status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

tlsutil: remove indirection and duplication 

VerifyIncomingRPC and verifyIncomingRPC were duplicate functions, and
once one is removed, Config.verifyIncomingRPC is only called in one place.

Remove 2 of the 3 functions to make the behaviour easier to follow (less indirection).
This commit is contained in:
Daniel Nephin 2021-06-24 14:38:29 -04:00
parent 13e5448c17
commit a25c817478
2 changed files with 5 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
tlsutil/config.go
View File

@ -397,10 +397,6 @@ func (c Config) anyVerifyIncoming() bool {
return c.VerifyIncoming || c.VerifyIncomingRPC || c.VerifyIncomingHTTPS return c.VerifyIncoming || c.VerifyIncomingRPC || c.VerifyIncomingHTTPS
} }
func (c Config) verifyIncomingRPC() bool {
return c.VerifyIncoming || c.VerifyIncomingRPC
}
func loadKeyPair(certFile, keyFile string) (*tls.Certificate, error) { func loadKeyPair(certFile, keyFile string) (*tls.Certificate, error) {
if certFile == "" || keyFile == "" { if certFile == "" || keyFile == "" {
return nil, nil return nil, nil
@ -532,11 +528,12 @@ func (c *Configurator) Cert() *tls.Certificate {
return cert return cert
} }
// This function acquires a read lock because it reads from the config. // VerifyIncomingRPC returns true if the configuration has enabled either
// VerifyIncoming, or VerifyIncomingRPC
func (c *Configurator) VerifyIncomingRPC() bool { func (c *Configurator) VerifyIncomingRPC() bool {
c.lock.RLock() c.lock.RLock()
defer c.lock.RUnlock() defer c.lock.RUnlock()
return c.base.verifyIncomingRPC() return c.base.VerifyIncoming || c.base.VerifyIncomingRPC
} }
// This function acquires a read lock because it reads from the config. // This function acquires a read lock because it reads from the config.
@ -597,13 +594,6 @@ func (c *Configurator) domain() string {
return c.base.Domain return c.base.Domain
} }
// This function acquires a read lock because it reads from the config.
func (c *Configurator) verifyIncomingRPC() bool {
c.lock.RLock()
defer c.lock.RUnlock()
return c.base.verifyIncomingRPC()
}
// This function acquires a read lock because it reads from the config. // This function acquires a read lock because it reads from the config.
func (c *Configurator) verifyIncomingHTTPS() bool { func (c *Configurator) verifyIncomingHTTPS() bool {
c.lock.RLock() c.lock.RLock()
@ -647,7 +637,7 @@ func (c *Configurator) IncomingGRPCConfig() *tls.Config {
// IncomingRPCConfig generates a *tls.Config for incoming RPC connections. // IncomingRPCConfig generates a *tls.Config for incoming RPC connections.
func (c *Configurator) IncomingRPCConfig() *tls.Config { func (c *Configurator) IncomingRPCConfig() *tls.Config {
c.log("IncomingRPCConfig") c.log("IncomingRPCConfig")
config := c.commonTLSConfig(c.verifyIncomingRPC()) config := c.commonTLSConfig(c.VerifyIncomingRPC())
config.GetConfigForClient = func(*tls.ClientHelloInfo) (*tls.Config, error) { config.GetConfigForClient = func(*tls.ClientHelloInfo) (*tls.Config, error) {
return c.IncomingRPCConfig(), nil return c.IncomingRPCConfig(), nil
} }

2
tlsutil/config_test.go
View File

@ -846,7 +846,7 @@ func TestConfigurator_VerifyIncomingRPC(t *testing.T) {
c := Configurator{base: &Config{ c := Configurator{base: &Config{
VerifyIncomingRPC: true, VerifyIncomingRPC: true,
}} }}
verify := c.verifyIncomingRPC() verify := c.VerifyIncomingRPC()
require.Equal(t, c.base.VerifyIncomingRPC, verify) require.Equal(t, c.base.VerifyIncomingRPC, verify)
} }