From 3a91146f7e75475b12ff7d892d3a3598b735c236 Mon Sep 17 00:00:00 2001 From: Matthew Sykes Date: Tue, 2 Mar 2021 19:00:26 -0500 Subject: [PATCH] deliverservice: update DialerAdapter signature Signed-off-by: Matthew Sykes --- core/deliverservice/deliveryclient.go | 6 ++--- .../pkg/peer/blocksprovider/blocksprovider.go | 13 ++--------- .../blocksprovider/blocksprovider_test.go | 5 ++--- .../pkg/peer/blocksprovider/fake/dialer.go | 22 +++++++++++-------- 4 files changed, 20 insertions(+), 26 deletions(-) diff --git a/core/deliverservice/deliveryclient.go b/core/deliverservice/deliveryclient.go index 82417b22752..06a0f4470d0 100644 --- a/core/deliverservice/deliveryclient.go +++ b/core/deliverservice/deliveryclient.go @@ -8,7 +8,6 @@ package deliverservice import ( "context" - "crypto/x509" "errors" "fmt" "sync" @@ -88,13 +87,14 @@ type DialerAdapter struct { ClientConfig comm.ClientConfig } -func (da DialerAdapter) Dial(address string, certPool *x509.CertPool) (*grpc.ClientConn, error) { +func (da DialerAdapter) Dial(address string, rootCerts [][]byte) (*grpc.ClientConn, error) { cc := da.ClientConfig + cc.SecOpts.ServerRootCAs = rootCerts client, err := comm.NewGRPCClient(cc) if err != nil { return nil, err } - return client.NewConnection(address, comm.CertPoolOverride(certPool)) + return client.NewConnection(address) } type DeliverAdapter struct{} diff --git a/internal/pkg/peer/blocksprovider/blocksprovider.go b/internal/pkg/peer/blocksprovider/blocksprovider.go index c3b62ab1224..9627ebaf961 100644 --- a/internal/pkg/peer/blocksprovider/blocksprovider.go +++ b/internal/pkg/peer/blocksprovider/blocksprovider.go @@ -8,7 +8,6 @@ package blocksprovider import ( "context" - "crypto/x509" "math" "time" @@ -17,7 +16,6 @@ import ( "github.com/hyperledger/fabric-protos-go/orderer" "github.com/hyperledger/fabric/common/flogging" gossipcommon "github.com/hyperledger/fabric/gossip/common" - "github.com/hyperledger/fabric/internal/pkg/comm" "github.com/hyperledger/fabric/internal/pkg/identity" "github.com/hyperledger/fabric/internal/pkg/peer/orderers" "github.com/hyperledger/fabric/protoutil" @@ -75,7 +73,7 @@ type OrdererConnectionSource interface { //go:generate counterfeiter -o fake/dialer.go --fake-name Dialer . Dialer type Dialer interface { - Dial(address string, certPool *x509.CertPool) (*grpc.ClientConn, error) + Dial(address string, rootCerts [][]byte) (*grpc.ClientConn, error) } //go:generate counterfeiter -o fake/deliver_streamer.go --fake-name DeliverStreamer . DeliverStreamer @@ -285,14 +283,7 @@ func (d *Deliverer) connect(seekInfoEnv *common.Envelope) (orderer.AtomicBroadca return nil, nil, nil, errors.WithMessage(err, "could not get orderer endpoints") } - certPool := x509.NewCertPool() - for _, cert := range endpoint.RootCerts { - if err := comm.AddPemToCertPool(cert, certPool); err != nil { - return nil, nil, nil, err - } - } - - conn, err := d.Dialer.Dial(endpoint.Address, certPool) + conn, err := d.Dialer.Dial(endpoint.Address, endpoint.RootCerts) if err != nil { return nil, nil, nil, errors.WithMessagef(err, "could not dial endpoint '%s'", endpoint.Address) } diff --git a/internal/pkg/peer/blocksprovider/blocksprovider_test.go b/internal/pkg/peer/blocksprovider/blocksprovider_test.go index afee78c96b9..86e64640854 100644 --- a/internal/pkg/peer/blocksprovider/blocksprovider_test.go +++ b/internal/pkg/peer/blocksprovider/blocksprovider_test.go @@ -7,7 +7,6 @@ SPDX-License-Identifier: Apache-2.0 package blocksprovider_test import ( - "crypto/x509" "fmt" "sync" "time" @@ -59,7 +58,7 @@ var _ = Describe("Blocksprovider", func() { fakeDialer = &fake.Dialer{} ccs = nil - fakeDialer.DialStub = func(string, *x509.CertPool) (*grpc.ClientConn, error) { + fakeDialer.DialStub = func(string, [][]byte) (*grpc.ClientConn, error) { mutex.Lock() defer mutex.Unlock() cc, err := grpc.Dial("", grpc.WithInsecure()) @@ -216,7 +215,7 @@ var _ = Describe("Blocksprovider", func() { Eventually(fakeDialer.DialCallCount).Should(Equal(1)) addr, tlsCerts := fakeDialer.DialArgsForCall(0) Expect(addr).To(Equal("orderer-address")) - Expect(tlsCerts).NotTo(BeNil()) // TODO + Expect(tlsCerts).To(BeNil()) // TODO }) When("the dialer returns an error", func() { diff --git a/internal/pkg/peer/blocksprovider/fake/dialer.go b/internal/pkg/peer/blocksprovider/fake/dialer.go index d9e1558f684..f0053988e56 100644 --- a/internal/pkg/peer/blocksprovider/fake/dialer.go +++ b/internal/pkg/peer/blocksprovider/fake/dialer.go @@ -2,7 +2,6 @@ package fake import ( - "crypto/x509" "sync" "github.com/hyperledger/fabric/internal/pkg/peer/blocksprovider" @@ -10,11 +9,11 @@ import ( ) type Dialer struct { - DialStub func(string, *x509.CertPool) (*grpc.ClientConn, error) + DialStub func(string, [][]byte) (*grpc.ClientConn, error) dialMutex sync.RWMutex dialArgsForCall []struct { arg1 string - arg2 *x509.CertPool + arg2 [][]byte } dialReturns struct { result1 *grpc.ClientConn @@ -28,14 +27,19 @@ type Dialer struct { invocationsMutex sync.RWMutex } -func (fake *Dialer) Dial(arg1 string, arg2 *x509.CertPool) (*grpc.ClientConn, error) { +func (fake *Dialer) Dial(arg1 string, arg2 [][]byte) (*grpc.ClientConn, error) { + var arg2Copy [][]byte + if arg2 != nil { + arg2Copy = make([][]byte, len(arg2)) + copy(arg2Copy, arg2) + } fake.dialMutex.Lock() ret, specificReturn := fake.dialReturnsOnCall[len(fake.dialArgsForCall)] fake.dialArgsForCall = append(fake.dialArgsForCall, struct { arg1 string - arg2 *x509.CertPool - }{arg1, arg2}) - fake.recordInvocation("Dial", []interface{}{arg1, arg2}) + arg2 [][]byte + }{arg1, arg2Copy}) + fake.recordInvocation("Dial", []interface{}{arg1, arg2Copy}) fake.dialMutex.Unlock() if fake.DialStub != nil { return fake.DialStub(arg1, arg2) @@ -53,13 +57,13 @@ func (fake *Dialer) DialCallCount() int { return len(fake.dialArgsForCall) } -func (fake *Dialer) DialCalls(stub func(string, *x509.CertPool) (*grpc.ClientConn, error)) { +func (fake *Dialer) DialCalls(stub func(string, [][]byte) (*grpc.ClientConn, error)) { fake.dialMutex.Lock() defer fake.dialMutex.Unlock() fake.DialStub = stub } -func (fake *Dialer) DialArgsForCall(i int) (string, *x509.CertPool) { +func (fake *Dialer) DialArgsForCall(i int) (string, [][]byte) { fake.dialMutex.RLock() defer fake.dialMutex.RUnlock() argsForCall := fake.dialArgsForCall[i]