aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/AudiomixerService.cpp26
-rw-r--r--src/KuksaConfig.cpp27
-rw-r--r--src/KuksaConfig.h6
3 files changed, 37 insertions, 22 deletions
diff --git a/src/AudiomixerService.cpp b/src/AudiomixerService.cpp
index 5a3861f..6911edc 100644
--- a/src/AudiomixerService.cpp
+++ b/src/AudiomixerService.cpp
@@ -54,17 +54,23 @@ AudiomixerService::AudiomixerService(const KuksaConfig &config, GMainLoop *loop)
host += ss.str();
std::shared_ptr<grpc::Channel> channel;
- if (!m_config.caCert().empty()) {
- grpc::SslCredentialsOptions options;
- options.pem_root_certs = m_config.caCert();
- if (!m_config.tlsServerName().empty()) {
- grpc::ChannelArguments args;
- auto target = m_config.tlsServerName();
- std::cout << "Overriding TLS target name with " << target << std::endl;
- args.SetString(GRPC_SSL_TARGET_NAME_OVERRIDE_ARG, target);
- channel = grpc::CreateCustomChannel(host, grpc::SslCredentials(options), args);
+ if (m_config.useTls()) {
+ std::cout << "Using TLS" << std::endl;
+ if (!m_config.caCert().empty()) {
+ std::cout << "Using CA certificate " << m_config.caCertFileName() << std::endl;
+ grpc::SslCredentialsOptions options;
+ options.pem_root_certs = m_config.caCert();
+ if (!m_config.tlsServerName().empty()) {
+ grpc::ChannelArguments args;
+ auto target = m_config.tlsServerName();
+ std::cout << "Overriding TLS server name with " << target << std::endl;
+ args.SetString(GRPC_SSL_TARGET_NAME_OVERRIDE_ARG, target);
+ channel = grpc::CreateCustomChannel(host, grpc::SslCredentials(options), args);
+ } else {
+ channel = grpc::CreateChannel(host, grpc::SslCredentials(options));
+ }
} else {
- channel = grpc::CreateChannel(host, grpc::SslCredentials(options));
+ channel = grpc::CreateChannel(host, grpc::SslCredentials(grpc::SslCredentialsOptions()));
}
} else {
channel = grpc::CreateChannel(host, grpc::InsecureChannelCredentials());
diff --git a/src/KuksaConfig.cpp b/src/KuksaConfig.cpp
index 8fe09f6..ffb2162 100644
--- a/src/KuksaConfig.cpp
+++ b/src/KuksaConfig.cpp
@@ -16,8 +16,6 @@
namespace property_tree = boost::property_tree;
namespace filesystem = boost::filesystem;
-#define DEFAULT_CA_CERT_FILE "/etc/kuksa-val/CA.pem"
-
inline
void load_string_file(const filesystem::path& p, std::string& str)
{
@@ -35,11 +33,15 @@ void load_string_file(const filesystem::path& p, std::string& str)
KuksaConfig::KuksaConfig(const std::string &hostname,
const unsigned port,
+ const bool useTls,
+ const std::string &caCertFileName,
const std::string &caCert,
const std::string &tlsServerName,
const std::string &authToken) :
m_hostname(hostname),
m_port(port),
+ m_useTls(useTls),
+ m_caCertFileName(caCertFileName),
m_caCert(caCert),
m_tlsServerName(tlsServerName),
m_authToken(authToken),
@@ -75,7 +77,7 @@ KuksaConfig::KuksaConfig(const std::string &appname) :
const property_tree::ptree &settings =
pt.get_child("kuksa-client", property_tree::ptree());
- m_hostname = settings.get("server", "localhost");
+ m_hostname = settings.get("hostname", "localhost");
std::stringstream ss;
ss << m_hostname;
ss >> std::quoted(m_hostname);
@@ -90,18 +92,19 @@ KuksaConfig::KuksaConfig(const std::string &appname) :
return;
}
- std::string caCertFileName = settings.get("ca-certificate", DEFAULT_CA_CERT_FILE);
+ m_useTls = settings.get("use-tls", false);
+
+ std::string caCertFileName = settings.get("ca-certificate", "");
std::stringstream().swap(ss);
ss << caCertFileName;
ss >> std::quoted(caCertFileName);
- if (caCertFileName.empty()) {
- std::cerr << "Invalid CA certificate filename" << std::endl;
- return;
- }
- readFile(caCertFileName, m_caCert);
- if (m_caCert.empty()) {
- std::cerr << "Invalid CA certificate file" << std::endl;
- return;
+ m_caCertFileName = caCertFileName;
+ if (!caCertFileName.empty()) {
+ readFile(caCertFileName, m_caCert);
+ if (m_caCert.empty()) {
+ std::cerr << "Invalid CA certificate file" << std::endl;
+ return;
+ }
}
m_tlsServerName = settings.get("tls-server-name", "");
diff --git a/src/KuksaConfig.h b/src/KuksaConfig.h
index e70385f..8250aa3 100644
--- a/src/KuksaConfig.h
+++ b/src/KuksaConfig.h
@@ -14,6 +14,8 @@ class KuksaConfig
public:
explicit KuksaConfig(const std::string &hostname,
const unsigned port,
+ const bool useTls,
+ const std::string &caCertFileName,
const std::string &caCert,
const std::string &tlsServerName,
const std::string &authToken);
@@ -22,6 +24,8 @@ public:
std::string hostname() { return m_hostname; };
unsigned port() { return m_port; };
+ bool useTls() { return m_useTls; };
+ std::string caCertFileName() { return m_caCertFileName; };
std::string caCert() { return m_caCert; };
std::string tlsServerName() { return m_tlsServerName; };
std::string authToken() { return m_authToken; };
@@ -31,6 +35,8 @@ public:
private:
std::string m_hostname;
unsigned m_port;
+ bool m_useTls;
+ std::string m_caCertFileName;
std::string m_caCert;
std::string m_tlsServerName;
std::string m_authToken;