commit d7d6e0284de38cbeeb185ca17c0853b4b2c10ee9
author Serge Bazanski <serge@monogon.tech> Wed Sep 01 15:03:06 2021 +0200
committer Sergiusz Bazanski <serge@monogon.tech> Fri Sep 03 11:15:40 2021 +0000
tree 37e0b443caf904f0b78d423ba6580c1416f5bc11
parent 9ffa1f9577003ab70a6b483475874f3552d1ccc3

m/n/core/rpc: create library for common gRPC functions

This is the beginning of consolidating all gRPC-related code into a
single package.

We also run the Curator service publicly and place it behind a new
authorization permission bit. This is in preparation for Curator
followers needing access to this Service.

Some of the service split and authorization options are likely to be
changed in the future (I'm considering renaming Curator to something
else, or at least clearly stating that it's a node-to-node service).

Change-Id: I0a4a57da15b35688aefe7bf669ba6342d46aa3f5
Reviewed-on: https://review.monogon.dev/c/monogon/+/316
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>

metropolis/pkg/pki/ca.go

diff --git a/metropolis/pkg/pki/ca.go b/metropolis/pkg/pki/ca.go
index 4931b5e..7c03f9f 100644
--- a/metropolis/pkg/pki/ca.go
+++ b/metropolis/pkg/pki/ca.go
@@ -60,7 +60,7 @@
 
 	req.Template.SerialNumber = serialNumber
 	req.Template.NotBefore = time.Now()
-	req.Template.NotAfter = unknownNotAfter
+	req.Template.NotAfter = UnknownNotAfter
 	req.Template.BasicConstraintsValid = true
 	req.Template.SubjectKeyId = skid
 

metropolis/pkg/pki/x509.go

diff --git a/metropolis/pkg/pki/x509.go b/metropolis/pkg/pki/x509.go
index e198902..40e7a08 100644
--- a/metropolis/pkg/pki/x509.go
+++ b/metropolis/pkg/pki/x509.go
@@ -27,7 +27,7 @@
 
 var (
 	// From RFC 5280 Section 4.1.2.5
-	unknownNotAfter = time.Unix(253402300799, 0)
+	UnknownNotAfter = time.Unix(253402300799, 0)
 )
 
 // Workaround for https://github.com/golang/go/issues/26676 in Go's