From cd545f0160e9dea5a9637eb574fe7ff2b380e0ac Mon Sep 17 00:00:00 2001 From: Leonard Lyubich Date: Wed, 4 May 2022 15:34:26 +0300 Subject: [PATCH] [#1351] cli: Fix connection scheme loss during endpoint parsing In previous implementation NeoFS CLI app used `network.Address.HostAddr` as a server URI, which caused scheme loss since host address doesn't contain it. Rename `HostAddr` to `URIAddr` and make it to return URI address with `grpcs` scheme if TLS is enabled. Make `TLSEnabled` unexported since it was used to provide default `tls.Config` only (it is used by default in SDK). Signed-off-by: Leonard Lyubich --- CHANGELOG.md | 3 +++ cmd/neofs-cli/internal/client/sdk.go | 7 +----- cmd/neofs-cli/modules/control.go | 26 ++--------------------- cmd/neofs-cli/modules/root.go | 14 ++++++++---- cmd/neofs-node/config/node/config_test.go | 7 ++---- pkg/network/address.go | 16 +++++++++++--- pkg/network/address_test.go | 5 +++-- pkg/network/cache/multi.go | 6 +----- pkg/network/group.go | 2 +- pkg/network/tls.go | 4 ++-- pkg/network/tls_test.go | 2 +- 11 files changed, 39 insertions(+), 53 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 068baaca4..bdb6c9e17 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,9 @@ Changelog for NeoFS Node ## [Unreleased] +### Fixed +- Loss of the connection scheme during address parsing in NeoFS CLI (#1351) + ## [0.28.0] - 2022-04-29 - Heuksando (흑산도, 黑山島) ### Added diff --git a/cmd/neofs-cli/internal/client/sdk.go b/cmd/neofs-cli/internal/client/sdk.go index ab254a7d4..9f7457820 100644 --- a/cmd/neofs-cli/internal/client/sdk.go +++ b/cmd/neofs-cli/internal/client/sdk.go @@ -2,7 +2,6 @@ package internal import ( "crypto/ecdsa" - "crypto/tls" "fmt" "github.com/nspcc-dev/neofs-node/pkg/network" @@ -19,11 +18,7 @@ func GetSDKClient(key *ecdsa.PrivateKey, addr network.Address) (*client.Client, prmInit.SetDefaultPrivateKey(*key) prmInit.ResolveNeoFSFailures() - prmDial.SetServerURI(addr.HostAddr()) - - if addr.TLSEnabled() { - prmDial.SetTLSConfig(&tls.Config{}) - } + prmDial.SetServerURI(addr.URIAddr()) c.Init(prmInit) diff --git a/cmd/neofs-cli/modules/control.go b/cmd/neofs-cli/modules/control.go index bf0266884..3ef24e694 100644 --- a/cmd/neofs-cli/modules/control.go +++ b/cmd/neofs-cli/modules/control.go @@ -2,7 +2,6 @@ package cmd import ( "crypto/ecdsa" - "crypto/tls" "fmt" "github.com/mr-tron/base58" @@ -457,30 +456,9 @@ func listShards(cmd *cobra.Command, _ []string) { prettyPrintShards(cmd, resp.GetBody().GetShards()) } -// getControlSDKClient is the same getSDKClient but with -// another RPC endpoint flag. +// getControlSDKClient calls getSDKClientFlag with "endpoint" flag. func getControlSDKClient(key *ecdsa.PrivateKey) (*client.Client, error) { - var ( - c client.Client - prmInit client.PrmInit - prmDial client.PrmDial - ) - - netAddr, err := getEndpointAddress(controlRPC) - if err != nil { - return nil, err - } - - prmInit.SetDefaultPrivateKey(*key) - prmDial.SetServerURI(netAddr.HostAddr()) - - if netAddr.TLSEnabled() { - prmDial.SetTLSConfig(&tls.Config{}) - } - - c.Init(prmInit) - - return &c, c.Dial(prmDial) + return getSDKClientFlag(key, controlRPC) } func prettyPrintShards(cmd *cobra.Command, ii []*control.ShardInfo) { diff --git a/cmd/neofs-cli/modules/root.go b/cmd/neofs-cli/modules/root.go index 661bbd720..3d27e38ec 100644 --- a/cmd/neofs-cli/modules/root.go +++ b/cmd/neofs-cli/modules/root.go @@ -188,7 +188,7 @@ func getEndpointAddress(endpointFlag string) (addr network.Address, err error) { err = addr.FromString(endpoint) if err != nil { - err = errInvalidEndpoint + err = fmt.Errorf("%v: %w", errInvalidEndpoint, err) } return @@ -227,13 +227,19 @@ func prepareBearerPrm(cmd *cobra.Command, prm bearerPrm) { prm.SetBearerToken(btok) } -// getSDKClient returns default neofs-api-go sdk client. Consider using -// opts... to provide TTL or other global configuration flags. +// getSDKClient calls getSDKGClientFlag with "rpc-endpoint" flag. func getSDKClient(key *ecdsa.PrivateKey) (*client.Client, error) { - netAddr, err := getEndpointAddress(rpc) + return getSDKClientFlag(key, rpc) +} + +// getSDKClientFlag returns NeoFS API client connection to the network address +// set by the given flag. +func getSDKClientFlag(key *ecdsa.PrivateKey, endpointFlag string) (*client.Client, error) { + netAddr, err := getEndpointAddress(endpointFlag) if err != nil { return nil, err } + return internalclient.GetSDKClient(key, netAddr) } diff --git a/cmd/neofs-node/config/node/config_test.go b/cmd/neofs-node/config/node/config_test.go index e83592aa0..f0bf39eca 100644 --- a/cmd/neofs-node/config/node/config_test.go +++ b/cmd/neofs-node/config/node/config_test.go @@ -89,12 +89,10 @@ func TestNodeSection(t *testing.T) { expectedAddr := []struct { str string host string - tls bool }{ { str: "/dns4/localhost/tcp/8083/tls", - host: "localhost:8083", - tls: true, + host: "grpcs://localhost:8083", }, { str: "/dns4/s01.neofs.devenv/tcp/8080", @@ -118,8 +116,7 @@ func TestNodeSection(t *testing.T) { addrs.IterateAddresses(func(addr network.Address) bool { require.Equal(t, expectedAddr[ind].str, addr.String()) - require.Equal(t, expectedAddr[ind].host, addr.HostAddr()) - require.Equal(t, expectedAddr[ind].tls, addr.TLSEnabled()) + require.Equal(t, expectedAddr[ind].host, addr.URIAddr()) ind++ diff --git a/pkg/network/address.go b/pkg/network/address.go index 5e094be43..3419d8756 100644 --- a/pkg/network/address.go +++ b/pkg/network/address.go @@ -3,6 +3,7 @@ package network import ( "fmt" "net" + "net/url" "strings" "github.com/multiformats/go-multiaddr" @@ -33,10 +34,12 @@ func (a Address) equal(addr Address) bool { return a.ma.Equal(addr.ma) } -// HostAddr returns host address in string format. +// URIAddr returns Address as a URI. // // Panics if host address cannot be fetched from Address. -func (a Address) HostAddr() string { +// +// See also FromString. +func (a Address) URIAddr() string { _, host, err := manet.DialArgs(a.ma) if err != nil { // the only correct way to construct Address is AddressFromString @@ -44,7 +47,14 @@ func (a Address) HostAddr() string { panic(fmt.Errorf("could not get host addr: %w", err)) } - return host + if !a.isTLSEnabled() { + return host + } + + return (&url.URL{ + Scheme: "grpcs", + Host: host, + }).String() } // FromString restores Address from a string representation. diff --git a/pkg/network/address_test.go b/pkg/network/address_test.go index 78d4008f9..c4e7bea2e 100644 --- a/pkg/network/address_test.go +++ b/pkg/network/address_test.go @@ -50,12 +50,13 @@ func TestAddress_HostAddrString(t *testing.T) { }{ {buildMultiaddr("/dns4/neofs.bigcorp.com/tcp/8080", t), "neofs.bigcorp.com:8080"}, {buildMultiaddr("/ip4/172.16.14.1/tcp/8080", t), "172.16.14.1:8080"}, + {buildMultiaddr("/ip4/192.168.0.1/tcp/8888/tls", t), "grpcs://192.168.0.1:8888"}, } for _, testcase := range testcases { addr := Address{testcase.ma} - got := addr.HostAddr() + got := addr.URIAddr() require.Equal(t, testcase.exp, got) } @@ -68,7 +69,7 @@ func TestAddress_HostAddrString(t *testing.T) { for _, testcase := range testcases { addr := Address{testcase} - require.Panics(t, func() { addr.HostAddr() }) + require.Panics(t, func() { addr.URIAddr() }) } }) } diff --git a/pkg/network/cache/multi.go b/pkg/network/cache/multi.go index da9aa3927..10c579810 100644 --- a/pkg/network/cache/multi.go +++ b/pkg/network/cache/multi.go @@ -2,7 +2,6 @@ package cache import ( "context" - "crypto/tls" "errors" "sync" @@ -38,10 +37,7 @@ func (x *multiClient) createForAddress(addr network.Address) clientcore.Client { prmDial client.PrmDial ) - prmDial.SetServerURI(addr.HostAddr()) - if addr.TLSEnabled() { - prmDial.SetTLSConfig(&tls.Config{}) - } + prmDial.SetServerURI(addr.URIAddr()) if x.opts.Key != nil { prmInit.SetDefaultPrivateKey(*x.opts.Key) diff --git a/pkg/network/group.go b/pkg/network/group.go index ebe6bf4c8..113fd0c3b 100644 --- a/pkg/network/group.go +++ b/pkg/network/group.go @@ -57,7 +57,7 @@ func (x AddressGroup) Len() int { // Less returns true if i-th address in AddressGroup supports TLS // and j-th one doesn't. func (x AddressGroup) Less(i, j int) bool { - return x[i].TLSEnabled() && !x[j].TLSEnabled() + return x[i].isTLSEnabled() && !x[j].isTLSEnabled() } // Swap swaps i-th and j-th addresses in AddressGroup. diff --git a/pkg/network/tls.go b/pkg/network/tls.go index 0081d43e6..de2c93694 100644 --- a/pkg/network/tls.go +++ b/pkg/network/tls.go @@ -11,8 +11,8 @@ const ( // tls var is used for (un)wrapping other multiaddrs around TLS multiaddr. var tls, _ = multiaddr.NewMultiaddr("/" + tlsProtocolName) -// TLSEnabled searches for wrapped TLS protocol in multiaddr. -func (a Address) TLSEnabled() bool { +// isTLSEnabled searches for wrapped TLS protocol in multiaddr. +func (a Address) isTLSEnabled() bool { for _, protoc := range a.ma.Protocols() { if protoc.Code == multiaddr.P_TLS { return true diff --git a/pkg/network/tls_test.go b/pkg/network/tls_test.go index c7715b449..25775eaf1 100644 --- a/pkg/network/tls_test.go +++ b/pkg/network/tls_test.go @@ -24,6 +24,6 @@ func TestAddress_TLSEnabled(t *testing.T) { err := addr.FromString(test.input) require.NoError(t, err) - require.Equal(t, test.wantTLS, addr.TLSEnabled(), test.input) + require.Equal(t, test.wantTLS, addr.isTLSEnabled(), test.input) } }