host += ss.str();
std::shared_ptr<grpc::Channel> channel;
- if (!m_config.caCert().empty()) {
- grpc::SslCredentialsOptions options;
- options.pem_root_certs = m_config.caCert();
- if (!m_config.tlsServerName().empty()) {
- grpc::ChannelArguments args;
- auto target = m_config.tlsServerName();
- std::cout << "Overriding TLS target name with " << target << std::endl;
- args.SetString(GRPC_SSL_TARGET_NAME_OVERRIDE_ARG, target);
- channel = grpc::CreateCustomChannel(host, grpc::SslCredentials(options), args);
+ if (m_config.useTls()) {
+ std::cout << "Using TLS" << std::endl;
+ if (!m_config.caCert().empty()) {
+ std::cout << "Using CA certificate " << m_config.caCertFileName() << std::endl;
+ grpc::SslCredentialsOptions options;
+ options.pem_root_certs = m_config.caCert();
+ if (!m_config.tlsServerName().empty()) {
+ grpc::ChannelArguments args;
+ auto target = m_config.tlsServerName();
+ std::cout << "Overriding TLS server name with " << target << std::endl;
+ args.SetString(GRPC_SSL_TARGET_NAME_OVERRIDE_ARG, target);
+ channel = grpc::CreateCustomChannel(host, grpc::SslCredentials(options), args);
+ } else {
+ channel = grpc::CreateChannel(host, grpc::SslCredentials(options));
+ }
} else {
- channel = grpc::CreateChannel(host, grpc::SslCredentials(options));
+ channel = grpc::CreateChannel(host, grpc::SslCredentials(grpc::SslCredentialsOptions()));
}
} else {
channel = grpc::CreateChannel(host, grpc::InsecureChannelCredentials());
namespace property_tree = boost::property_tree;
namespace filesystem = boost::filesystem;
-#define DEFAULT_CA_CERT_FILE "/etc/kuksa-val/CA.pem"
-
inline
void load_string_file(const filesystem::path& p, std::string& str)
{
KuksaConfig::KuksaConfig(const std::string &hostname,
const unsigned port,
+ const bool useTls,
+ const std::string &caCertFileName,
const std::string &caCert,
const std::string &tlsServerName,
const std::string &authToken) :
m_hostname(hostname),
m_port(port),
+ m_useTls(useTls),
+ m_caCertFileName(caCertFileName),
m_caCert(caCert),
m_tlsServerName(tlsServerName),
m_authToken(authToken),
const property_tree::ptree &settings =
pt.get_child("kuksa-client", property_tree::ptree());
- m_hostname = settings.get("server", "localhost");
+ m_hostname = settings.get("hostname", "localhost");
std::stringstream ss;
ss << m_hostname;
ss >> std::quoted(m_hostname);
return;
}
- std::string caCertFileName = settings.get("ca-certificate", DEFAULT_CA_CERT_FILE);
+ m_useTls = settings.get("use-tls", false);
+
+ std::string caCertFileName = settings.get("ca-certificate", "");
std::stringstream().swap(ss);
ss << caCertFileName;
ss >> std::quoted(caCertFileName);
- if (caCertFileName.empty()) {
- std::cerr << "Invalid CA certificate filename" << std::endl;
- return;
- }
- readFile(caCertFileName, m_caCert);
- if (m_caCert.empty()) {
- std::cerr << "Invalid CA certificate file" << std::endl;
- return;
+ m_caCertFileName = caCertFileName;
+ if (!caCertFileName.empty()) {
+ readFile(caCertFileName, m_caCert);
+ if (m_caCert.empty()) {
+ std::cerr << "Invalid CA certificate file" << std::endl;
+ return;
+ }
}
m_tlsServerName = settings.get("tls-server-name", "");
public:
explicit KuksaConfig(const std::string &hostname,
const unsigned port,
+ const bool useTls,
+ const std::string &caCertFileName,
const std::string &caCert,
const std::string &tlsServerName,
const std::string &authToken);
std::string hostname() { return m_hostname; };
unsigned port() { return m_port; };
+ bool useTls() { return m_useTls; };
+ std::string caCertFileName() { return m_caCertFileName; };
std::string caCert() { return m_caCert; };
std::string tlsServerName() { return m_tlsServerName; };
std::string authToken() { return m_authToken; };
private:
std::string m_hostname;
unsigned m_port;
+ bool m_useTls;
+ std::string m_caCertFileName;
std::string m_caCert;
std::string m_tlsServerName;
std::string m_authToken;
Code Review / apps / agl-service-audiomixer.git / commitdiff