git.feebdaed.xyz Git - 0xmirror/grpc.git/commit

Chaotic Good: Verify Peer in Chaotic Good Handshake during Data Endpoint creation

Since Chaotic Good enables using a group of TCP connections as a composite channel we need to ensure that all TCP connections are established with the same peer. In this change, we store a Ref to the `grpc_auth_context` of the Connection that created the Control Endpoint and compare it to the `grpc_auth_context` of the Connection requesting each Data Endpoint using the [Injectable Peer Comparison API](https://github.com/grpc/grpc/pull/39610). If no peer comparison API is installed, the identity verification will not be performed.

The updated Chaotic Good handshake is as follows: (changed steps are in **bolded**)

First the control channel is established:
   1. ALTS/TLS/LOAS/PSP: Each new TCP connection goes through the “normal” security handshakes for gRPC, checking certificates, establishing identity
   2. A Chaotic Good Settings frame is sent from the client, with data_channel == 0
   3. The server processes the received Settings frame, creates N pending data connections, and responds with a Settings frame with a randomly generated set of connection ids: 1 per requested data connection. **The created PendingDataConnections hold a reference to the Control Channel’s grpc_auth_context.**
   4. The client processes the received Settings frame and creates one data connection per received connection_id.

For each data channel requested:
   1. The TCP connection proceeds as usual (same as 1 above)
   2. The Settings frame sent will relay the connection_id for this data channel, with data_channel == 1
   3. The server responds with a Settings frame with data_channel == 1.
   4. **Finally, server looks up the association for this connection_id and verifies the equivalence of the current connection’s grpc_auth_context and the stored grpc_auth_context of the control channel.**
      - **If lookup is successful and peer is equivalent, we bind the connection with that chaotic good channel.**
      - **Else, we abort the connection.**

PiperOrigin-RevId: 839573243

author	Aananth V <aananthv@google.com>
	Wed, 3 Dec 2025 05:39:00 +0000 (21:39 -0800)
committer	Copybara-Service <copybara-worker@google.com>
	Wed, 3 Dec 2025 05:41:20 +0000 (21:41 -0800)
commit	840bf758dcff16f9f1d4f606b21586b95febffa9
tree	d2a712c1aceea3689f9f4e7b83ec1d3c43325467	tree \| snapshot
parent	a304e4ed4a449e4340dea5012570c7498cb5c5a2	commit \| diff

src/core/BUILD		diff \| blob \| history
src/core/ext/transport/chaotic_good/pending_connection.h		diff \| blob \| history
src/core/ext/transport/chaotic_good/server/chaotic_good_server.cc		diff \| blob \| history
src/core/ext/transport/chaotic_good/server/chaotic_good_server.h		diff \| blob \| history
test/core/transport/benchmarks/bm_chaotic_good.cc		diff \| blob \| history
test/core/transport/chaotic_good/BUILD		diff \| blob \| history
test/core/transport/chaotic_good/chaotic_good_server_test.cc		diff \| blob \| history
test/core/transport/chaotic_good/server_transport_test.cc		diff \| blob \| history
test/core/transport/test_suite/chaotic_good_fixture_helpers.h		diff \| blob \| history