MCPcopy
hub / github.com/grpc/grpc-go / validate

Method validate

credentials/tls/certprovider/pemfile/watcher.go:80–96  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

78}
79
80func (o Options) validate() error {
81 if o.CertFile == "" && o.KeyFile == "" && o.RootFile == "" && o.SPIFFEBundleMapFile == "" {
82 return fmt.Errorf("pemfile: at least one credential file needs to be specified")
83 }
84 if keySpecified, certSpecified := o.KeyFile != "", o.CertFile != ""; keySpecified != certSpecified {
85 return fmt.Errorf("pemfile: private key file and identity cert file should be both specified or not specified")
86 }
87 // C-core has a limitation that they cannot verify that a certificate file
88 // matches a key file. So, the only way to get around this is to make sure
89 // that both files are in the same directory and that they do an atomic
90 // read. Even though Java/Go do not have this limitation, we want the
91 // overall plugin behavior to be consistent across languages.
92 if certDir, keyDir := filepath.Dir(o.CertFile), filepath.Dir(o.KeyFile); certDir != keyDir {
93 return errors.New("pemfile: certificate and key file must be in the same directory")
94 }
95 return nil
96}
97
98// NewProvider returns a new certificate provider plugin that is configured to
99// watch the PEM files specified in the passed in options.

Callers 3

pluginConfigFromJSONFunction · 0.95
NewProviderFunction · 0.45
BuildMethod · 0.45

Calls 1

ErrorfMethod · 0.65

Tested by 1

BuildMethod · 0.36