Commit d3962d3a authored by pfandzelter's avatar pfandzelter
Browse files

improve certificate errors

parent ced1ad73
......@@ -116,14 +116,14 @@ docker network create fredwork --gateway 172.26.0.1 --subnet 172.26.0.0/16
To start a simple `etcd` instance in Docker with our certificates mounted as volumes, you can use this command:
```bash
docker pull quay.io/coreos/etcd:v3.4.10
docker pull gcr.io/etcd-development/etcd:v3.5.0
docker run -d \
-v $(pwd)/etcdnase.crt:/cert/etcdnase.crt \
-v $(pwd)/etcdnase.key:/cert/etcdnase.key \
-v $(pwd)/ca.crt:/cert/ca.crt \
--network=fredwork \
--ip=172.26.1.1 \
quay.io/coreos/etcd:v3.4.10 \
gcr.io/etcd-development/etcd:v3.5.0 \
etcd --name s-1 \
--data-dir /tmp/etcd/s-1 \
--listen-client-urls https://172.26.1.1:2379 \
......@@ -167,7 +167,10 @@ fred --log-level info \
--nase-ca /cert/ca.crt \
--trigger-cert /cert/frednode.crt \
--trigger-key /cert/frednode.key \
--trigger-ca /cert/ca.crt
--trigger-ca /cert/ca.crt \
--peer-cert /cert/frednode.crt \
--peer-key /cert/frednode.key \
--peer-ca /cert/ca.crt \
--cert /cert/frednode.crt \
--key /cert/frednode.key \
--ca-file /cert/ca.crt
......
......@@ -69,6 +69,18 @@ func main() {
log.Info().Msg("No Loglevel specified, using 'debug'")
}
if *cert == "" {
log.Fatal().Msg("no certificate file given")
}
if *key == "" {
log.Fatal().Msg("no key file given")
}
if *ca == "" {
log.Fatal().Msg("no root certificate file given")
}
// Load server's certificate and private key
serverCert, err := tls.LoadX509KeyPair(*cert, *key)
......
......@@ -23,6 +23,15 @@ type Client struct {
}
func NewClient(host, certFile, keyFile string) *Client {
if certFile == "" {
log.Fatal().Msg("fredclient: no certificate file given")
}
if keyFile == "" {
log.Fatal().Msg("fredclient: no key file given")
}
cert, err := tls.LoadX509KeyPair(certFile, keyFile)
if err != nil {
......
......@@ -26,11 +26,23 @@ type Server struct {
// NewServer creates a new Server for requests from Alexandra Clients
func NewServer(host string, caCert string, serverCert string, serverKey string, nodesCert string, nodesKey string, lighthouse string, isProxied bool, proxyHost string) *Server {
if serverCert == "" {
log.Fatal().Msg("alexandra server: no certificate file given")
}
if serverCert == "" {
log.Fatal().Msg("alexandra server: no key file given")
}
if caCert == "" {
log.Fatal().Msg("alexandra server: no root certificate file given")
}
// Load server's certificate and private key
loadedServerCert, err := tls.LoadX509KeyPair(serverCert, serverKey)
if err != nil {
log.Fatal().Msgf("could not load key pair: %v", err)
log.Fatal().Msgf("alexandra server: could not load key pair: %v", err)
return nil
}
......@@ -40,7 +52,7 @@ func NewServer(host string, caCert string, serverCert string, serverKey string,
loaded, err := ioutil.ReadFile(caCert)
if err != nil {
log.Fatal().Msgf("unexpected missing certfile: %v", err)
log.Fatal().Msgf("alexandra server: unexpected missing certfile: %v", err)
}
rootCAs.AppendCertsFromPEM(loaded)
......
......@@ -29,7 +29,7 @@ type Server struct {
*grpc.Server
}
// the Roles map the internal grpc representation of rbac Roles to the representation within fred
// Roles map the internal grpc representation of rbac Roles to the representation within fred
var (
Roles = map[client.UserRole]fred.Role{
client.UserRole_ReadKeygroup: fred.ReadKeygroup,
......@@ -133,22 +133,34 @@ func (s *Server) CheckCert(ctx context.Context) (string, error) {
}
// NewServer creates a new Server for requests from Fred Clients
func NewServer(host string, handler fred.ExtHandler, cert string, key string, caCert string, isProxied bool, proxy string) *Server {
func NewServer(host string, handler fred.ExtHandler, certFile string, keyFile string, caFile string, isProxied bool, proxy string) *Server {
if certFile == "" {
log.Fatal().Msg("API server: no certificate file given")
}
if keyFile == "" {
log.Fatal().Msg("API server: no key file given")
}
if caFile == "" {
log.Fatal().Msg("API server: no root certificate file given")
}
// Load server's certificate and private key
serverCert, err := tls.LoadX509KeyPair(cert, key)
serverCert, err := tls.LoadX509KeyPair(certFile, keyFile)
if err != nil {
log.Fatal().Msgf("could not load key pair: %v", err)
log.Fatal().Msgf("API server: could not load key pair: %v", err)
return nil
}
// Create a new cert pool and add our own CA certificate
rootCAs := x509.NewCertPool()
loaded, err := ioutil.ReadFile(caCert)
loaded, err := ioutil.ReadFile(caFile)
if err != nil {
log.Fatal().Msgf("unexpected missing certfile: %v", err)
log.Fatal().Msgf("API server: unexpected missing certfile: %v", err)
}
rootCAs.AppendCertsFromPEM(loaded)
......@@ -163,7 +175,7 @@ func NewServer(host string, handler fred.ExtHandler, cert string, key string, ca
proxyHost, proxyPort, err := net.SplitHostPort(proxy)
if isProxied && err != nil {
log.Fatal().Err(err).Msg("Failed to parse proxy host and port")
log.Fatal().Err(err).Msg("API server: Failed to parse proxy host and port")
return nil
}
......@@ -181,20 +193,20 @@ func NewServer(host string, handler fred.ExtHandler, cert string, key string, ca
lis, err := net.Listen("tcp", host)
if err != nil {
log.Fatal().Err(err).Msg("Failed to listen")
log.Fatal().Err(err).Msg("API server: Failed to listen")
return nil
}
client.RegisterClientServer(s.Server, s)
log.Debug().Msgf("Externalconnection Server is listening on %s", host)
log.Debug().Msgf("API Server is listening on %s", host)
go func() {
err := s.Server.Serve(lis)
// if Serve returns without an error, we probably intentionally closed it
if err != nil {
log.Fatal().Msgf("Externalconnection Server exited: %s", err.Error())
log.Fatal().Msgf("API Server exited: %s", err.Error())
}
}()
......@@ -212,7 +224,7 @@ func statusResponseFromError(err error) (*client.StatusResponse, error) {
return &client.StatusResponse{Status: client.EnumStatus_OK}, nil
}
log.Debug().Msgf("ExtServer is returning error: %#v", err)
log.Debug().Msgf("API Server is returning error: %#v", err)
return &client.StatusResponse{Status: client.EnumStatus_ERROR, ErrorMessage: err.Error()}, err
......@@ -221,7 +233,7 @@ func statusResponseFromError(err error) (*client.StatusResponse, error) {
// CreateKeygroup calls this method on the exthandler
func (s *Server) CreateKeygroup(ctx context.Context, request *client.CreateKeygroupRequest) (*client.StatusResponse, error) {
log.Info().Msgf("ExtServer has rcvd CreateKeygroup. In: %#v", request)
log.Info().Msgf("API Server has rcvd CreateKeygroup. In: %#v", request)
user, err := s.CheckCert(ctx)
......@@ -237,7 +249,7 @@ func (s *Server) CreateKeygroup(ctx context.Context, request *client.CreateKeygr
// DeleteKeygroup calls this method on the exthandler
func (s *Server) DeleteKeygroup(ctx context.Context, request *client.DeleteKeygroupRequest) (*client.StatusResponse, error) {
log.Info().Msgf("ExtServer has rcvd DeleteKeygroup. In: %#v", request)
log.Info().Msgf("API Server has rcvd DeleteKeygroup. In: %#v", request)
user, err := s.CheckCert(ctx)
......@@ -252,7 +264,7 @@ func (s *Server) DeleteKeygroup(ctx context.Context, request *client.DeleteKeygr
// Read calls this method on the exthandler
func (s *Server) Read(ctx context.Context, request *client.ReadRequest) (*client.ReadResponse, error) {
log.Info().Msgf("ExtServer has rcvd Read. In: %#v", request)
log.Info().Msgf("API Server has rcvd Read. In: %#v", request)
user, err := s.CheckCert(ctx)
......@@ -264,7 +276,7 @@ func (s *Server) Read(ctx context.Context, request *client.ReadRequest) (*client
res, err := s.e.HandleRead(user, fred.Item{Keygroup: fred.KeygroupName(request.Keygroup), ID: request.Id})
if err != nil {
log.Debug().Msgf("ExtServer is returning error: %#v", err)
log.Debug().Msgf("API Server is returning error: %#v", err)
return &client.ReadResponse{}, err
}
......@@ -274,7 +286,7 @@ func (s *Server) Read(ctx context.Context, request *client.ReadRequest) (*client
// Scan calls this method on the exthandler
func (s *Server) Scan(ctx context.Context, request *client.ScanRequest) (*client.ScanResponse, error) {
log.Info().Msgf("ExtServer has rcvd Read. In: %#v", request)
log.Info().Msgf("API Server has rcvd Read. In: %#v", request)
user, err := s.CheckCert(ctx)
......@@ -286,7 +298,7 @@ func (s *Server) Scan(ctx context.Context, request *client.ScanRequest) (*client
res, err := s.e.HandleScan(user, fred.Item{Keygroup: fred.KeygroupName(request.Keygroup), ID: request.Id}, request.Count)
if err != nil {
log.Debug().Msgf("ExtServer is returning error: %#v", err)
log.Debug().Msgf("API Server is returning error: %#v", err)
return &client.ScanResponse{}, err
}
......@@ -308,7 +320,7 @@ func (s *Server) Scan(ctx context.Context, request *client.ScanRequest) (*client
// Append calls this method on the exthandler
func (s *Server) Append(ctx context.Context, request *client.AppendRequest) (*client.AppendResponse, error) {
log.Info().Msgf("ExtServer has rcvd Append. In: %#v", request)
log.Info().Msgf("API Server has rcvd Append. In: %#v", request)
user, err := s.CheckCert(ctx)
......@@ -331,7 +343,7 @@ func (s *Server) Append(ctx context.Context, request *client.AppendRequest) (*cl
// Update calls this method on the exthandler
func (s *Server) Update(ctx context.Context, request *client.UpdateRequest) (*client.StatusResponse, error) {
log.Info().Msgf("ExtServer has rcvd Update. In: %#v", request)
log.Info().Msgf("API Server has rcvd Update. In: %#v", request)
user, err := s.CheckCert(ctx)
......@@ -347,7 +359,7 @@ func (s *Server) Update(ctx context.Context, request *client.UpdateRequest) (*cl
// Delete calls this method on the exthandler
func (s *Server) Delete(ctx context.Context, request *client.DeleteRequest) (*client.StatusResponse, error) {
log.Info().Msgf("ExtServer has rcvd Delete. In: %#v", request)
log.Info().Msgf("API Server has rcvd Delete. In: %#v", request)
user, err := s.CheckCert(ctx)
......@@ -363,7 +375,7 @@ func (s *Server) Delete(ctx context.Context, request *client.DeleteRequest) (*cl
// AddReplica calls this method on the exthandler
func (s *Server) AddReplica(ctx context.Context, request *client.AddReplicaRequest) (*client.StatusResponse, error) {
log.Info().Msgf("ExtServer has rcvd AddReplica. In: %#v", request)
log.Info().Msgf("API Server has rcvd AddReplica. In: %#v", request)
user, err := s.CheckCert(ctx)
......@@ -379,13 +391,13 @@ func (s *Server) AddReplica(ctx context.Context, request *client.AddReplicaReque
// GetKeygroupReplica calls this method on the exthandler
func (s *Server) GetKeygroupReplica(ctx context.Context, request *client.GetKeygroupReplicaRequest) (*client.GetKeygroupReplicaResponse, error) {
log.Info().Msgf("ExtServer has rcvd GetKeygroupReplica. In: %#v", request)
log.Info().Msgf("API Server has rcvd GetKeygroupReplica. In: %#v", request)
user, err := s.CheckCert(ctx)
if err != nil {
_, err = statusResponseFromError(err)
log.Debug().Msgf("ExtServer is returning error: %#v", err)
log.Debug().Msgf("API Server is returning error: %#v", err)
return nil, err
}
......@@ -400,12 +412,12 @@ func (s *Server) GetKeygroupReplica(ctx context.Context, request *client.GetKeyg
replicas[i] = &client.KeygroupReplica{
NodeId: string(n[i].ID),
Expiry: int64(e[n[i].ID]),
Host: n[i].Host,
Host: n[i].Host,
}
}
if err != nil {
log.Debug().Msgf("ExtServer is returning error: %#v", err)
log.Debug().Msgf("API Server is returning error: %#v", err)
return &client.GetKeygroupReplicaResponse{}, err
}
......@@ -419,7 +431,7 @@ func (s *Server) GetKeygroupReplica(ctx context.Context, request *client.GetKeyg
// RemoveReplica calls this method on the exthandler
func (s *Server) RemoveReplica(ctx context.Context, request *client.RemoveReplicaRequest) (*client.StatusResponse, error) {
log.Info().Msgf("ExtServer has rcvd RemoveReplica. In: %#v", request)
log.Info().Msgf("API Server has rcvd RemoveReplica. In: %#v", request)
user, err := s.CheckCert(ctx)
......@@ -439,7 +451,7 @@ func replicaResponseFromNode(n fred.Node) *client.GetReplicaResponse {
// GetReplica calls this method on the exthandler
func (s *Server) GetReplica(ctx context.Context, request *client.GetReplicaRequest) (*client.GetReplicaResponse, error) {
log.Info().Msgf("ExtServer has rcvd GetReplica. In: %#v", request)
log.Info().Msgf("API Server has rcvd GetReplica. In: %#v", request)
user, err := s.CheckCert(ctx)
......@@ -455,7 +467,7 @@ func (s *Server) GetReplica(ctx context.Context, request *client.GetReplicaReque
// GetAllReplica calls this method on the exthandler
func (s *Server) GetAllReplica(ctx context.Context, request *client.GetAllReplicaRequest) (*client.GetAllReplicaResponse, error) {
log.Info().Msgf("ExtServer has rcvd GetAllReplica. In: %#v", request)
log.Info().Msgf("API Server has rcvd GetAllReplica. In: %#v", request)
user, err := s.CheckCert(ctx)
......@@ -467,7 +479,7 @@ func (s *Server) GetAllReplica(ctx context.Context, request *client.GetAllReplic
res, err := s.e.HandleGetAllReplica(user)
if err != nil {
log.Debug().Msgf("ExtServer is returning error: %#v", err)
log.Debug().Msgf("API Server is returning error: %#v", err)
return &client.GetAllReplicaResponse{}, err
}
......@@ -482,7 +494,7 @@ func (s *Server) GetAllReplica(ctx context.Context, request *client.GetAllReplic
// GetKeygroupTriggers calls this method on the exthandler
func (s *Server) GetKeygroupTriggers(ctx context.Context, request *client.GetKeygroupTriggerRequest) (*client.GetKeygroupTriggerResponse, error) {
log.Info().Msgf("ExtServer has rcvd GetKeygroupTriggers. In: %#v", request)
log.Info().Msgf("API Server has rcvd GetKeygroupTriggers. In: %#v", request)
user, err := s.CheckCert(ctx)
......@@ -493,7 +505,7 @@ func (s *Server) GetKeygroupTriggers(ctx context.Context, request *client.GetKey
res, err := s.e.HandleGetKeygroupTriggers(user, fred.Keygroup{Name: fred.KeygroupName(request.Keygroup)})
if err != nil {
log.Debug().Msgf("ExtServer is returning error: %#v", err)
log.Debug().Msgf("API Server is returning error: %#v", err)
return &client.GetKeygroupTriggerResponse{}, err
}
triggers := make([]*client.Trigger, len(res))
......@@ -508,7 +520,7 @@ func (s *Server) GetKeygroupTriggers(ctx context.Context, request *client.GetKey
// AddTrigger calls this method on the exthandler
func (s *Server) AddTrigger(ctx context.Context, request *client.AddTriggerRequest) (*client.StatusResponse, error) {
log.Info().Msgf("ExtServer has rcvd AddTrigger. In: %#v", request)
log.Info().Msgf("API Server has rcvd AddTrigger. In: %#v", request)
user, err := s.CheckCert(ctx)
......@@ -524,7 +536,7 @@ func (s *Server) AddTrigger(ctx context.Context, request *client.AddTriggerReque
// RemoveTrigger calls this method on the exthandler
func (s *Server) RemoveTrigger(ctx context.Context, request *client.RemoveTriggerRequest) (*client.StatusResponse, error) {
log.Info().Msgf("ExtServer has rcvd RemoveTrigger. In: %#v", request)
log.Info().Msgf("API Server has rcvd RemoveTrigger. In: %#v", request)
user, err := s.CheckCert(ctx)
......@@ -540,7 +552,7 @@ func (s *Server) RemoveTrigger(ctx context.Context, request *client.RemoveTrigge
// AddUser calls this method on the exthandler
func (s *Server) AddUser(ctx context.Context, request *client.UserRequest) (*client.StatusResponse, error) {
log.Info().Msgf("ExtServer has rcvd AddUser. In: %#v", request)
log.Info().Msgf("API Server has rcvd AddUser. In: %#v", request)
user, err := s.CheckCert(ctx)
......@@ -556,7 +568,7 @@ func (s *Server) AddUser(ctx context.Context, request *client.UserRequest) (*cli
// RemoveUser calls this method on the exthandler
func (s *Server) RemoveUser(ctx context.Context, request *client.UserRequest) (*client.StatusResponse, error) {
log.Info().Msgf("ExtServer has rcvd RemoveUser. In: %#v", request)
log.Info().Msgf("API Server has rcvd RemoveUser. In: %#v", request)
user, err := s.CheckCert(ctx)
......
......@@ -38,9 +38,21 @@ type NameService struct {
}
// NewNameService creates a new NameService
func NewNameService(nodeID string, endpoints []string, certfFile string, keyFile string, caFile string, cached bool) (*NameService, error) {
func NewNameService(nodeID string, endpoints []string, certFile string, keyFile string, caFile string, cached bool) (*NameService, error) {
if certFile == "" {
log.Fatal().Msg("etcd NaSe: no certificate file given")
}
if keyFile == "" {
log.Fatal().Msg("etcd NaSe: no key file given")
}
if caFile == "" {
log.Fatal().Msg("etcd NaSe: no root certificate file given")
}
tlsInfo := transport.TLSInfo{
CertFile: certfFile,
CertFile: certFile,
KeyFile: keyFile,
TrustedCAFile: caFile,
}
......
......@@ -22,10 +22,22 @@ type Client struct {
// NewClient creates a new empty client to communicate with peers.
func NewClient(certFile string, keyFile string, caFile string) *Client {
if certFile == "" {
log.Fatal().Msg("peering client: no certificate file given")
}
if keyFile == "" {
log.Fatal().Msg("peering client: no key file given")
}
if caFile == "" {
log.Fatal().Msg("peering client: no root certificate file given")
}
cert, err := tls.LoadX509KeyPair(certFile, keyFile)
if err != nil {
log.Fatal().Err(err).Msg("Cannot load certificates")
log.Fatal().Err(err).Msg("peering client: Cannot load certificates")
return nil
}
......@@ -34,14 +46,14 @@ func NewClient(certFile string, keyFile string, caFile string) *Client {
rootCAs, err := x509.SystemCertPool()
if err != nil {
log.Fatal().Err(err).Msg("Cannot load root certificates")
log.Fatal().Err(err).Msg("peering client: Cannot load root certificates")
return nil
}
loaded, err := ioutil.ReadFile(caFile)
if err != nil {
log.Fatal().Msgf("unexpected missing certfile: %v", err)
log.Fatal().Msgf("peering client: unexpected missing certfile: %v", err)
}
rootCAs.AppendCertsFromPEM(loaded)
......@@ -67,11 +79,11 @@ func (c *Client) getClient(host string) (peering.NodeClient, error) {
conn, err := grpc.Dial(host, grpc.WithTransportCredentials(c.credentials))
if err != nil {
log.Error().Err(err).Msg("Cannot create Grpc connection")
log.Error().Err(err).Msg("peering client: Cannot create Grpc connection")
return nil, errors.New(err)
}
log.Debug().Msgf("Interclient: Created Connection to %s", host)
log.Debug().Msgf("peering client: Created Connection to %s", host)
client := peering.NewNodeClient(conn)
c.conn[host] = client
......
......@@ -23,11 +23,23 @@ type Server struct {
// NewServer creates a new Server for communication to the inthandler from other nodes
func NewServer(host string, handler fred.IntHandler, certFile string, keyFile string, caFile string) *Server {
if certFile == "" {
log.Fatal().Msg("peering server: no certificate file given")
}
if keyFile == "" {
log.Fatal().Msg("peering server: no key file given")
}
if caFile == "" {
log.Fatal().Msg("peering server: no root certificate file given")
}
// Load server's certificate and private key
cert, err := tls.LoadX509KeyPair(certFile, keyFile)
if err != nil {
log.Fatal().Msgf("could not load key pair: %v", err)
log.Fatal().Msgf("peering server: could not load key pair: %v", err)
}
// Create a new cert pool and add our own CA certificate
......@@ -36,7 +48,7 @@ func NewServer(host string, handler fred.IntHandler, certFile string, keyFile st
loaded, err := ioutil.ReadFile(caFile)
if err != nil {
log.Fatal().Msgf("unexpected missing certfile: %v", err)
log.Fatal().Msgf("peering server: unexpected missing certfile: %v", err)
}
rootCAs.AppendCertsFromPEM(loaded)
......@@ -59,14 +71,14 @@ func NewServer(host string, handler fred.IntHandler, certFile string, keyFile st
peering.RegisterNodeServer(s.Server, s)
log.Debug().Msgf("Interconnection Server is listening on %s", host)
log.Debug().Msgf("Peering Server is listening on %s", host)
go func() {
err := s.Server.Serve(lis)
// if Serve returns without an error, we probably intentionally closed it
if err != nil {
log.Fatal().Msgf("Interconnection Server exited: %s", err.Error())
log.Fatal().Msgf("Peering Server exited: %s", err.Error())
}
}()
......@@ -81,7 +93,7 @@ func (s *Server) Close() error {
// CreateKeygroup calls this Method on the Inthandler
func (s *Server) CreateKeygroup(_ context.Context, request *peering.CreateKeygroupRequest) (*peering.Empty, error) {
log.Info().Msgf("InterServer has rcvd CreateKeygroup. In: %#v", request)
log.Info().Msgf("Peering server has rcvd CreateKeygroup. In: %#v", request)
err := s.i.HandleCreateKeygroup(fred.Keygroup{Name: fred.KeygroupName(request.Keygroup)})
if err != nil {
return nil, err
......@@ -91,7 +103,7 @@ func (s *Server) CreateKeygroup(_ context.Context, request *peering.CreateKeygro
// DeleteKeygroup calls this Method on the Inthandler
func (s *Server) DeleteKeygroup(_ context.Context, request *peering.DeleteKeygroupRequest) (*peering.Empty, error) {
log.Info().Msgf("InterServer has rcvd DeleteKeygroup. In: %#v", request)
log.Info().Msgf("Peering server has rcvd DeleteKeygroup. In: %#v", request)
err := s.i.HandleDeleteKeygroup(fred.Keygroup{Name: fred.KeygroupName(request.Keygroup)})
if err != nil {
return nil, err
......@@ -101,7 +113,7 @@ func (s *Server) DeleteKeygroup(_ context.Context, request *peering.DeleteKeygro
// PutItem calls HandleUpdate on the Inthandler
func (s *Server) PutItem(_ context.Context, request *peering.PutItemRequest) (*peering.Empty, error) {
log.Info().Msgf("InterServer has rcvd PutItem. In: %#v", request)
log.Info().Msgf("Peering server has rcvd PutItem. In: %#v", request)
err := s.i.HandleUpdate(fred.Item{
Keygroup: fred.KeygroupName(request.Keygroup),
ID: request.Id,
......@@ -115,7 +127,7 @@ func (s *Server) PutItem(_ context.Context, request *peering.PutItemRequest) (*p
// AppendItem calls HandleAppend on the Inthandler
func (s *Server) AppendItem(_ context.Context, request *peering.AppendItemRequest) (*peering.Empty, error) {
log.Info().Msgf("InterServer has rcvd AppendItem. In: %#v", request)
log.Info().Msgf("Peering server has rcvd AppendItem. In: %#v", request)
err := s.i.HandleAppend(fred.Item{
Keygroup: fred.KeygroupName(request.Keygroup),
......@@ -132,7 +144,7 @@ func (s *Server) AppendItem(_ context.Context, request *peering.AppendItemReques
// GetItem has no implementation
func (s *Server) GetItem(_ context.Context, request *peering.GetItemRequest) (*peering.GetItemResponse, error) {
log.Info().Msgf("InterServer has rcvd GetItem. In: %#v", request)
log.Info().Msgf("Peering server has rcvd GetItem. In: %#v", request)
data, err := s.i.HandleGet(fred.Item{
Keygroup: fred.KeygroupName(request.Keygroup),
ID: request.Id,
......@@ -148,7 +160,7 @@ func (s *Server) GetItem(_ context.Context, request *peering.GetItemRequest) (*p
// GetAllItems has no implementation
func (s *Server) GetAllItems(_ context.Context, request *peering.GetAllItemsRequest) (*peering.GetAllItemsResponse, error) {
log.Info().Msgf("InterServer has rcvd GetItem. In: %#v", request)
log.Info().Msgf("Peering server has rcvd GetItem. In: %#v", request)
data, err := s.i.HandleGetAllItems(fred.Keygroup{
Name: fred.KeygroupName(request.Keygroup),
})
......@@ -172,7 +184,7 @@ func (s *Server) GetAllItems(_ context.Context, request *peering.GetAllItemsRequ
// DeleteItem calls this Method on the Inthandler
func (s *Server) DeleteItem(_ context.Context, request *peering.DeleteItemRequest) (*peering.Empty, error) {
log.Info().Msgf("InterServer has rcvd DeleteItem. In: %#v", request)
log.Info().Msgf("Peering server has rcvd DeleteItem. In: %#v", request)
err := s.i.HandleDelete(fred.Item{
Keygroup: fred.KeygroupName(request.Keygroup),
ID: request.Id,
......@@ -185,7 +197,7 @@ func (s *Server) DeleteItem(_ context.Context, request *peering.DeleteItemReques
// AddReplica calls this Method on the Inthandler
func (s *Server) AddReplica(_ context.Context, request *peering.AddReplicaRequest) (*peering.Empty, error) {
log.Info().Msgf("InterServer has rcvd AddReplica. In: %#v", request)
log.Info().Msgf("Peering server has rcvd AddReplica. In: %#v", request)
err := s.i.HandleAddReplica(fred.Keygroup{Name: fred.KeygroupName(request.Keygroup), Expiry: int(request.Expiry)}, fred.Node{ID: fred.NodeID(request.NodeId)})
if err != nil {
return nil, err
......@@ -195,7 +207,7 @@ func (s *Server) AddReplica(_ context.Context, request *peering.AddReplicaReques
// RemoveReplica calls this Method on the Inthandler
func (s *Server) RemoveReplica(_ context.Context, request *peering.RemoveReplicaRequest) (*peering.Empty, error) {
log.Info().Msgf("InterServer has rcvd RemoveReplica. In: %#v", request)
log.Info().Msgf("Peering server has rcvd RemoveReplica. In: %#v", request)
err := s.i.HandleRemoveReplica(fred.Keygroup{Name: fred.KeygroupName(request.Keygroup)}, fred.Node{ID: fred.NodeID(request.NodeId)})
if err != nil {
return nil, err
......
......@@ -8,6 +8,7 @@ import (
"io/ioutil"
"git.tu-berlin.de/mcc-fred/fred/proto/peering"
"github.com/rs/zerolog/log"
"google.golang.org/grpc"
"google.golang.org/grpc/credentials"
)
......@@ -19,9 +20,21 @@ type PeeringProxy struct {
opts grpc.DialOption
}
func StartPeeringProxy(p *Proxy, port int, cert string, key string, caCert string) (*grpc.Server, error) {
func StartPeeringProxy(p *Proxy, port int, certFile string, keyFile string, caFile string) (*grpc.Server, error) {
if certFile == "" {
log.Fatal().Msg("peering proxy: no certificate file given")
}
if keyFile == "" {
log.Fatal().Msg("peering proxy: no key file given")
}