func (c *commImpl) createConnection(endpoint string, expectedPKIID common.PKIidType) (*connection, error) {
var err error
var cc *grpc.ClientConn
var stream proto.Gossip_GossipStreamClient
var pkiID common.PKIidType
c.logger.Debug("Entering", endpoint, expectedPKIID)
defer c.logger.Debug("Exiting")
if c.isStopping() {
return nil, fmt.Errorf("Stopping")
}
cc, err = grpc.Dial(endpoint, append(c.opts, grpc.WithBlock())...)
if err != nil {
return nil, err
}
cl := proto.NewGossipClient(cc)
if _, err = cl.Ping(context.Background(), &proto.Empty{}); err != nil {
cc.Close()
return nil, err
}
if stream, err = cl.GossipStream(context.Background()); err == nil {
pkiID, err = c.authenticateRemotePeer(stream)
if err == nil {
if expectedPKIID != nil && !bytes.Equal(pkiID, expectedPKIID) {
// PKIID is nil when we don't know the remote PKI id's
c.logger.Warning("Remote endpoint claims to be a different peer, expected", expectedPKIID, "but got", pkiID)
return nil, fmt.Errorf("Authentication failure")
}
conn := newConnection(cl, cc, stream, nil)
conn.pkiID = pkiID
conn.logger = c.logger
h := func(m *proto.GossipMessage) {
c.logger.Debug("Got message:", m)
c.msgPublisher.DeMultiplex(&ReceivedMessageImpl{
conn: conn,
lock: conn,
GossipMessage: m,
})
}
conn.handler = h
return conn, nil
}
}
cc.Close()
return nil, err
}
func (comm *dummyCommModule) Ping(peer *NetworkMember) bool {
comm.lock.Lock()
defer comm.lock.Unlock()
_, alreadyExists := comm.streams[peer.Endpoint]
if !alreadyExists {
newConn, err := grpc.Dial(peer.Endpoint, grpc.WithInsecure())
if err != nil {
return false
}
if stream, err := proto.NewGossipClient(newConn).GossipStream(context.Background()); err == nil {
comm.conns[peer.Endpoint] = newConn
comm.streams[peer.Endpoint] = stream
return true
}
return false
}
conn := comm.conns[peer.Endpoint]
if _, err := proto.NewGossipClient(conn).Ping(context.Background(), &proto.Empty{}); err != nil {
return false
}
return true
}
func (c *commImpl) Probe(remotePeer *RemotePeer) error {
endpoint := remotePeer.Endpoint
pkiID := remotePeer.PKIID
if c.isStopping() {
return fmt.Errorf("Stopping")
}
c.logger.Debug("Entering, endpoint:", endpoint, "PKIID:", pkiID)
var err error
opts := c.opts
if opts == nil {
opts = []grpc.DialOption{grpc.WithInsecure(), grpc.WithTimeout(dialTimeout)}
}
cc, err := grpc.Dial(endpoint, append(opts, grpc.WithBlock())...)
if err != nil {
c.logger.Debug("Returning", err)
return err
}
defer cc.Close()
cl := proto.NewGossipClient(cc)
_, err = cl.Ping(context.Background(), &proto.Empty{})
c.logger.Debug("Returning", err)
return err
}
func TestCertificateGeneration(t *testing.T) {
err := generateCertificates("key.pem", "cert.pem")
assert.NoError(t, err, "%v", err)
if err != nil {
return
}
defer os.Remove("cert.pem")
defer os.Remove("key.pem")
var ll net.Listener
creds, err := credentials.NewServerTLSFromFile("cert.pem", "key.pem")
assert.NoError(t, err, "%v", err)
if err != nil {
return
}
s := grpc.NewServer(grpc.Creds(creds))
ll, err = net.Listen("tcp", fmt.Sprintf("%s:%d", "", 5511))
assert.NoError(t, err, "%v", err)
if err != nil {
return
}
srv := &gossipTestServer{msgChan: make(chan uint64)}
proto.RegisterGossipServer(s, srv)
go s.Serve(ll)
defer func() {
s.Stop()
ll.Close()
}()
time.Sleep(time.Second * time.Duration(2))
ta := credentials.NewTLS(&tls.Config{
InsecureSkipVerify: true,
})
assert.NoError(t, err, "%v", err)
if err != nil {
return
}
conn, err := grpc.Dial("localhost:5511", grpc.WithTransportCredentials(&authCreds{tlsCreds: ta}), grpc.WithBlock(), grpc.WithTimeout(time.Second))
assert.NoError(t, err, "%v", err)
if err != nil {
return
}
cl := proto.NewGossipClient(conn)
stream, err := cl.GossipStream(context.Background())
assert.NoError(t, err, "%v", err)
if err != nil {
return
}
time.Sleep(time.Duration(1) * time.Second)
clientTLSUnique := ExtractTLSUnique(stream.Context())
serverTLSUnique := srv.getTLSUnique()
assert.NotNil(t, clientTLSUnique)
assert.NotNil(t, serverTLSUnique)
assert.True(t, bytes.Equal(clientTLSUnique, serverTLSUnique), "Client and server TLSUnique are not equal")
msg := createGossipMsg()
stream.Send(msg)
select {
case nonce := <-srv.msgChan:
assert.Equal(t, msg.Nonce, nonce)
break
case <-time.NewTicker(time.Second).C:
assert.Fail(t, "Timed out reading from stream")
}
}