profiles/internal/rpc: Make it an error if the principal is nil in
SecurityConfidential.
Change-Id: Iaeb6223dc2edfc7cb3711389d838eac44546e7f1
diff --git a/profiles/internal/rpc/client.go b/profiles/internal/rpc/client.go
index 458040f..26b7244 100644
--- a/profiles/internal/rpc/client.go
+++ b/profiles/internal/rpc/client.go
@@ -80,6 +80,8 @@
errBlessingGrant = verror.Register(pkgPath+".blessingGrantFailed", verror.NoRetry, "failed to grant blessing to server with blessings {3}{:4}")
errBlessingAdd = verror.Register(pkgPath+".blessingAddFailed", verror.NoRetry, "failed to add blessing granted to server {3}{:4}")
+
+ errNoPrincipal = verror.Register(pkgPath+".noPrincipal", verror.NoRetry, "principal required for secure connections")
)
type client struct {
@@ -410,7 +412,9 @@
// on here.
var principal security.Principal
if callEncrypted(opts) {
- principal = v23.GetPrincipal(ctx)
+ if principal = v23.GetPrincipal(ctx); principal == nil {
+ return nil, verror.NoRetry, verror.New(errNoPrincipal, ctx)
+ }
}
// servers is now ordered by the priority heurestic implemented in
diff --git a/profiles/internal/rpc/full_test.go b/profiles/internal/rpc/full_test.go
index 3ff09b7..8f0383c 100644
--- a/profiles/internal/rpc/full_test.go
+++ b/profiles/internal/rpc/full_test.go
@@ -1642,6 +1642,39 @@
}
}
+func TestNoPrincipal(t *testing.T) {
+ ctx, shutdown := initForTest()
+ defer shutdown()
+ sm := imanager.InternalNew(naming.FixedRoutingID(0x66666666))
+ defer sm.Shutdown()
+ ns := tnaming.NewSimpleNamespace()
+ server, err := testInternalNewServer(ctx, sm, ns, testutil.NewPrincipal("server"))
+ if err != nil {
+ t.Fatalf("InternalNewServer failed: %v", err)
+ }
+ if _, err = server.Listen(listenSpec); err != nil {
+ t.Fatalf("server.Listen failed: %v", err)
+ }
+ disp := &testServerDisp{&testServer{}}
+ if err := server.ServeDispatcher("mp/server", disp); err != nil {
+ t.Fatalf("server.Serve failed: %v", err)
+ }
+ client, err := InternalNewClient(sm, ns)
+ if err != nil {
+ t.Fatalf("InternalNewClient failed: %v", err)
+ }
+
+ // A call should fail if the principal in the ctx is nil and SecurityNone is not specified.
+ ctx, err = v23.SetPrincipal(ctx, nil)
+ if err != nil {
+ t.Fatalf("failed to set principal: %v", err)
+ }
+ _, err = client.StartCall(ctx, "mp/server", "Echo", []interface{}{"foo"})
+ if err == nil || verror.ErrorID(err) != errNoPrincipal.ID {
+ t.Fatalf("Expected errNoPrincipal, got %v", err)
+ }
+}
+
func TestCallWithNilContext(t *testing.T) {
sm := imanager.InternalNew(naming.FixedRoutingID(0x66666666))
defer sm.Shutdown()
@@ -1655,7 +1688,7 @@
t.Errorf("Expected nil interface got: %#v", call)
}
if verror.ErrorID(err) != verror.ErrBadArg.ID {
- t.Errorf("Expected an BadArg error, got: %s", err.Error())
+ t.Errorf("Expected a BadArg error, got: %s", err.Error())
}
}
