Skip to content

Replace deprecated grpc.Errorf() with status.Errorf() #2440

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
stevvooe merged 1 commit into from
Nov 23, 2017
Merged

Replace deprecated grpc.Errorf() with status.Errorf() #2440

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 5 additions & 4 deletions api/ca.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 3 additions & 2 deletions api/control.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 3 additions & 2 deletions api/dispatcher.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 3 additions & 2 deletions api/health.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

9 changes: 5 additions & 4 deletions api/logbroker.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

9 changes: 5 additions & 4 deletions api/raft.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 3 additions & 2 deletions api/resource.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 3 additions & 2 deletions api/watch.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

32 changes: 16 additions & 16 deletions ca/auth.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,10 @@ import (
"github.com/docker/swarmkit/api"
"github.com/docker/swarmkit/log"
"golang.org/x/net/context"
"google.golang.org/grpc"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/credentials"
"google.golang.org/grpc/peer"
"google.golang.org/grpc/status"
)

type localRequestKeyType struct{}
Expand Down Expand Up @@ -52,13 +52,13 @@ func LogTLSState(ctx context.Context, tlsState *tls.ConnectionState) {
// getCertificateSubject extracts the subject from a verified client certificate
func getCertificateSubject(tlsState *tls.ConnectionState) (pkix.Name, error) {
if tlsState == nil {
return pkix.Name{}, grpc.Errorf(codes.PermissionDenied, "request is not using TLS")
return pkix.Name{}, status.Errorf(codes.PermissionDenied, "request is not using TLS")
}
if len(tlsState.PeerCertificates) == 0 {
return pkix.Name{}, grpc.Errorf(codes.PermissionDenied, "no client certificates in request")
return pkix.Name{}, status.Errorf(codes.PermissionDenied, "no client certificates in request")
}
if len(tlsState.VerifiedChains) == 0 {
return pkix.Name{}, grpc.Errorf(codes.PermissionDenied, "no verified chains for remote certificate")
return pkix.Name{}, status.Errorf(codes.PermissionDenied, "no verified chains for remote certificate")
}

return tlsState.VerifiedChains[0][0].Subject, nil
Expand All @@ -67,11 +67,11 @@ func getCertificateSubject(tlsState *tls.ConnectionState) (pkix.Name, error) {
func tlsConnStateFromContext(ctx context.Context) (*tls.ConnectionState, error) {
peer, ok := peer.FromContext(ctx)
if !ok {
return nil, grpc.Errorf(codes.PermissionDenied, "Permission denied: no peer info")
return nil, status.Errorf(codes.PermissionDenied, "Permission denied: no peer info")
}
tlsInfo, ok := peer.AuthInfo.(credentials.TLSInfo)
if !ok {
return nil, grpc.Errorf(codes.PermissionDenied, "Permission denied: peer didn't not present valid peer certificate")
return nil, status.Errorf(codes.PermissionDenied, "Permission denied: peer didn't not present valid peer certificate")
}
return &tlsInfo.State, nil
}
Expand All @@ -98,21 +98,21 @@ func AuthorizeOrgAndRole(ctx context.Context, org string, blacklistedCerts map[s
return authorizeOrg(certSubj, org, blacklistedCerts)
}

return "", grpc.Errorf(codes.PermissionDenied, "Permission denied: remote certificate not part of OUs: %v", ou)
return "", status.Errorf(codes.PermissionDenied, "Permission denied: remote certificate not part of OUs: %v", ou)
}

// authorizeOrg takes in a certificate subject and an organization, and returns
// the Node ID of the node.
func authorizeOrg(certSubj pkix.Name, org string, blacklistedCerts map[string]*api.BlacklistedCertificate) (string, error) {
if _, ok := blacklistedCerts[certSubj.CommonName]; ok {
return "", grpc.Errorf(codes.PermissionDenied, "Permission denied: node %s was removed from swarm", certSubj.CommonName)
return "", status.Errorf(codes.PermissionDenied, "Permission denied: node %s was removed from swarm", certSubj.CommonName)
}

if len(certSubj.Organization) > 0 && certSubj.Organization[0] == org {
return certSubj.CommonName, nil
}

return "", grpc.Errorf(codes.PermissionDenied, "Permission denied: remote certificate not part of organization: %s", org)
return "", status.Errorf(codes.PermissionDenied, "Permission denied: remote certificate not part of organization: %s", org)
}

// AuthorizeForwardedRoleAndOrg checks for proper roles and organization of caller. The RPC may have
Expand All @@ -123,7 +123,7 @@ func AuthorizeForwardedRoleAndOrg(ctx context.Context, authorizedRoles, forwarde
if isForwardedRequest(ctx) {
_, err := AuthorizeOrgAndRole(ctx, org, blacklistedCerts, forwarderRoles...)
if err != nil {
return "", grpc.Errorf(codes.PermissionDenied, "Permission denied: unauthorized forwarder role: %v", err)
return "", status.Errorf(codes.PermissionDenied, "Permission denied: unauthorized forwarder role: %v", err)
}

// This was a forwarded request. Authorize the forwarder, and
Expand All @@ -132,15 +132,15 @@ func AuthorizeForwardedRoleAndOrg(ctx context.Context, authorizedRoles, forwarde
_, forwardedID, forwardedOrg, forwardedOUs := forwardedTLSInfoFromContext(ctx)

if len(forwardedOUs) == 0 || forwardedID == "" || forwardedOrg == "" {
return "", grpc.Errorf(codes.PermissionDenied, "Permission denied: missing information in forwarded request")
return "", status.Errorf(codes.PermissionDenied, "Permission denied: missing information in forwarded request")
}

if !intersectArrays(forwardedOUs, authorizedRoles) {
return "", grpc.Errorf(codes.PermissionDenied, "Permission denied: unauthorized forwarded role, expecting: %v", authorizedRoles)
return "", status.Errorf(codes.PermissionDenied, "Permission denied: unauthorized forwarded role, expecting: %v", authorizedRoles)
}

if forwardedOrg != org {
return "", grpc.Errorf(codes.PermissionDenied, "Permission denied: organization mismatch, expecting: %s", org)
return "", status.Errorf(codes.PermissionDenied, "Permission denied: organization mismatch, expecting: %s", org)
}

return forwardedID, nil
Expand All @@ -152,7 +152,7 @@ func AuthorizeForwardedRoleAndOrg(ctx context.Context, authorizedRoles, forwarde
return nodeID, nil
}

return "", grpc.Errorf(codes.PermissionDenied, "Permission denied: unauthorized peer role: %v", err)
return "", status.Errorf(codes.PermissionDenied, "Permission denied: unauthorized peer role: %v", err)
}

// intersectArrays returns true when there is at least one element in common
Expand Down Expand Up @@ -219,7 +219,7 @@ func RemoteNode(ctx context.Context) (RemoteNodeInfo, error) {

peer, ok := peer.FromContext(ctx)
if !ok {
return RemoteNodeInfo{}, grpc.Errorf(codes.PermissionDenied, "Permission denied: no peer info")
return RemoteNodeInfo{}, status.Errorf(codes.PermissionDenied, "Permission denied: no peer info")
}

directInfo := RemoteNodeInfo{
Expand All @@ -232,7 +232,7 @@ func RemoteNode(ctx context.Context) (RemoteNodeInfo, error) {
if isForwardedRequest(ctx) {
remoteAddr, cn, org, ous := forwardedTLSInfoFromContext(ctx)
if len(ous) == 0 || cn == "" || org == "" {
return RemoteNodeInfo{}, grpc.Errorf(codes.PermissionDenied, "Permission denied: missing information in forwarded request")
return RemoteNodeInfo{}, status.Errorf(codes.PermissionDenied, "Permission denied: missing information in forwarded request")
}
return RemoteNodeInfo{
Roles: ous,
Expand Down
Loading