diff options
| author | Paul Cristian Sarbu <paul.cristian.sarbu@huawei.com> | 2024-07-02 16:47:13 +0200 |
|---|---|---|
| committer | Paul Cristian Sarbu <paul.cristian.sarbu@huawei.com> | 2024-07-04 16:05:08 +0200 |
| commit | c2f7ead468d5e65c57e7ecb49d7fbba4254c46b7 (patch) | |
| tree | b96ce2e63d9d6a2d486cb4133c290187156b97ac /src/buildtool/common/remote/client_common.hpp | |
| parent | 0d60cd9ba4a5c18b01b6ef996434953071f0576e (diff) | |
| download | justbuild-c2f7ead468d5e65c57e7ecb49d7fbba4254c46b7.tar.gz | |
Replace the Auth and Auth::TLS singletons
Use a builder pattern for creation and validation, in a manner that
allows also other authentication methods to be added in the future
besides the current TLS/SSL.
The main Auth instances are built early and then passed by not_null
const pointers, to avoid passing temporaries, replacing the previous
Auth::TLS instances passed by simple nullable const pointers. Where
needed, these passed Auth instances are also stored, by const ref.
Tests also build Auth instances as needed, either with the default
'no certification' or from the test environment arguments.
Diffstat (limited to 'src/buildtool/common/remote/client_common.hpp')
| -rw-r--r-- | src/buildtool/common/remote/client_common.hpp | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/src/buildtool/common/remote/client_common.hpp b/src/buildtool/common/remote/client_common.hpp index 4fd9e9a7..58c19458 100644 --- a/src/buildtool/common/remote/client_common.hpp +++ b/src/buildtool/common/remote/client_common.hpp @@ -21,9 +21,11 @@ #include <optional> #include <sstream> #include <string> +#include <variant> #include "fmt/core.h" #include "grpcpp/grpcpp.h" +#include "gsl/gsl" #include "src/buildtool/auth/authentication.hpp" #include "src/buildtool/common/bazel_types.hpp" #include "src/buildtool/common/remote/port.hpp" @@ -33,16 +35,18 @@ [[maybe_unused]] [[nodiscard]] static inline auto CreateChannelWithCredentials( std::string const& server, Port port, - Auth::TLS const* auth) noexcept { + gsl::not_null<Auth const*> const& auth) noexcept { std::shared_ptr<grpc::ChannelCredentials> creds; std::string address = server + ':' + std::to_string(port); - if (auth != nullptr) { + if (const auto* tls_auth = std::get_if<Auth::TLS>(&auth->method); + tls_auth != nullptr) { auto tls_opts = grpc::SslCredentialsOptions{ - auth->CACert(), auth->ClientKey(), auth->ClientCert()}; + tls_auth->ca_cert, tls_auth->client_key, tls_auth->client_cert}; creds = grpc::SslCredentials(tls_opts); } else { + // currently only TLS/SSL is supported creds = grpc::InsecureChannelCredentials(); } return grpc::CreateChannel(address, creds); |