Skip to content

Commit 21f4301

Browse files
erm-germ-g
committed
Address PR comments
1 parent b16af8b commit 21f4301

File tree

3 files changed

+9
-10
lines changed

3 files changed

+9
-10
lines changed

security/advancedtls/crl.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -116,8 +116,8 @@ func NewCRL(b []byte) (*CRL, error) {
116116
return crlExt, nil
117117
}
118118

119-
// ReadCRLFile reads a file from the provided path, and returns constructed
120-
// from it.
119+
// ReadCRLFile reads a file from the provided path, and returns constructed CRL
120+
// struct from it.
121121
func ReadCRLFile(path string) (*CRL, error) {
122122
b, err := os.ReadFile(path)
123123
if err != nil {

security/advancedtls/crl_provider.go

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -31,10 +31,13 @@ const defaultCRLRefreshDuration = 1 * time.Hour
3131
// CRLProvider is the interface to be implemented to enable custom CRL provider
3232
// behavior.
3333
//
34-
// The interface defines how the data is read, but doesn't prescribe a way
35-
// CRL are loaded and stored. Such implementations can be used in
36-
// RevocationConfig of advancedtls.ClientOptions and/or
37-
// advancedtls.ServerOptions .
34+
// The interface defines how gRPC gets CRLs from the provider during handshakes,
35+
// but doesn't prescribe a specific way to load and store CRLs. Such
36+
// implementations can be used in RevocationConfig of advancedtls.ClientOptions
37+
// and/or advancedtls.ServerOptions.
38+
// Please note that checking CRLs is being directly on the path of connection
39+
// establishment, so implementations of the CRL function need to be fast, and
40+
// slow things such as file IO should be done asynchronously.
3841
// TODO(erm-g): Add link to related gRFC once it's ready.
3942
// Please refer to https://github.com/grpc/proposal/ for more details.
4043
type CRLProvider interface {
@@ -47,9 +50,6 @@ type CRLProvider interface {
4750
// StaticCRLProvider implements CRLProvider interface by accepting raw content
4851
// of CRL files at creation time and storing parsed CRL structs in-memory.
4952
type StaticCRLProvider struct {
50-
// TODO CRL is sort of our internal representation - provide an API for
51-
// people to read into it, or provide a simpler type in the API then
52-
// internally convert to this form
5353
crls map[string]*CRL
5454
}
5555

security/advancedtls/crl_provider_test.go

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -128,7 +128,6 @@ func (s) TestFileWatcherCRLProviderConfig(t *testing.T) {
128128
// that it’s correctly processed. Additionally, we also check if number of
129129
// invocations of custom callback is correct.
130130
func (s) TestFileWatcherCRLProvider(t *testing.T) {
131-
// testdata.Path("crl") contains 5 non-crl files.
132131
nonCRLFilesSet := make(map[string]struct{})
133132
customCallback := func(err error) {
134133
nonCRLFilesSet[err.Error()] = struct{}{}

0 commit comments

Comments
 (0)