Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 1 | /* |
| 2 | * |
Craig Tiller | 0605995 | 2015-02-18 08:34:56 -0800 | [diff] [blame] | 3 | * Copyright 2015, Google Inc. |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 4 | * All rights reserved. |
| 5 | * |
| 6 | * Redistribution and use in source and binary forms, with or without |
| 7 | * modification, are permitted provided that the following conditions are |
| 8 | * met: |
| 9 | * |
| 10 | * * Redistributions of source code must retain the above copyright |
| 11 | * notice, this list of conditions and the following disclaimer. |
| 12 | * * Redistributions in binary form must reproduce the above |
| 13 | * copyright notice, this list of conditions and the following disclaimer |
| 14 | * in the documentation and/or other materials provided with the |
| 15 | * distribution. |
| 16 | * * Neither the name of Google Inc. nor the names of its |
| 17 | * contributors may be used to endorse or promote products derived from |
| 18 | * this software without specific prior written permission. |
| 19 | * |
| 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
| 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
| 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 31 | * |
| 32 | */ |
| 33 | |
| 34 | #include "src/core/security/auth.h" |
| 35 | |
| 36 | #include <string.h> |
| 37 | |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 38 | #include <grpc/support/alloc.h> |
| 39 | #include <grpc/support/log.h> |
| 40 | |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 41 | #include "src/core/support/string.h" |
| 42 | #include "src/core/channel/channel_stack.h" |
Julien Boeuf | 7d1d9ca | 2015-04-17 14:38:48 -0700 | [diff] [blame] | 43 | #include "src/core/security/security_connector.h" |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 44 | #include "src/core/security/credentials.h" |
| 45 | #include "src/core/surface/call.h" |
| 46 | |
Craig Tiller | 9c9d4e0 | 2015-04-20 09:03:29 -0700 | [diff] [blame] | 47 | #define MAX_CREDENTIALS_METADATA_COUNT 4 |
Craig Tiller | 6902ad2 | 2015-04-16 08:01:49 -0700 | [diff] [blame] | 48 | |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 49 | /* We can have a per-call credentials. */ |
| 50 | typedef struct { |
| 51 | grpc_credentials *creds; |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 52 | grpc_mdstr *host; |
Julien Boeuf | f47a5cb | 2015-02-18 12:24:08 -0800 | [diff] [blame] | 53 | grpc_mdstr *method; |
Craig Tiller | 6e84aba | 2015-04-23 15:08:17 -0700 | [diff] [blame] | 54 | grpc_transport_op op; |
| 55 | size_t op_md_idx; |
| 56 | int sent_initial_metadata; |
Craig Tiller | 9c9d4e0 | 2015-04-20 09:03:29 -0700 | [diff] [blame] | 57 | grpc_linked_mdelem md_links[MAX_CREDENTIALS_METADATA_COUNT]; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 58 | } call_data; |
| 59 | |
| 60 | /* We can have a per-channel credentials. */ |
| 61 | typedef struct { |
Julien Boeuf | 7d1d9ca | 2015-04-17 14:38:48 -0700 | [diff] [blame] | 62 | grpc_channel_security_connector *security_connector; |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 63 | grpc_mdctx *md_ctx; |
| 64 | grpc_mdstr *authority_string; |
Julien Boeuf | f47a5cb | 2015-02-18 12:24:08 -0800 | [diff] [blame] | 65 | grpc_mdstr *path_string; |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 66 | grpc_mdstr *error_msg_key; |
Craig Tiller | eb131bb | 2015-03-03 11:00:40 -0800 | [diff] [blame] | 67 | grpc_mdstr *status_key; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 68 | } channel_data; |
| 69 | |
| 70 | static void on_credentials_metadata(void *user_data, grpc_mdelem **md_elems, |
| 71 | size_t num_md, |
| 72 | grpc_credentials_status status) { |
| 73 | grpc_call_element *elem = (grpc_call_element *)user_data; |
Craig Tiller | 6902ad2 | 2015-04-16 08:01:49 -0700 | [diff] [blame] | 74 | call_data *calld = elem->call_data; |
Craig Tiller | 6e84aba | 2015-04-23 15:08:17 -0700 | [diff] [blame] | 75 | grpc_transport_op *op = &calld->op; |
| 76 | grpc_metadata_batch *mdb; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 77 | size_t i; |
Craig Tiller | 9c9d4e0 | 2015-04-20 09:03:29 -0700 | [diff] [blame] | 78 | GPR_ASSERT(num_md <= MAX_CREDENTIALS_METADATA_COUNT); |
Craig Tiller | 1a727fd | 2015-04-24 13:21:22 -0700 | [diff] [blame] | 79 | GPR_ASSERT(op->send_ops && op->send_ops->nops > calld->op_md_idx && |
| 80 | op->send_ops->ops[calld->op_md_idx].type == GRPC_OP_METADATA); |
Craig Tiller | 6e84aba | 2015-04-23 15:08:17 -0700 | [diff] [blame] | 81 | mdb = &op->send_ops->ops[calld->op_md_idx].data.metadata; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 82 | for (i = 0; i < num_md; i++) { |
Craig Tiller | 6e84aba | 2015-04-23 15:08:17 -0700 | [diff] [blame] | 83 | grpc_metadata_batch_add_tail(mdb, &calld->md_links[i], |
Craig Tiller | 76f5d46 | 2015-04-17 14:58:12 -0700 | [diff] [blame] | 84 | grpc_mdelem_ref(md_elems[i])); |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 85 | } |
Craig Tiller | 6e84aba | 2015-04-23 15:08:17 -0700 | [diff] [blame] | 86 | grpc_call_next_op(elem, op); |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 87 | } |
| 88 | |
Julien Boeuf | f47a5cb | 2015-02-18 12:24:08 -0800 | [diff] [blame] | 89 | static char *build_service_url(const char *url_scheme, call_data *calld) { |
| 90 | char *service_url; |
| 91 | char *service = gpr_strdup(grpc_mdstr_as_c_string(calld->method)); |
| 92 | char *last_slash = strrchr(service, '/'); |
| 93 | if (last_slash == NULL) { |
| 94 | gpr_log(GPR_ERROR, "No '/' found in fully qualified method name"); |
| 95 | service[0] = '\0'; |
| 96 | } else if (last_slash == service) { |
| 97 | /* No service part in fully qualified method name: will just be "/". */ |
| 98 | service[1] = '\0'; |
| 99 | } else { |
| 100 | *last_slash = '\0'; |
| 101 | } |
| 102 | if (url_scheme == NULL) url_scheme = ""; |
| 103 | gpr_asprintf(&service_url, "%s://%s%s", url_scheme, |
| 104 | grpc_mdstr_as_c_string(calld->host), service); |
| 105 | gpr_free(service); |
| 106 | return service_url; |
| 107 | } |
| 108 | |
Craig Tiller | 1a727fd | 2015-04-24 13:21:22 -0700 | [diff] [blame] | 109 | static void send_security_metadata(grpc_call_element *elem, |
| 110 | grpc_transport_op *op) { |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 111 | /* grab pointers to our data from the call element */ |
| 112 | call_data *calld = elem->call_data; |
| 113 | channel_data *channeld = elem->channel_data; |
| 114 | |
| 115 | grpc_credentials *channel_creds = |
Julien Boeuf | 7d1d9ca | 2015-04-17 14:38:48 -0700 | [diff] [blame] | 116 | channeld->security_connector->request_metadata_creds; |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 117 | /* TODO(jboeuf): |
| 118 | Decide on the policy in this case: |
| 119 | - populate both channel and call? |
| 120 | - the call takes precedence over the channel? |
| 121 | - leave this decision up to the channel credentials? */ |
| 122 | if (calld->creds != NULL) { |
| 123 | gpr_log(GPR_ERROR, "Ignoring per call credentials for now."); |
| 124 | } |
| 125 | if (channel_creds != NULL && |
| 126 | grpc_credentials_has_request_metadata(channel_creds)) { |
Julien Boeuf | f47a5cb | 2015-02-18 12:24:08 -0800 | [diff] [blame] | 127 | char *service_url = |
Julien Boeuf | 7d1d9ca | 2015-04-17 14:38:48 -0700 | [diff] [blame] | 128 | build_service_url(channeld->security_connector->base.url_scheme, calld); |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 129 | calld->op = *op; /* Copy op (originates from the caller's stack). */ |
Julien Boeuf | f47a5cb | 2015-02-18 12:24:08 -0800 | [diff] [blame] | 130 | grpc_credentials_get_request_metadata(channel_creds, service_url, |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 131 | on_credentials_metadata, elem); |
Julien Boeuf | f47a5cb | 2015-02-18 12:24:08 -0800 | [diff] [blame] | 132 | gpr_free(service_url); |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 133 | } else { |
| 134 | grpc_call_next_op(elem, op); |
| 135 | } |
| 136 | } |
| 137 | |
| 138 | static void on_host_checked(void *user_data, grpc_security_status status) { |
| 139 | grpc_call_element *elem = (grpc_call_element *)user_data; |
| 140 | call_data *calld = elem->call_data; |
Craig Tiller | 2ea37fd | 2015-04-24 13:03:49 -0700 | [diff] [blame] | 141 | channel_data *chand = elem->channel_data; |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 142 | |
| 143 | if (status == GRPC_SECURITY_OK) { |
| 144 | send_security_metadata(elem, &calld->op); |
| 145 | } else { |
| 146 | char *error_msg; |
| 147 | gpr_asprintf(&error_msg, "Invalid host %s set in :authority metadata.", |
| 148 | grpc_mdstr_as_c_string(calld->host)); |
Craig Tiller | 1a727fd | 2015-04-24 13:21:22 -0700 | [diff] [blame] | 149 | grpc_transport_op_add_cancellation( |
| 150 | &calld->op, GRPC_STATUS_UNAUTHENTICATED, |
| 151 | grpc_mdstr_from_string(chand->md_ctx, error_msg)); |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 152 | gpr_free(error_msg); |
Craig Tiller | 2ea37fd | 2015-04-24 13:03:49 -0700 | [diff] [blame] | 153 | grpc_call_next_op(elem, &calld->op); |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 154 | } |
| 155 | } |
| 156 | |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 157 | /* Called either: |
| 158 | - in response to an API call (or similar) from above, to send something |
| 159 | - a network event (or similar) from below, to receive something |
| 160 | op contains type and call direction information, in addition to the data |
| 161 | that is being sent or received. */ |
Craig Tiller | 1a727fd | 2015-04-24 13:21:22 -0700 | [diff] [blame] | 162 | static void auth_start_transport_op(grpc_call_element *elem, |
| 163 | grpc_transport_op *op) { |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 164 | /* grab pointers to our data from the call element */ |
| 165 | call_data *calld = elem->call_data; |
| 166 | channel_data *channeld = elem->channel_data; |
Craig Tiller | 6902ad2 | 2015-04-16 08:01:49 -0700 | [diff] [blame] | 167 | grpc_linked_mdelem *l; |
Craig Tiller | 6e84aba | 2015-04-23 15:08:17 -0700 | [diff] [blame] | 168 | size_t i; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 169 | |
Craig Tiller | 6e84aba | 2015-04-23 15:08:17 -0700 | [diff] [blame] | 170 | if (op->send_ops && !calld->sent_initial_metadata) { |
| 171 | size_t nops = op->send_ops->nops; |
| 172 | grpc_stream_op *ops = op->send_ops->ops; |
| 173 | for (i = 0; i < nops; i++) { |
| 174 | grpc_stream_op *sop = &ops[i]; |
| 175 | if (sop->type != GRPC_OP_METADATA) continue; |
Craig Tiller | 4e87e00 | 2015-04-24 08:49:10 -0700 | [diff] [blame] | 176 | calld->op_md_idx = i; |
Craig Tiller | 6e84aba | 2015-04-23 15:08:17 -0700 | [diff] [blame] | 177 | calld->sent_initial_metadata = 1; |
| 178 | for (l = sop->data.metadata.list.head; l != NULL; l = l->next) { |
Craig Tiller | 6902ad2 | 2015-04-16 08:01:49 -0700 | [diff] [blame] | 179 | grpc_mdelem *md = l->md; |
Craig Tiller | 87d5b19 | 2015-04-16 14:37:57 -0700 | [diff] [blame] | 180 | /* Pointer comparison is OK for md_elems created from the same context. |
| 181 | */ |
Craig Tiller | 6902ad2 | 2015-04-16 08:01:49 -0700 | [diff] [blame] | 182 | if (md->key == channeld->authority_string) { |
| 183 | if (calld->host != NULL) grpc_mdstr_unref(calld->host); |
| 184 | calld->host = grpc_mdstr_ref(md->value); |
| 185 | } else if (md->key == channeld->path_string) { |
| 186 | if (calld->method != NULL) grpc_mdstr_unref(calld->method); |
| 187 | calld->method = grpc_mdstr_ref(md->value); |
| 188 | } |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 189 | } |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 190 | if (calld->host != NULL) { |
| 191 | grpc_security_status status; |
| 192 | const char *call_host = grpc_mdstr_as_c_string(calld->host); |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 193 | calld->op = *op; /* Copy op (originates from the caller's stack). */ |
Julien Boeuf | 7d1d9ca | 2015-04-17 14:38:48 -0700 | [diff] [blame] | 194 | status = grpc_channel_security_connector_check_call_host( |
| 195 | channeld->security_connector, call_host, on_host_checked, elem); |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 196 | if (status != GRPC_SECURITY_OK) { |
| 197 | if (status == GRPC_SECURITY_ERROR) { |
| 198 | char *error_msg; |
| 199 | gpr_asprintf(&error_msg, |
| 200 | "Invalid host %s set in :authority metadata.", |
| 201 | call_host); |
Craig Tiller | 1a727fd | 2015-04-24 13:21:22 -0700 | [diff] [blame] | 202 | grpc_transport_op_add_cancellation( |
| 203 | &calld->op, GRPC_STATUS_UNAUTHENTICATED, |
| 204 | grpc_mdstr_from_string(channeld->md_ctx, error_msg)); |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 205 | gpr_free(error_msg); |
Craig Tiller | 2ea37fd | 2015-04-24 13:03:49 -0700 | [diff] [blame] | 206 | grpc_call_next_op(elem, &calld->op); |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 207 | } |
Craig Tiller | 6e84aba | 2015-04-23 15:08:17 -0700 | [diff] [blame] | 208 | return; /* early exit */ |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 209 | } |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 210 | } |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 211 | send_security_metadata(elem, op); |
Craig Tiller | 6e84aba | 2015-04-23 15:08:17 -0700 | [diff] [blame] | 212 | return; /* early exit */ |
| 213 | } |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 214 | } |
Craig Tiller | 6e84aba | 2015-04-23 15:08:17 -0700 | [diff] [blame] | 215 | |
| 216 | /* pass control up or down the stack */ |
| 217 | grpc_call_next_op(elem, op); |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 218 | } |
| 219 | |
| 220 | /* Called on special channel events, such as disconnection or new incoming |
| 221 | calls on the server */ |
ctiller | f962f52 | 2014-12-10 15:28:27 -0800 | [diff] [blame] | 222 | static void channel_op(grpc_channel_element *elem, |
| 223 | grpc_channel_element *from_elem, grpc_channel_op *op) { |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 224 | grpc_channel_next_op(elem, op); |
| 225 | } |
| 226 | |
| 227 | /* Constructor for call_data */ |
| 228 | static void init_call_elem(grpc_call_element *elem, |
Craig Tiller | 1a727fd | 2015-04-24 13:21:22 -0700 | [diff] [blame] | 229 | const void *server_transport_data, |
| 230 | grpc_transport_op *initial_op) { |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 231 | /* TODO(jboeuf): |
| 232 | Find a way to pass-in the credentials from the caller here. */ |
| 233 | call_data *calld = elem->call_data; |
| 234 | calld->creds = NULL; |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 235 | calld->host = NULL; |
Julien Boeuf | f47a5cb | 2015-02-18 12:24:08 -0800 | [diff] [blame] | 236 | calld->method = NULL; |
Craig Tiller | 4e87e00 | 2015-04-24 08:49:10 -0700 | [diff] [blame] | 237 | calld->sent_initial_metadata = 0; |
Craig Tiller | 6e84aba | 2015-04-23 15:08:17 -0700 | [diff] [blame] | 238 | |
| 239 | GPR_ASSERT(!initial_op || !initial_op->send_ops); |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 240 | } |
| 241 | |
| 242 | /* Destructor for call_data */ |
| 243 | static void destroy_call_elem(grpc_call_element *elem) { |
| 244 | call_data *calld = elem->call_data; |
| 245 | if (calld->creds != NULL) { |
| 246 | grpc_credentials_unref(calld->creds); |
| 247 | } |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 248 | if (calld->host != NULL) { |
| 249 | grpc_mdstr_unref(calld->host); |
| 250 | } |
Craig Tiller | 7d0f9ea | 2015-02-23 13:37:07 -0800 | [diff] [blame] | 251 | if (calld->method != NULL) { |
| 252 | grpc_mdstr_unref(calld->method); |
| 253 | } |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 254 | } |
| 255 | |
| 256 | /* Constructor for channel_data */ |
| 257 | static void init_channel_elem(grpc_channel_element *elem, |
| 258 | const grpc_channel_args *args, |
| 259 | grpc_mdctx *metadata_context, int is_first, |
| 260 | int is_last) { |
Julien Boeuf | 7d1d9ca | 2015-04-17 14:38:48 -0700 | [diff] [blame] | 261 | grpc_security_connector *ctx = grpc_find_security_connector_in_args(args); |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 262 | /* grab pointers to our data from the channel element */ |
| 263 | channel_data *channeld = elem->channel_data; |
| 264 | |
| 265 | /* The first and the last filters tend to be implemented differently to |
| 266 | handle the case that there's no 'next' filter to call on the up or down |
| 267 | path */ |
| 268 | GPR_ASSERT(!is_first); |
| 269 | GPR_ASSERT(!is_last); |
| 270 | GPR_ASSERT(ctx != NULL); |
| 271 | |
| 272 | /* initialize members */ |
| 273 | GPR_ASSERT(ctx->is_client_side); |
Julien Boeuf | 7d1d9ca | 2015-04-17 14:38:48 -0700 | [diff] [blame] | 274 | channeld->security_connector = |
| 275 | (grpc_channel_security_connector *)grpc_security_connector_ref(ctx); |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 276 | channeld->md_ctx = metadata_context; |
| 277 | channeld->authority_string = |
| 278 | grpc_mdstr_from_string(channeld->md_ctx, ":authority"); |
Julien Boeuf | f47a5cb | 2015-02-18 12:24:08 -0800 | [diff] [blame] | 279 | channeld->path_string = grpc_mdstr_from_string(channeld->md_ctx, ":path"); |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 280 | channeld->error_msg_key = |
| 281 | grpc_mdstr_from_string(channeld->md_ctx, "grpc-message"); |
Craig Tiller | 87d5b19 | 2015-04-16 14:37:57 -0700 | [diff] [blame] | 282 | channeld->status_key = |
| 283 | grpc_mdstr_from_string(channeld->md_ctx, "grpc-status"); |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 284 | } |
| 285 | |
| 286 | /* Destructor for channel data */ |
| 287 | static void destroy_channel_elem(grpc_channel_element *elem) { |
| 288 | /* grab pointers to our data from the channel element */ |
| 289 | channel_data *channeld = elem->channel_data; |
Julien Boeuf | 7d1d9ca | 2015-04-17 14:38:48 -0700 | [diff] [blame] | 290 | grpc_channel_security_connector *ctx = channeld->security_connector; |
| 291 | if (ctx != NULL) grpc_security_connector_unref(&ctx->base); |
Julien Boeuf | 54b2192 | 2015-02-04 16:39:35 -0800 | [diff] [blame] | 292 | if (channeld->authority_string != NULL) { |
| 293 | grpc_mdstr_unref(channeld->authority_string); |
| 294 | } |
| 295 | if (channeld->error_msg_key != NULL) { |
| 296 | grpc_mdstr_unref(channeld->error_msg_key); |
| 297 | } |
Craig Tiller | eb131bb | 2015-03-03 11:00:40 -0800 | [diff] [blame] | 298 | if (channeld->status_key != NULL) { |
| 299 | grpc_mdstr_unref(channeld->status_key); |
| 300 | } |
Craig Tiller | 7d0f9ea | 2015-02-23 13:37:07 -0800 | [diff] [blame] | 301 | if (channeld->path_string != NULL) { |
| 302 | grpc_mdstr_unref(channeld->path_string); |
| 303 | } |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 304 | } |
| 305 | |
| 306 | const grpc_channel_filter grpc_client_auth_filter = { |
Craig Tiller | 1a727fd | 2015-04-24 13:21:22 -0700 | [diff] [blame] | 307 | auth_start_transport_op, channel_op, sizeof(call_data), init_call_elem, |
| 308 | destroy_call_elem, sizeof(channel_data), init_channel_elem, |
| 309 | destroy_channel_elem, "auth"}; |