Chris Lu
6 years ago
53 changed files with 382 additions and 188 deletions
-
8unmaintained/repeated_vacuum/repeated_vacuum.go
-
11weed/command/backup.go
-
14weed/command/benchmark.go
-
6weed/command/filer.go
-
35weed/command/filer_copy.go
-
1weed/command/filer_replication.go
-
7weed/command/master.go
-
7weed/command/mount_std.go
-
6weed/command/s3.go
-
26weed/command/scaffold.go
-
8weed/command/server.go
-
11weed/command/upload.go
-
7weed/command/volume.go
-
7weed/filer2/filer.go
-
4weed/filer2/filer_deletion.go
-
4weed/filer2/leveldb/leveldb_store_test.go
-
4weed/filer2/memdb/memdb_store_test.go
-
5weed/filesys/filehandle.go
-
3weed/filesys/wfs.go
-
2weed/filesys/wfs_deletion.go
-
5weed/operation/assign_file_id.go
-
5weed/operation/chunked_file.go
-
15weed/operation/delete_content.go
-
8weed/operation/grpc_client.go
-
5weed/operation/lookup.go
-
5weed/operation/stats.go
-
19weed/operation/submit.go
-
9weed/operation/sync_volume.go
-
2weed/replication/sink/filersink/fetch_write.go
-
5weed/replication/sink/filersink/filer_sink.go
-
11weed/replication/source/filer_source.go
-
2weed/s3api/s3api_handlers.go
-
2weed/s3api/s3api_server.go
-
66weed/security/tls.go
-
5weed/server/common.go
-
4weed/server/filer_grpc_server.go
-
5weed/server/filer_server.go
-
2weed/server/filer_server_handlers_write.go
-
2weed/server/master_grpc_server_volume.go
-
7weed/server/master_server.go
-
2weed/server/master_server_handlers.go
-
10weed/server/master_server_handlers_admin.go
-
11weed/server/volume_grpc_client_to_master.go
-
4weed/server/volume_server.go
-
2weed/server/volume_server_handlers_write.go
-
21weed/storage/volume_sync.go
-
5weed/topology/allocate_volume.go
-
5weed/topology/topology_event_handling.go
-
31weed/topology/topology_vacuum.go
-
17weed/topology/volume_growth.go
-
4weed/util/grpc_client_server.go
-
13weed/wdclient/masterclient.go
-
15weed/wdclient/wdclient.go
@ -0,0 +1,66 @@ |
|||
package security |
|||
|
|||
import ( |
|||
"crypto/tls" |
|||
"crypto/x509" |
|||
"github.com/spf13/viper" |
|||
"io/ioutil" |
|||
|
|||
"github.com/chrislusf/seaweedfs/weed/glog" |
|||
"google.golang.org/grpc" |
|||
"google.golang.org/grpc/credentials" |
|||
) |
|||
|
|||
func LoadServerTLS(config *viper.Viper, component string) grpc.ServerOption { |
|||
if config == nil { |
|||
return nil |
|||
} |
|||
|
|||
// load cert/key, ca cert
|
|||
cert, err := tls.LoadX509KeyPair(config.GetString(component+".cert"), config.GetString(component+".key")) |
|||
if err != nil { |
|||
glog.Errorf("load cert/key error: %v", err) |
|||
return nil |
|||
} |
|||
caCert, err := ioutil.ReadFile(config.GetString("ca")) |
|||
if err != nil { |
|||
glog.Errorf("read ca cert file error: %v", err) |
|||
return nil |
|||
} |
|||
caCertPool := x509.NewCertPool() |
|||
caCertPool.AppendCertsFromPEM(caCert) |
|||
ta := credentials.NewTLS(&tls.Config{ |
|||
Certificates: []tls.Certificate{cert}, |
|||
ClientCAs: caCertPool, |
|||
ClientAuth: tls.RequireAndVerifyClientCert, |
|||
}) |
|||
|
|||
return grpc.Creds(ta) |
|||
} |
|||
|
|||
func LoadClientTLS(config *viper.Viper, component string) grpc.DialOption { |
|||
if config == nil { |
|||
return grpc.WithInsecure() |
|||
} |
|||
|
|||
// load cert/key, cacert
|
|||
cert, err := tls.LoadX509KeyPair(config.GetString(component+".cert"), config.GetString(component+".key")) |
|||
if err != nil { |
|||
glog.Errorf("load cert/key error: %v", err) |
|||
return grpc.WithInsecure() |
|||
} |
|||
caCert, err := ioutil.ReadFile(config.GetString("ca")) |
|||
if err != nil { |
|||
glog.Errorf("read ca cert file error: %v", err) |
|||
return grpc.WithInsecure() |
|||
} |
|||
caCertPool := x509.NewCertPool() |
|||
caCertPool.AppendCertsFromPEM(caCert) |
|||
|
|||
ta := credentials.NewTLS(&tls.Config{ |
|||
Certificates: []tls.Certificate{cert}, |
|||
RootCAs: caCertPool, |
|||
InsecureSkipVerify: true, |
|||
}) |
|||
return grpc.WithTransportCredentials(ta) |
|||
} |
@ -1,15 +0,0 @@ |
|||
package wdclient |
|||
|
|||
import ( |
|||
"context" |
|||
) |
|||
|
|||
type SeaweedClient struct { |
|||
*MasterClient |
|||
} |
|||
|
|||
func NewSeaweedClient(ctx context.Context, clientName string, masters []string) *SeaweedClient { |
|||
return &SeaweedClient{ |
|||
MasterClient: NewMasterClient(ctx, clientName, masters), |
|||
} |
|||
} |
Write
Preview
Loading…
Cancel
Save
Reference in new issue