Пример #1
0
func (c *commImpl) createConnection(endpoint string, expectedPKIID common.PKIidType) (*connection, error) {
	var err error
	var cc *grpc.ClientConn
	var stream proto.Gossip_GossipStreamClient
	var pkiID common.PKIidType

	c.logger.Debug("Entering", endpoint, expectedPKIID)
	defer c.logger.Debug("Exiting")

	if c.isStopping() {
		return nil, fmt.Errorf("Stopping")
	}
	cc, err = grpc.Dial(endpoint, append(c.opts, grpc.WithBlock())...)
	if err != nil {
		return nil, err
	}

	cl := proto.NewGossipClient(cc)

	if _, err = cl.Ping(context.Background(), &proto.Empty{}); err != nil {
		cc.Close()
		return nil, err
	}

	if stream, err = cl.GossipStream(context.Background()); err == nil {
		pkiID, err = c.authenticateRemotePeer(stream)
		if err == nil {
			if expectedPKIID != nil && !bytes.Equal(pkiID, expectedPKIID) {
				// PKIID is nil when we don't know the remote PKI id's
				c.logger.Warning("Remote endpoint claims to be a different peer, expected", expectedPKIID, "but got", pkiID)
				return nil, fmt.Errorf("Authentication failure")
			}
			conn := newConnection(cl, cc, stream, nil)
			conn.pkiID = pkiID
			conn.logger = c.logger

			h := func(m *proto.GossipMessage) {
				c.logger.Debug("Got message:", m)
				c.msgPublisher.DeMultiplex(&ReceivedMessageImpl{
					conn:          conn,
					lock:          conn,
					GossipMessage: m,
				})
			}
			conn.handler = h
			return conn, nil
		}
	}
	cc.Close()
	return nil, err
}
Пример #2
0
func (comm *dummyCommModule) Ping(peer *NetworkMember) bool {
	comm.lock.Lock()
	defer comm.lock.Unlock()

	_, alreadyExists := comm.streams[peer.Endpoint]
	if !alreadyExists {
		newConn, err := grpc.Dial(peer.Endpoint, grpc.WithInsecure())
		if err != nil {
			return false
		}
		if stream, err := proto.NewGossipClient(newConn).GossipStream(context.Background()); err == nil {
			comm.conns[peer.Endpoint] = newConn
			comm.streams[peer.Endpoint] = stream
			return true
		}
		return false
	}
	conn := comm.conns[peer.Endpoint]
	if _, err := proto.NewGossipClient(conn).Ping(context.Background(), &proto.Empty{}); err != nil {
		return false
	}
	return true
}
Пример #3
0
func (c *commImpl) Probe(remotePeer *RemotePeer) error {
	endpoint := remotePeer.Endpoint
	pkiID := remotePeer.PKIID
	if c.isStopping() {
		return fmt.Errorf("Stopping")
	}
	c.logger.Debug("Entering, endpoint:", endpoint, "PKIID:", pkiID)
	var err error

	opts := c.opts
	if opts == nil {
		opts = []grpc.DialOption{grpc.WithInsecure(), grpc.WithTimeout(dialTimeout)}
	}
	cc, err := grpc.Dial(endpoint, append(opts, grpc.WithBlock())...)
	if err != nil {
		c.logger.Debug("Returning", err)
		return err
	}
	defer cc.Close()
	cl := proto.NewGossipClient(cc)
	_, err = cl.Ping(context.Background(), &proto.Empty{})
	c.logger.Debug("Returning", err)
	return err
}
Пример #4
0
func TestCertificateGeneration(t *testing.T) {
	err := generateCertificates("key.pem", "cert.pem")
	assert.NoError(t, err, "%v", err)
	if err != nil {
		return
	}
	defer os.Remove("cert.pem")
	defer os.Remove("key.pem")
	var ll net.Listener
	creds, err := credentials.NewServerTLSFromFile("cert.pem", "key.pem")
	assert.NoError(t, err, "%v", err)
	if err != nil {
		return
	}
	s := grpc.NewServer(grpc.Creds(creds))
	ll, err = net.Listen("tcp", fmt.Sprintf("%s:%d", "", 5511))
	assert.NoError(t, err, "%v", err)
	if err != nil {
		return
	}
	srv := &gossipTestServer{msgChan: make(chan uint64)}
	proto.RegisterGossipServer(s, srv)
	go s.Serve(ll)
	defer func() {
		s.Stop()
		ll.Close()
	}()
	time.Sleep(time.Second * time.Duration(2))
	ta := credentials.NewTLS(&tls.Config{
		InsecureSkipVerify: true,
	})
	assert.NoError(t, err, "%v", err)
	if err != nil {
		return
	}
	conn, err := grpc.Dial("localhost:5511", grpc.WithTransportCredentials(&authCreds{tlsCreds: ta}), grpc.WithBlock(), grpc.WithTimeout(time.Second))
	assert.NoError(t, err, "%v", err)
	if err != nil {
		return
	}
	cl := proto.NewGossipClient(conn)
	stream, err := cl.GossipStream(context.Background())
	assert.NoError(t, err, "%v", err)
	if err != nil {
		return
	}

	time.Sleep(time.Duration(1) * time.Second)

	clientTLSUnique := ExtractTLSUnique(stream.Context())
	serverTLSUnique := srv.getTLSUnique()

	assert.NotNil(t, clientTLSUnique)
	assert.NotNil(t, serverTLSUnique)

	assert.True(t, bytes.Equal(clientTLSUnique, serverTLSUnique), "Client and server TLSUnique are not equal")

	msg := createGossipMsg()
	stream.Send(msg)
	select {
	case nonce := <-srv.msgChan:
		assert.Equal(t, msg.Nonce, nonce)
		break
	case <-time.NewTicker(time.Second).C:
		assert.Fail(t, "Timed out reading from stream")
	}
}