Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
bda999d54e
constellation/internal/grpc/dialer/dialer.go
Daniel Weiße 690b50b29d
dev-docs: Go package docs (#958) 
* Remove unused package

* Add Go package docs to most packages

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Co-authored-by: Fabian Kammel <fk@edgeless.systems>
2023-01-19 15:57:50 +01:00

79 lines
2.4 KiB
Go
Raw Blame History

/*
Copyright (c) Edgeless Systems GmbH
SPDX-License-Identifier: AGPL-3.0-only
*/
// Package dialer provides a grpc dialer that can be used to create grpc client connections with different levels of ATLS encryption / verification.
package dialer
import (
"context"
"net"
"github.com/edgelesssys/constellation/v2/internal/atls"
"github.com/edgelesssys/constellation/v2/internal/grpc/atlscredentials"
"google.golang.org/grpc"
"google.golang.org/grpc/credentials/insecure"
)
// Dialer can open grpc client connections with different levels of ATLS encryption / verification.
type Dialer struct {
issuer atls.Issuer
validator atls.Validator
netDialer NetDialer
}
// New creates a new Dialer.
func New(issuer atls.Issuer, validator atls.Validator, netDialer NetDialer) *Dialer {
return &Dialer{
issuer: issuer,
validator: validator,
netDialer: netDialer,
}
}
// Dial creates a new grpc client connection to the given target using the atls validator.
func (d *Dialer) Dial(ctx context.Context, target string) (*grpc.ClientConn, error) {
var validators []atls.Validator
if d.validator != nil {
validators = append(validators, d.validator)
}
credentials := atlscredentials.New(d.issuer, validators)
return grpc.DialContext(ctx, target,
d.grpcWithDialer(),
grpc.WithTransportCredentials(credentials),
)
}
// DialInsecure creates a new grpc client connection to the given target without using encryption or verification.
// Only use this method when using another kind of encryption / verification (VPN, etc).
func (d *Dialer) DialInsecure(ctx context.Context, target string) (*grpc.ClientConn, error) {
return grpc.DialContext(ctx, target,
d.grpcWithDialer(),
grpc.WithTransportCredentials(insecure.NewCredentials()),
)
}
// DialNoVerify creates a new grpc client connection to the given target without verifying the server's attestation.
func (d *Dialer) DialNoVerify(ctx context.Context, target string) (*grpc.ClientConn, error) {
credentials := atlscredentials.New(nil, nil)
return grpc.DialContext(ctx, target,
d.grpcWithDialer(),
grpc.WithTransportCredentials(credentials),
)
}
func (d *Dialer) grpcWithDialer() grpc.DialOption {
return grpc.WithContextDialer(func(ctx context.Context, addr string) (net.Conn, error) {
return d.netDialer.DialContext(ctx, "tcp", addr)
})
}
// NetDialer implements the net Dialer interface.
type NetDialer interface {
DialContext(ctx context.Context, network, address string) (net.Conn, error)
}
Reference in New Issue View Git Blame Copy Permalink