func (g *gregorHandler) connectTLS(uri *rpc.FMPURI) error {
g.Debug("connecting to gregord via TLS at %s", uri)
rawCA := g.G().Env.GetBundledCA(uri.Host)
if len(rawCA) == 0 {
return fmt.Errorf("No bundled CA for %s", uri.Host)
}
g.Debug("Using CA for gregor: %s", libkb.ShortCA(rawCA))
g.connMutex.Lock()
g.conn = rpc.NewTLSConnection(uri.HostPort, []byte(rawCA), keybase1.ErrorUnwrapper{}, g, true, libkb.NewRPCLogFactory(g.G()), keybase1.WrapError, g.G().Log, nil)
g.connMutex.Unlock()
// The client we get here will reconnect to gregord on disconnect if necessary.
// We should grab it here instead of in OnConnect, since the connection is not
// fully established in OnConnect. Anything that wants to make calls outside
// of OnConnect should use g.cli, everything else should the client that is
// a paramater to OnConnect
g.cli = g.conn.GetClient()
// Start up ping loop to keep the connection to gregord alive, and to kick
// off the reconnect logic in the RPC library
go g.pingLoop()
return nil
}
// NewMDServerRemote returns a new instance of MDServerRemote.
func NewMDServerRemote(config Config, srvAddr string) *MDServerRemote {
mdServer := &MDServerRemote{
config: config,
observers: make(map[TlfID]chan<- error),
log: config.MakeLogger(""),
rekeyTimer: time.NewTimer(MdServerBackgroundRekeyPeriod),
}
mdServer.authToken = NewAuthToken(config,
MdServerTokenServer, MdServerTokenExpireIn,
"libkbfs_mdserver_remote", mdServer)
conn := rpc.NewTLSConnection(srvAddr, GetRootCerts(srvAddr),
MDServerErrorUnwrapper{}, mdServer, true,
libkb.NewRPCLogFactory(libkb.G), libkb.WrapError,
config.MakeLogger(""), LogTagsFromContext)
mdServer.conn = conn
mdServer.client = keybase1.MetadataClient{Cli: conn.GetClient()}
// Check for rekey opportunities periodically.
rekeyCtx, rekeyCancel := context.WithCancel(context.Background())
mdServer.rekeyCancel = rekeyCancel
go mdServer.backgroundRekeyChecker(rekeyCtx)
return mdServer
}
