Tls websockets
6 open threads
6 open threads
Merge request reports
Activity
added 1 commit
- 3b04195d - Apply changes to proper streaming transport, switch back from unary wrapper
added 1 commit
- 18372557 - Comments, rename ClientTransport to WebsocketStreamingTransport
196 196 writeMu sync.Mutex 197 197 198 198 reqHeader, header, trailer http.Header 199 receiveHeaderErr error 199 200 } 200 201 201 202 func (t *webSocketTransport) Header() (http.Header, error) { 203 // Try to read headers if we haven't already 348 var NewClientStream = func(host, endpoint string) (ClientStreamTransport, error) { 349 // TODO: WebSocket over TLS support. 350 u := url.URL{Scheme: "ws", Host: host, Path: endpoint} 366 var NewWSStream = func(host, endpoint string, opts *ConnectOptions) (WebsocketStreamingTransport, error) { 351 367 h := http.Header{} 352 368 h.Set("Sec-WebSocket-Protocol", "grpc-websockets") 353 369 var conn *websocket.Conn 354 conn, _, err := websocket.DefaultDialer.Dial(u.String(), h) 370 dialer := &websocket.DialOptions{} 371 dialer.HTTPClient = http.DefaultClient 372 // Set weebsocket dialer http header 373 dialer.HTTPHeader = h 374 // Set websocket dialer subprotocol 375 dialer.Subprotocols = []string{"grpc-websockets"} 376 scheme := "ws" 377 if opts.WithTLS { 376 scheme := "ws" 377 if opts.WithTLS { 378 scheme = "wss" 379 tlsConf := &tls.Config{} 380 if opts.TLSCertificate != nil { 381 certPool := x509.NewCertPool() 382 decoded, _ := pem.Decode(opts.TLSCertificate) 383 if decoded == nil { 384 panic("failed to decode cert") 385 } 386 cert, err := x509.ParseCertificate(decoded.Bytes) 387 if err != nil { 388 panic(err) 389 } 390 certPool.AddCert(cert) 391 tlsConf.RootCAs = certPool changed this line in version 10 of the diff
380 if opts.TLSCertificate != nil { 381 certPool := x509.NewCertPool() 382 decoded, _ := pem.Decode(opts.TLSCertificate) 383 if decoded == nil { 384 panic("failed to decode cert") 385 } 386 cert, err := x509.ParseCertificate(decoded.Bytes) 387 if err != nil { 388 panic(err) 389 } 390 certPool.AddCert(cert) 391 tlsConf.RootCAs = certPool 392 tlsConf.ServerName = cert.DNSNames[0] 393 } 394 395 tlsConf.InsecureSkipVerify = opts.TlsInsecureSkipVerify changed this line in version 10 of the diff
- grpcweb/transport/websocketUnaryTransport.go 0 → 100644
73 t.writeMessage(int(websocket.MessageBinary), b.Bytes()) 74 }) 75 if err != nil { 76 return nil, nil, err 77 } 78 79 var b bytes.Buffer 80 b.Write([]byte{0x00}) 81 _, err = io.Copy(&b, body) 82 if err != nil { 83 return nil, nil, errors.Wrap(err, "failed to read request body") 84 } 85 86 t.writeMessage(int(websocket.MessageBinary), b.Bytes()) 87 88 t.CloseSend() - grpcweb/transport/websocketUnaryTransport.go 0 → 100644
75 if err != nil { 76 return nil, nil, err 77 } 78 79 var b bytes.Buffer 80 b.Write([]byte{0x00}) 81 _, err = io.Copy(&b, body) 82 if err != nil { 83 return nil, nil, errors.Wrap(err, "failed to read request body") 84 } 85 86 t.writeMessage(int(websocket.MessageBinary), b.Bytes()) 87 88 t.CloseSend() 89 90 rc, err := t.Receive(ctx) -
I'm not really confident this code will work under various error conditions, but it looks like it should more or less function.
I am not really sold on merging it right now. I think we should get things more stable on the client before we fold this in or do more extensive testing with testing code designed to exercise it a bit more.
added 11 commits
-
7cf47303...2ed1fec7 - 10 commits from branch
release - 2658221b - Merge branch 'release' into tls-websockets
-
7cf47303...2ed1fec7 - 10 commits from branch
Please register or sign in to reply