Merge "veyron2: Panic if the user tries to use the runtime when it is not set."
diff --git a/lib/modules/shell.go b/lib/modules/shell.go
index ecaefde..6ed18d4 100644
--- a/lib/modules/shell.go
+++ b/lib/modules/shell.go
@@ -155,7 +155,7 @@
return nil, err
}
syscall.CloseOnExec(fd)
- p, err := agent.NewAgentPrincipal(ctx, fd)
+ p, err := agent.NewAgentPrincipal(ctx, fd, veyron2.GetClient(ctx))
if err != nil {
return nil, err
}
diff --git a/profiles/chrome/chromeinit.go b/profiles/chrome/chromeinit.go
index e7c37cb..b18108d 100644
--- a/profiles/chrome/chromeinit.go
+++ b/profiles/chrome/chromeinit.go
@@ -19,6 +19,6 @@
if err != nil {
return nil, nil, shutdown, err
}
- veyron2.GetLogger(ctx).VI(1).Infof("Initializing chrome profile.")
+ runtime.GetLogger(ctx).VI(1).Infof("Initializing chrome profile.")
return runtime, ctx, shutdown, nil
}
diff --git a/profiles/gce/initx.go b/profiles/gce/initx.go
index 60f1e69..4aa63c8 100644
--- a/profiles/gce/initx.go
+++ b/profiles/gce/initx.go
@@ -41,7 +41,7 @@
if err != nil {
return nil, nil, shutdown, err
}
- veyron2.GetLogger(ctx).VI(1).Infof("Initializing GCE profile.")
+ runtime.GetLogger(ctx).VI(1).Infof("Initializing GCE profile.")
lf := commonFlags.ListenFlags()
listenSpec := ipc.ListenSpec{
diff --git a/profiles/genericinit.go b/profiles/genericinit.go
index 73224f6..cbd7312 100644
--- a/profiles/genericinit.go
+++ b/profiles/genericinit.go
@@ -20,7 +20,7 @@
if err != nil {
return nil, nil, nil, err
}
- veyron2.GetLogger(ctx).VI(1).Infof("Initializing generic profile.")
+ runtime.GetLogger(ctx).VI(1).Infof("Initializing generic profile.")
ac := appcycle.New()
ctx = runtime.SetAppCycle(ctx, ac)
diff --git a/profiles/roaming/roaminginit.go b/profiles/roaming/roaminginit.go
index f36720d..533cabb 100644
--- a/profiles/roaming/roaminginit.go
+++ b/profiles/roaming/roaminginit.go
@@ -76,7 +76,7 @@
}
}
- publisher := veyron2.GetPublisher(ctx)
+ publisher := runtime.GetPublisher(ctx)
// Create stream in Init function to avoid a race between any
// goroutines started here and consumers started after Init returns.
@@ -106,13 +106,13 @@
cleanupCh := make(chan struct{})
watcherCh := make(chan struct{})
- listenSpec.StreamPublisher = veyron2.GetPublisher(ctx)
+ listenSpec.StreamPublisher = publisher
listenSpec.StreamName = SettingsStreamName
listenSpec.AddressChooser = internal.IPAddressChooser
ctx = runtime.SetListenSpec(ctx, listenSpec)
- go monitorNetworkSettingsX(ctx, watcher, prev, stop, cleanupCh, watcherCh, ch, ListenSpec)
+ go monitorNetworkSettingsX(runtime, ctx, watcher, prev, stop, cleanupCh, watcherCh, ch)
profileShutdown := func() {
close(cleanupCh)
shutdown()
@@ -124,11 +124,18 @@
// monitorNetworkSettings will monitor network configuration changes and
// publish subsequent Settings to reflect any changes detected.
-func monitorNetworkSettingsX(ctx *context.T, watcher netconfig.NetConfigWatcher, prev netstate.AddrList, pubStop, cleanup <-chan struct{},
- watcherLoop chan<- struct{}, ch chan<- config.Setting, listenSpec ipc.ListenSpec) {
+func monitorNetworkSettingsX(
+ runtime *grt.RuntimeX,
+ ctx *context.T,
+ watcher netconfig.NetConfigWatcher,
+ prev netstate.AddrList,
+ pubStop, cleanup <-chan struct{},
+ watcherLoop chan<- struct{},
+ ch chan<- config.Setting) {
defer close(ch)
- log := veyron2.GetLogger(ctx)
+ log := runtime.GetLogger(ctx)
+ listenSpec := runtime.GetListenSpec(ctx)
// TODO(cnicolaou): add support for listening on multiple network addresses.
diff --git a/runtimes/google/rt/rt.go b/runtimes/google/rt/rt.go
index 77f1258..c7bcafa 100644
--- a/runtimes/google/rt/rt.go
+++ b/runtimes/google/rt/rt.go
@@ -137,15 +137,16 @@
}
}
- // This call to NewClient creates a client that is attached to the context used
- // by the NewAgentPrincipal call in initSecurity. The context used by NewAgentPrincipal
- // is incomplete and only works because the agent uses anonymous unix sockets and
+ // This call to NewClient creates a client that is used by the
+ // NewAgentPrincipal call in initSecurity. This client is incomplete
+ // and only works because the agent uses anonymous unix sockets and
// VCSecurityNone.
- if rt.client, err = rt.NewClient(); err != nil {
+ client, err := rt.NewClient()
+ if err != nil {
return nil, fmt.Errorf("failed to create new client: %s", err)
}
- if err := rt.initSecurity(handle, rt.flags.Credentials); err != nil {
+ if err := rt.initSecurity(handle, rt.flags.Credentials, client); err != nil {
return nil, fmt.Errorf("failed to init security: %s", err)
}
diff --git a/runtimes/google/rt/runtimex.go b/runtimes/google/rt/runtimex.go
index c2a5ac3..ff35b2d 100644
--- a/runtimes/google/rt/runtimex.go
+++ b/runtimes/google/rt/runtimex.go
@@ -166,16 +166,16 @@
return nil, nil, nil, err
}
- // The client we attach here is incomplete (has a nil principal) and only works
+ // The client we create here is incomplete (has a nil principal) and only works
// because the agent uses anonymous unix sockets and VCSecurityNone.
// After security is initialized we will attach a real client.
- ctx, _, err = r.SetNewClient(ctx)
+ _, client, err := r.SetNewClient(ctx)
if err != nil {
return nil, nil, nil, err
}
// Initialize security.
- principal, err := initSecurity(ctx, handle, flags.Credentials)
+ principal, err := initSecurity(ctx, handle, flags.Credentials, client)
if err != nil {
return nil, nil, nil, err
}
diff --git a/runtimes/google/rt/security.go b/runtimes/google/rt/security.go
index 5f6a14d..1ea73f4 100644
--- a/runtimes/google/rt/security.go
+++ b/runtimes/google/rt/security.go
@@ -4,6 +4,7 @@
"os"
"syscall"
+ "v.io/core/veyron2/ipc"
"v.io/core/veyron2/security"
"v.io/core/veyron/lib/exec"
@@ -16,8 +17,8 @@
return rt.principal
}
-func (rt *vrt) initSecurity(handle *exec.ChildHandle, credentials string) error {
- if err := rt.setupPrincipal(handle, credentials); err != nil {
+func (rt *vrt) initSecurity(handle *exec.ChildHandle, credentials string, client ipc.Client) error {
+ if err := rt.setupPrincipal(handle, credentials, client); err != nil {
return err
}
stats.NewString("security/principal/key").Set(rt.principal.PublicKey().String())
@@ -26,7 +27,7 @@
return nil
}
-func (rt *vrt) setupPrincipal(handle *exec.ChildHandle, credentials string) error {
+func (rt *vrt) setupPrincipal(handle *exec.ChildHandle, credentials string, client ipc.Client) error {
if rt.principal != nil {
return nil
}
@@ -34,7 +35,7 @@
return err
} else if fd >= 0 {
var err error
- rt.principal, err = rt.connectToAgent(fd)
+ rt.principal, err = rt.connectToAgent(fd, client)
return err
}
if len(credentials) > 0 {
@@ -60,7 +61,7 @@
return vsecurity.InitDefaultBlessings(rt.principal, defaultBlessingName())
}
-func (rt *vrt) connectToAgent(fd int) (security.Principal, error) {
+func (rt *vrt) connectToAgent(fd int, client ipc.Client) (security.Principal, error) {
// Dup the fd, so we can create multiple runtimes.
syscall.ForkLock.Lock()
newfd, err := syscall.Dup(fd)
@@ -71,5 +72,5 @@
if err != nil {
return nil, err
}
- return agent.NewAgentPrincipal(rt.NewContext(), newfd)
+ return agent.NewAgentPrincipal(rt.NewContext(), newfd, client)
}
diff --git a/runtimes/google/rt/securityx.go b/runtimes/google/rt/securityx.go
index 0c8ca3f..040ca83 100644
--- a/runtimes/google/rt/securityx.go
+++ b/runtimes/google/rt/securityx.go
@@ -8,6 +8,7 @@
"syscall"
"v.io/core/veyron2/context"
+ "v.io/core/veyron2/ipc"
"v.io/core/veyron2/mgmt"
"v.io/core/veyron2/security"
@@ -17,8 +18,8 @@
"v.io/core/veyron/security/agent"
)
-func initSecurity(ctx *context.T, handle *exec.ChildHandle, credentials string) (security.Principal, error) {
- principal, err := setupPrincipal(ctx, handle, credentials)
+func initSecurity(ctx *context.T, handle *exec.ChildHandle, credentials string, client ipc.Client) (security.Principal, error) {
+ principal, err := setupPrincipal(ctx, handle, credentials, client)
if err != nil {
return nil, err
}
@@ -30,7 +31,7 @@
return principal, nil
}
-func setupPrincipal(ctx *context.T, handle *exec.ChildHandle, credentials string) (security.Principal, error) {
+func setupPrincipal(ctx *context.T, handle *exec.ChildHandle, credentials string, client ipc.Client) (security.Principal, error) {
var err error
var principal security.Principal
if principal, _ = ctx.Value(principalKey).(security.Principal); principal != nil {
@@ -39,7 +40,7 @@
if fd, err := agentFD(handle); err != nil {
return nil, err
} else if fd >= 0 {
- return agent.NewAgentPrincipal(ctx, fd)
+ return agent.NewAgentPrincipal(ctx, fd, client)
}
if len(credentials) > 0 {
// TODO(ataly, ashankar): If multiple runtimes are getting
diff --git a/security/agent/agent_test.go b/security/agent/agent_test.go
index 7236034..bfc7ddd 100644
--- a/security/agent/agent_test.go
+++ b/security/agent/agent_test.go
@@ -11,6 +11,7 @@
"v.io/core/veyron/security/agent"
"v.io/core/veyron/security/agent/server"
+ "v.io/core/veyron2"
"v.io/core/veyron2/context"
"v.io/core/veyron2/rt"
"v.io/core/veyron2/security"
@@ -25,7 +26,7 @@
defer sock.Close()
var agentP security.Principal
- if agentP, err = agent.NewAgentPrincipal(ctx, int(sock.Fd())); err != nil {
+ if agentP, err = agent.NewAgentPrincipal(ctx, int(sock.Fd()), veyron2.GetClient(ctx)); err != nil {
t.Fatal(err)
}
return agentP
diff --git a/security/agent/client.go b/security/agent/client.go
index e5604d2..0c2912a 100644
--- a/security/agent/client.go
+++ b/security/agent/client.go
@@ -8,7 +8,6 @@
"os"
"v.io/core/veyron/lib/unixfd"
- "v.io/core/veyron2"
"v.io/core/veyron2/context"
"v.io/core/veyron2/ipc"
"v.io/core/veyron2/naming"
@@ -40,7 +39,7 @@
ctx, _ := vtrace.SetNewTrace(c.ctx)
// VCSecurityNone is safe here since we're using anonymous unix sockets.
- if call, err = c.client.StartCall(ctx, c.name, name, args, options.VCSecurityNone); err == nil {
+ if call, err = c.client.StartCall(ctx, c.name, name, args, options.VCSecurityNone, options.NoResolve{}); err == nil {
if ierr := call.Finish(results...); ierr != nil {
err = ierr
}
@@ -59,7 +58,7 @@
// 'fd' is the socket for connecting to the agent, typically obtained from
// os.GetEnv(agent.FdVarName).
// 'ctx' should not have a deadline, and should never be cancelled.
-func NewAgentPrincipal(ctx *context.T, fd int) (security.Principal, error) {
+func NewAgentPrincipal(ctx *context.T, fd int, insecureClient ipc.Client) (security.Principal, error) {
f := os.NewFile(uintptr(fd), "agent_client")
defer f.Close()
conn, err := net.FileConn(f)
@@ -73,7 +72,7 @@
return nil, err
}
caller := caller{
- client: veyron2.GetClient(ctx),
+ client: insecureClient,
name: naming.JoinAddressName(naming.FormatEndpoint(addr.Network(), addr.String()), ""),
ctx: ctx,
}
diff --git a/security/agent/keymgr/keymgr_test.go b/security/agent/keymgr/keymgr_test.go
index f9d18b7..422767a 100644
--- a/security/agent/keymgr/keymgr_test.go
+++ b/security/agent/keymgr/keymgr_test.go
@@ -12,6 +12,7 @@
"v.io/core/veyron/security/agent"
"v.io/core/veyron/security/agent/server"
+ "v.io/core/veyron2"
"v.io/core/veyron2/context"
"v.io/core/veyron2/rt"
"v.io/core/veyron2/security"
@@ -70,7 +71,7 @@
return nil, err
}
- return agent.NewAgentPrincipal(ctx, fd)
+ return agent.NewAgentPrincipal(ctx, fd, veyron2.GetClient(ctx))
}
func TestSigning(t *testing.T) {
diff --git a/services/mgmt/device/impl/app_service.go b/services/mgmt/device/impl/app_service.go
index 5ccb84e..03344c0 100644
--- a/services/mgmt/device/impl/app_service.go
+++ b/services/mgmt/device/impl/app_service.go
@@ -500,7 +500,7 @@
defer conn.Close()
// TODO(caprita): release the socket created by NewAgentPrincipal.
- if p, err = agent.NewAgentPrincipal(ctx, int(conn.Fd())); err != nil {
+ if p, err = agent.NewAgentPrincipal(ctx, int(conn.Fd()), veyron2.GetClient(ctx)); err != nil {
vlog.Errorf("NewAgentPrincipal() failed: %v", err)
return verror2.Make(ErrOperationFailed, nil)
}
diff --git a/tools/vrun/vrun.go b/tools/vrun/vrun.go
index cefeebd..8ebdf7c 100644
--- a/tools/vrun/vrun.go
+++ b/tools/vrun/vrun.go
@@ -134,7 +134,7 @@
return nil, nil, err
}
syscall.CloseOnExec(fd)
- principal, err := agent.NewAgentPrincipal(ctx, fd)
+ principal, err := agent.NewAgentPrincipal(ctx, fd, veyron2.GetClient(ctx))
if err != nil {
vlog.Errorf("Couldn't connect to principal")
return nil, nil, err
