GO-2024-2817: karmada vulnerable to arbitrary code execution via a crafted command in github.com/karmada-io/karmada

grpcconnection

package

v1.12.1 Latest Latest Go to latest Published: Dec 13, 2024 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/karmada-io/karmada

Documentation ¶

Index ¶

type ClientConfig
- func (c *ClientConfig) DialWithTimeOut(paths []string, timeout time.Duration) (*grpc.ClientConn, error)
type ServerConfig
- func (s *ServerConfig) NewServer() (*grpc.Server, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type ClientConfig ¶

type ClientConfig struct {
	// TargetPort the target port on which to establish a gRPC connection.
	TargetPort int
	// InsecureSkipServerVerify controls whether a client verifies the server's
	// certificate chain and host name. If InsecureSkipServerVerify is true, crypto/tls
	// accepts any certificate presented by the server and any host name in that
	// certificate. In this mode, TLS is susceptible to machine-in-the-middle
	// attacks unless custom verification is used. This should be used only for
	// testing or in combination with VerifyConnection or VerifyPeerCertificate.
	InsecureSkipServerVerify bool
	// ServerAuthCAFile SSL Certificate Authority file used to verify grpc server certificates.
	ServerAuthCAFile string
	// SSL certification file used for grpc SSL/TLS connections.
	CertFile string
	// SSL key file used for grpc SSL/TLS connections.
	KeyFile string
}

ClientConfig the config of GRPC client side.

func (*ClientConfig) DialWithTimeOut ¶

func (c *ClientConfig) DialWithTimeOut(paths []string, timeout time.Duration) (*grpc.ClientConn, error)

DialWithTimeOut will attempt to create a client connection based on the given targets, one at a time, until a client connection is successfully established.

type ServerConfig ¶

type ServerConfig struct {
	// ServerPort The secure port on which to serve gRPC.
	ServerPort int
	// InsecureSkipClientVerify Controls whether verifies the client's certificate chain and host name.
	// When this is set to false, server will check all incoming HTTPS requests for a client certificate signed by the trusted CA,
	// requests that don’t supply a valid client certificate will fail. If authentication is enabled,
	// the certificate provides credentials for the user name given by the Common Name field.
	InsecureSkipClientVerify bool
	// ClientAuthCAFile SSL Certificate Authority file used to verify grpc client certificates on incoming requests.
	ClientAuthCAFile string
	// CertFile SSL certification file used for grpc SSL/TLS connections.
	CertFile string
	// KeyFile SSL key file used for grpc SSL/TLS connections.
	KeyFile string
}

ServerConfig the config of GRPC server side.

func (*ServerConfig) NewServer ¶

func (s *ServerConfig) NewServer() (*grpc.Server, error)

NewServer creates a gRPC server which has no service registered and has not started to accept requests yet.

Source Files ¶

View all Source files

config.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL