Flatten comm.ServerConfig

ServerConfig had pointers for SecureOptions and
KeepAliveOptions which really should just be
values.

FAB-15589 #done

Change-Id: Ic1f8e38e0ee1f486254937eea8c7c324b8c5be49
Signed-off-by: Gari Singh <gari.r.singh@gmail.com>

Author: mastersingh24

cmd/common/comm/client_test.go

@@ -22,7 +22,7 @@ import (
 
 func TestTLSClient(t *testing.T) {
 	srv, err := comm.NewGRPCServer("127.0.0.1:", comm.ServerConfig{
-		SecOpts: &comm.SecureOptions{
+		SecOpts: comm.SecureOptions{
 			UseTLS:      true,
 			Key:         loadFileOrDie(filepath.Join("testdata", "server", "key.pem")),
 			Certificate: loadFileOrDie(filepath.Join("testdata", "server", "cert.pem")),
@@ -57,7 +57,7 @@ func TestDialBadEndpoint(t *testing.T) {
 
 func TestNonTLSClient(t *testing.T) {
 	srv, err := comm.NewGRPCServer("127.0.0.1:", comm.ServerConfig{
-		SecOpts: &comm.SecureOptions{},
+		SecOpts: comm.SecureOptions{},
 	})
 	assert.NoError(t, err)
 	go srv.Start()

cmd/common/comm/config.go

@@ -28,33 +28,33 @@ type Config struct {
 // ToSecureOptions converts this Config to SecureOptions.
 // The given function generates a self signed client TLS certificate if
 // the TLS certificate and key aren't present at the config
-func (conf Config) ToSecureOptions(newSelfSignedTLSCert genTLSCertFunc) (*comm.SecureOptions, error) {
+func (conf Config) ToSecureOptions(newSelfSignedTLSCert genTLSCertFunc) (comm.SecureOptions, error) {
 	if conf.PeerCACertPath == "" {
-		return &comm.SecureOptions{}, nil
+		return comm.SecureOptions{}, nil
 	}
 	caBytes, err := loadFile(conf.PeerCACertPath)
 	if err != nil {
-		return nil, errors.WithStack(err)
+		return comm.SecureOptions{}, errors.WithStack(err)
 	}
 	var keyBytes, certBytes []byte
 	// If TLS key and certificate aren't given, generate a self signed one on the fly
 	if conf.KeyPath == "" && conf.CertPath == "" {
 		tlsCert, err := newSelfSignedTLSCert()
 		if err != nil {
-			return nil, err
+			return comm.SecureOptions{}, err
 		}
 		keyBytes, certBytes = tlsCert.Key, tlsCert.Cert
 	} else {
 		keyBytes, err = loadFile(conf.KeyPath)
 		if err != nil {
-			return nil, errors.WithStack(err)
+			return comm.SecureOptions{}, errors.WithStack(err)
 		}
 		certBytes, err = loadFile(conf.CertPath)
 		if err != nil {
-			return nil, errors.WithStack(err)
+			return comm.SecureOptions{}, errors.WithStack(err)
 		}
 	}
-	return &comm.SecureOptions{
+	return comm.SecureOptions{
 		Key:               keyBytes,
 		Certificate:       certBytes,
 		UseTLS:            true,

core/chaincode/shim/shim.go

@@ -114,7 +114,7 @@ func StartInProc(env []string, args []string, cc Chaincode, recv <-chan *pb.Chai
 func newPeerClientConnection(address string) (*grpc.ClientConn, error) {
 
 	// set the keepalive options to match static settings for chaincode server
-	kaOpts := &comm.KeepaliveOptions{
+	kaOpts := comm.KeepaliveOptions{
 		ClientInterval: time.Duration(1) * time.Minute,
 		ClientTimeout:  time.Duration(20) * time.Second,
 	}
@@ -135,37 +135,37 @@ func newPeerClientConnection(address string) (*grpc.ClientConn, error) {
 	return client.NewConnection(address, "")
 }
 
-func secureOptions() (*comm.SecureOptions, error) {
+func secureOptions() (comm.SecureOptions, error) {
 
 	tlsEnabled, err := strconv.ParseBool(os.Getenv("CORE_PEER_TLS_ENABLED"))
 	if err != nil {
-		return nil, errors.WithMessage(
+		return comm.SecureOptions{}, errors.WithMessage(
 			err,
 			"'CORE_PEER_TLS_ENABLED' must be set to 'true' or 'false'",
 		)
 	}
 	if tlsEnabled {
 		data, err := ioutil.ReadFile(os.Getenv("CORE_TLS_CLIENT_KEY_PATH"))
 		if err != nil {
-			return nil, errors.WithMessage(err, "failed to read private key file")
+			return comm.SecureOptions{}, errors.WithMessage(err, "failed to read private key file")
 		}
 		key, err := base64.StdEncoding.DecodeString(string(data))
 		if err != nil {
-			return nil, errors.WithMessage(err, "failed to decode private key file")
+			return comm.SecureOptions{}, errors.WithMessage(err, "failed to decode private key file")
 		}
 		data, err = ioutil.ReadFile(os.Getenv("CORE_TLS_CLIENT_CERT_PATH"))
 		if err != nil {
-			return nil, errors.WithMessage(err, "failed to read public key file")
+			return comm.SecureOptions{}, errors.WithMessage(err, "failed to read public key file")
 		}
 		cert, err := base64.StdEncoding.DecodeString(string(data))
 		if err != nil {
-			return nil, errors.WithMessage(err, "failed to decode public key file")
+			return comm.SecureOptions{}, errors.WithMessage(err, "failed to decode public key file")
 		}
 		root, err := ioutil.ReadFile(os.Getenv("CORE_PEER_TLS_ROOTCERT_FILE"))
 		if err != nil {
-			return nil, errors.WithMessage(err, "failed to read root cert file")
+			return comm.SecureOptions{}, errors.WithMessage(err, "failed to read root cert file")
 		}
-		return &comm.SecureOptions{
+		return comm.SecureOptions{
 				UseTLS:            true,
 				Certificate:       []byte(cert),
 				Key:               []byte(key),
@@ -174,7 +174,7 @@ func secureOptions() (*comm.SecureOptions, error) {
 			},
 			nil
 	}
-	return &comm.SecureOptions{}, nil
+	return comm.SecureOptions{}, nil
 }
 
 func chatWithPeer(chaincodename string, stream PeerChaincodeStream, cc Chaincode) error {

core/comm/client.go

@@ -43,18 +43,12 @@ func NewGRPCClient(config ClientConfig) (*GRPCClient, error) {
 	}
 
 	// keepalive options
-	var kap keepalive.ClientParameters
-	if config.KaOpts != nil {
-		kap = keepalive.ClientParameters{
-			Time:    config.KaOpts.ClientInterval,
-			Timeout: config.KaOpts.ClientTimeout}
-	} else {
-		// use defaults
-		kap = keepalive.ClientParameters{
-			Time:    DefaultKeepaliveOptions.ClientInterval,
-			Timeout: DefaultKeepaliveOptions.ClientTimeout}
+
+	kap := keepalive.ClientParameters{
+		Time:                config.KaOpts.ClientInterval,
+		Timeout:             config.KaOpts.ClientTimeout,
+		PermitWithoutStream: true,
 	}
-	kap.PermitWithoutStream = true
 	// set keepalive
 	client.dialOpts = append(client.dialOpts, grpc.WithKeepaliveParams(kap))
 	// Unless asynchronous connect is set, make connection establishment blocking.
@@ -70,11 +64,12 @@ func NewGRPCClient(config ClientConfig) (*GRPCClient, error) {
 	return client, nil
 }
 
-func (client *GRPCClient) parseSecureOptions(opts *SecureOptions) error {
-
-	if opts == nil || !opts.UseTLS {
+func (client *GRPCClient) parseSecureOptions(opts SecureOptions) error {
+	// if TLS is not enabled, return
+	if !opts.UseTLS {
 		return nil
 	}
+
 	client.tlsConfig = &tls.Config{
 		VerifyPeerCertificate: opts.VerifyCertificate,
 		MinVersion:            tls.VersionTLS12} // TLS 1.2 only

core/comm/client_test.go

@@ -47,7 +47,7 @@ func TestNewGRPCClient_GoodConfig(t *testing.T) {
 	assert.False(t, client.TLSEnabled())
 	assert.False(t, client.MutualTLSRequired())
 
-	secOpts := &comm.SecureOptions{
+	secOpts := comm.SecureOptions{
 		UseTLS: false,
 	}
 	config.SecOpts = secOpts
@@ -57,7 +57,7 @@ func TestNewGRPCClient_GoodConfig(t *testing.T) {
 	assert.False(t, client.TLSEnabled())
 	assert.False(t, client.MutualTLSRequired())
 
-	secOpts = &comm.SecureOptions{
+	secOpts = comm.SecureOptions{
 		UseTLS:            true,
 		ServerRootCAs:     [][]byte{testCerts.caPEM},
 		RequireClientCert: false,
@@ -68,7 +68,7 @@ func TestNewGRPCClient_GoodConfig(t *testing.T) {
 	assert.True(t, client.TLSEnabled())
 	assert.False(t, client.MutualTLSRequired())
 
-	secOpts = &comm.SecureOptions{
+	secOpts = comm.SecureOptions{
 		Certificate:       testCerts.certPEM,
 		Key:               testCerts.keyPEM,
 		UseTLS:            true,
@@ -89,7 +89,7 @@ func TestNewGRPCClient_BadConfig(t *testing.T) {
 
 	// bad root cert
 	config := comm.ClientConfig{
-		SecOpts: &comm.SecureOptions{
+		SecOpts: comm.SecureOptions{
 			UseTLS:        true,
 			ServerRootCAs: [][]byte{[]byte(badPEM)},
 		},
@@ -99,7 +99,7 @@ func TestNewGRPCClient_BadConfig(t *testing.T) {
 
 	// missing key
 	missing := "both Key and Certificate are required when using mutual TLS"
-	config.SecOpts = &comm.SecureOptions{
+	config.SecOpts = comm.SecureOptions{
 		Certificate:       []byte("cert"),
 		UseTLS:            true,
 		RequireClientCert: true,
@@ -108,7 +108,7 @@ func TestNewGRPCClient_BadConfig(t *testing.T) {
 	assert.Equal(t, missing, err.Error())
 
 	// missing cert
-	config.SecOpts = &comm.SecureOptions{
+	config.SecOpts = comm.SecureOptions{
 		Key:               []byte("key"),
 		UseTLS:            true,
 		RequireClientCert: true,
@@ -118,7 +118,7 @@ func TestNewGRPCClient_BadConfig(t *testing.T) {
 
 	// bad key
 	failed := "failed to load client certificate"
-	config.SecOpts = &comm.SecureOptions{
+	config.SecOpts = comm.SecureOptions{
 		Certificate:       testCerts.certPEM,
 		Key:               []byte(badPEM),
 		UseTLS:            true,
@@ -128,7 +128,7 @@ func TestNewGRPCClient_BadConfig(t *testing.T) {
 	assert.Contains(t, err.Error(), failed)
 
 	// bad cert
-	config.SecOpts = &comm.SecureOptions{
+	config.SecOpts = comm.SecureOptions{
 		Certificate:       []byte(badPEM),
 		Key:               testCerts.keyPEM,
 		UseTLS:            true,
@@ -189,7 +189,7 @@ func TestNewConnection(t *testing.T) {
 		{
 			name: "client TLS / server no TLS",
 			config: comm.ClientConfig{
-				SecOpts: &comm.SecureOptions{
+				SecOpts: comm.SecureOptions{
 					Certificate:       testCerts.certPEM,
 					Key:               testCerts.keyPEM,
 					UseTLS:            true,
@@ -204,7 +204,7 @@ func TestNewConnection(t *testing.T) {
 		{
 			name: "client TLS / server TLS match",
 			config: comm.ClientConfig{
-				SecOpts: &comm.SecureOptions{
+				SecOpts: comm.SecureOptions{
 					Certificate:   testCerts.certPEM,
 					Key:           testCerts.keyPEM,
 					UseTLS:        true,
@@ -220,7 +220,7 @@ func TestNewConnection(t *testing.T) {
 		{
 			name: "client TLS / server TLS no server roots",
 			config: comm.ClientConfig{
-				SecOpts: &comm.SecureOptions{
+				SecOpts: comm.SecureOptions{
 					Certificate:   testCerts.certPEM,
 					Key:           testCerts.keyPEM,
 					UseTLS:        true,
@@ -237,7 +237,7 @@ func TestNewConnection(t *testing.T) {
 		{
 			name: "client TLS / server TLS missing client cert",
 			config: comm.ClientConfig{
-				SecOpts: &comm.SecureOptions{
+				SecOpts: comm.SecureOptions{
 					Certificate:   testCerts.certPEM,
 					Key:           testCerts.keyPEM,
 					UseTLS:        true,
@@ -255,7 +255,7 @@ func TestNewConnection(t *testing.T) {
 		{
 			name: "client TLS / server TLS client cert",
 			config: comm.ClientConfig{
-				SecOpts: &comm.SecureOptions{
+				SecOpts: comm.SecureOptions{
 					Certificate:       testCerts.certPEM,
 					Key:               testCerts.keyPEM,
 					UseTLS:            true,
@@ -274,7 +274,7 @@ func TestNewConnection(t *testing.T) {
 		{
 			name: "server TLS pinning success",
 			config: comm.ClientConfig{
-				SecOpts: &comm.SecureOptions{
+				SecOpts: comm.SecureOptions{
 					VerifyCertificate: func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error {
 						if bytes.Equal(rawCerts[0], testCerts.serverCert.Certificate[0]) {
 							return nil
@@ -299,7 +299,7 @@ func TestNewConnection(t *testing.T) {
 		{
 			name: "server TLS pinning failure",
 			config: comm.ClientConfig{
-				SecOpts: &comm.SecureOptions{
+				SecOpts: comm.SecureOptions{
 					VerifyCertificate: func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error {
 						return errors.New("TLS certificate mismatch")
 					},
@@ -362,7 +362,7 @@ func TestSetServerRootCAs(t *testing.T) {
 	testCerts := loadCerts(t)
 
 	config := comm.ClientConfig{
-		SecOpts: &comm.SecureOptions{
+		SecOpts: comm.SecureOptions{
 			UseTLS:        true,
 			ServerRootCAs: [][]byte{testCerts.caPEM},
 		},

core/comm/config.go

@@ -23,7 +23,7 @@ var (
 	MaxRecvMsgSize = 100 * 1024 * 1024
 	MaxSendMsgSize = 100 * 1024 * 1024
 	// Default peer keepalive options
-	DefaultKeepaliveOptions = &KeepaliveOptions{
+	DefaultKeepaliveOptions = KeepaliveOptions{
 		ClientInterval:    time.Duration(1) * time.Minute,  // 1 min
 		ClientTimeout:     time.Duration(20) * time.Second, // 20 sec - gRPC default
 		ServerInterval:    time.Duration(2) * time.Hour,    // 2 hours - gRPC default
@@ -49,9 +49,9 @@ type ServerConfig struct {
 	// for all new connections
 	ConnectionTimeout time.Duration
 	// SecOpts defines the security parameters
-	SecOpts *SecureOptions
+	SecOpts SecureOptions
 	// KaOpts defines the keepalive parameters
-	KaOpts *KeepaliveOptions
+	KaOpts KeepaliveOptions
 	// StreamInterceptors specifies a list of interceptors to apply to
 	// streaming RPCs.  They are executed in order.
 	StreamInterceptors []grpc.StreamServerInterceptor
@@ -69,9 +69,9 @@ type ServerConfig struct {
 // ClientConfig defines the parameters for configuring a GRPCClient instance
 type ClientConfig struct {
 	// SecOpts defines the security parameters
-	SecOpts *SecureOptions
+	SecOpts SecureOptions
 	// KaOpts defines the keepalive parameters
-	KaOpts *KeepaliveOptions
+	KaOpts KeepaliveOptions
 	// Timeout specifies how long the client will block when attempting to
 	// establish a connection
 	Timeout time.Duration
@@ -82,14 +82,6 @@ type ClientConfig struct {
 // Clone clones this ClientConfig
 func (cc ClientConfig) Clone() ClientConfig {
 	shallowClone := cc
-	if shallowClone.SecOpts != nil {
-		secOptsClone := *cc.SecOpts
-		shallowClone.SecOpts = &secOptsClone
-	}
-	if shallowClone.KaOpts != nil {
-		kaOptsClone := *cc.KaOpts
-		shallowClone.KaOpts = &kaOptsClone
-	}
 	return shallowClone
 }
 
@@ -145,13 +137,8 @@ type Metrics struct {
 	ClosedConnCounter metrics.Counter
 }
 
-// ServerKeepaliveOptions returns gRPC keepalive options for server.  If
-// opts is nil, the default keepalive options are returned
-func ServerKeepaliveOptions(ka *KeepaliveOptions) []grpc.ServerOption {
-	// use default keepalive options if nil
-	if ka == nil {
-		ka = DefaultKeepaliveOptions
-	}
+// ServerKeepaliveOptions returns gRPC keepalive options for server.
+func ServerKeepaliveOptions(ka KeepaliveOptions) []grpc.ServerOption {
 	var serverOpts []grpc.ServerOption
 	kap := keepalive.ServerParameters{
 		Time:    ka.ServerInterval,
@@ -167,14 +154,8 @@ func ServerKeepaliveOptions(ka *KeepaliveOptions) []grpc.ServerOption {
 	return serverOpts
 }
 
-// ClientKeepaliveOptions returns gRPC keepalive options for clients.  If
-// opts is nil, the default keepalive options are returned
-func ClientKeepaliveOptions(ka *KeepaliveOptions) []grpc.DialOption {
-	// use default keepalive options if nil
-	if ka == nil {
-		ka = DefaultKeepaliveOptions
-	}
-
+// ClientKeepaliveOptions returns gRPC keepalive options for clients.
+func ClientKeepaliveOptions(ka KeepaliveOptions) []grpc.DialOption {
 	var dialOpts []grpc.DialOption
 	kap := keepalive.ClientParameters{
 		Time:                ka.ClientInterval,