* key_materials_config; |
| 851 | grpc_ssl_certificate_config_reload_status status; |
| 852 | const char* error_details; |
| 853 | grpc_tls_credential_reload_config* config; |
| 854 | void* context; |
| 855 | void (*destroy_context)(void* ctx); |
| 856 | }; |
| 857 | |
| 858 | /** Create a grpc_tls_credential_reload_config instance. |
| 859 | - config_user_data is config-specific, read-only user data |
| 860 | that works for all channels created with a credential using the config. |
| 861 | - schedule is a pointer to an application-provided callback used to invoke |
| 862 | credential reload API. The implementation of this method has to be |
| 863 | non-blocking, but can be performed synchronously or asynchronously. |
| 864 | 1) If processing occurs synchronously, it populates arg->key_materials, |
| 865 | arg->status, and arg->error_details and returns zero. |
| 866 | 2) If processing occurs asynchronously, it returns a non-zero value. |
| 867 | The application then invokes arg->cb when processing is completed. Note |
| 868 | that arg->cb cannot be invoked before schedule API returns. |
| 869 | - cancel is a pointer to an application-provided callback used to cancel |
| 870 | a credential reload request scheduled via an asynchronous schedule API. |
| 871 | arg is used to pinpoint an exact reloading request to be cancelled. |
| 872 | The operation may not have any effect if the request has already been |
| 873 | processed. |
| 874 | - destruct is a pointer to an application-provided callback used to clean up |
| 875 | any data associated with the config. |
| 876 | It is used for experimental purpose for now and subject to change. |
| 877 | */ |
| 878 | GRPCAPI grpc_tls_credential_reload_config* |
| 879 | grpc_tls_credential_reload_config_create( |
| 880 | const void* config_user_data, |
| 881 | int (*schedule)(void* config_user_data, |
| 882 | grpc_tls_credential_reload_arg* arg), |
| 883 | void (*cancel)(void* config_user_data, grpc_tls_credential_reload_arg* arg), |
| 884 | void (*destruct)(void* config_user_data)); |
| 885 | |
| 886 | /** --- TLS server authorization check config. --- |
| 887 | * It is used for experimental purpose for now and subject to change. */ |
| 888 | |
| 889 | typedef struct grpc_tls_server_authorization_check_arg |
| 890 | grpc_tls_server_authorization_check_arg; |
| 891 | |
| 892 | /** callback function provided by gRPC used to handle the result of server |
| 893 | authorization check. It is used when schedule API is implemented |
| 894 | asynchronously, and serves to bring the control back to gRPC C core. It is |
| 895 | used for experimental purpose for now and subject to change. */ |
| 896 | typedef void (*grpc_tls_on_server_authorization_check_done_cb)( |
| 897 | grpc_tls_server_authorization_check_arg* arg); |
| 898 | |
| 899 | /** A struct containing all information necessary to schedule/cancel a server |
| 900 | authorization check request. |
| 901 | - cb and cb_user_data represent a gRPC-provided callback and an argument |
| 902 | passed to it. |
| 903 | - success will store the result of server authorization check. That is, |
| 904 | if success returns a non-zero value, it means the authorization check |
| 905 | passes and if returning zero, it means the check fails. |
| 906 | - target_name is the name of an endpoint the channel is connecting to. |
| 907 | - peer_cert represents a complete certificate chain including both |
| 908 | signing and leaf certificates. |
| 909 | - status and error_details contain information |
| 910 | about errors occurred when a server authorization check request is |
| 911 | scheduled/cancelled. |
| 912 | - config is a pointer to the unique |
| 913 | grpc_tls_server_authorization_check_config instance that this argument |
| 914 | corresponds to. |
| 915 | - context is a pointer to a wrapped language implementation of this |
| 916 | grpc_tls_server_authorization_check_arg instance. |
| 917 | - destroy_context is a pointer to a caller-provided method that cleans |
| 918 | up any data associated with the context pointer. |
| 919 | It is used for experimental purpose for now and subject to change. |
| 920 | */ |
| 921 | struct grpc_tls_server_authorization_check_arg { |
| 922 | grpc_tls_on_server_authorization_check_done_cb cb; |
| 923 | void* cb_user_data; |
| 924 | int success; |
| 925 | const char* target_name; |
| 926 | const char* peer_cert; |
| 927 | const char* peer_cert_full_chain; |
| 928 | grpc_status_code status; |
| 929 | const char* error_details; |
| 930 | grpc_tls_server_authorization_check_config* config; |
| 931 | void* context; |
| 932 | void (*destroy_context)(void* ctx); |
| 933 | }; |
| 934 | |
| 935 | /** Create a grpc_tls_server_authorization_check_config instance. |
| 936 | - config_user_data is config-specific, read-only user data |
| 937 | that works for all channels created with a credential using the config. |
| 938 | - schedule is a pointer to an application-provided callback used to invoke |
| 939 | server authorization check API. The implementation of this method has to |
| 940 | be non-blocking, but can be performed synchronously or asynchronously. |
| 941 | 1)If processing occurs synchronously, it populates arg->result, |
| 942 | arg->status, and arg->error_details and returns zero. |
| 943 | 2) If processing occurs asynchronously, it returns a non-zero value. The |
| 944 | application then invokes arg->cb when processing is completed. Note that |
| 945 | arg->cb cannot be invoked before schedule API returns. |
| 946 | - cancel is a pointer to an application-provided callback used to cancel a |
| 947 | server authorization check request scheduled via an asynchronous schedule |
| 948 | API. arg is used to pinpoint an exact check request to be cancelled. The |
| 949 | operation may not have any effect if the request has already been |
| 950 | processed. |
| 951 | - destruct is a pointer to an application-provided callback used to clean up |
| 952 | any data associated with the config. |
| 953 | It is used for experimental purpose for now and subject to change. |
| 954 | */ |
| 955 | GRPCAPI grpc_tls_server_authorization_check_config* |
| 956 | grpc_tls_server_authorization_check_config_create( |
| 957 | const void* config_user_data, |
| 958 | int (*schedule)(void* config_user_data, |
| 959 | grpc_tls_server_authorization_check_arg* arg), |
| 960 | void (*cancel)(void* config_user_data, |
| 961 | grpc_tls_server_authorization_check_arg* arg), |
| 962 | void (*destruct)(void* config_user_data)); |
| 963 | |
| 964 | /** |
| 965 | * This method creates a TLS channel credential object. |
| 966 | * It takes ownership of the options parameter. The security level |
| 967 | * of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY. |
| 968 | * |
| 969 | * - options: grpc TLS credentials options instance. |
| 970 | * |
| 971 | * It returns the created credential object. |
| 972 | * |
| 973 | * It is used for experimental purpose for now and subject |
| 974 | * to change. |
| 975 | */ |
| 976 | |
| 977 | grpc_channel_credentials* grpc_tls_credentials_create( |
| 978 | grpc_tls_credentials_options* options); |
| 979 | |
| 980 | /** |
| 981 | * This method creates a TLS server credential object. |
| 982 | * It takes ownership of the options parameter. |
| 983 | * |
| 984 | * - options: grpc TLS credentials options instance. |
| 985 | * |
| 986 | * It returns the created credential object. |
| 987 | * |
| 988 | * It is used for experimental purpose for now and subject |
| 989 | * to change. |
| 990 | */ |
| 991 | grpc_server_credentials* grpc_tls_server_credentials_create( |
| 992 | grpc_tls_credentials_options* options); |
| 993 | |
| 994 | #ifdef __cplusplus |
| 995 | } |
| 996 | #endif |
| 997 | |
| 998 | #endif /* GRPC_GRPC_SECURITY_H */ |
| 999 |
Generated while processing tensorflow/external/com_github_grpc_grpc/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc
Generated on 2022-Sep-26 from project tensorflow revision f2e850b6cce
Powered by 
Code Browser 2.1
Generator usage only permitted with license.