forked from google/gnxi
-
Notifications
You must be signed in to change notification settings - Fork 8
/
gnoi_target.go
90 lines (76 loc) · 2.46 KB
/
gnoi_target.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
/* Copyright 2018 Google Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
https://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Binary implements a gNOI Target with a Certificate Management service.
package main
import (
"flag"
"net"
"sync"
"github.com/google/gnxi/gnoi"
"google.golang.org/grpc"
log "github.com/golang/glog"
)
var (
gNOIServer *gnoi.Server
grpcServer *grpc.Server
muServe sync.Mutex
bootstrapping bool
bindAddr = flag.String("bind_address", ":10161", "Bind to address:port or just :port")
)
// serve binds to an address and starts serving a gRPCServer.
func serve() {
muServe.Lock()
defer muServe.Unlock()
listen, err := net.Listen("tcp", *bindAddr)
defer listen.Close()
if err != nil {
log.Fatal("Failed to listen:", err)
}
log.Info("Starting gNOI server.")
if err := grpcServer.Serve(listen); err != nil {
log.Fatal("Failed to serve:", err)
}
}
// notify can be called with the number of certs and ca certs installed. It will
// (re)start the gRPC server in encrypted mode if no certs are installed. It will
// (re)start in authenticated mode otherwise.
func notify(certs, caCerts int) {
hasCredentials := certs != 0 && caCerts != 0
if bootstrapping != !hasCredentials {
if bootstrapping {
log.Info("Found Credentials, setting Provisioned state.")
grpcServer.GracefulStop()
grpcServer = gNOIServer.PrepareAuthenticated()
gNOIServer.RegCertificateManagement(grpcServer)
} else {
log.Info("No credentials, setting Bootstrapping state.")
if grpcServer != nil {
grpcServer.GracefulStop()
}
grpcServer = gNOIServer.PrepareEncrypted()
gNOIServer.RegCertificateManagement(grpcServer)
}
bootstrapping = !bootstrapping
go serve()
}
}
func main() {
flag.Parse()
var err error
if gNOIServer, err = gnoi.NewServer(nil, nil); err != nil {
log.Fatal("Failed to create gNOI Server:", err)
}
// Registers a caller for whenever the number of installed certificates changes.
gNOIServer.RegisterNotifier(notify)
notify(0, 0) // Trigger bootstraping mode.
select {} // Loop forever.
}