Classes | Macros | Typedefs | Functions | Variables
ssl_transport_security.cc File Reference
#include <grpc/support/port_platform.h>
#include "src/core/tsi/ssl_transport_security.h"
#include <limits.h>
#include <string.h>
#include <arpa/inet.h>
#include <sys/socket.h>
#include <string>
#include <openssl/bio.h>
#include <openssl/crypto.h>
#include <openssl/engine.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <openssl/tls1.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include "absl/strings/match.h"
#include "absl/strings/string_view.h"
#include <grpc/grpc_security.h>
#include <grpc/support/alloc.h>
#include <grpc/support/log.h>
#include <grpc/support/string_util.h>
#include <grpc/support/sync.h>
#include <grpc/support/thd_id.h>
#include "src/core/lib/gpr/useful.h"
#include "src/core/tsi/ssl/key_logging/ssl_key_logging.h"
#include "src/core/tsi/ssl/session_cache/ssl_session_cache.h"
#include "src/core/tsi/ssl_types.h"
#include "src/core/tsi/transport_security.h"
Include dependency graph for ssl_transport_security.cc:

Go to the source code of this file.

Classes

struct  tsi_ssl_client_handshaker_factory
 
struct  tsi_ssl_frame_protector
 
struct  tsi_ssl_handshaker
 
struct  tsi_ssl_handshaker_factory
 
struct  tsi_ssl_handshaker_result
 
struct  tsi_ssl_root_certs_store
 
struct  tsi_ssl_server_handshaker_factory
 

Macros

#define TSI_OPENSSL_ALPN_SUPPORT   1
 
#define TSI_SSL_HANDSHAKER_OUTGOING_BUFFER_INITIAL_SIZE   1024
 
#define TSI_SSL_MAX_PROTECTED_FRAME_SIZE_LOWER_BOUND   1024
 
#define TSI_SSL_MAX_PROTECTED_FRAME_SIZE_UPPER_BOUND   16384
 
#define TSI_SSL_MAX_PROTECTION_OVERHEAD   100
 

Typedefs

using TlsSessionKeyLogger = tsi::TlsSessionKeyLoggerCache::TlsSessionKeyLogger
 

Functions

static tsi_result add_pem_certificate (X509 *cert, tsi_peer_property *property)
 
static tsi_result add_subject_alt_names_properties_to_peer (tsi_peer *peer, GENERAL_NAMES *subject_alt_names, size_t subject_alt_name_count, int *current_insert_index)
 
static tsi_result build_alpn_protocol_name_list (const char **alpn_protocols, uint16_t num_alpn_protocols, unsigned char **protocol_name_list, size_t *protocol_name_list_length)
 
static int client_handshaker_factory_npn_callback (SSL *, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
 
static tsi_result create_tsi_ssl_handshaker (SSL_CTX *ctx, int is_client, const char *server_name_indication, size_t network_bio_buf_size, size_t ssl_bio_buf_size, tsi_ssl_handshaker_factory *factory, tsi_handshaker **handshaker)
 
static tsi_result do_ssl_read (SSL *ssl, unsigned char *unprotected_bytes, size_t *unprotected_bytes_size)
 
static tsi_result do_ssl_write (SSL *ssl, unsigned char *unprotected_bytes, size_t unprotected_bytes_size)
 
static int does_entry_match_name (absl::string_view entry, absl::string_view name)
 
static void init_openssl (void)
 
static void log_ssl_error_stack (void)
 
static int looks_like_ip_address (absl::string_view name)
 
static int NullVerifyCallback (int, X509_STORE_CTX *)
 
static void openssl_locking_cb (int mode, int type, const char *file, int line) GRPC_UNUSED
 
static unsigned long openssl_thread_id_cb (void) GRPC_UNUSED
 
static tsi_result peer_from_x509 (X509 *cert, int include_certificate_type, tsi_peer *peer)
 
static tsi_result peer_property_from_x509_common_name (X509 *cert, tsi_peer_property *property)
 
static tsi_result peer_property_from_x509_subject (X509 *cert, tsi_peer_property *property)
 
static tsi_result populate_ssl_context (SSL_CTX *context, const tsi_ssl_pem_key_cert_pair *key_cert_pair, const char *cipher_list)
 
static int select_protocol_list (const unsigned char **out, unsigned char *outlen, const unsigned char *client_list, size_t client_list_len, const unsigned char *server_list, size_t server_list_len)
 
static int server_handshaker_factory_alpn_callback (SSL *, const unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
 
static int server_handshaker_factory_new_session_callback (SSL *ssl, SSL_SESSION *session)
 
static int server_handshaker_factory_npn_advertised_callback (SSL *, const unsigned char **out, unsigned int *outlen, void *arg)
 
static tsi_result ssl_bytes_remaining (tsi_ssl_handshaker *impl, unsigned char **bytes_remaining, size_t *bytes_remaining_size)
 
static tsi_result ssl_ctx_load_verification_certs (SSL_CTX *context, const char *pem_roots, size_t pem_roots_size, STACK_OF(X509_NAME) **root_name)
 
static tsi_result ssl_ctx_use_certificate_chain (SSL_CTX *context, const char *pem_cert_chain, size_t pem_cert_chain_size)
 
static tsi_result ssl_ctx_use_engine_private_key (SSL_CTX *context, const char *pem_key, size_t pem_key_size)
 
static tsi_result ssl_ctx_use_pem_private_key (SSL_CTX *context, const char *pem_key, size_t pem_key_size)
 
static tsi_result ssl_ctx_use_private_key (SSL_CTX *context, const char *pem_key, size_t pem_key_size)
 
static const char * ssl_error_string (int error)
 
static tsi_result ssl_get_x509_common_name (X509 *cert, unsigned char **utf8, size_t *utf8_size)
 
static void ssl_handshaker_destroy (tsi_handshaker *self)
 
static tsi_result ssl_handshaker_do_handshake (tsi_ssl_handshaker *impl)
 
static tsi_result ssl_handshaker_get_bytes_to_send_to_peer (tsi_ssl_handshaker *impl, unsigned char *bytes, size_t *bytes_size)
 
static tsi_result ssl_handshaker_get_result (tsi_ssl_handshaker *impl)
 
static tsi_result ssl_handshaker_next (tsi_handshaker *self, const unsigned char *received_bytes, size_t received_bytes_size, const unsigned char **bytes_to_send, size_t *bytes_to_send_size, tsi_handshaker_result **handshaker_result, tsi_handshaker_on_next_done_cb, void *)
 
static tsi_result ssl_handshaker_process_bytes_from_peer (tsi_ssl_handshaker *impl, const unsigned char *bytes, size_t *bytes_size)
 
static tsi_result ssl_handshaker_result_create (tsi_ssl_handshaker *handshaker, unsigned char *unused_bytes, size_t unused_bytes_size, tsi_handshaker_result **handshaker_result)
 
static tsi_result ssl_handshaker_result_create_frame_protector (const tsi_handshaker_result *self, size_t *max_output_protected_frame_size, tsi_frame_protector **protector)
 
static void ssl_handshaker_result_destroy (tsi_handshaker_result *self)
 
static tsi_result ssl_handshaker_result_extract_peer (const tsi_handshaker_result *self, tsi_peer *peer)
 
static tsi_result ssl_handshaker_result_get_frame_protector_type (const tsi_handshaker_result *, tsi_frame_protector_type *frame_protector_type)
 
static tsi_result ssl_handshaker_result_get_unused_bytes (const tsi_handshaker_result *self, const unsigned char **bytes, size_t *bytes_size)
 
static tsi_result ssl_handshaker_write_output_buffer (tsi_handshaker *self, size_t *bytes_written)
 
static void ssl_info_callback (const SSL *ssl, int where, int ret)
 
template<typename T >
static void ssl_keylogging_callback (const SSL *ssl, const char *info)
 
static void ssl_log_where_info (const SSL *ssl, int where, int flag, const char *msg)
 
static void ssl_protector_destroy (tsi_frame_protector *self)
 
static tsi_result ssl_protector_protect (tsi_frame_protector *self, const unsigned char *unprotected_bytes, size_t *unprotected_bytes_size, unsigned char *protected_output_frames, size_t *protected_output_frames_size)
 
static tsi_result ssl_protector_protect_flush (tsi_frame_protector *self, unsigned char *protected_output_frames, size_t *protected_output_frames_size, size_t *still_pending_size)
 
static tsi_result ssl_protector_unprotect (tsi_frame_protector *self, const unsigned char *protected_frames_bytes, size_t *protected_frames_bytes_size, unsigned char *unprotected_bytes, size_t *unprotected_bytes_size)
 
static int ssl_server_handshaker_factory_servername_callback (SSL *ssl, int *, void *arg)
 
tsi_result tsi_create_ssl_client_handshaker_factory (const tsi_ssl_pem_key_cert_pair *pem_key_cert_pair, const char *pem_root_certs, const char *cipher_suites, const char **alpn_protocols, uint16_t num_alpn_protocols, tsi_ssl_client_handshaker_factory **factory)
 
tsi_result tsi_create_ssl_client_handshaker_factory_with_options (const tsi_ssl_client_handshaker_options *options, tsi_ssl_client_handshaker_factory **factory)
 
tsi_result tsi_create_ssl_server_handshaker_factory (const tsi_ssl_pem_key_cert_pair *pem_key_cert_pairs, size_t num_key_cert_pairs, const char *pem_client_root_certs, int force_client_auth, const char *cipher_suites, const char **alpn_protocols, uint16_t num_alpn_protocols, tsi_ssl_server_handshaker_factory **factory)
 
tsi_result tsi_create_ssl_server_handshaker_factory_ex (const tsi_ssl_pem_key_cert_pair *pem_key_cert_pairs, size_t num_key_cert_pairs, const char *pem_client_root_certs, tsi_client_certificate_request_type client_certificate_request, const char *cipher_suites, const char **alpn_protocols, uint16_t num_alpn_protocols, tsi_ssl_server_handshaker_factory **factory)
 
tsi_result tsi_create_ssl_server_handshaker_factory_with_options (const tsi_ssl_server_handshaker_options *options, tsi_ssl_server_handshaker_factory **factory)
 
static tsi_result tsi_set_min_and_max_tls_versions (SSL_CTX *ssl_context, tsi_tls_version min_tls_version, tsi_tls_version max_tls_version)
 
tsi_result tsi_ssl_client_handshaker_factory_create_handshaker (tsi_ssl_client_handshaker_factory *factory, const char *server_name_indication, size_t network_bio_buf_size, size_t ssl_bio_buf_size, tsi_handshaker **handshaker)
 
static void tsi_ssl_client_handshaker_factory_destroy (tsi_ssl_handshaker_factory *factory)
 
void tsi_ssl_client_handshaker_factory_unref (tsi_ssl_client_handshaker_factory *factory)
 
tsi_result tsi_ssl_extract_x509_subject_names_from_pem_cert (const char *pem_cert, tsi_peer *peer)
 
tsi_result tsi_ssl_get_cert_chain_contents (STACK_OF(X509) *peer_chain, tsi_peer_property *property)
 
static void tsi_ssl_handshaker_factory_destroy (tsi_ssl_handshaker_factory *factory)
 
static void tsi_ssl_handshaker_factory_init (tsi_ssl_handshaker_factory *factory)
 
static tsi_ssl_handshaker_factorytsi_ssl_handshaker_factory_ref (tsi_ssl_handshaker_factory *factory)
 
const tsi_ssl_handshaker_factory_vtabletsi_ssl_handshaker_factory_swap_vtable (tsi_ssl_handshaker_factory *factory, tsi_ssl_handshaker_factory_vtable *new_vtable)
 
static void tsi_ssl_handshaker_factory_unref (tsi_ssl_handshaker_factory *factory)
 
static void tsi_ssl_handshaker_resume_session (SSL *ssl, tsi::SslSessionLRUCache *session_cache)
 
int tsi_ssl_peer_matches_name (const tsi_peer *peer, absl::string_view name)
 
tsi_ssl_root_certs_storetsi_ssl_root_certs_store_create (const char *pem_roots)
 
void tsi_ssl_root_certs_store_destroy (tsi_ssl_root_certs_store *self)
 
tsi_result tsi_ssl_server_handshaker_factory_create_handshaker (tsi_ssl_server_handshaker_factory *factory, size_t network_bio_buf_size, size_t ssl_bio_buf_size, tsi_handshaker **handshaker)
 
static void tsi_ssl_server_handshaker_factory_destroy (tsi_ssl_handshaker_factory *factory)
 
void tsi_ssl_server_handshaker_factory_unref (tsi_ssl_server_handshaker_factory *factory)
 
tsi_ssl_session_cachetsi_ssl_session_cache_create_lru (size_t capacity)
 
void tsi_ssl_session_cache_ref (tsi_ssl_session_cache *cache)
 
void tsi_ssl_session_cache_unref (tsi_ssl_session_cache *cache)
 
static int verify_cb (int ok, X509_STORE_CTX *ctx)
 
static tsi_result x509_store_load_certs (X509_STORE *cert_store, const char *pem_roots, size_t pem_roots_size, STACK_OF(X509_NAME) **root_names)
 

Variables

static tsi_ssl_handshaker_factory_vtable client_handshaker_factory_vtable
 
static const tsi_frame_protector_vtable frame_protector_vtable
 
static gpr_once g_init_openssl_once = GPR_ONCE_INIT
 
static gpr_mug_openssl_mutexes = nullptr
 
static int g_ssl_ctx_ex_factory_index = -1
 
static tsi_ssl_handshaker_factory_vtable handshaker_factory_vtable = {nullptr}
 
static const tsi_handshaker_result_vtable handshaker_result_vtable
 
static const tsi_handshaker_vtable handshaker_vtable
 
static const char kSslEnginePrefix [] = "engine:"
 
static const unsigned char kSslSessionIdContext [] = {'g', 'r', 'p', 'c'}
 
static tsi_ssl_handshaker_factory_vtable server_handshaker_factory_vtable
 

Macro Definition Documentation

◆ TSI_OPENSSL_ALPN_SUPPORT

#define TSI_OPENSSL_ALPN_SUPPORT   1

Definition at line 73 of file ssl_transport_security.cc.

◆ TSI_SSL_HANDSHAKER_OUTGOING_BUFFER_INITIAL_SIZE

#define TSI_SSL_HANDSHAKER_OUTGOING_BUFFER_INITIAL_SIZE   1024

Definition at line 67 of file ssl_transport_security.cc.

◆ TSI_SSL_MAX_PROTECTED_FRAME_SIZE_LOWER_BOUND

#define TSI_SSL_MAX_PROTECTED_FRAME_SIZE_LOWER_BOUND   1024

Definition at line 66 of file ssl_transport_security.cc.

◆ TSI_SSL_MAX_PROTECTED_FRAME_SIZE_UPPER_BOUND

#define TSI_SSL_MAX_PROTECTED_FRAME_SIZE_UPPER_BOUND   16384

Definition at line 65 of file ssl_transport_security.cc.

◆ TSI_SSL_MAX_PROTECTION_OVERHEAD

#define TSI_SSL_MAX_PROTECTION_OVERHEAD   100

Definition at line 78 of file ssl_transport_security.cc.

Typedef Documentation

◆ TlsSessionKeyLogger

using TlsSessionKeyLogger = tsi::TlsSessionKeyLoggerCache::TlsSessionKeyLogger

Definition at line 80 of file ssl_transport_security.cc.

Function Documentation

◆ add_pem_certificate()

static tsi_result add_pem_certificate ( X509 cert,
tsi_peer_property property 
)
static

Definition at line 354 of file ssl_transport_security.cc.

◆ add_subject_alt_names_properties_to_peer()

static tsi_result add_subject_alt_names_properties_to_peer ( tsi_peer peer,
GENERAL_NAMES *  subject_alt_names,
size_t  subject_alt_name_count,
int current_insert_index 
)
static

Definition at line 373 of file ssl_transport_security.cc.

◆ build_alpn_protocol_name_list()

static tsi_result build_alpn_protocol_name_list ( const char **  alpn_protocols,
uint16_t  num_alpn_protocols,
unsigned char **  protocol_name_list,
size_t *  protocol_name_list_length 
)
static

Definition at line 898 of file ssl_transport_security.cc.

◆ client_handshaker_factory_npn_callback()

static int client_handshaker_factory_npn_callback ( SSL ,
unsigned char **  out,
unsigned char *  outlen,
const unsigned char *  in,
unsigned int  inlen,
void *  arg 
)
static

Definition at line 1801 of file ssl_transport_security.cc.

◆ create_tsi_ssl_handshaker()

static tsi_result create_tsi_ssl_handshaker ( SSL_CTX ctx,
int  is_client,
const char *  server_name_indication,
size_t  network_bio_buf_size,
size_t  ssl_bio_buf_size,
tsi_ssl_handshaker_factory factory,
tsi_handshaker **  handshaker 
)
static

Definition at line 1670 of file ssl_transport_security.cc.

◆ do_ssl_read()

static tsi_result do_ssl_read ( SSL ssl,
unsigned char *  unprotected_bytes,
size_t *  unprotected_bytes_size 
)
static

Definition at line 536 of file ssl_transport_security.cc.

◆ do_ssl_write()

static tsi_result do_ssl_write ( SSL ssl,
unsigned char *  unprotected_bytes,
size_t  unprotected_bytes_size 
)
static

Definition at line 569 of file ssl_transport_security.cc.

◆ does_entry_match_name()

static int does_entry_match_name ( absl::string_view  entry,
absl::string_view  name 
)
static

Definition at line 1851 of file ssl_transport_security.cc.

◆ init_openssl()

static void init_openssl ( void  )
static

Definition at line 167 of file ssl_transport_security.cc.

◆ log_ssl_error_stack()

static void log_ssl_error_stack ( void  )
static

Definition at line 526 of file ssl_transport_security.cc.

◆ looks_like_ip_address()

static int looks_like_ip_address ( absl::string_view  name)
static

Definition at line 245 of file ssl_transport_security.cc.

◆ NullVerifyCallback()

static int NullVerifyCallback ( int  ,
X509_STORE_CTX  
)
static

Definition at line 939 of file ssl_transport_security.cc.

◆ openssl_locking_cb()

static void openssl_locking_cb ( int  mode,
int  type,
const char *  file,
int  line 
)
static

Definition at line 154 of file ssl_transport_security.cc.

◆ openssl_thread_id_cb()

static unsigned long openssl_thread_id_cb ( void  )
static

Definition at line 162 of file ssl_transport_security.cc.

◆ peer_from_x509()

static tsi_result peer_from_x509 ( X509 cert,
int  include_certificate_type,
tsi_peer peer 
)
static

Definition at line 456 of file ssl_transport_security.cc.

◆ peer_property_from_x509_common_name()

static tsi_result peer_property_from_x509_common_name ( X509 cert,
tsi_peer_property property 
)
static

Definition at line 307 of file ssl_transport_security.cc.

◆ peer_property_from_x509_subject()

static tsi_result peer_property_from_x509_subject ( X509 cert,
tsi_peer_property property 
)
static

Definition at line 330 of file ssl_transport_security.cc.

◆ populate_ssl_context()

static tsi_result populate_ssl_context ( SSL_CTX context,
const tsi_ssl_pem_key_cert_pair key_cert_pair,
const char *  cipher_list 
)
static

Definition at line 836 of file ssl_transport_security.cc.

◆ select_protocol_list()

static int select_protocol_list ( const unsigned char **  out,
unsigned char *  outlen,
const unsigned char *  client_list,
size_t  client_list_len,
const unsigned char *  server_list,
size_t  server_list_len 
)
static

Definition at line 1744 of file ssl_transport_security.cc.

◆ server_handshaker_factory_alpn_callback()

static int server_handshaker_factory_alpn_callback ( SSL ,
const unsigned char **  out,
unsigned char *  outlen,
const unsigned char *  in,
unsigned int  inlen,
void *  arg 
)
static

Definition at line 1915 of file ssl_transport_security.cc.

◆ server_handshaker_factory_new_session_callback()

static int server_handshaker_factory_new_session_callback ( SSL ssl,
SSL_SESSION session 
)
static

This callback is called when new session is established and ready to be cached. This session can be reused for new connections to similar servers at later point of time. It's intended to be used with SSL_CTX_sess_set_new_cb function.

It returns 1 if callback takes ownership over session and 0 otherwise.

Definition at line 1942 of file ssl_transport_security.cc.

◆ server_handshaker_factory_npn_advertised_callback()

static int server_handshaker_factory_npn_advertised_callback ( SSL ,
const unsigned char **  out,
unsigned int outlen,
void *  arg 
)
static

Definition at line 1926 of file ssl_transport_security.cc.

◆ ssl_bytes_remaining()

static tsi_result ssl_bytes_remaining ( tsi_ssl_handshaker impl,
unsigned char **  bytes_remaining,
size_t *  bytes_remaining_size 
)
static

Definition at line 1533 of file ssl_transport_security.cc.

◆ ssl_ctx_load_verification_certs()

static tsi_result ssl_ctx_load_verification_certs ( SSL_CTX context,
const char *  pem_roots,
size_t  pem_roots_size,
STACK_OF(X509_NAME) **  root_name 
)
static

Definition at line 822 of file ssl_transport_security.cc.

◆ ssl_ctx_use_certificate_chain()

static tsi_result ssl_ctx_use_certificate_chain ( SSL_CTX context,
const char *  pem_cert_chain,
size_t  pem_cert_chain_size 
)
static

Definition at line 591 of file ssl_transport_security.cc.

◆ ssl_ctx_use_engine_private_key()

static tsi_result ssl_ctx_use_engine_private_key ( SSL_CTX context,
const char *  pem_key,
size_t  pem_key_size 
)
static

Definition at line 637 of file ssl_transport_security.cc.

◆ ssl_ctx_use_pem_private_key()

static tsi_result ssl_ctx_use_pem_private_key ( SSL_CTX context,
const char *  pem_key,
size_t  pem_key_size 
)
static

Definition at line 711 of file ssl_transport_security.cc.

◆ ssl_ctx_use_private_key()

static tsi_result ssl_ctx_use_private_key ( SSL_CTX context,
const char *  pem_key,
size_t  pem_key_size 
)
static

Definition at line 738 of file ssl_transport_security.cc.

◆ ssl_error_string()

static const char* ssl_error_string ( int  error)
static

Definition at line 197 of file ssl_transport_security.cc.

◆ ssl_get_x509_common_name()

static tsi_result ssl_get_x509_common_name ( X509 cert,
unsigned char **  utf8,
size_t *  utf8_size 
)
static

Definition at line 269 of file ssl_transport_security.cc.

◆ ssl_handshaker_destroy()

static void ssl_handshaker_destroy ( tsi_handshaker self)
static

Definition at line 1522 of file ssl_transport_security.cc.

◆ ssl_handshaker_do_handshake()

static tsi_result ssl_handshaker_do_handshake ( tsi_ssl_handshaker impl)
static

Definition at line 1471 of file ssl_transport_security.cc.

◆ ssl_handshaker_get_bytes_to_send_to_peer()

static tsi_result ssl_handshaker_get_bytes_to_send_to_peer ( tsi_ssl_handshaker impl,
unsigned char *  bytes,
size_t *  bytes_size 
)
static

Definition at line 1441 of file ssl_transport_security.cc.

◆ ssl_handshaker_get_result()

static tsi_result ssl_handshaker_get_result ( tsi_ssl_handshaker impl)
static

Definition at line 1463 of file ssl_transport_security.cc.

◆ ssl_handshaker_next()

static tsi_result ssl_handshaker_next ( tsi_handshaker self,
const unsigned char *  received_bytes,
size_t  received_bytes_size,
const unsigned char **  bytes_to_send,
size_t *  bytes_to_send_size,
tsi_handshaker_result **  handshaker_result,
tsi_handshaker_on_next_done_cb  ,
void *   
)
static

Definition at line 1585 of file ssl_transport_security.cc.

◆ ssl_handshaker_process_bytes_from_peer()

static tsi_result ssl_handshaker_process_bytes_from_peer ( tsi_ssl_handshaker impl,
const unsigned char *  bytes,
size_t *  bytes_size 
)
static

Definition at line 1504 of file ssl_transport_security.cc.

◆ ssl_handshaker_result_create()

static tsi_result ssl_handshaker_result_create ( tsi_ssl_handshaker handshaker,
unsigned char *  unused_bytes,
size_t  unused_bytes_size,
tsi_handshaker_result **  handshaker_result 
)
static

Definition at line 1417 of file ssl_transport_security.cc.

◆ ssl_handshaker_result_create_frame_protector()

static tsi_result ssl_handshaker_result_create_frame_protector ( const tsi_handshaker_result self,
size_t *  max_output_protected_frame_size,
tsi_frame_protector **  protector 
)
static

Definition at line 1344 of file ssl_transport_security.cc.

◆ ssl_handshaker_result_destroy()

static void ssl_handshaker_result_destroy ( tsi_handshaker_result self)
static

Definition at line 1399 of file ssl_transport_security.cc.

◆ ssl_handshaker_result_extract_peer()

static tsi_result ssl_handshaker_result_extract_peer ( const tsi_handshaker_result self,
tsi_peer peer 
)
static

Definition at line 1270 of file ssl_transport_security.cc.

◆ ssl_handshaker_result_get_frame_protector_type()

static tsi_result ssl_handshaker_result_get_frame_protector_type ( const tsi_handshaker_result ,
tsi_frame_protector_type frame_protector_type 
)
static

Definition at line 1337 of file ssl_transport_security.cc.

◆ ssl_handshaker_result_get_unused_bytes()

static tsi_result ssl_handshaker_result_get_unused_bytes ( const tsi_handshaker_result self,
const unsigned char **  bytes,
size_t *  bytes_size 
)
static

Definition at line 1389 of file ssl_transport_security.cc.

◆ ssl_handshaker_write_output_buffer()

static tsi_result ssl_handshaker_write_output_buffer ( tsi_handshaker self,
size_t *  bytes_written 
)
static

Definition at line 1565 of file ssl_transport_security.cc.

◆ ssl_info_callback()

static void ssl_info_callback ( const SSL ssl,
int  where,
int  ret 
)
static

Definition at line 232 of file ssl_transport_security.cc.

◆ ssl_keylogging_callback()

template<typename T >
static void ssl_keylogging_callback ( const SSL ssl,
const char *  info 
)
static

This callback is invoked at client or server when ssl/tls handshakes complete and keylogging is enabled.

Definition at line 1963 of file ssl_transport_security.cc.

◆ ssl_log_where_info()

static void ssl_log_where_info ( const SSL ssl,
int  where,
int  flag,
const char *  msg 
)
static

Definition at line 223 of file ssl_transport_security.cc.

◆ ssl_protector_destroy()

static void ssl_protector_destroy ( tsi_frame_protector self)
static

Definition at line 1187 of file ssl_transport_security.cc.

◆ ssl_protector_protect()

static tsi_result ssl_protector_protect ( tsi_frame_protector self,
const unsigned char *  unprotected_bytes,
size_t *  unprotected_bytes_size,
unsigned char *  protected_output_frames,
size_t *  protected_output_frames_size 
)
static

Definition at line 1054 of file ssl_transport_security.cc.

◆ ssl_protector_protect_flush()

static tsi_result ssl_protector_protect_flush ( tsi_frame_protector self,
unsigned char *  protected_output_frames,
size_t *  protected_output_frames_size,
size_t *  still_pending_size 
)
static

Definition at line 1110 of file ssl_transport_security.cc.

◆ ssl_protector_unprotect()

static tsi_result ssl_protector_unprotect ( tsi_frame_protector self,
const unsigned char *  protected_frames_bytes,
size_t *  protected_frames_bytes_size,
unsigned char *  unprotected_bytes,
size_t *  unprotected_bytes_size 
)
static

Definition at line 1144 of file ssl_transport_security.cc.

◆ ssl_server_handshaker_factory_servername_callback()

static int ssl_server_handshaker_factory_servername_callback ( SSL ssl,
int ,
void *  arg 
)
static

Definition at line 1892 of file ssl_transport_security.cc.

◆ tsi_create_ssl_client_handshaker_factory()

tsi_result tsi_create_ssl_client_handshaker_factory ( const tsi_ssl_pem_key_cert_pair pem_key_cert_pair,
const char *  pem_root_certs,
const char *  cipher_suites,
const char **  alpn_protocols,
uint16_t  num_alpn_protocols,
tsi_ssl_client_handshaker_factory **  factory 
)

Definition at line 1992 of file ssl_transport_security.cc.

◆ tsi_create_ssl_client_handshaker_factory_with_options()

tsi_result tsi_create_ssl_client_handshaker_factory_with_options ( const tsi_ssl_client_handshaker_options options,
tsi_ssl_client_handshaker_factory **  factory 
)

Definition at line 2007 of file ssl_transport_security.cc.

◆ tsi_create_ssl_server_handshaker_factory()

tsi_result tsi_create_ssl_server_handshaker_factory ( const tsi_ssl_pem_key_cert_pair pem_key_cert_pairs,
size_t  num_key_cert_pairs,
const char *  pem_client_root_certs,
int  force_client_auth,
const char *  cipher_suites,
const char **  alpn_protocols,
uint16_t  num_alpn_protocols,
tsi_ssl_server_handshaker_factory **  factory 
)

Definition at line 2148 of file ssl_transport_security.cc.

◆ tsi_create_ssl_server_handshaker_factory_ex()

tsi_result tsi_create_ssl_server_handshaker_factory_ex ( const tsi_ssl_pem_key_cert_pair pem_key_cert_pairs,
size_t  num_key_cert_pairs,
const char *  pem_client_root_certs,
tsi_client_certificate_request_type  client_certificate_request,
const char *  cipher_suites,
const char **  alpn_protocols,
uint16_t  num_alpn_protocols,
tsi_ssl_server_handshaker_factory **  factory 
)

Definition at line 2161 of file ssl_transport_security.cc.

◆ tsi_create_ssl_server_handshaker_factory_with_options()

tsi_result tsi_create_ssl_server_handshaker_factory_with_options ( const tsi_ssl_server_handshaker_options options,
tsi_ssl_server_handshaker_factory **  factory 
)

Definition at line 2179 of file ssl_transport_security.cc.

◆ tsi_set_min_and_max_tls_versions()

static tsi_result tsi_set_min_and_max_tls_versions ( SSL_CTX ssl_context,
tsi_tls_version  min_tls_version,
tsi_tls_version  max_tls_version 
)
static

Definition at line 946 of file ssl_transport_security.cc.

◆ tsi_ssl_client_handshaker_factory_create_handshaker()

tsi_result tsi_ssl_client_handshaker_factory_create_handshaker ( tsi_ssl_client_handshaker_factory factory,
const char *  server_name_indication,
size_t  network_bio_buf_size,
size_t  ssl_bio_buf_size,
tsi_handshaker **  handshaker 
)

Definition at line 1774 of file ssl_transport_security.cc.

◆ tsi_ssl_client_handshaker_factory_destroy()

static void tsi_ssl_client_handshaker_factory_destroy ( tsi_ssl_handshaker_factory factory)
static

Definition at line 1789 of file ssl_transport_security.cc.

◆ tsi_ssl_client_handshaker_factory_unref()

void tsi_ssl_client_handshaker_factory_unref ( tsi_ssl_client_handshaker_factory factory)

Definition at line 1783 of file ssl_transport_security.cc.

◆ tsi_ssl_extract_x509_subject_names_from_pem_cert()

tsi_result tsi_ssl_extract_x509_subject_names_from_pem_cert ( const char *  pem_cert,
tsi_peer peer 
)

Definition at line 877 of file ssl_transport_security.cc.

◆ tsi_ssl_get_cert_chain_contents()

tsi_result tsi_ssl_get_cert_chain_contents ( STACK_OF(X509) *  peer_chain,
tsi_peer_property property 
)

Definition at line 1246 of file ssl_transport_security.cc.

◆ tsi_ssl_handshaker_factory_destroy()

static void tsi_ssl_handshaker_factory_destroy ( tsi_ssl_handshaker_factory factory)
static

Definition at line 1205 of file ssl_transport_security.cc.

◆ tsi_ssl_handshaker_factory_init()

static void tsi_ssl_handshaker_factory_init ( tsi_ssl_handshaker_factory factory)
static

Definition at line 1237 of file ssl_transport_security.cc.

◆ tsi_ssl_handshaker_factory_ref()

static tsi_ssl_handshaker_factory* tsi_ssl_handshaker_factory_ref ( tsi_ssl_handshaker_factory factory)
static

Definition at line 1217 of file ssl_transport_security.cc.

◆ tsi_ssl_handshaker_factory_swap_vtable()

const tsi_ssl_handshaker_factory_vtable* tsi_ssl_handshaker_factory_swap_vtable ( tsi_ssl_handshaker_factory factory,
tsi_ssl_handshaker_factory_vtable new_vtable 
)

Definition at line 2408 of file ssl_transport_security.cc.

◆ tsi_ssl_handshaker_factory_unref()

static void tsi_ssl_handshaker_factory_unref ( tsi_ssl_handshaker_factory factory)
static

Definition at line 1224 of file ssl_transport_security.cc.

◆ tsi_ssl_handshaker_resume_session()

static void tsi_ssl_handshaker_resume_session ( SSL ssl,
tsi::SslSessionLRUCache session_cache 
)
static

Definition at line 1657 of file ssl_transport_security.cc.

◆ tsi_ssl_peer_matches_name()

int tsi_ssl_peer_matches_name ( const tsi_peer peer,
absl::string_view  name 
)

Definition at line 2368 of file ssl_transport_security.cc.

◆ tsi_ssl_root_certs_store_create()

tsi_ssl_root_certs_store* tsi_ssl_root_certs_store_create ( const char *  pem_roots)

Definition at line 1000 of file ssl_transport_security.cc.

◆ tsi_ssl_root_certs_store_destroy()

void tsi_ssl_root_certs_store_destroy ( tsi_ssl_root_certs_store self)

Definition at line 1029 of file ssl_transport_security.cc.

◆ tsi_ssl_server_handshaker_factory_create_handshaker()

tsi_result tsi_ssl_server_handshaker_factory_create_handshaker ( tsi_ssl_server_handshaker_factory factory,
size_t  network_bio_buf_size,
size_t  ssl_bio_buf_size,
tsi_handshaker **  handshaker 
)

Definition at line 1813 of file ssl_transport_security.cc.

◆ tsi_ssl_server_handshaker_factory_destroy()

static void tsi_ssl_server_handshaker_factory_destroy ( tsi_ssl_handshaker_factory factory)
static

Definition at line 1830 of file ssl_transport_security.cc.

◆ tsi_ssl_server_handshaker_factory_unref()

void tsi_ssl_server_handshaker_factory_unref ( tsi_ssl_server_handshaker_factory factory)

Definition at line 1824 of file ssl_transport_security.cc.

◆ tsi_ssl_session_cache_create_lru()

tsi_ssl_session_cache* tsi_ssl_session_cache_create_lru ( size_t  capacity)

Definition at line 1037 of file ssl_transport_security.cc.

◆ tsi_ssl_session_cache_ref()

void tsi_ssl_session_cache_ref ( tsi_ssl_session_cache cache)

Definition at line 1043 of file ssl_transport_security.cc.

◆ tsi_ssl_session_cache_unref()

void tsi_ssl_session_cache_unref ( tsi_ssl_session_cache cache)

Definition at line 1048 of file ssl_transport_security.cc.

◆ verify_cb()

static int verify_cb ( int  ok,
X509_STORE_CTX ctx 
)
static

Definition at line 1973 of file ssl_transport_security.cc.

◆ x509_store_load_certs()

static tsi_result x509_store_load_certs ( X509_STORE cert_store,
const char *  pem_roots,
size_t  pem_roots_size,
STACK_OF(X509_NAME) **  root_names 
)
static

Definition at line 753 of file ssl_transport_security.cc.

Variable Documentation

◆ client_handshaker_factory_vtable

tsi_ssl_handshaker_factory_vtable client_handshaker_factory_vtable
static
Initial value:
= {
tsi_ssl_client_handshaker_factory_destroy}

Definition at line 1989 of file ssl_transport_security.cc.

◆ frame_protector_vtable

const tsi_frame_protector_vtable frame_protector_vtable
static
Initial value:
= {
ssl_protector_protect,
ssl_protector_protect_flush,
ssl_protector_unprotect,
ssl_protector_destroy,
}

Definition at line 1196 of file ssl_transport_security.cc.

◆ g_init_openssl_once

gpr_once g_init_openssl_once = GPR_ONCE_INIT
static

Definition at line 141 of file ssl_transport_security.cc.

◆ g_openssl_mutexes

gpr_mu* g_openssl_mutexes = nullptr
static

Definition at line 149 of file ssl_transport_security.cc.

◆ g_ssl_ctx_ex_factory_index

int g_ssl_ctx_ex_factory_index = -1
static

Definition at line 142 of file ssl_transport_security.cc.

◆ handshaker_factory_vtable

tsi_ssl_handshaker_factory_vtable handshaker_factory_vtable = {nullptr}
static

Definition at line 1233 of file ssl_transport_security.cc.

◆ handshaker_result_vtable

const tsi_handshaker_result_vtable handshaker_result_vtable
static
Initial value:
= {
ssl_handshaker_result_extract_peer,
ssl_handshaker_result_get_frame_protector_type,
nullptr,
ssl_handshaker_result_create_frame_protector,
ssl_handshaker_result_get_unused_bytes,
ssl_handshaker_result_destroy,
}

Definition at line 1408 of file ssl_transport_security.cc.

◆ handshaker_vtable

const tsi_handshaker_vtable handshaker_vtable
static
Initial value:
= {
nullptr,
nullptr,
nullptr,
nullptr,
nullptr,
ssl_handshaker_destroy,
ssl_handshaker_next,
nullptr,
}

Definition at line 1644 of file ssl_transport_security.cc.

◆ kSslEnginePrefix

const char kSslEnginePrefix[] = "engine:"
static

Definition at line 145 of file ssl_transport_security.cc.

◆ kSslSessionIdContext

const unsigned char kSslSessionIdContext[] = {'g', 'r', 'p', 'c'}
static

Definition at line 143 of file ssl_transport_security.cc.

◆ server_handshaker_factory_vtable

tsi_ssl_handshaker_factory_vtable server_handshaker_factory_vtable
static
Initial value:
= {
tsi_ssl_server_handshaker_factory_destroy}

Definition at line 2145 of file ssl_transport_security.cc.

ssl_handshaker_destroy
static void ssl_handshaker_destroy(tsi_handshaker *self)
Definition: ssl_transport_security.cc:1522
ssl_handshaker_result_extract_peer
static tsi_result ssl_handshaker_result_extract_peer(const tsi_handshaker_result *self, tsi_peer *peer)
Definition: ssl_transport_security.cc:1270
ssl_handshaker_result_get_unused_bytes
static tsi_result ssl_handshaker_result_get_unused_bytes(const tsi_handshaker_result *self, const unsigned char **bytes, size_t *bytes_size)
Definition: ssl_transport_security.cc:1389
ssl_handshaker_next
static tsi_result ssl_handshaker_next(tsi_handshaker *self, const unsigned char *received_bytes, size_t received_bytes_size, const unsigned char **bytes_to_send, size_t *bytes_to_send_size, tsi_handshaker_result **handshaker_result, tsi_handshaker_on_next_done_cb, void *)
Definition: ssl_transport_security.cc:1585
ssl_handshaker_result_create_frame_protector
static tsi_result ssl_handshaker_result_create_frame_protector(const tsi_handshaker_result *self, size_t *max_output_protected_frame_size, tsi_frame_protector **protector)
Definition: ssl_transport_security.cc:1344
tsi_ssl_server_handshaker_factory_destroy
static void tsi_ssl_server_handshaker_factory_destroy(tsi_ssl_handshaker_factory *factory)
Definition: ssl_transport_security.cc:1830
ssl_protector_unprotect
static tsi_result ssl_protector_unprotect(tsi_frame_protector *self, const unsigned char *protected_frames_bytes, size_t *protected_frames_bytes_size, unsigned char *unprotected_bytes, size_t *unprotected_bytes_size)
Definition: ssl_transport_security.cc:1144
tsi_ssl_client_handshaker_factory_destroy
static void tsi_ssl_client_handshaker_factory_destroy(tsi_ssl_handshaker_factory *factory)
Definition: ssl_transport_security.cc:1789
ssl_protector_protect_flush
static tsi_result ssl_protector_protect_flush(tsi_frame_protector *self, unsigned char *protected_output_frames, size_t *protected_output_frames_size, size_t *still_pending_size)
Definition: ssl_transport_security.cc:1110
ssl_protector_protect
static tsi_result ssl_protector_protect(tsi_frame_protector *self, const unsigned char *unprotected_bytes, size_t *unprotected_bytes_size, unsigned char *protected_output_frames, size_t *protected_output_frames_size)
Definition: ssl_transport_security.cc:1054
ssl_protector_destroy
static void ssl_protector_destroy(tsi_frame_protector *self)
Definition: ssl_transport_security.cc:1187
ssl_handshaker_result_get_frame_protector_type
static tsi_result ssl_handshaker_result_get_frame_protector_type(const tsi_handshaker_result *, tsi_frame_protector_type *frame_protector_type)
Definition: ssl_transport_security.cc:1337
ssl_handshaker_result_destroy
static void ssl_handshaker_result_destroy(tsi_handshaker_result *self)
Definition: ssl_transport_security.cc:1399

grpc
Author(s):
autogenerated on Fri May 16 2025 03:01:31