3 // Copyright 2020 gRPC authors.
5 // Licensed under the Apache License, Version 2.0 (the "License");
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
9 // http://www.apache.org/licenses/LICENSE-2.0
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
19 #include <grpc/support/port_platform.h>
21 #include "src/core/lib/security/security_connector/insecure/insecure_security_connector.h"
23 #include "src/core/lib/gprpp/ref_counted_ptr.h"
24 #include "src/core/lib/security/transport/security_handshaker.h"
25 #include "src/core/tsi/local_transport_security.h"
29 const char kInsecureTransportSecurityType[] = "insecure";
31 // check_call_host and cancel_check_call_host are no-ops since we want to
32 // provide an insecure channel.
33 bool InsecureChannelSecurityConnector::check_call_host(
34 absl::string_view host, grpc_auth_context* auth_context,
35 grpc_closure* on_call_host_checked, grpc_error** error) {
36 *error = GRPC_ERROR_NONE;
40 void InsecureChannelSecurityConnector::cancel_check_call_host(
41 grpc_closure* on_call_host_checked, grpc_error* error) {
42 GRPC_ERROR_UNREF(error);
45 // add_handshakers should have been a no-op but we need to add a minimalist
46 // security handshaker so that check_peer is invoked and an auth_context is
47 // created with the security level of TSI_SECURITY_NONE.
48 void InsecureChannelSecurityConnector::add_handshakers(
49 const grpc_channel_args* args, grpc_pollset_set* /* interested_parties */,
50 HandshakeManager* handshake_manager) {
51 tsi_handshaker* handshaker = nullptr;
52 // Re-use local_tsi_handshaker_create as a minimalist handshaker.
53 GPR_ASSERT(tsi_local_handshaker_create(true /* is_client */, &handshaker) ==
55 handshake_manager->Add(SecurityHandshakerCreate(handshaker, this, args));
58 void InsecureChannelSecurityConnector::check_peer(
59 tsi_peer peer, grpc_endpoint* ep,
60 RefCountedPtr<grpc_auth_context>* auth_context,
61 grpc_closure* on_peer_checked) {
62 *auth_context = MakeAuthContext();
63 tsi_peer_destruct(&peer);
64 ExecCtx::Run(DEBUG_LOCATION, on_peer_checked, GRPC_ERROR_NONE);
67 int InsecureChannelSecurityConnector::cmp(
68 const grpc_security_connector* other_sc) const {
69 return channel_security_connector_cmp(
70 static_cast<const grpc_channel_security_connector*>(other_sc));
73 RefCountedPtr<grpc_auth_context>
74 InsecureChannelSecurityConnector::MakeAuthContext() {
75 auto ctx = MakeRefCounted<grpc_auth_context>(nullptr);
76 grpc_auth_context_add_cstring_property(
77 ctx.get(), GRPC_TRANSPORT_SECURITY_TYPE_PROPERTY_NAME,
78 kInsecureTransportSecurityType);
79 GPR_ASSERT(grpc_auth_context_set_peer_identity_property_name(
80 ctx.get(), GRPC_TRANSPORT_SECURITY_TYPE_PROPERTY_NAME) == 1);
81 const char* security_level = tsi_security_level_to_string(TSI_SECURITY_NONE);
82 grpc_auth_context_add_property(ctx.get(),
83 GRPC_TRANSPORT_SECURITY_LEVEL_PROPERTY_NAME,
84 security_level, strlen(security_level));
88 } // namespace grpc_core