func (c *commImpl) createConnection(endpoint string, expectedPKIID common.PKIidType) (*connection, error) { var err error var cc *grpc.ClientConn var stream proto.Gossip_GossipStreamClient var pkiID common.PKIidType c.logger.Debug("Entering", endpoint, expectedPKIID) defer c.logger.Debug("Exiting") if c.isStopping() { return nil, fmt.Errorf("Stopping") } cc, err = grpc.Dial(endpoint, append(c.opts, grpc.WithBlock())...) if err != nil { return nil, err } cl := proto.NewGossipClient(cc) if _, err = cl.Ping(context.Background(), &proto.Empty{}); err != nil { cc.Close() return nil, err } if stream, err = cl.GossipStream(context.Background()); err == nil { pkiID, err = c.authenticateRemotePeer(stream) if err == nil { if expectedPKIID != nil && !bytes.Equal(pkiID, expectedPKIID) { // PKIID is nil when we don't know the remote PKI id's c.logger.Warning("Remote endpoint claims to be a different peer, expected", expectedPKIID, "but got", pkiID) return nil, fmt.Errorf("Authentication failure") } conn := newConnection(cl, cc, stream, nil) conn.pkiID = pkiID conn.logger = c.logger h := func(m *proto.GossipMessage) { c.logger.Debug("Got message:", m) c.msgPublisher.DeMultiplex(&ReceivedMessageImpl{ conn: conn, lock: conn, GossipMessage: m, }) } conn.handler = h return conn, nil } } cc.Close() return nil, err }
func (comm *dummyCommModule) Ping(peer *NetworkMember) bool { comm.lock.Lock() defer comm.lock.Unlock() _, alreadyExists := comm.streams[peer.Endpoint] if !alreadyExists { newConn, err := grpc.Dial(peer.Endpoint, grpc.WithInsecure()) if err != nil { return false } if stream, err := proto.NewGossipClient(newConn).GossipStream(context.Background()); err == nil { comm.conns[peer.Endpoint] = newConn comm.streams[peer.Endpoint] = stream return true } return false } conn := comm.conns[peer.Endpoint] if _, err := proto.NewGossipClient(conn).Ping(context.Background(), &proto.Empty{}); err != nil { return false } return true }
func (c *commImpl) Probe(remotePeer *RemotePeer) error { endpoint := remotePeer.Endpoint pkiID := remotePeer.PKIID if c.isStopping() { return fmt.Errorf("Stopping") } c.logger.Debug("Entering, endpoint:", endpoint, "PKIID:", pkiID) var err error opts := c.opts if opts == nil { opts = []grpc.DialOption{grpc.WithInsecure(), grpc.WithTimeout(dialTimeout)} } cc, err := grpc.Dial(endpoint, append(opts, grpc.WithBlock())...) if err != nil { c.logger.Debug("Returning", err) return err } defer cc.Close() cl := proto.NewGossipClient(cc) _, err = cl.Ping(context.Background(), &proto.Empty{}) c.logger.Debug("Returning", err) return err }
func TestCertificateGeneration(t *testing.T) { err := generateCertificates("key.pem", "cert.pem") assert.NoError(t, err, "%v", err) if err != nil { return } defer os.Remove("cert.pem") defer os.Remove("key.pem") var ll net.Listener creds, err := credentials.NewServerTLSFromFile("cert.pem", "key.pem") assert.NoError(t, err, "%v", err) if err != nil { return } s := grpc.NewServer(grpc.Creds(creds)) ll, err = net.Listen("tcp", fmt.Sprintf("%s:%d", "", 5511)) assert.NoError(t, err, "%v", err) if err != nil { return } srv := &gossipTestServer{msgChan: make(chan uint64)} proto.RegisterGossipServer(s, srv) go s.Serve(ll) defer func() { s.Stop() ll.Close() }() time.Sleep(time.Second * time.Duration(2)) ta := credentials.NewTLS(&tls.Config{ InsecureSkipVerify: true, }) assert.NoError(t, err, "%v", err) if err != nil { return } conn, err := grpc.Dial("localhost:5511", grpc.WithTransportCredentials(&authCreds{tlsCreds: ta}), grpc.WithBlock(), grpc.WithTimeout(time.Second)) assert.NoError(t, err, "%v", err) if err != nil { return } cl := proto.NewGossipClient(conn) stream, err := cl.GossipStream(context.Background()) assert.NoError(t, err, "%v", err) if err != nil { return } time.Sleep(time.Duration(1) * time.Second) clientTLSUnique := ExtractTLSUnique(stream.Context()) serverTLSUnique := srv.getTLSUnique() assert.NotNil(t, clientTLSUnique) assert.NotNil(t, serverTLSUnique) assert.True(t, bytes.Equal(clientTLSUnique, serverTLSUnique), "Client and server TLSUnique are not equal") msg := createGossipMsg() stream.Send(msg) select { case nonce := <-srv.msgChan: assert.Equal(t, msg.Nonce, nonce) break case <-time.NewTicker(time.Second).C: assert.Fail(t, "Timed out reading from stream") } }