veyron/runtimes/google: Plumb the new security model all the way through.
This commit aims to enable a smooth transition to the new security
model for all client and server processes.
- ipc.Server implementations have both an old model identity
(PrivateID/PublicID) and new model credentials (Principal)
However, the IPC protocol version sent by the client determines
which model to use. IPCVersion4 implies authentication with
the new model, older versions use the older model
- The runtime sets up ipc.Client to use the new security model
only when explicitly asked to do so via the presense of the
VEYRON_CREDENTIALS environment variable.
The upgrade plan is to:
- Generate new-model credentials for all services and restart
those services
- After some time (once we've traced all remaining old code),
switch the default behavior to only use the old model if
explicitly asked to do so.
- And after that, remove the old model
Change-Id: Ifcaee44dbf12fa8bdbeec6e241f3f9d232668273
19 files changed
