diff --git a/pkg/source/chirpstack/config/config.go b/pkg/source/chirpstack/config/config.go index 0e53784..5d082c0 100644 --- a/pkg/source/chirpstack/config/config.go +++ b/pkg/source/chirpstack/config/config.go @@ -15,18 +15,23 @@ package config import ( + "context" "crypto/tls" "crypto/x509" "net/http" "os" + "time" "github.com/spf13/pflag" "go.thethings.network/lorawan-stack-migrate/pkg/source" "go.thethings.network/lorawan-stack/v3/pkg/types" "google.golang.org/grpc" "google.golang.org/grpc/credentials" + "google.golang.org/grpc/credentials/insecure" ) +const dialTimeout = 10 * time.Second + func New() (*Config, *pflag.FlagSet) { var ( config = &Config{} @@ -100,13 +105,6 @@ func (c *Config) Initialize() error { if err := c.JoinEUI.UnmarshalText([]byte(c.joinEUI)); err != nil { return errInvalidJoinEUI.WithAttributes("join_eui", c.joinEUI) } - - if !c.insecure || c.caPath != "" { - if err := setCustomCA(c.caPath); err != nil { - return err - } - } - err := c.dialGRPC( grpc.FailOnNonTempDialError(true), grpc.WithBlock(), @@ -120,32 +118,45 @@ func (c *Config) Initialize() error { } func (c *Config) dialGRPC(opts ...grpc.DialOption) error { - if c.insecure && c.caPath == "" { - opts = append(opts, grpc.WithInsecure()) - } - if tls := http.DefaultTransport.(*http.Transport).TLSClientConfig; tls != nil { - opts = append(opts, grpc.WithTransportCredentials(credentials.NewTLS(tls))) + if c.insecure { + opts = append(opts, grpc.WithTransportCredentials(insecure.NewCredentials())) + } else { + tlsConfig, err := generateTLSConfig(c.caPath) + if err != nil { + return err + } + opts = append(opts, grpc.WithTransportCredentials(credentials.NewTLS(tlsConfig))) } + + ctx, cancel := context.WithTimeout(context.Background(), dialTimeout) + defer cancel() + var err error - c.ClientConn, err = grpc.Dial(c.url, opts...) + c.ClientConn, err = grpc.DialContext(ctx, c.url, opts...) if err != nil { return err } return nil } -func setCustomCA(path string) error { - pemBytes, err := os.ReadFile(path) - if err != nil { - return err +// GenerateTLSConfig generates a TLS configuration. +func generateTLSConfig(caPath string) (cfg *tls.Config, err error) { + cfg = http.DefaultTransport.(*http.Transport).TLSClientConfig + if cfg == nil { + cfg = &tls.Config{} } - rootCAs := http.DefaultTransport.(*http.Transport).TLSClientConfig.RootCAs - if rootCAs == nil { - if rootCAs, err = x509.SystemCertPool(); err != nil { - rootCAs = x509.NewCertPool() + if cfg.RootCAs == nil { + if cfg.RootCAs, err = x509.SystemCertPool(); err != nil { + cfg.RootCAs = x509.NewCertPool() } } - rootCAs.AppendCertsFromPEM(pemBytes) - http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{RootCAs: rootCAs} - return nil + if caPath == "" { + return cfg, nil + } + pemBytes, err := os.ReadFile(caPath) + if err != nil { + return nil, err + } + cfg.RootCAs.AppendCertsFromPEM(pemBytes) + return cfg, nil } diff --git a/pkg/source/chirpstack/source.go b/pkg/source/chirpstack/source.go index b8c1a8e..a7360ed 100644 --- a/pkg/source/chirpstack/source.go +++ b/pkg/source/chirpstack/source.go @@ -30,7 +30,6 @@ import ( "go.thethings.network/lorawan-stack/v3/pkg/log" "go.thethings.network/lorawan-stack/v3/pkg/ttnpb" "go.thethings.network/lorawan-stack/v3/pkg/types" - "google.golang.org/grpc" "google.golang.org/protobuf/types/known/durationpb" "google.golang.org/protobuf/types/known/timestamppb" ) @@ -52,8 +51,7 @@ function Decoder(bytes, fport) { type Source struct { *config.Config - ctx context.Context - ClientConn *grpc.ClientConn + ctx context.Context applications map[int64]*csapi.Application devProfiles map[string]*csapi.DeviceProfile @@ -364,7 +362,6 @@ func (p *Source) ExportDevice(devEui string) (*ttnpb.EndDevice, error) { } dev.Session.LastAFCntDown = activation.AFCntDown dev.Session.LastFCntUp = activation.FCntUp - dev.Session.LastConfFCntDown = activation.FCntUp dev.Session.LastNFCntDown = activation.NFCntDown } }