#20254

/*
 * Copyright 2020 The gRPC Authors
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package io.grpc.xds.internal.security;

import static com.google.common.base.Preconditions.checkNotNull;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.MoreObjects;
import io.grpc.xds.EnvoyServerProtoData.BaseTlsContext;
import io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext;
import io.grpc.xds.EnvoyServerProtoData.UpstreamTlsContext;
import io.grpc.xds.TlsContextManager;
import io.netty.handler.ssl.SslContext;
import java.util.AbstractMap;
import java.util.Objects;
import javax.net.ssl.X509TrustManager;

/**
 * Enables Client or server side to initialize this object with the received {@link BaseTlsContext}
 * and communicate it to the consumer i.e. {@link SecurityProtocolNegotiators}
 * to lazily evaluate the {@link SslContextProvider}. The supplier prevents credentials leakage in
 * cases where the user is not using xDS credentials but the client/server contains a non-default
 * {@link BaseTlsContext}.
 */
public final class SslContextProviderSupplier implements Closeable {

  private final BaseTlsContext tlsContext;
  private final TlsContextManager tlsContextManager;
  private SslContextProvider sslContextProvider;
  private boolean shutdown;

  public SslContextProviderSupplier(
      BaseTlsContext tlsContext, TlsContextManager tlsContextManager) {
    this.tlsContext = checkNotNull(tlsContext, "tlsContext");
    this.tlsContextManager = checkNotNull(tlsContextManager, "tlsContextManager");
  }

  public BaseTlsContext getTlsContext() {
    return tlsContext;
  }

  /** Updates SslContext via the passed callback. */
  public synchronized void updateSslContext(
      final SslContextProvider.Callback callback, boolean autoSniSanValidationDoesNotApply) {
    checkNotNull(callback, "callback");
    try {
      if (!shutdown) {
        if (sslContextProvider == null) {
          sslContextProvider = getSslContextProvider(autoSniSanValidationDoesNotApply);
        }
      }
      // we want to increment the ref-count so call findOrCreate again...
      final SslContextProvider toRelease = getSslContextProvider(autoSniSanValidationDoesNotApply);
      toRelease.addCallback(
          new SslContextProvider.Callback(callback.getExecutor()) {

            @Override
            public void updateSslContextAndExtendedX509TrustManager(
                AbstractMap.SimpleImmutableEntry<SslContext, X509TrustManager> sslContextAndTm) {
              callback.updateSslContextAndExtendedX509TrustManager(sslContextAndTm);
              releaseSslContextProvider(toRelease);
            }

            @Override
            public void onException(Throwable throwable) {
              callback.onException(throwable);
              releaseSslContextProvider(toRelease);
            }
          });
    } catch (final Throwable throwable) {
      callback.getExecutor().execute(new Runnable() {
        @Override
        public void run() {
          callback.onException(throwable);
        }
      });
    }
  }

  private void releaseSslContextProvider(SslContextProvider toRelease) {
    if (tlsContext instanceof UpstreamTlsContext) {
      tlsContextManager.releaseClientSslContextProvider(toRelease);
    } else {
      tlsContextManager.releaseServerSslContextProvider(toRelease);
    }
  }

  private SslContextProvider getSslContextProvider(boolean autoSniSanValidationDoesNotApply) {
    if (tlsContext instanceof UpstreamTlsContext) {
      UpstreamTlsContext upstreamTlsContext = (UpstreamTlsContext) tlsContext;
      if (autoSniSanValidationDoesNotApply && upstreamTlsContext.getAutoSniSanValidation()) {
        upstreamTlsContext = new UpstreamTlsContext(
            upstreamTlsContext.getCommonTlsContext(),
            upstreamTlsContext.getSni(),
            upstreamTlsContext.getAutoHostSni(),
            false);
      }
      return tlsContextManager.findOrCreateClientSslContextProvider(upstreamTlsContext);
    }
    return tlsContextManager.findOrCreateServerSslContextProvider(
        (DownstreamTlsContext) tlsContext);
  }

  @VisibleForTesting public boolean isShutdown() {
    return shutdown;
  }

  /** Called by consumer when tlsContext changes. */
  @Override
  public synchronized void close() {
    if (sslContextProvider != null) {
      if (tlsContext instanceof UpstreamTlsContext) {
        tlsContextManager.releaseClientSslContextProvider(sslContextProvider);
      } else {
        tlsContextManager.releaseServerSslContextProvider(sslContextProvider);
      }
    }
    sslContextProvider = null;
    shutdown = true;
  }

  @Override
  public boolean equals(Object o) {
    if (this == o) {
      return true;
    }
    if (o == null || getClass() != o.getClass()) {
      return false;
    }
    SslContextProviderSupplier that = (SslContextProviderSupplier) o;
    return Objects.equals(tlsContext, that.tlsContext)
        && Objects.equals(tlsContextManager, that.tlsContextManager);
  }

  @Override
  public int hashCode() {
    return Objects.hash(tlsContext, tlsContextManager);
  }

  @Override
  public String toString() {
    return MoreObjects.toStringHelper(this)
        .add("tlsContext", tlsContext)
        .add("tlsContextManager", tlsContextManager)
        .add("sslContextProvider", sslContextProvider)
        .add("shutdown", shutdown)
        .toString();
  }
}

1	/*
2	* Copyright 2020 The gRPC Authors
3	*
4	* Licensed under the Apache License, Version 2.0 (the "License");
5	* you may not use this file except in compliance with the License.
6	* You may obtain a copy of the License at
7	*
8	* http://www.apache.org/licenses/LICENSE-2.0
9	*
10	* Unless required by applicable law or agreed to in writing, software
11	* distributed under the License is distributed on an "AS IS" BASIS,
12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13	* See the License for the specific language governing permissions and
14	* limitations under the License.
15	*/
16
17	package io.grpc.xds.internal.security;
18
19	import static com.google.common.base.Preconditions.checkNotNull;
20
21	import com.google.common.annotations.VisibleForTesting;
22	import com.google.common.base.MoreObjects;
23	import io.grpc.xds.EnvoyServerProtoData.BaseTlsContext;
24	import io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext;
25	import io.grpc.xds.EnvoyServerProtoData.UpstreamTlsContext;
26	import io.grpc.xds.TlsContextManager;
27	import io.netty.handler.ssl.SslContext;
28	import java.util.AbstractMap;
29	import java.util.Objects;
30	import javax.net.ssl.X509TrustManager;
31
32	/**
33	* Enables Client or server side to initialize this object with the received {@link BaseTlsContext}
34	* and communicate it to the consumer i.e. {@link SecurityProtocolNegotiators}
35	* to lazily evaluate the {@link SslContextProvider}. The supplier prevents credentials leakage in
36	* cases where the user is not using xDS credentials but the client/server contains a non-default
37	* {@link BaseTlsContext}.
38	*/
39	public final class SslContextProviderSupplier implements Closeable {
40
41	private final BaseTlsContext tlsContext;
42	private final TlsContextManager tlsContextManager;
43	private SslContextProvider sslContextProvider;
44	private boolean shutdown;
45
46	public SslContextProviderSupplier(
47	BaseTlsContext tlsContext, TlsContextManager tlsContextManager) {	1✔
48	this.tlsContext = checkNotNull(tlsContext, "tlsContext");	1✔
49	this.tlsContextManager = checkNotNull(tlsContextManager, "tlsContextManager");	1✔
50	}	1✔
51
52	public BaseTlsContext getTlsContext() {
53	return tlsContext;	1✔
54	}
55
56	/** Updates SslContext via the passed callback. */
57	public synchronized void updateSslContext(
58	final SslContextProvider.Callback callback, boolean autoSniSanValidationDoesNotApply) {
59	checkNotNull(callback, "callback");	1✔
60	try {
61	if (!shutdown) {	1✔
62	if (sslContextProvider == null) {	1✔
63	sslContextProvider = getSslContextProvider(autoSniSanValidationDoesNotApply);	1✔
64	}
65	}
66	// we want to increment the ref-count so call findOrCreate again...
67	final SslContextProvider toRelease = getSslContextProvider(autoSniSanValidationDoesNotApply);	1✔
68	toRelease.addCallback(	1✔
69	new SslContextProvider.Callback(callback.getExecutor()) {	1✔
70
71	@Override
72	public void updateSslContextAndExtendedX509TrustManager(
73	AbstractMap.SimpleImmutableEntry<SslContext, X509TrustManager> sslContextAndTm) {
74	callback.updateSslContextAndExtendedX509TrustManager(sslContextAndTm);	1✔
75	releaseSslContextProvider(toRelease);	1✔
76	}	1✔
77
78	@Override
79	public void onException(Throwable throwable) {
80	callback.onException(throwable);	1✔
81	releaseSslContextProvider(toRelease);	1✔
82	}	1✔
83	});
84	} catch (final Throwable throwable) {	×
85	callback.getExecutor().execute(new Runnable() {	×
86	@Override
87	public void run() {
88	callback.onException(throwable);	×
89	}	×
90	});
91	}	1✔
92	}	1✔
93
94	private void releaseSslContextProvider(SslContextProvider toRelease) {
95	if (tlsContext instanceof UpstreamTlsContext) {	1✔
96	tlsContextManager.releaseClientSslContextProvider(toRelease);	1✔
97	} else {
98	tlsContextManager.releaseServerSslContextProvider(toRelease);	1✔
99	}
100	}	1✔
101
102	private SslContextProvider getSslContextProvider(boolean autoSniSanValidationDoesNotApply) {
103	if (tlsContext instanceof UpstreamTlsContext) {	1✔
104	UpstreamTlsContext upstreamTlsContext = (UpstreamTlsContext) tlsContext;	1✔
105	if (autoSniSanValidationDoesNotApply && upstreamTlsContext.getAutoSniSanValidation()) {	1✔
106	upstreamTlsContext = new UpstreamTlsContext(	1✔
107	upstreamTlsContext.getCommonTlsContext(),	1✔
108	upstreamTlsContext.getSni(),	1✔
109	upstreamTlsContext.getAutoHostSni(),	1✔
110	false);
111	}
112	return tlsContextManager.findOrCreateClientSslContextProvider(upstreamTlsContext);	1✔
113	}
114	return tlsContextManager.findOrCreateServerSslContextProvider(	1✔
115	(DownstreamTlsContext) tlsContext);
116	}
117
118	@VisibleForTesting public boolean isShutdown() {
119	return shutdown;	1✔
120	}
121
122	/** Called by consumer when tlsContext changes. */
123	@Override
124	public synchronized void close() {
125	if (sslContextProvider != null) {	1✔
126	if (tlsContext instanceof UpstreamTlsContext) {	1✔
127	tlsContextManager.releaseClientSslContextProvider(sslContextProvider);	1✔
128	} else {
129	tlsContextManager.releaseServerSslContextProvider(sslContextProvider);	1✔
130	}
131	}
132	sslContextProvider = null;	1✔
133	shutdown = true;	1✔
134	}	1✔
135
136	@Override
137	public boolean equals(Object o) {
138	if (this == o) {	×
139	return true;	×
140	}
141	if (o == null \|\| getClass() != o.getClass()) {	×
142	return false;	×
143	}
144	SslContextProviderSupplier that = (SslContextProviderSupplier) o;	×
145	return Objects.equals(tlsContext, that.tlsContext)	×
146	&& Objects.equals(tlsContextManager, that.tlsContextManager);	×
147	}
148
149	@Override
150	public int hashCode() {
151	return Objects.hash(tlsContext, tlsContextManager);	1✔
152	}
153
154	@Override
155	public String toString() {
156	return MoreObjects.toStringHelper(this)	1✔
157	.add("tlsContext", tlsContext)	1✔
158	.add("tlsContextManager", tlsContextManager)	1✔
159	.add("sslContextProvider", sslContextProvider)	1✔
160	.add("shutdown", shutdown)	1✔
161	.toString();	1✔
162	}
163	}

grpc / grpc-java / #20254

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous