|  | @@ -282,3 +282,41 @@ def server_credentials_ssl_dynamic_cert_config(initial_cert_config,
 | 
	
		
			
				|  |  |    # C-core assumes ownership of c_options
 | 
	
		
			
				|  |  |    credentials.c_credentials = grpc_ssl_server_credentials_create_with_options(c_options)
 | 
	
		
			
				|  |  |    return credentials
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +cdef grpc_ssl_certificate_config_reload_status _server_cert_config_fetcher_wrapper(
 | 
	
		
			
				|  |  | +        void* user_data, grpc_ssl_server_certificate_config **config) with gil:
 | 
	
		
			
				|  |  | +  # This is a credentials.ServerCertificateConfig
 | 
	
		
			
				|  |  | +  cdef ServerCertificateConfig cert_config = None
 | 
	
		
			
				|  |  | +  if not user_data:
 | 
	
		
			
				|  |  | +    raise ValueError('internal error: user_data must be specified')
 | 
	
		
			
				|  |  | +  credentials = <ServerCredentials>user_data
 | 
	
		
			
				|  |  | +  if not credentials.initial_cert_config_fetched:
 | 
	
		
			
				|  |  | +    # C-core is asking for the initial cert config
 | 
	
		
			
				|  |  | +    credentials.initial_cert_config_fetched = True
 | 
	
		
			
				|  |  | +    cert_config = credentials.initial_cert_config._certificate_configuration
 | 
	
		
			
				|  |  | +  else:
 | 
	
		
			
				|  |  | +    user_cb = credentials.cert_config_fetcher
 | 
	
		
			
				|  |  | +    try:
 | 
	
		
			
				|  |  | +      cert_config_wrapper = user_cb()
 | 
	
		
			
				|  |  | +    except Exception:
 | 
	
		
			
				|  |  | +      _LOGGER.exception('Error fetching certificate config')
 | 
	
		
			
				|  |  | +      return GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_FAIL
 | 
	
		
			
				|  |  | +    if cert_config_wrapper is None:
 | 
	
		
			
				|  |  | +      return GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_UNCHANGED
 | 
	
		
			
				|  |  | +    elif not isinstance(
 | 
	
		
			
				|  |  | +        cert_config_wrapper, grpc.ServerCertificateConfiguration):
 | 
	
		
			
				|  |  | +      _LOGGER.error(
 | 
	
		
			
				|  |  | +          'Error fetching certificate configuration: certificate '
 | 
	
		
			
				|  |  | +          'configuration must be of type grpc.ServerCertificateConfiguration, '
 | 
	
		
			
				|  |  | +          'not %s' % type(cert_config_wrapper).__name__)
 | 
	
		
			
				|  |  | +      return GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_FAIL
 | 
	
		
			
				|  |  | +    else:
 | 
	
		
			
				|  |  | +      cert_config = cert_config_wrapper._certificate_configuration
 | 
	
		
			
				|  |  | +  config[0] = <grpc_ssl_server_certificate_config*>cert_config.c_cert_config
 | 
	
		
			
				|  |  | +  # our caller will assume ownership of memory, so we have to recreate
 | 
	
		
			
				|  |  | +  # a copy of c_cert_config here
 | 
	
		
			
				|  |  | +  cert_config.c_cert_config = grpc_ssl_server_certificate_config_create(
 | 
	
		
			
				|  |  | +      cert_config.c_pem_root_certs, cert_config.c_ssl_pem_key_cert_pairs,
 | 
	
		
			
				|  |  | +      cert_config.c_ssl_pem_key_cert_pairs_count)
 | 
	
		
			
				|  |  | +  return GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_NEW
 | 
	
		
			
				|  |  | +
 |