Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-08-09 07:22:40 -04:00
Code Issues Projects Releases Packages Wiki Activity

Dynamic grpc client credentials (#204)

Browse source 
* Add an aTLS wrapper for grpc credentials

* Move grpc dialers to internal and use aTLS grpc credentials

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
This commit is contained in:
Daniel Weiße 2022-06-13 11:40:27 +02:00 committed by GitHub
parent 6e9428a234
commit 1e19e64fbc
25 changed files with 291 additions and 189 deletions
Download patch file Download diff file Expand all files Collapse all files

9
cli/internal/proto/recover.go
View file

@ -5,9 +5,9 @@ import (
"errors"
"github.com/edgelesssys/constellation/internal/atls"
"github.com/edgelesssys/constellation/internal/grpc/atlscredentials"
"github.com/edgelesssys/constellation/state/keyservice/keyproto"
"google.golang.org/grpc"
"google.golang.org/grpc/credentials"
)
// KeyClient wraps a KeyAPI client and the connection to it.
@ -22,12 +22,9 @@ type KeyClient struct {
// called on a client that already has a connection, the old
// connection is closed.
func (c *KeyClient) Connect(endpoint string, validators []atls.Validator) error {
tlsConfig, err := atls.CreateAttestationClientTLSConfig(nil, validators)
if err != nil {
return err
}
creds := atlscredentials.New(nil, validators)
conn, err := grpc.Dial(endpoint, grpc.WithTransportCredentials(credentials.NewTLS(tlsConfig)))
conn, err := grpc.Dial(endpoint, grpc.WithTransportCredentials(creds))
if err != nil {
return err
}