blob: f24c2b57a469df33988391f3d5b7adca8e0979a0 [file] [log] [blame]
// Copyright 2015 The Vanadium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build java android
//
// We only expose the functionality below for the above build tags, to
// discourage general usage. The binaries that currently require this
// functionality are our langage proxies:
// java/android: jni
package security
import (
"v.io/v23/context"
)
// OverrideCaveatValidation overrides the validation mechanism for all caveats;
// e.g. for use in proxies that delegate caveat validation to another process.
// It may be called at most once in an address space; subsequent calls with
// panic.
//
// The given fn is used to validate sets of caveats in RemoteBlessingNames,
// where the fn is invoked with the context and call representing the current
// security state, along with the sets of caveats to validate. It should return
// a slice of errors where len(sets) == len(errors), and errors[x] corresponds
// to the result of validating sets[x].
//
// WARNING: This is not meant as a general API, and may change without notice.
// It is restricted to specific build tags to discourage general usage.
func OverrideCaveatValidation(fn func(ctx *context.T, call Call, sets [][]Caveat) []error) {
overrideCaveatValidation(fn)
}