veyron2/security: Introduce package level comment and mark all the interfaces/objects
that are deprecated (and will be removed once we switch the networking code to use
this new security model).
Change-Id: I01b10585c0ba97560c5c7aae617d644dad6db24e
diff --git a/runtimes/google/ipc/server.go b/runtimes/google/ipc/server.go
index a13910e..0f33be4 100644
--- a/runtimes/google/ipc/server.go
+++ b/runtimes/google/ipc/server.go
@@ -881,6 +881,7 @@
func (fs *flowServer) LocalID() security.PublicID { return fs.flow.LocalID() }
func (fs *flowServer) RemoteID() security.PublicID { return fs.authorizedRemoteID }
func (fs *flowServer) LocalPrincipal() security.Principal { return nil }
+func (fs *flowServer) LocalBlessings() security.Blessings { return nil }
func (fs *flowServer) RemoteBlessings() security.Blessings { return nil }
func (fs *flowServer) Blessing() security.PublicID { return fs.blessing }
func (fs *flowServer) LocalEndpoint() naming.Endpoint { return fs.flow.LocalEndpoint() }
diff --git a/runtimes/google/security/util.go b/runtimes/google/security/util.go
index 812a1ba..2834bca 100644
--- a/runtimes/google/security/util.go
+++ b/runtimes/google/security/util.go
@@ -31,7 +31,9 @@
type ContextArgs struct {
// LocalPrincipal is the principal at the local end of a request.
LocalPrincipal security.Principal
- // RemoteBlessings is the blessings held by the remote end of a request.
+ // LocalBlessings is the blessings presented to the remote end of a request.
+ LocalBlessings security.Blessings
+ // RemoteBlessings is the blessings presented by the remote end of a request.
RemoteBlessings security.Blessings
// LocalID, RemoteID are the identities at the local and remote ends of a request
// respectively.
@@ -104,6 +106,7 @@
func (c *context) LocalID() security.PublicID { return c.ContextArgs.LocalID }
func (c *context) RemoteID() security.PublicID { return c.ContextArgs.RemoteID }
func (c *context) LocalPrincipal() security.Principal { return c.ContextArgs.LocalPrincipal }
+func (c *context) LocalBlessings() security.Blessings { return c.ContextArgs.LocalBlessings }
func (c *context) RemoteBlessings() security.Blessings { return c.ContextArgs.RemoteBlessings }
func (c *context) LocalEndpoint() naming.Endpoint { return c.ContextArgs.LocalEndpoint }
func (c *context) RemoteEndpoint() naming.Endpoint { return c.ContextArgs.RemoteEndpoint }
diff --git a/security/acl_authorizer_test.go b/security/acl_authorizer_test.go
index 3d7fbfe..fa53263 100644
--- a/security/acl_authorizer_test.go
+++ b/security/acl_authorizer_test.go
@@ -29,6 +29,7 @@
func (c *context) LocalID() security.PublicID { return c.localID }
func (c *context) RemoteID() security.PublicID { return c.remoteID }
func (c *context) LocalPrincipal() security.Principal { return nil }
+func (c *context) LocalBlessings() security.Blessings { return nil }
func (c *context) RemoteBlessings() security.Blessings { return nil }
func (c *context) LocalEndpoint() naming.Endpoint { return nil }
func (c *context) RemoteEndpoint() naming.Endpoint { return nil }
diff --git a/security/audit/id_test.go b/security/audit/id_test.go
index d3e9bf9..5a58432 100644
--- a/security/audit/id_test.go
+++ b/security/audit/id_test.go
@@ -257,6 +257,7 @@
func (context) LocalID() security.PublicID { return nil }
func (context) RemoteID() security.PublicID { return nil }
func (context) LocalPrincipal() security.Principal { return nil }
+func (context) LocalBlessings() security.Blessings { return nil }
func (context) RemoteBlessings() security.Blessings { return nil }
func (context) LocalEndpoint() naming.Endpoint { return nil }
func (context) RemoteEndpoint() naming.Endpoint { return nil }
