[grpc/client] make serverId a string

Prevent gRPC clients from trying to load the server's identity by calling `mtls.NewRemoteServiceIdentity` (which only returns a stub identity) and changing the `NewGrpcClient` function signature to accept a string instead of an Identity.

diff --git a/attestation/rpc_client/main.go b/attestation/rpc_client/main.go
index d82dd98c60c68bf8f09b6e6857b2b3dad4ea5392..d59e8bfcd08b5128ec15e100b8933f2b806060ed 100644 (file)
--- a/attestation/rpc_client/main.go
+++ b/attestation/rpc_client/main.go
@@ -18,8 +18,7 @@ func main() {
        flag.Parse()
 
        clientId := mtls.DefaultIdentity()
-       serverId := mtls.NewServiceIdentity("attest")
-       client, err := grpc.NewGrpcClient(ctx, serverId, clientId)
+       client, err := grpc.NewGrpcClient(ctx, "attest", clientId)
        if err != nil {
                panic(err)
        }

diff --git a/automation/bryston_ctl/client/main.go b/automation/bryston_ctl/client/main.go
index 5695ac0775f39a158e3dc7f9a80d7e8fe373fca4..edf434510e738b29e77f9ca89a1cfa29fd43b9be 100644 (file)
--- a/automation/bryston_ctl/client/main.go
+++ b/automation/bryston_ctl/client/main.go
@@ -24,8 +24,7 @@ func main() {
        logger := log.Default().WithPrefix("BrystonCtlClient")
 
        clientId := mtls.DefaultIdentity()
-       serverId := mtls.NewServiceIdentity("bryston_ctl")
-       client, err := grpc.NewGrpcClient(ctx, serverId, clientId)
+       client, err := grpc.NewGrpcClient(ctx, "bryston_ctl", clientId)
        if err != nil {
                logger.Panic(err)
        }

diff --git a/cmd/echo_client/main.go b/cmd/echo_client/main.go
index 76f7cf1f8c7a1a3a08c624d37851a59780f09fb3..a2cb2b5b7d65874b5feb1bf210cbfc5e87123c21 100644 (file)
--- a/cmd/echo_client/main.go
+++ b/cmd/echo_client/main.go
@@ -18,8 +18,7 @@ func main() {
        logger := log.Default().WithPrefix("EchoClient")
 
        clientId := mtls.DefaultIdentity()
-       serverId := mtls.NewServiceIdentity("echo")
-       client, err := grpc.NewGrpcClient(ctx, serverId, clientId)
+       client, err := grpc.NewGrpcClient(ctx, "echo", clientId)
        if err != nil {
                logger.Panic(err)
        }

diff --git a/cmd/echo_server/main.go b/cmd/echo_server/main.go
index d7c634789afbb6114865f9de9243436dac49d617..f0acaad61aecb284f64b1c2169b75f28d716002c 100644 (file)
--- a/cmd/echo_server/main.go
+++ b/cmd/echo_server/main.go
@@ -14,6 +14,7 @@ import (
 
 func main() {
        var err error
+       mtls.SetDefaultIdentity("echo")
 
        flag.Parse()
 

diff --git a/cmd/grpc_health_probe/main.go b/cmd/grpc_health_probe/main.go
index 648a0ab9f549568ee33b4c33c771cd7fad036413..244d9ebc1207d80b8c389881e9cde29038eccbfc 100644 (file)
--- a/cmd/grpc_health_probe/main.go
+++ b/cmd/grpc_health_probe/main.go
@@ -70,7 +70,7 @@ func main() {
 
        var conn *grpc.ClientConn
        for {
-               client, err := grpc.NewGrpcClient(ctx, mtls.NewServiceIdentity(*serverId), mtls.DefaultIdentity(), opts...)
+               client, err := grpc.NewGrpcClient(ctx, *serverId, mtls.DefaultIdentity(), opts...)
                if err != nil {
                        if *wait && time.Now().Before(deadline) {
                                log.Default().Warningf("error connecting (%v) retrying in 1s", err)

diff --git a/ephs/client.go b/ephs/client.go
index 4f3c55bb981f157f5cfcdffd7f98650f26c80a29..1749b99e17cb1be5c762e39c8890c1f9d5434065 100644 (file)
--- a/ephs/client.go
+++ b/ephs/client.go
@@ -401,10 +401,9 @@ func (c *clientImpl) watch(origCtx context.Context, origPath string, stream ephs
 
 func (c *clientImpl) grpcClient() (ephs_pb.EphsClient, error) {
        var err error
-       serverId := mtls.NewRemoteServiceIdentity("ephs")
 
        if c.client == nil {
-               c.client, err = grpc.NewGrpcClient(c.defaultCtx, serverId, c.id,
+               c.client, err = grpc.NewGrpcClient(c.defaultCtx, "ephs", c.id,
                        grpc.WithConnectionFactory(&grpc_common.QUICConnectionFactory{
                                QUICConfig: ephsQuicConfig.Clone(),
                        }))

diff --git a/grpc/internal/client/client.go b/grpc/internal/client/client.go
index b981af5a50fc103de468867998eba7c321035f99..5551948b84e39a14fb093384c6e329c00c3ddd71 100644 (file)
--- a/grpc/internal/client/client.go
+++ b/grpc/internal/client/client.go
@@ -91,10 +91,10 @@ func WithDNSSRV() ClientOption {
        })
 }
 
-func NewGrpcClient(ctx context.Context, serverId, clientId mtls.Identity, opts ...ClientOption) (Client, error) {
+func NewGrpcClient(ctx context.Context, serverId string, clientId mtls.Identity, opts ...ClientOption) (Client, error) {
        cl := &client{
                ctx:      ctx,
-               serverId: serverId,
+               serverId: mtls.NewRemoteServiceIdentity(serverId),
                clientId: clientId,
                connFac:  common.NewDefaultConnectionFactory(),
        }
@@ -112,7 +112,7 @@ func NewGrpcClient(ctx context.Context, serverId, clientId mtls.Identity, opts .
                }
 
                cl.watcher = &sd.SDWatcher{
-                       Service:    serverId.Name(),
+                       Service:    cl.serverId.Name(),
                        EtcdClient: etcdc,
                        Protocol:   sd.ProtocolGRPC,
                }