alex/genode-world
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Files
lib-pahomqttcpp
genode-world/run/grpc_tls.run
Stefan Thöni ed754367a5 grpc: enabled TLS and added example script 
Issue #190
2020-02-06 09:04:27 +01:00

310 lines
11 KiB
Plaintext
Raw Permalink Blame History

create_boot_directory
source $gapfruit_dir/repos/gapfruit/run/corallite_functions.inc
import_from_depot [depot_user]/src/[base_src]
import_from_depot [depot_user]/src/dynamic_rom
import_from_depot [depot_user]/src/init
import_from_depot [depot_user]/src/libc
import_from_depot [depot_user]/src/libcrypto
import_from_depot [depot_user]/src/libssl
import_from_depot [depot_user]/src/nic_router
import_from_depot [depot_user]/src/posix
import_from_depot [depot_user]/src/protobuf
import_from_depot [depot_user]/src/report_rom
import_from_depot [depot_user]/src/stdcxx
import_from_depot [depot_user]/src/vfs
import_from_depot [depot_user]/src/vfs_jitterentropy
import_from_depot [depot_user]/src/vfs_lwip
import_from_depot [depot_user]/src/zlib
set build_components {
test/grpc_tls/server
test/grpc_tls/client
}
build $build_components
set nic_router_reporting 0
set ssl_server_key {
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAt0QT62/ez9rw4GepYLY530y2I6fdrZkQ3v3wzKI0G9t9n8Yo
YeQkAeHuIoCxLAYzjS4alwki1DVL0hSXD95kO9+H0sBmfJ1k1x/Wn7Y2/WKpG5yK
x8CobEC1rG4YibeED9n06kaYPtQ01HEGQ/eXEbcSISVN1xK8zTe1uzKZ36H99lkb
hOZQ6xLOSH/4jSiPacX+3CkeJBIkAFflzDq/ycKVlO429+6F/TimxXn2ZhJtKcW9
swMTKLas8LPJPTO8jbjv/uQS+ygh1bATWO7iNayS4XdRuyFNkknxHAX48ks59UTb
bVe4m0yre2cq4w/2f0Rp5NibbvblPzSpMIWGoQIDAQABAoIBAQCFDppfz6M3ykAk
zV5+Zw9xfqKnFJOwHHfRTxHroMCwkRWOUTK0kA1MiJp61nDMA9yd3iFUE0AEToW0
C1r6HH8tsUdNzn8abrPuNKGA56zZHy6ka22fRdOCdSDyBiUup9zsHVTiW0riIvQQ
YdcotbQrGn3BLvJq+qG1ZYM+XKi3YgxErcEQFwhH7RCr4X654NDSms5w/V5M/3nS
jcDUH19rT180Sy2Pmbus2c51GaF3M7ZET84aPqX/zBNg8aCmXV4BxPmd+R6Kp0DZ
T8Y1j+Mvkulc0LnP+iONHUbWtbpVL+OFgMQSmW+MSvCgrwHGr8VayVleEmW50+1M
A/Wu6Yp5AoGBAOjqpl/Rru7PerATK5fjm/bZuUd3GaBGBRRbZBcSorGA6WlX3kOC
ZJbJfnT0+HF6gWzhHtqxuEgAUG5p2AcP3C2tg0vGUFe7ldePK5yJc147O3FF1/fr
GRRohHFjgD23xMctySwGVgp4JWzJom0Do+3DBxsyq0JQDmATv4/7MFqnAoGBAMlt
vF146ofZmrgDESd+7gnBEK5r9XzX2q/5Rd6TXz5WMpw5OAM9i650KciKd1j96tIf
JhU2ccFtk9GgWCaMxpIkDyTo8kTwc5fuFdmdo9Hi4w6bRxSDFcBqD2xEH9i3xlQw
1h4bxc8Iggv2Fozh5jqKxTBEz1t8n0oxRaLW7OV3AoGAfNrEQtsJFhT8ZIRyOuKV
CXde3ZNXllXShT4UYlXoBpTfCkxC5hdwym/KrPFgeJw94tquinb4HQimFPoCBo8W
7Rl1J1pwWQdCZKHns+rugBXqYGcbRVeuQwVf8dRvuyXWgxrlGwduegA7t5xCyINK
DbsdBRRdP5fgjNopNwpkukMCgYAoTyCB6B+u/fn7VwnIyJrkMtGexhYDXMLzskOs
LfvCYseQAddWtqtMRwzRh/woP/ANCpS5bALJvZ72NUtOs59NQZASR9eruh63ybpv
qR9OckQT+Tj5Pt5Mei0J8nwZB3XWBUvkDJTCQKadtCqBGPfUwU6CwVJpsX/C/ic8
VhxkMwKBgQDQNAL/F+T4/UQ+DcayruTAUyv/mE85LpQ+pkP4bmeUbKg9L/evCDdc
IyFb0d3QOGxtumRa3QXTJv6/YRcYT6QpjtegoxCNT4Efy4XfTg0ZSlD3fM854oKy
inL6CnjqcXGZnm+bsmnAu0Eebhx9/wUA3msaivUY8aBTMIzhkpoVfw==
-----END RSA PRIVATE KEY-----
}
set ssl_server_cert {
-----BEGIN CERTIFICATE-----
MIIDZTCCAk0CFE5tmzIRllqBMUbhj7lUFlOd6KXaMA0GCSqGSIb3DQEBDQUAMHQx
CzAJBgNVBAYTAkNIMQwwCgYDVQQIDANadWcxDDAKBgNVBAcMA1p1ZzEUMBIGA1UE
CgwLZ2FwZnJ1aXQgQUcxFDASBgNVBAsMC0RldmVsb3BtZW50MR0wGwYDVQQDDBRn
YXBmcnVpdCBEZXYvVGVzdCBDQTAeFw0xOTEyMTgxNDIxNTJaFw0yOTEyMTUxNDIx
NTJaMGoxCzAJBgNVBAYTAkNIMQwwCgYDVQQIDANadWcxDDAKBgNVBAcMA1p1ZzEU
MBIGA1UECgwLZ2FwZnJ1aXQgQUcxFDASBgNVBAsMC0RldmVsb3BtZW50MRMwEQYD
VQQDDApncnBjLmxvY2FsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
t0QT62/ez9rw4GepYLY530y2I6fdrZkQ3v3wzKI0G9t9n8YoYeQkAeHuIoCxLAYz
jS4alwki1DVL0hSXD95kO9+H0sBmfJ1k1x/Wn7Y2/WKpG5yKx8CobEC1rG4YibeE
D9n06kaYPtQ01HEGQ/eXEbcSISVN1xK8zTe1uzKZ36H99lkbhOZQ6xLOSH/4jSiP
acX+3CkeJBIkAFflzDq/ycKVlO429+6F/TimxXn2ZhJtKcW9swMTKLas8LPJPTO8
jbjv/uQS+ygh1bATWO7iNayS4XdRuyFNkknxHAX48ks59UTbbVe4m0yre2cq4w/2
f0Rp5NibbvblPzSpMIWGoQIDAQABMA0GCSqGSIb3DQEBDQUAA4IBAQCYk7rAYBFK
ynvDgO+wfVmHI/imxsBPBFSD/5YerUt5TSjbjFiNmCTkRfgaBjBNg8kqDxt4LwVU
w6s5eazqHYs7B8pWDieJwvrWRRmpPD+QRvNLbFOB7n+b+7LtcUAmgOMZzCddcahN
1bO3t+J4ULWoLgpGvfPtEZJHrgSvlCAleVH0/CVZ2cZ9ngXwYZzW+uzDLuq8t+cy
PrQ7iWvSX9k/N2f6/MxiFdr1kjjXFLDmweFztUy2tlzbI/jA1VEyiT3MBWrPvq8z
YXrvUx64+/4/eHjkrpTIqO2K5NMFw218WzxlnmEeVwarP0kmhoDyr75z3SUT4Ygt
gDANZRHtzkRg
-----END CERTIFICATE-----
}
set ssl_root_cert {
-----BEGIN CERTIFICATE-----
MIIDyTCCArGgAwIBAgIUNyy3GIyo2XwhohJyZHHC5mMyLKkwDQYJKoZIhvcNAQEN
BQAwdDELMAkGA1UEBhMCQ0gxDDAKBgNVBAgMA1p1ZzEMMAoGA1UEBwwDWnVnMRQw
EgYDVQQKDAtnYXBmcnVpdCBBRzEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxHTAbBgNV
BAMMFGdhcGZydWl0IERldi9UZXN0IENBMB4XDTE5MTIxODEzMTgxN1oXDTI5MTIx
NTEzMTgxN1owdDELMAkGA1UEBhMCQ0gxDDAKBgNVBAgMA1p1ZzEMMAoGA1UEBwwD
WnVnMRQwEgYDVQQKDAtnYXBmcnVpdCBBRzEUMBIGA1UECwwLRGV2ZWxvcG1lbnQx
HTAbBgNVBAMMFGdhcGZydWl0IERldi9UZXN0IENBMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAteFTvvk/p0mBsj6xyUGnu4ESlWyOM6ctXX7I0oLFgZD/
iI8aaYs9mfmn0xHHUmQ1cwg9rQOOruYqdpF0897H2t5dOVcGYKyluPzVT95Khnag
J/hw3oo6UH00oThLC8yY0Zu9dMTGQvsiYUKLazbsiz37IfoSrRP9LOEMecl+3kWV
1EczZKwsOCf5QXB60nXtMnakelGhX9AdhmIx3GfigAsRAyzZKpNdlbiTYoH9cnuQ
3RJPAnOXawnJkQGpT12CNrKhAKNlTT91CHIE08/4zbrRrNP80bZN7VS6M/8QSQRE
7/OPXp7MiqeLEdIpUD3EIHezf+omZmVdHkM/QeYipwIDAQABo1MwUTAdBgNVHQ4E
FgQUvDmvbNuKYAb3xMmIyd6j9OIULukwHwYDVR0jBBgwFoAUvDmvbNuKYAb3xMmI
yd6j9OIULukwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOCAQEAESOs
duTRSzCNlBvDzP2ushB6P3JtN2eqBj/W+I1DnDAm/wpKkbAHxB26Ldm/AS/APq/D
IOgP3OltOVBjotRi+I5z7oSq3RHzU2fT6ZS8JfiRaVOTAs9ImQwVGT/xTN79oILW
7ivbLacF4L7BXFFq22HBK+DYnP8zdWud7g+8KTwwv2m2uijLkiw4oBqwo8SGUVU0
xYL0iBrMfbtc2cg0mGNsfMpVMe0ZJdtyK7EzZvWi6jw3T2qsxNNTM89tYvRpcoUL
AeOLXBSuuz5FnClb95mSVMpFYrHYwYzwx677fJjFKrLsaCSeledPSXN6GpPMl6bg
1pr81E45WPuAQBX5jw==
-----END CERTIFICATE-----
}
set server_start_node {
<start name="grpc_tls_server" caps="200">
<resource name="RAM" quantum="8M"/>
<config>
<arg value="grpc_tls_server"/>
<libc stdout="/dev/log" stderr="/dev/log" rtc="/dev/rtc" socket="/dev/socket" rng="/dev/random"/>
<vfs>
<dir name="dev">
<log/>
<null/>
<jitterentropy name="random"/>
<jitterentropy name="urandom"/>
<inline name="rtc">2019-12-19 14:22</inline>
<dir name="socket">
<lwip ip_addr="10.10.10.55" netmask="255.255.255.0" gateway="10.10.10.1"/>
</dir>
</dir>
<inline name="server.key">}
append server_start_node $ssl_server_key
append server_start_node {
</inline>
<inline name="server.crt">}
append server_start_node $ssl_server_cert
append server_start_node {
</inline>
</vfs>
</config>
</start>
}
set config {
<config verbose="no">
<parent-provides>
<service name="CPU"/>
<service name="LOG"/>
<service name="PD"/>
<service name="ROM"/>
<service name="IO_PORT"/>
</parent-provides>
<default-route>
<any-service> <parent/> <any-child/> </any-service>
</default-route>
<default caps="100"/>
<start name="timer">
<resource name="RAM" quantum="1M"/>
<provides> <service name="Timer"/> </provides>
</start>
}
append_if $nic_router_reporting config {
<start name="report_rom">
<resource name="RAM" quantum="2M"/>
<provides>
<service name="ROM"/>
<service name="Report"/>
</provides>
<config verbose="yes">
</config>
</start>
}
append config {
<start name="nic_router">
<resource name="RAM" quantum="8M"/>
<provides> <service name="Nic"/> </provides>
<config verbose="no"
verbose_packets="no"
verbose_domain_state="yes"
verbose_packet_drop="yes"
dhcp_discover_timeout_sec="3"
dhcp_request_timeout_sec="3"
dhcp_offer_timeout_sec="3"
udp_idle_timeout_sec="30"
tcp_idle_timeout_sec="30"
tcp_max_segm_lifetime_sec="15">}
append_if $nic_router_reporting config {
<report bytes="yes"
config="yes"
quota="no"
stats="no"
interval_sec="2"/>}
append config {
<domain name="server" interface="10.10.10.1/24">
<ip dst="10.10.20.0/0" domain="client"/>
</domain>
<domain name="client" interface="10.10.20.1/24">
<ip dst="10.10.10.0/0" domain="server"/>
</domain>
<policy label="init -> grpc_tls_server -> lwip" domain="server"/>
<policy label="init -> grpc_tls_client -> lwip" domain="client"/>
</config>
</start>
<start name="dynamic_rom" caps="100">
<resource name="RAM" quantum="4M"/>
<provides> <service name="ROM"/> </provides>
<config>
<rom name="init.config">
<inline description="server_only">
<config verbose="no">
<parent-provides>
<service name="CPU"/>
<service name="LOG"/>
<service name="Nic"/>
<service name="PD"/>
<service name="ROM"/>
<service name="Timer"/>
</parent-provides>
<default-route>
<any-service> <parent/> <any-child/> </any-service>
</default-route>
<default caps="100"/>}
append config $server_start_node
append config {
</config>
</inline>
<sleep milliseconds="1000"/>
<inline description="server_and_client">
<config verbose="no">
<parent-provides>
<service name="CPU"/>
<service name="LOG"/>
<service name="Nic"/>
<service name="PD"/>
<service name="ROM"/>
<service name="Timer"/>
</parent-provides>
<default-route>
<any-service> <parent/> <any-child/> </any-service>
</default-route>
<default caps="100"/>}
append config $server_start_node
append config {
<start name="grpc_tls_client" caps="200">
<resource name="RAM" quantum="8M"/>
<config>
<arg value="grpc_tls_client"/>
<libc stdout="/dev/log" stderr="/dev/log" rtc="/dev/rtc" socket="/dev/socket" rng="/dev/random"/>
<vfs>
<dir name="dev">
<log/>
<null/>
<jitterentropy name="random"/>
<jitterentropy name="urandom"/>
<inline name="rtc">2019-12-19 14:22</inline>
<dir name="socket">
<lwip ip_addr="10.10.20.66" netmask="255.255.255.0" gateway="10.10.20.1"/>
</dir>
</dir>
<dir name="etc">
<inline name="resolv.conf">nameserver 8.8.8.8</inline>
<inline name="host.conf">order hosts,bind
multi on</inline>
<inline name="hosts">10.10.10.55 grpc.local</inline>
</dir>
<dir name="usr">
<dir name="share">
<dir name="grpc">
<inline name="roots.pem">}
append config $ssl_root_cert
append config {
</inline>
</dir>
</dir>
</dir>
</vfs>
</config>
</start>
</config>
</inline>
<sleep milliseconds="2000000000"/>
</rom>
</config>
</start>
<start name="init" caps="1500">
<resource name="RAM" quantum="20M" />
<route>
<service name="ROM" label="config"> <child name="dynamic_rom" label="init.config"/> </service>
<any-service> <parent/> <any-child/> </any-service>
</route>
</start>
</config>
}
install_config [replace_package_template_info $config]
set boot_modules {
grpc_tls_server
grpc_tls_client
grpc.lib.so
libc_pipe.lib.so
}
append qemu_args " -nographic "
build_boot_image $boot_modules
run_genode_until {.*say hello} 200000
Reference in New Issue View Git Blame Copy Permalink