testnet/detee-cli
3
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

add brain channel creation for tonic

Browse Source
This commit is contained in:
ghe0 2025-03-29 19:15:16 +02:00
parent bf677875ab
commit 27519ef823
Signed by: ghe0
GPG Key ID: 451028EE56A0FBB4
5 changed files with 48 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
src/config.rs
View File

@ -83,6 +83,10 @@ pub enum Error {
SshKeyNoDefined,
#[error{"RSA Error: {0}"}]
RSAError(#[from] openssl::error::ErrorStack),
#[error{"Internal CLI error: {0}"}]
InternalError(String),
#[error(transparent)]
BrainConnection(#[from] tonic::transport::Error),
}
impl Config {
@ -310,6 +314,46 @@ impl Config {
}
}
pub async fn get_brain_channel() -> Result<tonic::transport::Channel, Error> {
let (brain_url, brain_san) = Self::get_brain_info();
use hyper_rustls::HttpsConnectorBuilder;
use rustls::pki_types::pem::PemObject;
use rustls::pki_types::CertificateDer;
use rustls::{ClientConfig, RootCertStore};
let mut detee_root_ca_store = RootCertStore::empty();
detee_root_ca_store
.add(CertificateDer::from_pem_file(Config::get_root_ca_path()?).map_err(|e| {
Error::InternalError(format!("Could not parse PEM certificate: {e}"))
})?)
.unwrap();
let client_tls_config = ClientConfig::builder()
.with_root_certificates(detee_root_ca_store)
.with_no_client_auth();
let connector = HttpsConnectorBuilder::new()
.with_tls_config(client_tls_config)
.https_only()
.with_server_name_resolver(hyper_rustls::FixedServerNameResolver::new(
brain_san.clone().try_into().map_err(|e| {
Error::InternalError(format!(
"Could not parse {brain_san} into domain resolver: {e}"
))
})?,
))
.enable_http2()
.build();
Ok(tonic::transport::Channel::from_shared(brain_url.to_string())
.map_err(|e| {
Error::InternalError(format!(
"Could not parse {brain_san} into domain resolver: {e}"
))
})?
.connect_with_connector(connector)
.await?)
}
pub fn set_network(mut network: &str) {
if network != "staging" {
log::error!(

44
src/general/grpc.rs
View File

@ -3,9 +3,7 @@ use crate::snp::grpc::proto::VmContract;
use crate::utils::sign_request;
use detee_shared::general_proto::ReportNodeReq;
use log::{debug, info, warn};
use rustls::pki_types::pem::PemObject;
use tokio_stream::StreamExt;
// use tonic::transport::{Certificate, Channel, ClientTlsConfig};
use tonic::transport::Channel;
pub mod proto {
@ -37,47 +35,7 @@ pub enum Error {
}
async fn client() -> Result<BrainGeneralCliClient<Channel>, Error> {
let (brain_url, brain_san) = Config::get_brain_info();
use hyper_rustls::HttpsConnectorBuilder;
use rustls::pki_types::CertificateDer;
use rustls::{ClientConfig, RootCertStore};
let mut detee_root_ca_store = RootCertStore::empty();
detee_root_ca_store
.add(CertificateDer::from_pem_file(Config::get_root_ca_path()?).unwrap())
.unwrap();
let client_tls_config =
ClientConfig::builder().with_root_certificates(detee_root_ca_store).with_no_client_auth();
let connector = HttpsConnectorBuilder::new()
.with_tls_config(client_tls_config)
.https_only()
.enable_http2()
.build();
// let channel = Channel::from_shared(brain_url.to_string())
// .map_err(|_| Error::CorruptedBrainUrl)?
// .connect_with_connector(connector)
// .await
// .unwrap();
Ok(BrainGeneralCliClient::new(
Channel::from_shared(brain_url.to_string())
.map_err(|_| Error::CorruptedBrainUrl)?
/*
.tls_config(
ClientTlsConfig::new()
.ca_certificate(Certificate::from_pem(std::fs::read_to_string(
Config::get_root_ca_path()?,
)?))
.domain_name(brain_san),
)?
*/
.connect_with_connector(connector)
.await
.unwrap(),
))
Ok(BrainGeneralCliClient::new(Config::get_brain_channel().await?))
}
pub async fn get_balance(account: &str) -> Result<AccountBalance, Error> {

17
src/sgx/grpc_brain.rs
View File

@ -67,22 +67,7 @@ impl crate::HumanOutput for AppContract {
}
async fn client() -> Result<BrainAppCliClient<Channel>> {
let (brain_url, brain_san) = Config::get_brain_info();
Ok(BrainAppCliClient::new(
Channel::from_shared(brain_url.to_string())
.map_err(|_| Error::CorruptedBrainUrl)?
/*
.tls_config(
ClientTlsConfig::new()
.ca_certificate(Certificate::from_pem(std::fs::read_to_string(
Config::get_root_ca_path()?,
)?))
.domain_name(brain_san),
)?
*/
.connect()
.await?,
))
Ok(BrainAppCliClient::new(Config::get_brain_channel().await?))
}
pub async fn new_app(app_deploy_config: AppDeployConfig) -> Result<NewAppRes> {

7
src/sgx/grpc_dtpm.rs
View File

@ -78,12 +78,7 @@ pub async fn attest_and_send_config(loaded_config: DtpmConfig, uuid: &str) -> Re
log::trace!("Decoded the configuration... {:?}", req_data);
// let (hratls_uri, mr_enclave) = hratls_url_and_mr_enclave_from_app_id(uuid).await;
// let (hratls_uri, mr_enclave) = hratls_url_and_mr_enclave_from_app_id(uuid).await;
// dbg!(&hratls_uri, mr_enclave);
let hratls_uri = "https://212.95.45.139:33950".to_string();
let mr_enclave = None;
let (hratls_uri, mr_enclave) = hratls_url_and_mr_enclave_from_app_id(uuid).await;
log::info!("hratls uri: {}\nmr_enclave: {:?}", &hratls_uri, &mr_enclave);

17
src/snp/grpc.rs
View File

@ -85,22 +85,7 @@ impl crate::HumanOutput for VmNodeListResp {
}
async fn client() -> Result<BrainVmCliClient<Channel>, Error> {
let (brain_url, brain_san) = Config::get_brain_info();
Ok(BrainVmCliClient::new(
Channel::from_shared(brain_url.to_string())
.map_err(|_| Error::CorruptedBrainUrl)?
/*
.tls_config(
ClientTlsConfig::new()
.ca_certificate(Certificate::from_pem(std::fs::read_to_string(
Config::get_root_ca_path()?,
)?))
.domain_name(brain_san),
)?
*/
.connect()
.await?,
))
Ok(BrainVmCliClient::new(Config::get_brain_channel().await?))
}
fn sign_request<T: std::fmt::Debug>(req: T) -> Result<Request<T>, Error> {