dragonflyoss
/
dragonfly
mirror of https://github.com/dragonflyoss/dragonfly.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

chore(client/daemon): cleanup, and add noTLSConfig (#2783) 

chore(client/daemon): cleanup, and add noTLSConfig instead nil for better readable

Signed-off-by: Sasha Melentyev <sasha@melentyev.io>
This commit is contained in:
Sasha Melentyev 2023-10-10 05:42:53 +03:00 committed by GitHub
parent 2b4e378007
commit eeea18b16e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
client/daemon/daemon.go
View File

@ -120,7 +120,7 @@ func New(opt *config.DaemonOption, d dfpath.Dfpath) (Daemon, error) {
tmpOpt := config.NewDaemonConfig() tmpOpt := config.NewDaemonConfig()
err := tmpOpt.Load(viper.ConfigFileUsed()) err := tmpOpt.Load(viper.ConfigFileUsed())
if err != nil { if err != nil {
return nil, fmt.Errorf("read config error: %s", err) return nil, fmt.Errorf("read config error: %w", err)
} }
err = source.InitSourceClients(tmpOpt.Download.ResourceClients) err = source.InitSourceClients(tmpOpt.Download.ResourceClients)
@ -400,15 +400,17 @@ func loadLegacyGPRCTLSCredentials(opt config.SecurityOption, certifyClient *cert
return loadGPRCTLSCredentialsWithOptions(opt.TLSConfig, security, options...) return loadGPRCTLSCredentialsWithOptions(opt.TLSConfig, security, options...)
} }
var noTLSConfig *tls.Config = nil
func loadGlobalGPRCTLSCredentials(certifyClient *certify.Certify, security config.GlobalSecurityOption) (credentials.TransportCredentials, error) { func loadGlobalGPRCTLSCredentials(certifyClient *certify.Certify, security config.GlobalSecurityOption) (credentials.TransportCredentials, error) {
return loadGPRCTLSCredentialsWithOptions(nil, security, func(c *tls.Config) { return loadGPRCTLSCredentialsWithOptions(noTLSConfig, security, func(c *tls.Config) {
c.GetCertificate = config.GetCertificate(certifyClient) c.GetCertificate = config.GetCertificate(certifyClient)
c.GetClientCertificate = certifyClient.GetClientCertificate c.GetClientCertificate = certifyClient.GetClientCertificate
}) })
} }
func loadManagerGPRCTLSCredentials(security config.GlobalSecurityOption) (credentials.TransportCredentials, error) { func loadManagerGPRCTLSCredentials(security config.GlobalSecurityOption) (credentials.TransportCredentials, error) {
return loadGPRCTLSCredentialsWithOptions(nil, security, func(c *tls.Config) { return loadGPRCTLSCredentialsWithOptions(noTLSConfig, security, func(c *tls.Config) {
c.ClientAuth = tls.NoClientCert c.ClientAuth = tls.NoClientCert
}) })
} }
@ -418,11 +420,11 @@ func loadGPRCTLSCredentialsWithOptions(baseConfig *tls.Config, security config.G
certPool := x509.NewCertPool() certPool := x509.NewCertPool()
if security.CACert == "" { if security.CACert == "" {
return nil, fmt.Errorf("empty glocal CA's certificate") return nil, errors.New("empty global CA's certificate")
} }
if !certPool.AppendCertsFromPEM([]byte(security.CACert)) { if !certPool.AppendCertsFromPEM([]byte(security.CACert)) {
return nil, fmt.Errorf("failed to add global CA's certificate") return nil, errors.New("failed to add global CA's certificate")
} }
var tlsConfig *tls.Config var tlsConfig *tls.Config