fix: grpc mTLS client dns_name bind logic mistake

ncuhome · May 17, 2024 · 02a3f86 · 02a3f86
1 parent c0958de
commit 02a3f86
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/internal/rpc/app/middlewares.go b/internal/rpc/app/middlewares.go
@@ -15,11 +15,12 @@ func SetAuthInfoWithContext(ctx context.Context) (context.Context, error) {
 		return ctx, status.Error(codes.Unauthenticated, "get peer from context failed")
 	}
 	tlsAuth, ok := p.AuthInfo.(credentials.TLSInfo)
-	if !ok {
+	if !ok || len(tlsAuth.State.PeerCertificates) == 0 || len(tlsAuth.State.PeerCertificates[0].DNSNames) == 0 {
 		return ctx, status.Error(codes.Unauthenticated, "get tls info from peer failed")
 	}
+
 	return SetAuthInfo(ctx, &AuthInfo{
-		AppCode: tlsAuth.State.ServerName,
+		AppCode: tlsAuth.State.PeerCertificates[0].DNSNames[0],
 	}), nil
 }