-
Notifications
You must be signed in to change notification settings - Fork 180
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
gRPC authentication proposal - using gRPC secure channels #1541
base: master
Are you sure you want to change the base?
Conversation
Here is a proposal for securing the gRPC channels (SSL encryption).
|
I imagine the private key (and thus the certificates?) would need to be generated on first start rather than included in the code, for anyone to see and copy? |
These are self signed keys only for development and debugging purposes
Sent from Proton Mail Android
…-------- Original Message --------
On 12/11/2024 11:49, Sebastian Goscik wrote:
I imagine the private key (and thus the certificates?) would need to be generated on first start rather than included in the code, for anyone to see and copy?
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you authored the thread.Message ID: ***@***.***>
|
Signed-off-by: Jacek Bartynowski <jacek.bartynowski@arm.com>
7a2b399
to
2033967
Compare
…ate Python packages - decoupling authentication code
Add methods to the RawNetworkInterfaceDriver to set interfaces up and down, as well as getting and waiting for the interface state. This allows the driver to take more control over the interface, preconfiguration is not needed anymore. Tests that expect the exporter interface to be down (such as ethernet selftests, cable tests) are now possible. Note that the RawNetworkInterfaceDriver now brings the bound interface up on activate and down on deactivate. Signed-off-by: Bastian Krause <bst@pengutronix.de> Signed-off-by: Jacek Bartynowski <jacek.bartynowski@arm.com>
Add interface configuration (`ethtool --change`) support to the RawNetworkInterfaceDriver. This allows configuring the bound interface (speed, lanes, duplex, port, master-slave, mdix, autoneg, advertise, phyad, xcvr, wol, sopass, msglvl). Also add add a `get_settings()` method to query those settings. Note that ethtool gained the required --json support for the default sub command in v6.10. Signed-off-by: Bastian Krause <bst@pengutronix.de> Signed-off-by: Jacek Bartynowski <jacek.bartynowski@arm.com>
Add interface Energy Efficient Ethernet (EEE) configuration (`ethtool --set-eee`) support to the RawNetworkInterfaceDriver. This allows configuring the EEE parameters eee, tx-lpi, tx-timer and advertise on the bound interface. Also add a `get_eee_settings()` method to query those settings. Note that ethtool gained the required --json support for this sub command in v6.10. Signed-off-by: Bastian Krause <bst@pengutronix.de> Signed-off-by: Jacek Bartynowski <jacek.bartynowski@arm.com>
Add interface pause configuration (`ethtool --pause`) support to the RawNetworkInterfaceDriver. This allows configuring the pause parameters autoneg, rx and tx on the bound interface. Also add a `get_pause_settings()` method to query those settings. Signed-off-by: Bastian Krause <bst@pengutronix.de> Signed-off-by: Jacek Bartynowski <jacek.bartynowski@arm.com>
Signed-off-by: Jacek Bartynowski <jacek.bartynowski@arm.com>
…ate Python packages - decoupling authentication code Signed-off-by: Jacek Bartynowski <jacek.bartynowski@arm.com>
Signed-off-by: Jacek Bartynowski <jacek.bartynowski@arm.com>
Signed-off-by: Jacek Bartynowski <jacek.bartynowski@arm.com>
Signed-off-by: Jacek Bartynowski <jacek.bartynowski@arm.com>
Signed-off-by: Jacek Bartynowski <Jacek.Bartynowski@arm.com>
Signed-off-by: Jacek Bartynowski <Jacek.Bartynowski@arm.com>
I update the Pull request, mainly added the instrumentation to select custom authentication plugins for the gRPC authentication. |
…generation Signed-off-by: Jacek Bartynowski <Jacek.Bartynowski@arm.com>
I added instruction on generating SSL certificate and key + sample configuration file that could be re-used for this purpose. I updated the certificate + key files, they should contain now generic configuration. |
Description
Checklist