working sample implementation of tls or non-tls

infrastructure/network/netadapter/netadapter.go

@@ -42,11 +42,13 @@ func NewNetAdapter(cfg *config.Config) (*NetAdapter, error) {
 	if err != nil {
 		return nil, err
 	}
+	// p2pServer is a gRCP server for internodes communication
 	p2pServer, err := grpcserver.NewP2PServer(cfg.Listeners)
 	if err != nil {
 		return nil, err
 	}
-	rpcServer, err := grpcserver.NewRPCServer(cfg.RPCListeners, cfg.RPCMaxClients)
+	// rpcServer is for gRCP miner, wallet and certain kaspactl utility communications
+	rpcServer, err := grpcserver.NewRPCServer(cfg.RPCListeners, cfg.RPCMaxClients, cfg.RPCAuth, cfg.RPCCert, cfg.RPCKey)
 	if err != nil {
 		return nil, err
 	}

infrastructure/network/netadapter/server/grpcserver/grpc_server.go

@@ -3,21 +3,29 @@ package grpcserver
 import (
 	"context"
 	"fmt"
+	"net"
+	"sync"
+	"time"
+
 	"github.com/kaspanet/kaspad/infrastructure/network/netadapter/server"
 	"github.com/kaspanet/kaspad/util/panics"
 	"github.com/pkg/errors"
 	"google.golang.org/grpc"
+	"google.golang.org/grpc/credentials"
 	"google.golang.org/grpc/peer"
-	"net"
-	"sync"
-	"time"
 )
 
+// RequestModifier can modify the http request
+type RequestModifier func(r *grpc.Server)
+
 type gRPCServer struct {
+	// modifiers are applied before any request
+	//modifiers          []RequestModifier
 	onConnectedHandler server.OnConnectedHandler
 	listeningAddresses []string
 	server             *grpc.Server
 	name               string
+	auth               string
 
 	maxInboundConnections      int
 	inboundConnectionCount     int
@@ -25,15 +33,30 @@ type gRPCServer struct {
 }
 
 // newGRPCServer creates a gRPC server
-func newGRPCServer(listeningAddresses []string, maxMessageSize int, maxInboundConnections int, name string) *gRPCServer {
+func newGRPCServer(listeningAddresses []string, maxMessageSize int, maxInboundConnections int, name string, auth string, certFile string, keyFile string) *gRPCServer {
 	log.Debugf("Created new %s GRPC server with maxMessageSize %d and maxInboundConnections %d", name, maxMessageSize, maxInboundConnections)
-	return &gRPCServer{
-		server:                     grpc.NewServer(grpc.MaxRecvMsgSize(maxMessageSize), grpc.MaxSendMsgSize(maxMessageSize)),
-		listeningAddresses:         listeningAddresses,
-		name:                       name,
-		maxInboundConnections:      maxInboundConnections,
-		inboundConnectionCount:     0,
-		inboundConnectionCountLock: &sync.Mutex{},
+	log.Warnf("Name: %s for grpc auth type: %s", name, auth)
+	if auth == "tls" {
+		creds, _ := credentials.NewServerTLSFromFile(certFile, keyFile)
+		return &gRPCServer{
+			server:                     grpc.NewServer(grpc.Creds(creds), grpc.MaxRecvMsgSize(maxMessageSize), grpc.MaxSendMsgSize(maxMessageSize)),
+			listeningAddresses:         listeningAddresses,
+			name:                       name,
+			auth:                       auth,
+			maxInboundConnections:      maxInboundConnections,
+			inboundConnectionCount:     0,
+			inboundConnectionCountLock: &sync.Mutex{},
+		}
+	} else {
+		return &gRPCServer{
+			server:                     grpc.NewServer(grpc.MaxRecvMsgSize(maxMessageSize), grpc.MaxSendMsgSize(maxMessageSize)),
+			listeningAddresses:         listeningAddresses,
+			name:                       name,
+			auth:                       auth,
+			maxInboundConnections:      maxInboundConnections,
+			inboundConnectionCount:     0,
+			inboundConnectionCountLock: &sync.Mutex{},
+		}
 	}
 }
 

infrastructure/network/netadapter/server/grpcserver/p2pserver.go

@@ -2,6 +2,9 @@ package grpcserver
 
 import (
 	"context"
+	"net"
+	"time"
+
 	"github.com/kaspanet/kaspad/infrastructure/network/netadapter/server"
 	"github.com/kaspanet/kaspad/infrastructure/network/netadapter/server/grpcserver/protowire"
 	"github.com/kaspanet/kaspad/util/panics"
@@ -9,10 +12,10 @@ import (
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/encoding/gzip"
 	"google.golang.org/grpc/peer"
-	"net"
-	"time"
 )
 
+// p2pServer is a gRCP server for internodes communication
+
 type p2pServer struct {
 	protowire.UnimplementedP2PServer
 	gRPCServer
@@ -28,7 +31,7 @@ const p2pMaxInboundConnections = 0
 
 // NewP2PServer creates a new P2PServer
 func NewP2PServer(listeningAddresses []string) (server.P2PServer, error) {
-	gRPCServer := newGRPCServer(listeningAddresses, p2pMaxMessageSize, p2pMaxInboundConnections, "P2P")
+	gRPCServer := newGRPCServer(listeningAddresses, p2pMaxMessageSize, p2pMaxInboundConnections, "P2P", "none", "", "")
 	p2pServer := &p2pServer{gRPCServer: *gRPCServer}
 	protowire.RegisterP2PServer(gRPCServer.server, p2pServer)
 	return p2pServer, nil

infrastructure/network/netadapter/server/grpcserver/rpcserver.go

@@ -6,6 +6,8 @@ import (
 	"github.com/kaspanet/kaspad/util/panics"
 )
 
+// rpcServer is for gRCP miner, wallet and certain kaspactl utility communications
+// This is for outside querying of the node's state.
 type rpcServer struct {
 	protowire.UnimplementedRPCServer
 	gRPCServer
@@ -15,8 +17,9 @@ type rpcServer struct {
 const RPCMaxMessageSize = 1024 * 1024 * 1024 // 1 GB
 
 // NewRPCServer creates a new RPCServer
-func NewRPCServer(listeningAddresses []string, rpcMaxInboundConnections int) (server.Server, error) {
-	gRPCServer := newGRPCServer(listeningAddresses, RPCMaxMessageSize, rpcMaxInboundConnections, "RPC")
+// @TODO make this a variadic function for better middleware and number of variable args passed in
+func NewRPCServer(listeningAddresses []string, rpcMaxInboundConnections int, rpcAuth string, rpcCert string, rpcKey string) (server.Server, error) {
+	gRPCServer := newGRPCServer(listeningAddresses, RPCMaxMessageSize, rpcMaxInboundConnections, "RPC", rpcAuth, rpcCert, rpcKey)
 	rpcServer := &rpcServer{gRPCServer: *gRPCServer}
 	protowire.RegisterRPCServer(gRPCServer.server, rpcServer)
 	return rpcServer, nil