Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 1 | /* |
| 2 | * |
Craig Tiller | 6169d5f | 2016-03-31 07:46:18 -0700 | [diff] [blame] | 3 | * Copyright 2015, Google Inc. |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 4 | * All rights reserved. |
| 5 | * |
| 6 | * Redistribution and use in source and binary forms, with or without |
| 7 | * modification, are permitted provided that the following conditions are |
| 8 | * met: |
| 9 | * |
| 10 | * * Redistributions of source code must retain the above copyright |
| 11 | * notice, this list of conditions and the following disclaimer. |
| 12 | * * Redistributions in binary form must reproduce the above |
| 13 | * copyright notice, this list of conditions and the following disclaimer |
| 14 | * in the documentation and/or other materials provided with the |
| 15 | * distribution. |
| 16 | * * Neither the name of Google Inc. nor the names of its |
| 17 | * contributors may be used to endorse or promote products derived from |
| 18 | * this software without specific prior written permission. |
| 19 | * |
| 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
| 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
| 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 31 | * |
| 32 | */ |
| 33 | |
| 34 | #include <grpc/grpc.h> |
| 35 | |
Craig Tiller | 759026c | 2015-02-22 23:09:45 -0800 | [diff] [blame] | 36 | #include <string.h> |
| 37 | |
Craig Tiller | f40df23 | 2016-03-25 13:38:14 -0700 | [diff] [blame] | 38 | #include <grpc/support/alloc.h> |
| 39 | #include <grpc/support/log.h> |
Craig Tiller | 804ff71 | 2016-05-05 16:25:40 -0700 | [diff] [blame] | 40 | #include <grpc/support/string_util.h> |
Craig Tiller | f40df23 | 2016-03-25 13:38:14 -0700 | [diff] [blame] | 41 | #include <grpc/support/sync.h> |
| 42 | #include <grpc/support/useful.h> |
Craig Tiller | adcb92d | 2016-03-28 10:14:05 -0700 | [diff] [blame] | 43 | #include "src/core/ext/transport/chttp2/transport/chttp2_transport.h" |
Craig Tiller | 9533d04 | 2016-03-25 17:11:06 -0700 | [diff] [blame] | 44 | #include "src/core/lib/channel/channel_args.h" |
Mark D. Roth | dba5d27 | 2016-07-14 13:45:05 -0700 | [diff] [blame] | 45 | #include "src/core/lib/channel/handshaker.h" |
Craig Tiller | 9533d04 | 2016-03-25 17:11:06 -0700 | [diff] [blame] | 46 | #include "src/core/lib/channel/http_server_filter.h" |
| 47 | #include "src/core/lib/iomgr/endpoint.h" |
| 48 | #include "src/core/lib/iomgr/resolve_address.h" |
| 49 | #include "src/core/lib/iomgr/tcp_server.h" |
Julien Boeuf | 8ca294e | 2016-05-02 14:56:30 -0700 | [diff] [blame] | 50 | #include "src/core/lib/security/context/security_context.h" |
| 51 | #include "src/core/lib/security/credentials/credentials.h" |
| 52 | #include "src/core/lib/security/transport/auth_filters.h" |
| 53 | #include "src/core/lib/security/transport/security_connector.h" |
Craig Tiller | 9533d04 | 2016-03-25 17:11:06 -0700 | [diff] [blame] | 54 | #include "src/core/lib/surface/api_trace.h" |
| 55 | #include "src/core/lib/surface/server.h" |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 56 | |
Craig Tiller | 9f9d422 | 2016-05-16 17:02:14 -0700 | [diff] [blame] | 57 | typedef struct server_secure_state { |
David Klempner | fd5d8ff | 2015-03-05 14:17:38 -0800 | [diff] [blame] | 58 | grpc_server *server; |
| 59 | grpc_tcp_server *tcp; |
Julien Boeuf | 4f4d37c | 2016-02-24 22:07:36 -0800 | [diff] [blame] | 60 | grpc_server_security_connector *sc; |
Julien Boeuf | fe1478f | 2015-08-30 21:57:38 -0700 | [diff] [blame] | 61 | grpc_server_credentials *creds; |
Mark D. Roth | a228e5f | 2016-07-22 09:02:15 -0700 | [diff] [blame] | 62 | bool is_shutdown; |
David Klempner | fd5d8ff | 2015-03-05 14:17:38 -0800 | [diff] [blame] | 63 | gpr_mu mu; |
| 64 | gpr_refcount refcount; |
Craig Tiller | d1bec03 | 2015-09-18 17:29:00 -0700 | [diff] [blame] | 65 | grpc_closure destroy_closure; |
Craig Tiller | dfff1b8 | 2015-09-21 14:39:57 -0700 | [diff] [blame] | 66 | grpc_closure *destroy_callback; |
Craig Tiller | 9f9d422 | 2016-05-16 17:02:14 -0700 | [diff] [blame] | 67 | } server_secure_state; |
David Klempner | fd5d8ff | 2015-03-05 14:17:38 -0800 | [diff] [blame] | 68 | |
Craig Tiller | 9f9d422 | 2016-05-16 17:02:14 -0700 | [diff] [blame] | 69 | typedef struct server_secure_connect { |
| 70 | server_secure_state *state; |
| 71 | grpc_pollset *accepting_pollset; |
Mark D. Roth | dba5d27 | 2016-07-14 13:45:05 -0700 | [diff] [blame] | 72 | grpc_tcp_server_acceptor *acceptor; |
Mark D. Roth | dba5d27 | 2016-07-14 13:45:05 -0700 | [diff] [blame] | 73 | grpc_handshake_manager *handshake_mgr; |
Mark D. Roth | 45015dc | 2016-07-15 08:48:25 -0700 | [diff] [blame] | 74 | // TODO(roth): Remove the following two fields when we eliminate |
| 75 | // grpc_server_security_connector_do_handshake(). |
| 76 | gpr_timespec deadline; |
Mark D. Roth | b3ce178 | 2016-07-20 09:25:25 -0700 | [diff] [blame] | 77 | grpc_channel_args *args; |
Craig Tiller | 9f9d422 | 2016-05-16 17:02:14 -0700 | [diff] [blame] | 78 | } server_secure_connect; |
David Klempner | fd5d8ff | 2015-03-05 14:17:38 -0800 | [diff] [blame] | 79 | |
Craig Tiller | 9f9d422 | 2016-05-16 17:02:14 -0700 | [diff] [blame] | 80 | static void state_ref(server_secure_state *state) { gpr_ref(&state->refcount); } |
| 81 | |
| 82 | static void state_unref(server_secure_state *state) { |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 83 | if (gpr_unref(&state->refcount)) { |
| 84 | /* ensure all threads have unlocked */ |
| 85 | gpr_mu_lock(&state->mu); |
| 86 | gpr_mu_unlock(&state->mu); |
| 87 | /* clean up */ |
Julien Boeuf | 4f4d37c | 2016-02-24 22:07:36 -0800 | [diff] [blame] | 88 | GRPC_SECURITY_CONNECTOR_UNREF(&state->sc->base, "server"); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 89 | grpc_server_credentials_unref(state->creds); |
| 90 | gpr_free(state); |
| 91 | } |
David Klempner | fd5d8ff | 2015-03-05 14:17:38 -0800 | [diff] [blame] | 92 | } |
| 93 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 94 | static void on_secure_handshake_done(grpc_exec_ctx *exec_ctx, void *statep, |
| 95 | grpc_security_status status, |
Julien Boeuf | 366f42c | 2015-12-16 22:05:46 -0800 | [diff] [blame] | 96 | grpc_endpoint *secure_endpoint, |
| 97 | grpc_auth_context *auth_context) { |
Craig Tiller | 9f9d422 | 2016-05-16 17:02:14 -0700 | [diff] [blame] | 98 | server_secure_connect *state = statep; |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 99 | if (status == GRPC_SECURITY_OK) { |
yang-g | 5e7f08a | 2015-11-19 01:27:43 -0800 | [diff] [blame] | 100 | if (secure_endpoint) { |
Craig Tiller | 9f9d422 | 2016-05-16 17:02:14 -0700 | [diff] [blame] | 101 | gpr_mu_lock(&state->state->mu); |
| 102 | if (!state->state->is_shutdown) { |
Mark D. Roth | a228e5f | 2016-07-22 09:02:15 -0700 | [diff] [blame] | 103 | grpc_transport *transport = grpc_create_chttp2_transport( |
Craig Tiller | 9f9d422 | 2016-05-16 17:02:14 -0700 | [diff] [blame] | 104 | exec_ctx, grpc_server_get_channel_args(state->state->server), |
yang-g | d88e1d8 | 2015-12-02 13:23:33 -0800 | [diff] [blame] | 105 | secure_endpoint, 0); |
Craig Tiller | 9f9d422 | 2016-05-16 17:02:14 -0700 | [diff] [blame] | 106 | grpc_arg args_to_add[2]; |
| 107 | args_to_add[0] = grpc_server_credentials_to_arg(state->state->creds); |
| 108 | args_to_add[1] = grpc_auth_context_to_arg(auth_context); |
Mark D. Roth | 45015dc | 2016-07-15 08:48:25 -0700 | [diff] [blame] | 109 | grpc_channel_args *args_copy = grpc_channel_args_copy_and_add( |
| 110 | state->args, args_to_add, GPR_ARRAY_SIZE(args_to_add)); |
Craig Tiller | 9f9d422 | 2016-05-16 17:02:14 -0700 | [diff] [blame] | 111 | grpc_server_setup_transport(exec_ctx, state->state->server, transport, |
| 112 | state->accepting_pollset, args_copy); |
| 113 | grpc_channel_args_destroy(args_copy); |
Mark D. Roth | 7d9f276 | 2016-08-04 11:06:49 -0700 | [diff] [blame] | 114 | grpc_chttp2_transport_start_reading(exec_ctx, transport, NULL); |
yang-g | 5e7f08a | 2015-11-19 01:27:43 -0800 | [diff] [blame] | 115 | } else { |
| 116 | /* We need to consume this here, because the server may already have |
yang-g | 768999d | 2015-11-20 10:08:26 -0800 | [diff] [blame] | 117 | * gone away. */ |
yang-g | 5e7f08a | 2015-11-19 01:27:43 -0800 | [diff] [blame] | 118 | grpc_endpoint_destroy(exec_ctx, secure_endpoint); |
| 119 | } |
Craig Tiller | 9f9d422 | 2016-05-16 17:02:14 -0700 | [diff] [blame] | 120 | gpr_mu_unlock(&state->state->mu); |
David Klempner | fd5d8ff | 2015-03-05 14:17:38 -0800 | [diff] [blame] | 121 | } |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 122 | } else { |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 123 | gpr_log(GPR_ERROR, "Secure transport failed with error %d", status); |
| 124 | } |
Mark D. Roth | 45015dc | 2016-07-15 08:48:25 -0700 | [diff] [blame] | 125 | grpc_channel_args_destroy(state->args); |
Craig Tiller | 9f9d422 | 2016-05-16 17:02:14 -0700 | [diff] [blame] | 126 | state_unref(state->state); |
| 127 | gpr_free(state); |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 128 | } |
| 129 | |
Mark D. Roth | dba5d27 | 2016-07-14 13:45:05 -0700 | [diff] [blame] | 130 | static void on_handshake_done(grpc_exec_ctx *exec_ctx, grpc_endpoint *endpoint, |
Mark D. Roth | 7d9f276 | 2016-08-04 11:06:49 -0700 | [diff] [blame] | 131 | grpc_channel_args *args, |
| 132 | gpr_slice_buffer *read_buffer, void *user_data, |
Mark D. Roth | a228e5f | 2016-07-22 09:02:15 -0700 | [diff] [blame] | 133 | grpc_error *error) { |
Mark D. Roth | 45015dc | 2016-07-15 08:48:25 -0700 | [diff] [blame] | 134 | server_secure_connect *state = user_data; |
Mark D. Roth | a228e5f | 2016-07-22 09:02:15 -0700 | [diff] [blame] | 135 | if (error != GRPC_ERROR_NONE) { |
| 136 | const char *error_str = grpc_error_string(error); |
| 137 | gpr_log(GPR_ERROR, "Handshaking failed: %s", error_str); |
| 138 | grpc_error_free_string(error_str); |
| 139 | GRPC_ERROR_UNREF(error); |
Mark D. Roth | 7d9f276 | 2016-08-04 11:06:49 -0700 | [diff] [blame] | 140 | grpc_channel_args_destroy(args); |
| 141 | gpr_free(read_buffer); |
Mark D. Roth | a228e5f | 2016-07-22 09:02:15 -0700 | [diff] [blame] | 142 | grpc_handshake_manager_shutdown(exec_ctx, state->handshake_mgr); |
| 143 | grpc_handshake_manager_destroy(exec_ctx, state->handshake_mgr); |
Mark D. Roth | a228e5f | 2016-07-22 09:02:15 -0700 | [diff] [blame] | 144 | state_unref(state->state); |
| 145 | gpr_free(state); |
| 146 | return; |
| 147 | } |
| 148 | grpc_handshake_manager_destroy(exec_ctx, state->handshake_mgr); |
| 149 | state->handshake_mgr = NULL; |
Mark D. Roth | dba5d27 | 2016-07-14 13:45:05 -0700 | [diff] [blame] | 150 | // TODO(roth, jboeuf): Convert security connector handshaking to use new |
| 151 | // handshake API, and then move the code from on_secure_handshake_done() |
| 152 | // into this function. |
Mark D. Roth | 45015dc | 2016-07-15 08:48:25 -0700 | [diff] [blame] | 153 | state->args = args; |
Mark D. Roth | dba5d27 | 2016-07-14 13:45:05 -0700 | [diff] [blame] | 154 | grpc_server_security_connector_do_handshake( |
Mark D. Roth | 7d9f276 | 2016-08-04 11:06:49 -0700 | [diff] [blame] | 155 | exec_ctx, state->state->sc, state->acceptor, endpoint, read_buffer, |
| 156 | state->deadline, on_secure_handshake_done, state); |
Mark D. Roth | dba5d27 | 2016-07-14 13:45:05 -0700 | [diff] [blame] | 157 | } |
| 158 | |
Dan Born | fa6b606 | 2016-01-08 21:01:59 -0800 | [diff] [blame] | 159 | static void on_accept(grpc_exec_ctx *exec_ctx, void *statep, grpc_endpoint *tcp, |
Craig Tiller | 9f9d422 | 2016-05-16 17:02:14 -0700 | [diff] [blame] | 160 | grpc_pollset *accepting_pollset, |
Dan Born | 5d81d15 | 2016-01-12 20:29:29 -0800 | [diff] [blame] | 161 | grpc_tcp_server_acceptor *acceptor) { |
Craig Tiller | 9f9d422 | 2016-05-16 17:02:14 -0700 | [diff] [blame] | 162 | server_secure_connect *state = gpr_malloc(sizeof(*state)); |
| 163 | state->state = statep; |
| 164 | state_ref(state->state); |
| 165 | state->accepting_pollset = accepting_pollset; |
Mark D. Roth | dba5d27 | 2016-07-14 13:45:05 -0700 | [diff] [blame] | 166 | state->acceptor = acceptor; |
Mark D. Roth | 45015dc | 2016-07-15 08:48:25 -0700 | [diff] [blame] | 167 | state->handshake_mgr = grpc_handshake_manager_create(); |
Mark D. Roth | dba5d27 | 2016-07-14 13:45:05 -0700 | [diff] [blame] | 168 | // TODO(roth): We should really get this timeout value from channel |
| 169 | // args instead of hard-coding it. |
| 170 | state->deadline = gpr_time_add(gpr_now(GPR_CLOCK_MONOTONIC), |
| 171 | gpr_time_from_seconds(120, GPR_TIMESPAN)); |
Mark D. Roth | 45015dc | 2016-07-15 08:48:25 -0700 | [diff] [blame] | 172 | grpc_handshake_manager_do_handshake( |
| 173 | exec_ctx, state->handshake_mgr, tcp, |
| 174 | grpc_server_get_channel_args(state->state->server), state->deadline, |
Mark D. Roth | 5682a52 | 2016-07-20 09:54:41 -0700 | [diff] [blame] | 175 | acceptor, on_handshake_done, state); |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 176 | } |
| 177 | |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 178 | /* Server callback: start listening on our ports */ |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 179 | static void start(grpc_exec_ctx *exec_ctx, grpc_server *server, void *statep, |
| 180 | grpc_pollset **pollsets, size_t pollset_count) { |
Craig Tiller | 9f9d422 | 2016-05-16 17:02:14 -0700 | [diff] [blame] | 181 | server_secure_state *state = statep; |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 182 | grpc_tcp_server_start(exec_ctx, state->tcp, pollsets, pollset_count, |
| 183 | on_accept, state); |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 184 | } |
| 185 | |
Craig Tiller | f51457b | 2016-05-03 17:06:32 -0700 | [diff] [blame] | 186 | static void destroy_done(grpc_exec_ctx *exec_ctx, void *statep, |
| 187 | grpc_error *error) { |
Craig Tiller | 9f9d422 | 2016-05-16 17:02:14 -0700 | [diff] [blame] | 188 | server_secure_state *state = statep; |
Dan Born | fa6b606 | 2016-01-08 21:01:59 -0800 | [diff] [blame] | 189 | if (state->destroy_callback != NULL) { |
| 190 | state->destroy_callback->cb(exec_ctx, state->destroy_callback->cb_arg, |
Craig Tiller | f707d62 | 2016-05-06 14:26:12 -0700 | [diff] [blame] | 191 | GRPC_ERROR_REF(error)); |
Dan Born | fa6b606 | 2016-01-08 21:01:59 -0800 | [diff] [blame] | 192 | } |
Julien Boeuf | 4f4d37c | 2016-02-24 22:07:36 -0800 | [diff] [blame] | 193 | grpc_server_security_connector_shutdown(exec_ctx, state->sc); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 194 | state_unref(state); |
Craig Tiller | 12d7e1f | 2015-06-03 07:54:48 -0700 | [diff] [blame] | 195 | } |
| 196 | |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 197 | /* Server callback: destroy the tcp listener (so we don't generate further |
| 198 | callbacks) */ |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 199 | static void destroy(grpc_exec_ctx *exec_ctx, grpc_server *server, void *statep, |
| 200 | grpc_closure *callback) { |
Craig Tiller | 9f9d422 | 2016-05-16 17:02:14 -0700 | [diff] [blame] | 201 | server_secure_state *state = statep; |
Nicolas "Pixel" Noble | 04a841f | 2015-06-23 01:57:21 +0200 | [diff] [blame] | 202 | grpc_tcp_server *tcp; |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 203 | gpr_mu_lock(&state->mu); |
Mark D. Roth | a228e5f | 2016-07-22 09:02:15 -0700 | [diff] [blame] | 204 | state->is_shutdown = true; |
Craig Tiller | dfff1b8 | 2015-09-21 14:39:57 -0700 | [diff] [blame] | 205 | state->destroy_callback = callback; |
Nicolas "Pixel" Noble | 04a841f | 2015-06-23 01:57:21 +0200 | [diff] [blame] | 206 | tcp = state->tcp; |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 207 | gpr_mu_unlock(&state->mu); |
yang-g | 9275d40 | 2016-07-11 16:51:39 -0700 | [diff] [blame] | 208 | grpc_tcp_server_shutdown_listeners(exec_ctx, tcp); |
Dan Born | fa6b606 | 2016-01-08 21:01:59 -0800 | [diff] [blame] | 209 | grpc_tcp_server_unref(exec_ctx, tcp); |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 210 | } |
| 211 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 212 | int grpc_server_add_secure_http2_port(grpc_server *server, const char *addr, |
| 213 | grpc_server_credentials *creds) { |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 214 | grpc_resolved_addresses *resolved = NULL; |
| 215 | grpc_tcp_server *tcp = NULL; |
Craig Tiller | 9f9d422 | 2016-05-16 17:02:14 -0700 | [diff] [blame] | 216 | server_secure_state *state = NULL; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 217 | size_t i; |
Craig Tiller | 13c0940 | 2016-06-15 09:41:33 -0700 | [diff] [blame] | 218 | size_t count = 0; |
murgatroid99 | c896e19 | 2015-01-21 11:36:23 -0800 | [diff] [blame] | 219 | int port_num = -1; |
| 220 | int port_temp; |
Craig Tiller | 759026c | 2015-02-22 23:09:45 -0800 | [diff] [blame] | 221 | grpc_security_status status = GRPC_SECURITY_ERROR; |
Julien Boeuf | 4f4d37c | 2016-02-24 22:07:36 -0800 | [diff] [blame] | 222 | grpc_server_security_connector *sc = NULL; |
Craig Tiller | f5768a6 | 2015-09-22 10:54:34 -0700 | [diff] [blame] | 223 | grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT; |
Craig Tiller | 5b15afd | 2016-05-04 15:00:14 -0700 | [diff] [blame] | 224 | grpc_error *err = GRPC_ERROR_NONE; |
David Garcia Quintas | 6d0b4d2 | 2016-05-12 14:28:36 -0700 | [diff] [blame] | 225 | grpc_error **errors = NULL; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 226 | |
Craig Tiller | 4de3e4f | 2015-10-05 08:55:50 -0700 | [diff] [blame] | 227 | GRPC_API_TRACE( |
| 228 | "grpc_server_add_secure_http2_port(" |
| 229 | "server=%p, addr=%s, creds=%p)", |
| 230 | 3, (server, addr, creds)); |
Masood Malekghassemi | 76c3d74 | 2015-08-19 18:22:53 -0700 | [diff] [blame] | 231 | |
Craig Tiller | 759026c | 2015-02-22 23:09:45 -0800 | [diff] [blame] | 232 | /* create security context */ |
Craig Tiller | f5f2904 | 2016-06-03 11:29:55 -0700 | [diff] [blame] | 233 | if (creds == NULL) { |
| 234 | err = GRPC_ERROR_CREATE( |
| 235 | "No credentials specified for secure server port (creds==NULL)"); |
| 236 | goto error; |
| 237 | } |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 238 | status = grpc_server_credentials_create_security_connector(creds, &sc); |
| 239 | if (status != GRPC_SECURITY_OK) { |
Craig Tiller | 80384bd | 2016-05-06 16:12:31 -0700 | [diff] [blame] | 240 | char *msg; |
| 241 | gpr_asprintf(&msg, |
| 242 | "Unable to create secure server with credentials of type %s.", |
| 243 | creds->type); |
| 244 | err = grpc_error_set_int(GRPC_ERROR_CREATE(msg), |
| 245 | GRPC_ERROR_INT_SECURITY_STATUS, status); |
| 246 | gpr_free(msg); |
Craig Tiller | 759026c | 2015-02-22 23:09:45 -0800 | [diff] [blame] | 247 | goto error; |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 248 | } |
yang-g | dd7c1ae | 2015-11-23 14:29:09 -0800 | [diff] [blame] | 249 | sc->channel_args = grpc_server_get_channel_args(server); |
Craig Tiller | 759026c | 2015-02-22 23:09:45 -0800 | [diff] [blame] | 250 | |
| 251 | /* resolve address */ |
Craig Tiller | 2b782d8 | 2016-05-04 16:29:57 -0700 | [diff] [blame] | 252 | err = grpc_blocking_resolve_address(addr, "https", &resolved); |
| 253 | if (err != GRPC_ERROR_NONE) { |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 254 | goto error; |
| 255 | } |
Dan Born | fa6b606 | 2016-01-08 21:01:59 -0800 | [diff] [blame] | 256 | state = gpr_malloc(sizeof(*state)); |
| 257 | memset(state, 0, sizeof(*state)); |
| 258 | grpc_closure_init(&state->destroy_closure, destroy_done, state); |
Craig Tiller | ef96264 | 2016-05-18 22:57:17 -0700 | [diff] [blame] | 259 | err = grpc_tcp_server_create(&state->destroy_closure, |
| 260 | grpc_server_get_channel_args(server), &tcp); |
Craig Tiller | 2b782d8 | 2016-05-04 16:29:57 -0700 | [diff] [blame] | 261 | if (err != GRPC_ERROR_NONE) { |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 262 | goto error; |
| 263 | } |
Craig Tiller | 45724b3 | 2015-09-22 10:42:19 -0700 | [diff] [blame] | 264 | |
yang-g | 9356b47 | 2016-02-02 22:33:43 -0800 | [diff] [blame] | 265 | state->server = server; |
| 266 | state->tcp = tcp; |
| 267 | state->sc = sc; |
| 268 | state->creds = grpc_server_credentials_ref(creds); |
Mark D. Roth | a228e5f | 2016-07-22 09:02:15 -0700 | [diff] [blame] | 269 | state->is_shutdown = false; |
yang-g | 9356b47 | 2016-02-02 22:33:43 -0800 | [diff] [blame] | 270 | gpr_mu_init(&state->mu); |
| 271 | gpr_ref_init(&state->refcount, 1); |
| 272 | |
David Garcia Quintas | 6d0b4d2 | 2016-05-12 14:28:36 -0700 | [diff] [blame] | 273 | errors = gpr_malloc(sizeof(*errors) * resolved->naddrs); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 274 | for (i = 0; i < resolved->naddrs; i++) { |
Craig Tiller | 0b5857f | 2016-05-04 10:58:06 -0700 | [diff] [blame] | 275 | errors[i] = grpc_tcp_server_add_port( |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 276 | tcp, (struct sockaddr *)&resolved->addrs[i].addr, |
Craig Tiller | 5b15afd | 2016-05-04 15:00:14 -0700 | [diff] [blame] | 277 | resolved->addrs[i].len, &port_temp); |
Craig Tiller | 0b5857f | 2016-05-04 10:58:06 -0700 | [diff] [blame] | 278 | if (errors[i] == GRPC_ERROR_NONE) { |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 279 | if (port_num == -1) { |
| 280 | port_num = port_temp; |
| 281 | } else { |
| 282 | GPR_ASSERT(port_num == port_temp); |
| 283 | } |
| 284 | count++; |
Craig Tiller | 45724b3 | 2015-09-22 10:42:19 -0700 | [diff] [blame] | 285 | } |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 286 | } |
| 287 | if (count == 0) { |
Craig Tiller | 804ff71 | 2016-05-05 16:25:40 -0700 | [diff] [blame] | 288 | char *msg; |
Craig Tiller | 13c0940 | 2016-06-15 09:41:33 -0700 | [diff] [blame] | 289 | gpr_asprintf(&msg, "No address added out of total %" PRIuPTR " resolved", |
Craig Tiller | 804ff71 | 2016-05-05 16:25:40 -0700 | [diff] [blame] | 290 | resolved->naddrs); |
| 291 | err = GRPC_ERROR_CREATE_REFERENCING(msg, errors, resolved->naddrs); |
Craig Tiller | d9c5896 | 2016-05-12 13:28:04 -0700 | [diff] [blame] | 292 | gpr_free(msg); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 293 | goto error; |
Craig Tiller | 804ff71 | 2016-05-05 16:25:40 -0700 | [diff] [blame] | 294 | } else if (count != resolved->naddrs) { |
| 295 | char *msg; |
Craig Tiller | 13c0940 | 2016-06-15 09:41:33 -0700 | [diff] [blame] | 296 | gpr_asprintf(&msg, "Only %" PRIuPTR |
| 297 | " addresses added out of total %" PRIuPTR " resolved", |
Craig Tiller | 804ff71 | 2016-05-05 16:25:40 -0700 | [diff] [blame] | 298 | count, resolved->naddrs); |
| 299 | err = GRPC_ERROR_CREATE_REFERENCING(msg, errors, resolved->naddrs); |
| 300 | gpr_free(msg); |
| 301 | |
| 302 | const char *warning_message = grpc_error_string(err); |
| 303 | gpr_log(GPR_INFO, "WARNING: %s", warning_message); |
| 304 | grpc_error_free_string(warning_message); |
| 305 | /* we managed to bind some addresses: continue */ |
| 306 | } else { |
| 307 | for (i = 0; i < resolved->naddrs; i++) { |
Craig Tiller | f707d62 | 2016-05-06 14:26:12 -0700 | [diff] [blame] | 308 | GRPC_ERROR_UNREF(errors[i]); |
Craig Tiller | 804ff71 | 2016-05-05 16:25:40 -0700 | [diff] [blame] | 309 | } |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 310 | } |
Craig Tiller | 804ff71 | 2016-05-05 16:25:40 -0700 | [diff] [blame] | 311 | gpr_free(errors); |
Craig Tiller | d9c5896 | 2016-05-12 13:28:04 -0700 | [diff] [blame] | 312 | errors = NULL; |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 313 | grpc_resolved_addresses_destroy(resolved); |
Craig Tiller | 45724b3 | 2015-09-22 10:42:19 -0700 | [diff] [blame] | 314 | |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 315 | /* Register with the server only upon success */ |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 316 | grpc_server_add_listener(&exec_ctx, server, state, start, destroy); |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 317 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 318 | grpc_exec_ctx_finish(&exec_ctx); |
murgatroid99 | c896e19 | 2015-01-21 11:36:23 -0800 | [diff] [blame] | 319 | return port_num; |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 320 | |
| 321 | /* Error path: cleanup and return */ |
| 322 | error: |
Craig Tiller | 5b15afd | 2016-05-04 15:00:14 -0700 | [diff] [blame] | 323 | GPR_ASSERT(err != GRPC_ERROR_NONE); |
Craig Tiller | d9c5896 | 2016-05-12 13:28:04 -0700 | [diff] [blame] | 324 | if (errors != NULL) { |
| 325 | for (i = 0; i < resolved->naddrs; i++) { |
| 326 | GRPC_ERROR_UNREF(errors[i]); |
| 327 | } |
| 328 | gpr_free(errors); |
| 329 | } |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 330 | if (resolved) { |
| 331 | grpc_resolved_addresses_destroy(resolved); |
| 332 | } |
| 333 | if (tcp) { |
Dan Born | fa6b606 | 2016-01-08 21:01:59 -0800 | [diff] [blame] | 334 | grpc_tcp_server_unref(&exec_ctx, tcp); |
yang-g | 9356b47 | 2016-02-02 22:33:43 -0800 | [diff] [blame] | 335 | } else { |
| 336 | if (sc) { |
Julien Boeuf | 4f4d37c | 2016-02-24 22:07:36 -0800 | [diff] [blame] | 337 | GRPC_SECURITY_CONNECTOR_UNREF(&sc->base, "server"); |
yang-g | 9356b47 | 2016-02-02 22:33:43 -0800 | [diff] [blame] | 338 | } |
| 339 | if (state) { |
| 340 | gpr_free(state); |
| 341 | } |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 342 | } |
| 343 | grpc_exec_ctx_finish(&exec_ctx); |
Craig Tiller | 80384bd | 2016-05-06 16:12:31 -0700 | [diff] [blame] | 344 | const char *msg = grpc_error_string(err); |
| 345 | GRPC_ERROR_UNREF(err); |
| 346 | gpr_log(GPR_ERROR, "%s", msg); |
| 347 | grpc_error_free_string(msg); |
Nicolas Noble | b7ebd3b | 2014-11-26 16:33:03 -0800 | [diff] [blame] | 348 | return 0; |
Craig Tiller | 190d360 | 2015-02-18 09:23:38 -0800 | [diff] [blame] | 349 | } |