长安链源码分析启动(6)
作者:李
- 2022 年 8 月 30 日 湖南
本文字数:1841 字
阅读完需:约 6 分钟
本文已参与「开源摘星计划」,欢迎正在阅读的你加入。活动链接:https://github.com/weopenprojects/WeOpen-Star
区块链初始化主脉络分析完后,接下来继续看 grpc 这块
进入进去,核心是 newGrpc
进入 newGrpc,看看里面的细节
代码看起来很多,不要陷入细节,核心看主脉络,大致看一下,核心就是创建一堆选项 opts,然后调用 grpc.NewServer,具体细节看代码注释
//定义grpc服务的参数选项
var opts []grpc.ServerOption
//是否启动了监听配置,如果启动了,加入监听连接器
if localconf.ChainMakerConfig.MonitorConfig.Enabled {
opts = []grpc.ServerOption{
grpc_middleware.WithUnaryServerChain(
RecoveryInterceptor,
LoggingInterceptor,
MonitorInterceptor, // 监听拦截器
BlackListInterceptor(),
RateLimitInterceptor(),
),
grpc_middleware.WithStreamServerChain(
BlackListStreamInterceptor(),
),
}
} else {
opts = []grpc.ServerOption{
grpc_middleware.WithUnaryServerChain(
RecoveryInterceptor,
LoggingInterceptor,
BlackListInterceptor(),
RateLimitInterceptor(),
),
grpc_middleware.WithStreamServerChain(
BlackListStreamInterceptor(),
),
}
}
//如果认证类型是PermissionedWithKey、Public
if strings.ToLower(localconf.ChainMakerConfig.AuthType) == protocol.PermissionedWithKey ||
strings.ToLower(localconf.ChainMakerConfig.AuthType) == protocol.Public {
//确保tls模式为 disable
if localconf.ChainMakerConfig.RpcConfig.TLSConfig.Mode != TLS_MODE_DISABLE {
localconf.ChainMakerConfig.RpcConfig.TLSConfig.Mode = TLS_MODE_DISABLE
log.Infof("the tls mode has been automatically set to [disable] according to the authType:[%s]",
localconf.ChainMakerConfig.AuthType)
}
}
//如果tls模式不是disable
if localconf.ChainMakerConfig.RpcConfig.TLSConfig.Mode != TLS_MODE_DISABLE {
//获取链配置
chainConfs, err := chainMakerServer.GetAllChainConf()
if err != nil {
return nil, fmt.Errorf("get all chain conf failed, %s", err)
}
var caCerts []string
//遍历链配置
for _, chainConf := range chainConfs {
//遍历TrustRoots
for _, orgRoot := range chainConf.ChainConfig().TrustRoots {
caCerts = append(caCerts, orgRoot.Root...)
}
}
//创建ca服务器
tlsRPCServer := ca.CAServer{
CaCerts: caCerts,
CertFile: localconf.ChainMakerConfig.RpcConfig.TLSConfig.CertFile,
KeyFile: localconf.ChainMakerConfig.RpcConfig.TLSConfig.PrivKeyFile,
Logger: log,
}
//如果是双向的,设置checkClientAuth为true
checkClientAuth := false
if localconf.ChainMakerConfig.RpcConfig.TLSConfig.Mode == TLS_MODE_TWOWAY {
checkClientAuth = true
log.Infof("need check client auth")
}
//获取所有的AccessControlProvider
acs, err := chainMakerServer.GetAllAC()
if err != nil {
log.Errorf("get all AccessControlProvider failed, %s", err.Error())
return nil, err
}
customVerify := ca.CustomVerify{
VerifyPeerCertificate: createVerifyPeerCertificateFunc(acs),
GMVerifyPeerCertificate: createGMVerifyPeerCertificateFunc(acs),
}
//c, err := tlsRPCServer.GetCredentialsByCA(checkClientAuth)
//获取认证信息
c, err := tlsRPCServer.GetCredentialsByCA(checkClientAuth, customVerify)
if err != nil {
log.Errorf("new gRPC failed, GetTLSCredentialsByCA err: %v", err)
return nil, err
}
opts = append(opts, grpc.Creds(*c))
}
//设置一些rpc参数
opts = append(opts, grpc.MaxSendMsgSize(localconf.ChainMakerConfig.RpcConfig.MaxSendMsgSize))
opts = append(opts, grpc.MaxRecvMsgSize(localconf.ChainMakerConfig.RpcConfig.MaxRecvMsgSize))
//params := grpc.KeepaliveParams(keepalive.ServerParameters{
// Time: 10 * time.Second,
// Timeout: 10 * time.Second,
//})
//opts = append(opts, params)
//创建grpc服务器
server := grpc.NewServer(opts...)
复制代码
划线
评论
复制
发布于: 刚刚阅读数: 3
李
关注
还未添加个人签名 2018.05.04 加入
还未添加个人简介
评论