Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 1 | /* |
| 2 | * |
Jan Tattermusch | 7897ae9 | 2017-06-07 22:57:36 +0200 | [diff] [blame] | 3 | * Copyright 2015 gRPC authors. |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 4 | * |
Jan Tattermusch | 7897ae9 | 2017-06-07 22:57:36 +0200 | [diff] [blame] | 5 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 6 | * you may not use this file except in compliance with the License. |
| 7 | * You may obtain a copy of the License at |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 8 | * |
Jan Tattermusch | 7897ae9 | 2017-06-07 22:57:36 +0200 | [diff] [blame] | 9 | * http://www.apache.org/licenses/LICENSE-2.0 |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 10 | * |
Jan Tattermusch | 7897ae9 | 2017-06-07 22:57:36 +0200 | [diff] [blame] | 11 | * Unless required by applicable law or agreed to in writing, software |
| 12 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 14 | * See the License for the specific language governing permissions and |
| 15 | * limitations under the License. |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 16 | * |
| 17 | */ |
| 18 | |
Alexander Polcyn | db3e898 | 2018-02-21 16:59:24 -0800 | [diff] [blame] | 19 | #include <grpc/support/port_platform.h> |
| 20 | |
Craig Tiller | 9533d04 | 2016-03-25 17:11:06 -0700 | [diff] [blame] | 21 | #include "src/core/lib/http/httpcli.h" |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 22 | |
| 23 | #include <string.h> |
| 24 | |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 25 | #include <grpc/support/alloc.h> |
| 26 | #include <grpc/support/log.h> |
Masood Malekghassemi | 701af60 | 2015-06-03 15:01:17 -0700 | [diff] [blame] | 27 | #include <grpc/support/string_util.h> |
Mark D. Roth | 963be37 | 2016-11-16 14:17:06 -0800 | [diff] [blame] | 28 | |
| 29 | #include "src/core/lib/channel/channel_args.h" |
Mark D. Roth | be928be | 2017-06-29 10:43:00 -0700 | [diff] [blame] | 30 | #include "src/core/lib/channel/handshaker_registry.h" |
Mark D. Roth | dbdf495 | 2018-01-18 11:21:12 -0800 | [diff] [blame] | 31 | #include "src/core/lib/gpr/string.h" |
Mark D. Roth | 071cacf | 2016-11-17 13:17:56 -0800 | [diff] [blame] | 32 | #include "src/core/lib/security/transport/security_handshaker.h" |
Craig Tiller | 6822a7a | 2016-12-06 19:28:52 -0800 | [diff] [blame] | 33 | #include "src/core/lib/slice/slice_internal.h" |
Craig Tiller | b29f1fe | 2017-03-28 15:49:23 -0700 | [diff] [blame] | 34 | #include "src/core/tsi/ssl_transport_security.h" |
jiangtaoli2016 | 22cc52a | 2017-04-28 17:35:35 -0700 | [diff] [blame] | 35 | #include "src/core/tsi/transport_security_adapter.h" |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 36 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 37 | typedef struct { |
Julien Boeuf | 7d1d9ca | 2015-04-17 14:38:48 -0700 | [diff] [blame] | 38 | grpc_channel_security_connector base; |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 39 | tsi_ssl_client_handshaker_factory* handshaker_factory; |
| 40 | char* secure_peer_name; |
Julien Boeuf | 7d1d9ca | 2015-04-17 14:38:48 -0700 | [diff] [blame] | 41 | } grpc_httpcli_ssl_channel_security_connector; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 42 | |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 43 | static void httpcli_ssl_destroy(grpc_security_connector* sc) { |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 44 | grpc_httpcli_ssl_channel_security_connector* c = |
Noah Eisen | be82e64 | 2018-02-09 09:16:55 -0800 | [diff] [blame] | 45 | reinterpret_cast<grpc_httpcli_ssl_channel_security_connector*>(sc); |
Craig Tiller | 4782d92 | 2017-11-10 09:53:21 -0800 | [diff] [blame] | 46 | if (c->handshaker_factory != nullptr) { |
Justin Burke | 4984135 | 2017-08-31 17:42:54 -0700 | [diff] [blame] | 47 | tsi_ssl_client_handshaker_factory_unref(c->handshaker_factory); |
Craig Tiller | 4782d92 | 2017-11-10 09:53:21 -0800 | [diff] [blame] | 48 | c->handshaker_factory = nullptr; |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 49 | } |
Craig Tiller | 4782d92 | 2017-11-10 09:53:21 -0800 | [diff] [blame] | 50 | if (c->secure_peer_name != nullptr) gpr_free(c->secure_peer_name); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 51 | gpr_free(sc); |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 52 | } |
| 53 | |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 54 | static void httpcli_ssl_add_handshakers(grpc_channel_security_connector* sc, |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 55 | grpc_handshake_manager* handshake_mgr) { |
| 56 | grpc_httpcli_ssl_channel_security_connector* c = |
Noah Eisen | be82e64 | 2018-02-09 09:16:55 -0800 | [diff] [blame] | 57 | reinterpret_cast<grpc_httpcli_ssl_channel_security_connector*>(sc); |
Craig Tiller | 4782d92 | 2017-11-10 09:53:21 -0800 | [diff] [blame] | 58 | tsi_handshaker* handshaker = nullptr; |
| 59 | if (c->handshaker_factory != nullptr) { |
Julien Boeuf | 935d02e | 2017-04-09 00:07:09 -0700 | [diff] [blame] | 60 | tsi_result result = tsi_ssl_client_handshaker_factory_create_handshaker( |
Mark D. Roth | 963be37 | 2016-11-16 14:17:06 -0800 | [diff] [blame] | 61 | c->handshaker_factory, c->secure_peer_name, &handshaker); |
| 62 | if (result != TSI_OK) { |
| 63 | gpr_log(GPR_ERROR, "Handshaker creation failed with error %s.", |
| 64 | tsi_result_to_string(result)); |
| 65 | } |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 66 | } |
Mark D. Roth | d095340 | 2016-12-07 07:56:48 -0800 | [diff] [blame] | 67 | grpc_handshake_manager_add( |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 68 | handshake_mgr, grpc_security_handshaker_create( |
| 69 | tsi_create_adapter_handshaker(handshaker), &sc->base)); |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 70 | } |
| 71 | |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 72 | static void httpcli_ssl_check_peer(grpc_security_connector* sc, tsi_peer peer, |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 73 | grpc_auth_context** auth_context, |
| 74 | grpc_closure* on_peer_checked) { |
| 75 | grpc_httpcli_ssl_channel_security_connector* c = |
Noah Eisen | be82e64 | 2018-02-09 09:16:55 -0800 | [diff] [blame] | 76 | reinterpret_cast<grpc_httpcli_ssl_channel_security_connector*>(sc); |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 77 | grpc_error* error = GRPC_ERROR_NONE; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 78 | |
| 79 | /* Check the peer name. */ |
Craig Tiller | 4782d92 | 2017-11-10 09:53:21 -0800 | [diff] [blame] | 80 | if (c->secure_peer_name != nullptr && |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 81 | !tsi_ssl_peer_matches_name(&peer, c->secure_peer_name)) { |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 82 | char* msg; |
Mark D. Roth | 3beb6c5 | 2016-11-29 11:25:12 -0800 | [diff] [blame] | 83 | gpr_asprintf(&msg, "Peer name %s is not in peer certificate", |
| 84 | c->secure_peer_name); |
ncteisen | 4b36a3d | 2017-03-13 19:08:06 -0700 | [diff] [blame] | 85 | error = GRPC_ERROR_CREATE_FROM_COPIED_STRING(msg); |
Mark D. Roth | 3beb6c5 | 2016-11-29 11:25:12 -0800 | [diff] [blame] | 86 | gpr_free(msg); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 87 | } |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 88 | GRPC_CLOSURE_SCHED(on_peer_checked, error); |
Julien Boeuf | 1d9ac66 | 2015-12-17 21:35:47 -0800 | [diff] [blame] | 89 | tsi_peer_destruct(&peer); |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 90 | } |
| 91 | |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 92 | static int httpcli_ssl_cmp(grpc_security_connector* sc1, |
| 93 | grpc_security_connector* sc2) { |
| 94 | grpc_httpcli_ssl_channel_security_connector* c1 = |
Noah Eisen | be82e64 | 2018-02-09 09:16:55 -0800 | [diff] [blame] | 95 | reinterpret_cast<grpc_httpcli_ssl_channel_security_connector*>(sc1); |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 96 | grpc_httpcli_ssl_channel_security_connector* c2 = |
Noah Eisen | be82e64 | 2018-02-09 09:16:55 -0800 | [diff] [blame] | 97 | reinterpret_cast<grpc_httpcli_ssl_channel_security_connector*>(sc2); |
Mark D. Roth | ccfdfb3 | 2017-10-16 13:26:13 -0700 | [diff] [blame] | 98 | return strcmp(c1->secure_peer_name, c2->secure_peer_name); |
| 99 | } |
| 100 | |
Julien Boeuf | 7d1d9ca | 2015-04-17 14:38:48 -0700 | [diff] [blame] | 101 | static grpc_security_connector_vtable httpcli_ssl_vtable = { |
Mark D. Roth | ccfdfb3 | 2017-10-16 13:26:13 -0700 | [diff] [blame] | 102 | httpcli_ssl_destroy, httpcli_ssl_check_peer, httpcli_ssl_cmp}; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 103 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 104 | static grpc_security_status httpcli_ssl_channel_security_connector_create( |
jiangtaoli2016 | 144f555 | 2018-03-23 11:28:48 -0700 | [diff] [blame^] | 105 | const char* pem_root_certs, const tsi_ssl_root_certs_store* root_store, |
| 106 | const char* secure_peer_name, grpc_channel_security_connector** sc) { |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 107 | tsi_result result = TSI_OK; |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 108 | grpc_httpcli_ssl_channel_security_connector* c; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 109 | |
Craig Tiller | 4782d92 | 2017-11-10 09:53:21 -0800 | [diff] [blame] | 110 | if (secure_peer_name != nullptr && pem_root_certs == nullptr) { |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 111 | gpr_log(GPR_ERROR, |
| 112 | "Cannot assert a secure peer name without a trust root."); |
| 113 | return GRPC_SECURITY_ERROR; |
| 114 | } |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 115 | |
Noah Eisen | 4d20a66 | 2018-02-09 09:34:04 -0800 | [diff] [blame] | 116 | c = static_cast<grpc_httpcli_ssl_channel_security_connector*>( |
| 117 | gpr_zalloc(sizeof(grpc_httpcli_ssl_channel_security_connector))); |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 118 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 119 | gpr_ref_init(&c->base.base.refcount, 1); |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 120 | c->base.base.vtable = &httpcli_ssl_vtable; |
Craig Tiller | 4782d92 | 2017-11-10 09:53:21 -0800 | [diff] [blame] | 121 | if (secure_peer_name != nullptr) { |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 122 | c->secure_peer_name = gpr_strdup(secure_peer_name); |
| 123 | } |
Ruslan Nigmatullin | 7ae3733 | 2018-02-21 16:44:35 -0800 | [diff] [blame] | 124 | tsi_ssl_client_handshaker_options options; |
| 125 | memset(&options, 0, sizeof(options)); |
| 126 | options.pem_root_certs = pem_root_certs; |
jiangtaoli2016 | 144f555 | 2018-03-23 11:28:48 -0700 | [diff] [blame^] | 127 | options.root_store = root_store; |
Ruslan Nigmatullin | 7ae3733 | 2018-02-21 16:44:35 -0800 | [diff] [blame] | 128 | result = tsi_create_ssl_client_handshaker_factory_with_options( |
| 129 | &options, &c->handshaker_factory); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 130 | if (result != TSI_OK) { |
| 131 | gpr_log(GPR_ERROR, "Handshaker factory creation failed with %s.", |
| 132 | tsi_result_to_string(result)); |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 133 | httpcli_ssl_destroy(&c->base.base); |
Craig Tiller | 4782d92 | 2017-11-10 09:53:21 -0800 | [diff] [blame] | 134 | *sc = nullptr; |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 135 | return GRPC_SECURITY_ERROR; |
| 136 | } |
Mark D. Roth | ccfdfb3 | 2017-10-16 13:26:13 -0700 | [diff] [blame] | 137 | // We don't actually need a channel credentials object in this case, |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 138 | // but we set it to a non-nullptr address so that we don't trigger |
Mark D. Roth | ccfdfb3 | 2017-10-16 13:26:13 -0700 | [diff] [blame] | 139 | // assertions in grpc_channel_security_connector_cmp(). |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 140 | c->base.channel_creds = (grpc_channel_credentials*)1; |
Mark D. Roth | 65b79c8 | 2016-12-06 07:20:20 -0800 | [diff] [blame] | 141 | c->base.add_handshakers = httpcli_ssl_add_handshakers; |
Julien Boeuf | 7d1d9ca | 2015-04-17 14:38:48 -0700 | [diff] [blame] | 142 | *sc = &c->base; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 143 | return GRPC_SECURITY_OK; |
Craig Tiller | 190d360 | 2015-02-18 09:23:38 -0800 | [diff] [blame] | 144 | } |
Craig Tiller | f53d9c8 | 2015-08-04 14:19:43 -0700 | [diff] [blame] | 145 | |
| 146 | /* handshaker */ |
| 147 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 148 | typedef struct { |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 149 | void (*func)(void* arg, grpc_endpoint* endpoint); |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 150 | void* arg; |
| 151 | grpc_handshake_manager* handshake_mgr; |
Craig Tiller | f53d9c8 | 2015-08-04 14:19:43 -0700 | [diff] [blame] | 152 | } on_done_closure; |
| 153 | |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 154 | static void on_handshake_done(void* arg, grpc_error* error) { |
Noah Eisen | be82e64 | 2018-02-09 09:16:55 -0800 | [diff] [blame] | 155 | grpc_handshaker_args* args = static_cast<grpc_handshaker_args*>(arg); |
| 156 | on_done_closure* c = static_cast<on_done_closure*>(args->user_data); |
Mark D. Roth | 963be37 | 2016-11-16 14:17:06 -0800 | [diff] [blame] | 157 | if (error != GRPC_ERROR_NONE) { |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 158 | const char* msg = grpc_error_string(error); |
Mark D. Roth | 963be37 | 2016-11-16 14:17:06 -0800 | [diff] [blame] | 159 | gpr_log(GPR_ERROR, "Secure transport setup failed: %s", msg); |
Craig Tiller | 7c70b6c | 2017-01-23 07:48:42 -0800 | [diff] [blame] | 160 | |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 161 | c->func(c->arg, nullptr); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 162 | } else { |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 163 | grpc_channel_args_destroy(args->args); |
| 164 | grpc_slice_buffer_destroy_internal(args->read_buffer); |
Mark D. Roth | bd913a8 | 2016-12-02 16:47:35 +0000 | [diff] [blame] | 165 | gpr_free(args->read_buffer); |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 166 | c->func(c->arg, args->endpoint); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 167 | } |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 168 | grpc_handshake_manager_destroy(c->handshake_mgr); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 169 | gpr_free(c); |
Craig Tiller | f53d9c8 | 2015-08-04 14:19:43 -0700 | [diff] [blame] | 170 | } |
| 171 | |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 172 | static void ssl_handshake(void* arg, grpc_endpoint* tcp, const char* host, |
Craig Tiller | dc3998e | 2017-05-12 09:55:30 -0700 | [diff] [blame] | 173 | grpc_millis deadline, |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 174 | void (*on_done)(void* arg, grpc_endpoint* endpoint)) { |
Noah Eisen | be82e64 | 2018-02-09 09:16:55 -0800 | [diff] [blame] | 175 | on_done_closure* c = static_cast<on_done_closure*>(gpr_malloc(sizeof(*c))); |
jiangtaoli2016 | 144f555 | 2018-03-23 11:28:48 -0700 | [diff] [blame^] | 176 | const char* pem_root_certs = |
| 177 | grpc_core::DefaultSslRootStore::GetPemRootCerts(); |
| 178 | const tsi_ssl_root_certs_store* root_store = |
| 179 | grpc_core::DefaultSslRootStore::GetRootStore(); |
| 180 | if (root_store == nullptr) { |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 181 | gpr_log(GPR_ERROR, "Could not get default pem root certs."); |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 182 | on_done(arg, nullptr); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 183 | gpr_free(c); |
| 184 | return; |
| 185 | } |
Craig Tiller | f53d9c8 | 2015-08-04 14:19:43 -0700 | [diff] [blame] | 186 | c->func = on_done; |
| 187 | c->arg = arg; |
Craig Tiller | 4782d92 | 2017-11-10 09:53:21 -0800 | [diff] [blame] | 188 | grpc_channel_security_connector* sc = nullptr; |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 189 | GPR_ASSERT(httpcli_ssl_channel_security_connector_create( |
jiangtaoli2016 | 144f555 | 2018-03-23 11:28:48 -0700 | [diff] [blame^] | 190 | pem_root_certs, root_store, host, &sc) == GRPC_SECURITY_OK); |
Mark D. Roth | be928be | 2017-06-29 10:43:00 -0700 | [diff] [blame] | 191 | grpc_arg channel_arg = grpc_security_connector_to_arg(&sc->base); |
| 192 | grpc_channel_args args = {1, &channel_arg}; |
| 193 | c->handshake_mgr = grpc_handshake_manager_create(); |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 194 | grpc_handshakers_add(HANDSHAKER_CLIENT, &args, c->handshake_mgr); |
Mark D. Roth | 963be37 | 2016-11-16 14:17:06 -0800 | [diff] [blame] | 195 | grpc_handshake_manager_do_handshake( |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 196 | c->handshake_mgr, nullptr /* interested_parties */, tcp, |
Dan Born | 53d5503 | 2017-11-16 11:37:57 -0800 | [diff] [blame] | 197 | nullptr /* channel_args */, deadline, nullptr /* acceptor */, |
| 198 | on_handshake_done, c /* user_data */); |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 199 | GRPC_SECURITY_CONNECTOR_UNREF(&sc->base, "httpcli"); |
Craig Tiller | f53d9c8 | 2015-08-04 14:19:43 -0700 | [diff] [blame] | 200 | } |
| 201 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 202 | const grpc_httpcli_handshaker grpc_httpcli_ssl = {"https", ssl_handshake}; |