-
Notifications
You must be signed in to change notification settings - Fork 655
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
update 3rd party libraries, part2 #3707
base: main
Are you sure you want to change the base?
Conversation
ca31a3a
to
25a88f3
Compare
f7603a6
to
6481118
Compare
b254d90
to
2a93369
Compare
6481118
to
f39584d
Compare
2a93369
to
d79d2c9
Compare
a45865d
to
5bb9771
Compare
84e7715
to
1766a7b
Compare
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #3707 /- ##
=======================================
Coverage 88.94% 88.94%
=======================================
Files 256 256
Lines 14584 14587 3
=======================================
Hits 12972 12975 3
Misses 1612 1612 ☔ View full report in Codecov by Sentry. |
@@ -1,5 1,5 @@ | |||
{ | |||
"builtin-baseline": "ca7b1b15f548c25c766360593a2c732d56ed0133", | |||
"builtin-baseline": "c82f74667287d3dc386bce81e44964370c91a289", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
builtin-baseline
field defines the versions of the dependencies of our vcpkg packages. In this particular case, grpc needs this update to get his dependency versions right because of his own update. The value of builtin-baseline
field is simply the commit hash of the vcpkg
repo.
Sorry to bother you guys. Recently, multipass team has been dealing with rebasing the patches (code commits on the top of the release tag) of grpc after updating grpc to newer version. It has been a painful process due to the size of the patches and conflicts with the grpc refactors and changes. This really got us thinking what is the exact reason to keep these patches. Why multipass has a unique use case from the regular ones? By looking at commit messages and the code, my superficial understanding is that. Multipass wants to support skipping verifying server certificate. Because of that, the Any information would be appreciated in case you guys know about it, thanks a lot. |
Basically to support SSH-style authorization. Both sides generate their encryption keys in isolation, without a CA between them. All communication is encrypted, and the key fingerprints are what determines whether they want to talk to one other on a higher level, not whether the certificates are valid or not. |
Thanks for the reply. But why exactly does multipass have to use the SSH-style authorization? The standard TLS/mTLS always requires the server certificate and verifies it. As a result, grpc api only provides My wondering here is whether this orthodox way has some inadequacies we are not aware of or it somehow does not fit in the multipass use case. Any info will be appreciated, thanks. |
Hey @georgeliao, As @Saviq alluded to, it was done this way to avoid having to use a CA and generate valid SSL certificates. In the early days when this was implemented, we found it to be easier to just modify gRPC and carry the patches than to deal with a CA. If you all want to deal with a CA and generate valid SSL certs in order to use what gRPC already supports, then that's a technical decision the Multipass team will need to make. Maybe it's easier now than in 2018. 🤷♂️ Care will also need to be taken with the whole authorization plumbing, but I think that should still work. |
This was the only way to have clients other than the first/default one to get access to the daemon simply by providing a shared passphrase. If you go for the CA approach, you have to generate a key pair and a certificate signing request and ask someone with access to the CA (admin) to sign your CSR and provide you back with the signed certificate. There's also no path to accepting the first client like we do today on Linux and macOS, you'd need to somehow get through the above dance in the installation phase. Using a passphrase is just a more user-friendly way to achieving the same level of security, is all (one missing bit in the current scheme is managing a list of accepted daemon certificates, |
@townsend2010 |
…ld time and lib size.
…, which is non-intrusiveserver address resolver from intrusive change to
Co-authored-by: Ricardo Abreu <6698114 [email protected]> Signed-off-by: George Liao <[email protected]>
816e265
to
114fe3f
Compare
WIP
close #3568
MULTI-1177
Original repo
1. vcpkg, updated to 2024.09.30.
vcpkg:
1. grpc, 1.52.1-> 1.60.0, ongoing.
There are a lot hassles in grpc update:, so it is worth to talk about it. grpc has two layers of patches in the multipass use case, the first layer is the commits on the top of the standard grpc release.
Layer 1:
Orignally, there are 5 commits on the top of 1.52.1 release tag, that is the branch. They are around two things.
grpc_ssl_server_certificate_request_type
options to the client side and disablepem_root_certs
check along the way, see this section in the spec for details.getsockname
to get local server address instead ofgetpeername
to get the remote address.config_.pem_root_certs == nullptr
checks based on the workflow first 3 commits setup, meaning thatconfig_.pem_root_certs
is supposed to be nullptr because we do not want to verify the server certificate. Because of that, theSslCredentialsOptions::pem_root_certs
field which is the trust store of server certificates is set nulltptr when we create a channel on the client side.Layer 2:
The second layer patches is the new patches applied and the changes made (the diff between the vcpkg tempate file and multipass cutom file) in the vcpkg grpc portfile.cmake file. The goal of the custom portfile.cmake is to cut off the unneeded library build and cut down the library size, which will reduce the build time of grpc, multipass and the binary size of them.
snap:
Besides these patches, there are some api calls changes on multipass side. Those are made for some grpc' changes in this duration which broke the backward compatibility. The particular commit is this one. There is also another github issue which has relevant discussions about this. This change affects grpc version 1.57.0 and onwards. The fix we adopt is the one mentioned in the github issue, where they call
grpc.insecure_channel(srv_endpoint, options=(('grpc.default_authority', 'localhost'),))
on python client to overwrite the default authority, the C equivalent to this would be changinggrpc::CreateChannel
calls togrpc::CreateCustomChannel
calls with channel arguments, see below code snippet for detailsBe aware that this change affects all types of address resolvers, that probably is fine in the use cases of multipass.