Chris Lu
6 years ago
53 changed files with 382 additions and 188 deletions
-
8unmaintained/repeated_vacuum/repeated_vacuum.go
-
11weed/command/backup.go
-
14weed/command/benchmark.go
-
6weed/command/filer.go
-
49weed/command/filer_copy.go
-
1weed/command/filer_replication.go
-
7weed/command/master.go
-
7weed/command/mount_std.go
-
6weed/command/s3.go
-
26weed/command/scaffold.go
-
8weed/command/server.go
-
11weed/command/upload.go
-
7weed/command/volume.go
-
7weed/filer2/filer.go
-
4weed/filer2/filer_deletion.go
-
4weed/filer2/leveldb/leveldb_store_test.go
-
4weed/filer2/memdb/memdb_store_test.go
-
5weed/filesys/filehandle.go
-
3weed/filesys/wfs.go
-
2weed/filesys/wfs_deletion.go
-
5weed/operation/assign_file_id.go
-
5weed/operation/chunked_file.go
-
15weed/operation/delete_content.go
-
8weed/operation/grpc_client.go
-
5weed/operation/lookup.go
-
5weed/operation/stats.go
-
19weed/operation/submit.go
-
9weed/operation/sync_volume.go
-
2weed/replication/sink/filersink/fetch_write.go
-
19weed/replication/sink/filersink/filer_sink.go
-
15weed/replication/source/filer_source.go
-
2weed/s3api/s3api_handlers.go
-
2weed/s3api/s3api_server.go
-
66weed/security/tls.go
-
5weed/server/common.go
-
4weed/server/filer_grpc_server.go
-
13weed/server/filer_server.go
-
2weed/server/filer_server_handlers_write.go
-
2weed/server/master_grpc_server_volume.go
-
7weed/server/master_server.go
-
2weed/server/master_server_handlers.go
-
10weed/server/master_server_handlers_admin.go
-
11weed/server/volume_grpc_client_to_master.go
-
18weed/server/volume_server.go
-
2weed/server/volume_server_handlers_write.go
-
21weed/storage/volume_sync.go
-
5weed/topology/allocate_volume.go
-
5weed/topology/topology_event_handling.go
-
31weed/topology/topology_vacuum.go
-
17weed/topology/volume_growth.go
-
4weed/util/grpc_client_server.go
-
29weed/wdclient/masterclient.go
-
15weed/wdclient/wdclient.go
@ -0,0 +1,66 @@ |
|||||
|
package security |
||||
|
|
||||
|
import ( |
||||
|
"crypto/tls" |
||||
|
"crypto/x509" |
||||
|
"github.com/spf13/viper" |
||||
|
"io/ioutil" |
||||
|
|
||||
|
"github.com/chrislusf/seaweedfs/weed/glog" |
||||
|
"google.golang.org/grpc" |
||||
|
"google.golang.org/grpc/credentials" |
||||
|
) |
||||
|
|
||||
|
func LoadServerTLS(config *viper.Viper, component string) grpc.ServerOption { |
||||
|
if config == nil { |
||||
|
return nil |
||||
|
} |
||||
|
|
||||
|
// load cert/key, ca cert
|
||||
|
cert, err := tls.LoadX509KeyPair(config.GetString(component+".cert"), config.GetString(component+".key")) |
||||
|
if err != nil { |
||||
|
glog.Errorf("load cert/key error: %v", err) |
||||
|
return nil |
||||
|
} |
||||
|
caCert, err := ioutil.ReadFile(config.GetString("ca")) |
||||
|
if err != nil { |
||||
|
glog.Errorf("read ca cert file error: %v", err) |
||||
|
return nil |
||||
|
} |
||||
|
caCertPool := x509.NewCertPool() |
||||
|
caCertPool.AppendCertsFromPEM(caCert) |
||||
|
ta := credentials.NewTLS(&tls.Config{ |
||||
|
Certificates: []tls.Certificate{cert}, |
||||
|
ClientCAs: caCertPool, |
||||
|
ClientAuth: tls.RequireAndVerifyClientCert, |
||||
|
}) |
||||
|
|
||||
|
return grpc.Creds(ta) |
||||
|
} |
||||
|
|
||||
|
func LoadClientTLS(config *viper.Viper, component string) grpc.DialOption { |
||||
|
if config == nil { |
||||
|
return grpc.WithInsecure() |
||||
|
} |
||||
|
|
||||
|
// load cert/key, cacert
|
||||
|
cert, err := tls.LoadX509KeyPair(config.GetString(component+".cert"), config.GetString(component+".key")) |
||||
|
if err != nil { |
||||
|
glog.Errorf("load cert/key error: %v", err) |
||||
|
return grpc.WithInsecure() |
||||
|
} |
||||
|
caCert, err := ioutil.ReadFile(config.GetString("ca")) |
||||
|
if err != nil { |
||||
|
glog.Errorf("read ca cert file error: %v", err) |
||||
|
return grpc.WithInsecure() |
||||
|
} |
||||
|
caCertPool := x509.NewCertPool() |
||||
|
caCertPool.AppendCertsFromPEM(caCert) |
||||
|
|
||||
|
ta := credentials.NewTLS(&tls.Config{ |
||||
|
Certificates: []tls.Certificate{cert}, |
||||
|
RootCAs: caCertPool, |
||||
|
InsecureSkipVerify: true, |
||||
|
}) |
||||
|
return grpc.WithTransportCredentials(ta) |
||||
|
} |
@ -1,15 +0,0 @@ |
|||||
package wdclient |
|
||||
|
|
||||
import ( |
|
||||
"context" |
|
||||
) |
|
||||
|
|
||||
type SeaweedClient struct { |
|
||||
*MasterClient |
|
||||
} |
|
||||
|
|
||||
func NewSeaweedClient(ctx context.Context, clientName string, masters []string) *SeaweedClient { |
|
||||
return &SeaweedClient{ |
|
||||
MasterClient: NewMasterClient(ctx, clientName, masters), |
|
||||
} |
|
||||
} |
|
Write
Preview
Loading…
Cancel
Save
Reference in new issue