mirror of
https://github.com/status-im/consul.git
synced 2025-01-18 17:52:17 +00:00
tlsutil: remove indirection and duplication
VerifyIncomingRPC and verifyIncomingRPC were duplicate functions, and once one is removed, Config.verifyIncomingRPC is only called in one place. Remove 2 of the 3 functions to make the behaviour easier to follow (less indirection).
This commit is contained in:
parent
13e5448c17
commit
a25c817478
@ -397,10 +397,6 @@ func (c Config) anyVerifyIncoming() bool {
|
|||||||
return c.VerifyIncoming || c.VerifyIncomingRPC || c.VerifyIncomingHTTPS
|
return c.VerifyIncoming || c.VerifyIncomingRPC || c.VerifyIncomingHTTPS
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c Config) verifyIncomingRPC() bool {
|
|
||||||
return c.VerifyIncoming || c.VerifyIncomingRPC
|
|
||||||
}
|
|
||||||
|
|
||||||
func loadKeyPair(certFile, keyFile string) (*tls.Certificate, error) {
|
func loadKeyPair(certFile, keyFile string) (*tls.Certificate, error) {
|
||||||
if certFile == "" || keyFile == "" {
|
if certFile == "" || keyFile == "" {
|
||||||
return nil, nil
|
return nil, nil
|
||||||
@ -532,11 +528,12 @@ func (c *Configurator) Cert() *tls.Certificate {
|
|||||||
return cert
|
return cert
|
||||||
}
|
}
|
||||||
|
|
||||||
// This function acquires a read lock because it reads from the config.
|
// VerifyIncomingRPC returns true if the configuration has enabled either
|
||||||
|
// VerifyIncoming, or VerifyIncomingRPC
|
||||||
func (c *Configurator) VerifyIncomingRPC() bool {
|
func (c *Configurator) VerifyIncomingRPC() bool {
|
||||||
c.lock.RLock()
|
c.lock.RLock()
|
||||||
defer c.lock.RUnlock()
|
defer c.lock.RUnlock()
|
||||||
return c.base.verifyIncomingRPC()
|
return c.base.VerifyIncoming || c.base.VerifyIncomingRPC
|
||||||
}
|
}
|
||||||
|
|
||||||
// This function acquires a read lock because it reads from the config.
|
// This function acquires a read lock because it reads from the config.
|
||||||
@ -597,13 +594,6 @@ func (c *Configurator) domain() string {
|
|||||||
return c.base.Domain
|
return c.base.Domain
|
||||||
}
|
}
|
||||||
|
|
||||||
// This function acquires a read lock because it reads from the config.
|
|
||||||
func (c *Configurator) verifyIncomingRPC() bool {
|
|
||||||
c.lock.RLock()
|
|
||||||
defer c.lock.RUnlock()
|
|
||||||
return c.base.verifyIncomingRPC()
|
|
||||||
}
|
|
||||||
|
|
||||||
// This function acquires a read lock because it reads from the config.
|
// This function acquires a read lock because it reads from the config.
|
||||||
func (c *Configurator) verifyIncomingHTTPS() bool {
|
func (c *Configurator) verifyIncomingHTTPS() bool {
|
||||||
c.lock.RLock()
|
c.lock.RLock()
|
||||||
@ -647,7 +637,7 @@ func (c *Configurator) IncomingGRPCConfig() *tls.Config {
|
|||||||
// IncomingRPCConfig generates a *tls.Config for incoming RPC connections.
|
// IncomingRPCConfig generates a *tls.Config for incoming RPC connections.
|
||||||
func (c *Configurator) IncomingRPCConfig() *tls.Config {
|
func (c *Configurator) IncomingRPCConfig() *tls.Config {
|
||||||
c.log("IncomingRPCConfig")
|
c.log("IncomingRPCConfig")
|
||||||
config := c.commonTLSConfig(c.verifyIncomingRPC())
|
config := c.commonTLSConfig(c.VerifyIncomingRPC())
|
||||||
config.GetConfigForClient = func(*tls.ClientHelloInfo) (*tls.Config, error) {
|
config.GetConfigForClient = func(*tls.ClientHelloInfo) (*tls.Config, error) {
|
||||||
return c.IncomingRPCConfig(), nil
|
return c.IncomingRPCConfig(), nil
|
||||||
}
|
}
|
||||||
|
@ -846,7 +846,7 @@ func TestConfigurator_VerifyIncomingRPC(t *testing.T) {
|
|||||||
c := Configurator{base: &Config{
|
c := Configurator{base: &Config{
|
||||||
VerifyIncomingRPC: true,
|
VerifyIncomingRPC: true,
|
||||||
}}
|
}}
|
||||||
verify := c.verifyIncomingRPC()
|
verify := c.VerifyIncomingRPC()
|
||||||
require.Equal(t, c.base.VerifyIncomingRPC, verify)
|
require.Equal(t, c.base.VerifyIncomingRPC, verify)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user