ipc: VCSecurityLevel->Security and no longer a stream opt.
SecurityLevel is not handled only in server.go and client.go.
Everywhere else in the ipc stack, nil principal means SecurityNone.
This also fixes https://github.com/veyron/release-issues/issues/1423
in the process.
MultiPart: 1/2
Change-Id: I55646e574e43b633c69300b1fecb623c95340bbc
diff --git a/security/agent/agent_v23_test.go b/security/agent/agent_v23_test.go
index 1d5446a..42539e2 100644
--- a/security/agent/agent_v23_test.go
+++ b/security/agent/agent_v23_test.go
@@ -253,12 +253,6 @@
if err := pclient.AddToRoots(bserver); err != nil {
i.Fatal(err)
}
- // TODO(ashankar,ribrdb,suharshs): This should not be needed. It seems
- // however, that not providing it messes up the agent: Specifically,
- // the child process is unable to connect to the agent?
- if err := pclient.BlessingStore().SetDefault(bclient); err != nil {
- i.Fatal(err)
- }
const envvar = "VEYRON_CREDENTIALS="
return agentd.WithEnv(envvar + clientDir), agentd.WithEnv(envvar + serverDir)
}
diff --git a/security/agent/client.go b/security/agent/client.go
index b93914d..f9ce007 100644
--- a/security/agent/client.go
+++ b/security/agent/client.go
@@ -46,8 +46,8 @@
func (c *caller) startCall(name string, args ...interface{}) (rpc.ClientCall, error) {
ctx, _ := vtrace.SetNewTrace(c.ctx)
- // VCSecurityNone is safe here since we're using anonymous unix sockets.
- return c.client.StartCall(ctx, c.name, name, args, options.VCSecurityNone, options.NoResolve{})
+ // SecurityNone is safe here since we're using anonymous unix sockets.
+ return c.client.StartCall(ctx, c.name, name, args, options.SecurityNone, options.NoResolve{})
}
func results(inputs ...interface{}) []interface{} {
diff --git a/security/agent/server/server.go b/security/agent/server/server.go
index e0e0e95..0799414 100644
--- a/security/agent/server/server.go
+++ b/security/agent/server/server.go
@@ -240,13 +240,13 @@
}
}
if clientAddr != nil {
- // VCSecurityNone is safe since we're using anonymous unix sockets.
+ // SecurityNone is safe since we're using anonymous unix sockets.
// Only our child process can possibly communicate on the socket.
//
- // Also, VCSecurityNone implies that s (rpc.Server) created below does not
+ // Also, SecurityNone implies that s (rpc.Server) created below does not
// authenticate to clients, so runtime.Principal is irrelevant for the agent.
// TODO(ribrdb): Shutdown these servers when the connection is closed.
- s, err := v23.NewServer(ctx, options.VCSecurityNone)
+ s, err := v23.NewServer(ctx, options.SecurityNone)
if err != nil {
vlog.Infof("Error creating server: %v", err)
ack()
diff --git a/security/agent/server/wire.vdl b/security/agent/server/wire.vdl
index 9202cd7..53d94d4 100644
--- a/security/agent/server/wire.vdl
+++ b/security/agent/server/wire.vdl
@@ -7,7 +7,7 @@
// unix domain socket. To connect to the agent, a client should create
// a unix domain socket pair. Then send one end of the socket to the agent
// with 1 byte of data. The agent will then serve the Agent service on
-// the recieved socket, using VCSecurityNone.
+// the received socket, using SecurityNone.
//
// The agent also supports an optional mode where it can manage multiple principals.
// Typically this is only used by Device Manager. In this mode, VEYRON_AGENT_FD
