summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 976ae6b)
raw | patch | inline | side by side (parent: 976ae6b)
author | Sebastian Harl <sh@tokkee.org> | |
Sat, 7 May 2016 00:17:12 +0000 (02:17 +0200) | ||
committer | Sebastian Harl <sh@tokkee.org> | |
Mon, 30 May 2016 21:44:19 +0000 (23:44 +0200) |
src/Makefile.am | patch | blob | history | |
src/grpc.cc | patch | blob | history |
diff --git a/src/Makefile.am b/src/Makefile.am
index b8b2575db61c6cb1ea8707eb632a51007b026e54..309c5f84606e96bd3c886a07f112a17f46511901 100644 (file)
--- a/src/Makefile.am
+++ b/src/Makefile.am
grpc_la_CFLAGS = $(AM_CFLAGS)
grpc_la_CXXFLAGS = $(AM_CXXFLAGS) -std=c++11
grpc_la_LDFLAGS = $(PLUGIN_LDFLAGS)
-grpc_la_LIBADD = -lgrpc++_unsecure -lgrpc -lgpr -lprotobuf -lpthread -ldl
+grpc_la_LIBADD = -lgrpc++ -lgrpc -lgpr -lprotobuf -lpthread -ldl
endif
if BUILD_PLUGIN_HDDTEMP
diff --git a/src/grpc.cc b/src/grpc.cc
index 4e10783d6d3984849835af987daa5eae5e8e4dc6..7517bb720bd72c553c0a250801a5599f49917ba7 100644 (file)
--- a/src/grpc.cc
+++ b/src/grpc.cc
#include <grpc++/grpc++.h>
#include <google/protobuf/util/time_util.h>
+#include <fstream>
+#include <iostream>
#include <vector>
#include "collectd.grpc.pb.h"
struct Listener {
grpc::string addr;
grpc::string port;
+
+ grpc::SslServerCredentialsOptions *ssl;
};
static std::vector<Listener> listeners;
static grpc::string default_addr("0.0.0.0:50051");
return true;
} /* ident_matches */
+static grpc::string read_file(const char *filename)
+{
+ std::ifstream f;
+ grpc::string s, content;
+
+ f.open(filename);
+ if (!f.is_open()) {
+ ERROR("grpc: Failed to open '%s'", filename);
+ return "";
+ }
+
+ while (std::getline(f, s)) {
+ content += s;
+ content.push_back('\n');
+ }
+ f.close();
+ return content;
+} /* read_file */
+
/*
* proto conversion
*/
public:
void Start()
{
- // TODO: make configurable
auto auth = grpc::InsecureServerCredentials();
grpc::ServerBuilder builder;
else {
for (auto l : listeners) {
grpc::string addr = l.addr + ":" + l.port;
- builder.AddListeningPort(addr, auth);
- INFO("grpc: Listening on %s", addr.c_str());
+
+ auto use_ssl = grpc::string("");
+ auto a = auth;
+ if (l.ssl != nullptr) {
+ use_ssl = grpc::string(" (SSL enabled)");
+ a = grpc::SslServerCredentials(*l.ssl);
+ }
+
+ builder.AddListeningPort(addr, a);
+ INFO("grpc: Listening on %s%s", addr.c_str(), use_ssl.c_str());
}
}
auto listener = Listener();
listener.addr = grpc::string(ci->values[0].value.string);
listener.port = grpc::string(ci->values[1].value.string);
- listeners.push_back(listener);
+ listener.ssl = nullptr;
+
+ auto ssl_opts = new(grpc::SslServerCredentialsOptions);
+ grpc::SslServerCredentialsOptions::PemKeyCertPair pkcp = {};
+ bool use_ssl = false;
for (int i = 0; i < ci->children_num; i++) {
oconfig_item_t *child = ci->children + i;
- WARNING("grpc: Option `%s` not allowed in <%s> block.",
- child->key, ci->key);
+
+ if (!strcasecmp("EnableSSL", child->key)) {
+ if (cf_util_get_boolean(child, &use_ssl)) {
+ ERROR("grpc: Option `%s` expects a boolean value",
+ child->key);
+ return -1;
+ }
+ }
+ else if (!strcasecmp("SSLRootCerts", child->key)) {
+ char *certs = NULL;
+ if (cf_util_get_string(child, &certs)) {
+ ERROR("grpc: Option `%s` expects a string value",
+ child->key);
+ return -1;
+ }
+ ssl_opts->pem_root_certs = read_file(certs);
+ }
+ else if (!strcasecmp("SSLServerKey", child->key)) {
+ char *key = NULL;
+ if (cf_util_get_string(child, &key)) {
+ ERROR("grpc: Option `%s` expects a string value",
+ child->key);
+ return -1;
+ }
+ pkcp.private_key = read_file(key);
+ }
+ else if (!strcasecmp("SSLServerCert", child->key)) {
+ char *cert = NULL;
+ if (cf_util_get_string(child, &cert)) {
+ ERROR("grpc: Option `%s` expects a string value",
+ child->key);
+ return -1;
+ }
+ pkcp.cert_chain = read_file(cert);
+ }
+ else {
+ WARNING("grpc: Option `%s` not allowed in <%s> block.",
+ child->key, ci->key);
+ }
}
+ ssl_opts->pem_key_cert_pairs.push_back(pkcp);
+ if (use_ssl)
+ listener.ssl = ssl_opts;
+ else
+ delete(ssl_opts);
+
+ listeners.push_back(listener);
return 0;
} /* c_grpc_config_listen() */