Documentation ¶
Index ¶
- Variables
- func ClientKeepaliveOptions() []grpc.DialOption
- func GetPeerTestingAddress(port string) string
- func InitTLSForPeer() credentials.TransportCredentials
- func MaxRecvMsgSize() int
- func MaxSendMsgSize() int
- func NewClientConnectionWithAddress(peerAddress string, block bool, tslEnabled bool, ...) (*grpc.ClientConn, error)
- func NewServerTransportCredentials(serverConfig *tls.Config) credentials.TransportCredentials
- func ServerKeepaliveOptions() []grpc.ServerOption
- func SetKeepaliveOptions(ka KeepaliveOptions)
- func SetMaxRecvMsgSize(size int)
- func SetMaxSendMsgSize(size int)
- func TLSEnabled() bool
- type CASupport
- func (cas *CASupport) GetClientRootCAs() (appRootCAs, ordererRootCAs [][]byte)
- func (cas *CASupport) GetDeliverServiceCredentials(channelID string) (credentials.TransportCredentials, error)
- func (cas *CASupport) GetPeerCredentials(tlsCert tls.Certificate) credentials.TransportCredentials
- func (cas *CASupport) GetServerRootCAs() (appRootCAs, ordererRootCAs [][]byte)
- type ConnectionFactory
- type ConnectionProducer
- type GRPCServer
- type KeepaliveOptions
- type SecureServerConfig
Constants ¶
This section is empty.
Variables ¶
var ( ClientHandshakeNotImplError = errors.New("core/comm: Client handshakes" + "are not implemented with serverCreds") OverrrideHostnameNotSupportedError = errors.New( "core/comm: OverrideServerName is " + "not supported") MissingServerConfigError = errors.New( "core/comm: `serverConfig` cannot be nil") )
Functions ¶
func ClientKeepaliveOptions ¶
func ClientKeepaliveOptions() []grpc.DialOption
ClientKeepaliveOptions returns the gRPC keepalive options for clients
func InitTLSForPeer ¶
func InitTLSForPeer() credentials.TransportCredentials
InitTLSForPeer returns TLS credentials for peer
func MaxRecvMsgSize ¶
func MaxRecvMsgSize() int
MaxRecvMsgSize returns the maximum message size in bytes that gRPC clients and servers can receive
func MaxSendMsgSize ¶
func MaxSendMsgSize() int
MaxSendMsgSize returns the maximum message size in bytes that gRPC clients and servers can send
func NewClientConnectionWithAddress ¶
func NewClientConnectionWithAddress(peerAddress string, block bool, tslEnabled bool, creds credentials.TransportCredentials) (*grpc.ClientConn, error)
NewClientConnectionWithAddress Returns a new grpc.ClientConn to the given address.
func NewServerTransportCredentials ¶
func NewServerTransportCredentials(serverConfig *tls.Config) credentials.TransportCredentials
NewServerTransportCredentials returns a new initialized grpc/gmcredentials.TransportCredentials
func ServerKeepaliveOptions ¶
func ServerKeepaliveOptions() []grpc.ServerOption
ServerKeepaliveOptions returns the gRPC keepalive options for servers
func SetKeepaliveOptions ¶
func SetKeepaliveOptions(ka KeepaliveOptions)
SetKeepaliveOptions sets the gRPC keepalive options for both clients and servers
func SetMaxRecvMsgSize ¶
func SetMaxRecvMsgSize(size int)
SetMaxRecvMsgSize sets the maximum message size in bytes that gRPC clients and servers can receive
Types ¶
type CASupport ¶
type CASupport struct { sync.RWMutex AppRootCAsByChain map[string][][]byte OrdererRootCAsByChain map[string][][]byte ClientRootCAs [][]byte ServerRootCAs [][]byte }
CASupport type manages certificate authorities scoped by channel
func GetCASupport ¶
func GetCASupport() *CASupport
GetCASupport returns the signleton CASupport instance
func (*CASupport) GetClientRootCAs ¶
GetClientRootCAs returns the PEM-encoded root certificates for all of the application and orderer organizations defined for all chains. The root certificates returned should be used to set the trusted client roots for TLS servers.
func (*CASupport) GetDeliverServiceCredentials ¶
func (cas *CASupport) GetDeliverServiceCredentials(channelID string) (credentials.TransportCredentials, error)
GetDeliverServiceCredentials returns GRPC transport credentials for given channel to be used by GRPC clients which communicate with ordering service endpoints. If the channel isn't found, error is returned.
func (*CASupport) GetPeerCredentials ¶
func (cas *CASupport) GetPeerCredentials(tlsCert tls.Certificate) credentials.TransportCredentials
GetPeerCredentials returns GRPC transport credentials for use by GRPC clients which communicate with remote peer endpoints.
func (*CASupport) GetServerRootCAs ¶
GetServerRootCAs returns the PEM-encoded root certificates for all of the application and orderer organizations defined for all chains. The root certificates returned should be used to set the trusted server roots for TLS clients.
type ConnectionFactory ¶
type ConnectionFactory func(endpoint string) (*grpc.ClientConn, error)
ConnectionFactory creates a connection to a certain endpoint
type ConnectionProducer ¶
type ConnectionProducer interface { // NewConnection creates a new connection. // Returns the connection, the endpoint selected, nil on success. // Returns nil, "", error on failure NewConnection() (*grpc.ClientConn, string, error) // UpdateEndpoints updates the endpoints of the ConnectionProducer // to be the given endpoints UpdateEndpoints(endpoints []string) }
ConnectionProducer produces connections out of a set of predefined endpoints
func NewConnectionProducer ¶
func NewConnectionProducer(factory ConnectionFactory, endpoints []string) ConnectionProducer
NewConnectionProducer creates a new ConnectionProducer with given endpoints and connection factory. It returns nil, if the given endpoints slice is empty.
type GRPCServer ¶
type GRPCServer interface { //Address returns the listen address for the GRPCServer Address() string //Start starts the underlying grpc.Server Start() error //Stop stops the underlying grpc.Server Stop() //Server returns the grpc.Server instance for the GRPCServer Server() *grpc.Server //Listener returns the net.Listener instance for the GRPCServer Listener() net.Listener //ServerCertificate returns the tls.Certificate used by the grpc.Server ServerCertificate() tls.Certificate //TLSEnabled is a flag indicating whether or not TLS is enabled for this //GRPCServer instance TLSEnabled() bool //AppendClientRootCAs appends PEM-encoded X509 certificate authorities to //the list of authorities used to verify client certificates AppendClientRootCAs(clientRoots [][]byte) error //RemoveClientRootCAs removes PEM-encoded X509 certificate authorities from //the list of authorities used to verify client certificates RemoveClientRootCAs(clientRoots [][]byte) error //SetClientRootCAs sets the list of authorities used to verify client //certificates based on a list of PEM-encoded X509 certificate authorities SetClientRootCAs(clientRoots [][]byte) error }
GRPCServer defines an interface representing a GRPC-based server
func NewGRPCServer ¶
func NewGRPCServer(address string, secureConfig SecureServerConfig) (GRPCServer, error)
NewGRPCServer creates a new implementation of a GRPCServer given a listen address.
func NewGRPCServerFromListener ¶
func NewGRPCServerFromListener(listener net.Listener, secureConfig SecureServerConfig) (GRPCServer, error)
NewGRPCServerFromListener creates a new implementation of a GRPCServer given an existing net.Listener instance.
type KeepaliveOptions ¶
type KeepaliveOptions struct { // ClientKeepaliveTime is the duration in seconds after which if the client // does not see any activity from the server it pings the server to see // if it is alive ClientKeepaliveTime int // ClientKeepaliveTimeout is the duration the client waits for a response // from the server after sending a ping before closing the connection ClientKeepaliveTimeout int // ServerKeepaliveTime is the duration in seconds after which if the server // does not see any activity from the client it pings the client to see // if it is alive ServerKeepaliveTime int // ServerKeepaliveTimeout is the duration the server waits for a response // from the client after sending a ping before closing the connection ServerKeepaliveTimeout int }
KeepAliveOptions is used to set the gRPC keepalive settings for both clients and servers
type SecureServerConfig ¶
type SecureServerConfig struct { //PEM-encoded X509 public key to be used by the server for TLS communication ServerCertificate []byte //PEM-encoded private key to be used by the server for TLS communication ServerKey []byte //Set of PEM-encoded X509 certificate authorities to optionally send //as part of the server handshake ServerRootCAs [][]byte //Set of PEM-encoded X509 certificate authorities to use when verifying //client certificates ClientRootCAs [][]byte //Whether or not to use TLS for communication UseTLS bool //Whether or not TLS client must present certificates for authentication RequireClientCert bool }
A SecureServerConfig structure is used to configure security (e.g. TLS) for a GRPCServer instance