Merge pull request #2 from nwn2dev/feature/ssl

Adds ability to define a certPath

Author: scottmunday84

README.md

@@ -53,6 +53,8 @@ Replace go_ with the language you wish to use (java_, cpp_, etc.) and the *_out
 With a created external application, configure your xp_rpc settings for the client from the xp_rpc.yml file.
 
 ```yaml
+auth:
+  certPath: path/to/cert
 log:
   logLevel: info
 perClient:

plugin/main.go

@@ -33,8 +33,8 @@ import (
 const pluginID string = "RPC"               // Plugin ID used for identification in the list
 const pluginName string = "NWNX RPC Plugin" // Plugin name passed to hook
 const pluginDescription string = "A better way to integrate services with NWN2"
-const pluginVersion string = "0.4.2" // Plugin version passed to hook
-const pluginContact string = "(c) 2021-2023 by ihatemundays ([email protected])"
+const pluginVersion string = "0.5.0" // Plugin version passed to hook
+const pluginContact string = "(c) 2021-2024 by ihatemundays ([email protected])"
 
 const logFilename string = "xp_rpc.log"
 const configFilename string = "xp_rpc.yml"

plugin/rpc_config.go

@@ -3,6 +3,9 @@ package main
 import "time"
 
 type rpcConfig struct {
+	Auth struct {
+		CertPath *string `yaml:"certPath"`
+	} `yaml:"auth"`
 	Log struct {
 		LogLevel string `yaml:"logLevel" default:"info"`
 	} `yaml:"log"`

plugin/rpc_plugin.go

@@ -2,6 +2,7 @@ package main
 
 import (
 	log "github.com/sirupsen/logrus"
+	"google.golang.org/grpc/credentials"
 	"google.golang.org/grpc/credentials/insecure"
 	pb "nwnx4.org/nwn2dev/xp_rpc/proto"
 	"strings"
@@ -32,6 +33,7 @@ const rpcEndBuildGeneric int32 = 2
 
 type rpcPlugin struct {
 	config                       rpcConfig
+	certPath                     *string
 	clients                      map[string]*rpcClient
 	globalExBuildGenericRequest  *pb.ExBuildGenericRequest
 	globalExBuildGenericResponse *pb.ExBuildGenericResponse
@@ -41,6 +43,7 @@ type rpcPlugin struct {
 func newRpcPlugin() *rpcPlugin {
 	return &rpcPlugin{
 		config:                       rpcConfig{},
+		certPath:                     nil,
 		clients:                      make(map[string]*rpcClient),
 		globalExBuildGenericRequest:  newExBuildGenericRequest(),
 		globalExBuildGenericResponse: newExBuildGenericResponse(),
@@ -85,7 +88,31 @@ func (p *rpcPlugin) init() {
 // Runs on an rpcPlugin and adds a client by name and URL
 func (p *rpcPlugin) addRpcClient(name, url string) {
 	log.Infof("Adding client: %s@%s", name, url)
-	conn, err := grpc.Dial(url, grpc.WithTransportCredentials(insecure.NewCredentials()))
+
+	// Load the certificate
+	var conn *grpc.ClientConn
+	var err error
+	if p.certPath != nil {
+		creds, err := credentials.NewClientTLSFromFile(*p.certPath, "")
+		if err != nil {
+			log.Errorf("Unable to load certificate: %v", err)
+			p.clients[name] = &rpcClient{
+				isValid:             false,
+				name:                name,
+				url:                 url,
+				exServiceClient:     nil,
+				nwnxServiceClient:   nil,
+				scorcoServiceClient: nil,
+			}
+			return
+		}
+
+		conn, err = grpc.Dial(url, grpc.WithTransportCredentials(creds))
+	} else {
+		conn, err = grpc.Dial(url, grpc.WithTransportCredentials(insecure.NewCredentials()))
+	}
+
+	// Dial with the loaded certificate
 	if err != nil {
 		log.Errorf("Unable to attach client: %s@%s", name, url)
 
@@ -101,6 +128,7 @@ func (p *rpcPlugin) addRpcClient(name, url string) {
 		return
 	}
 
+	// Create gRPC clients with the connection
 	p.clients[name] = &rpcClient{
 		isValid:             true,
 		name:                name,

plugin/xp_rpc.yml

@@ -1,3 +1,5 @@
+auth:
+#  certPath:
 log:
   logLevel: info
 perClient: