Fabric1.0.2 implementation of log monitoring based on TLS connection

The default Fabric1.0.2 example is not based on TLS, but the Balance-transfer and e2e_cli examples are based on TLS, and in order to make the connection more secure and generic, the research supports the implementation of log monitoring based on TLS.

The example/events/block-listener.go example in the Fabric1.0.2 source code produces the process of listening to the client, which is roughly:

Block-listener.go calls the Createeventclient method, which invokes the consumer Neweventsclient method, which invokes the Start method when the class is initialized, which is called in the Start method. Neweventsclientconnectionwithaddress method, which is the core method for implementing TLS connections .

From the screenshot below you can see that if it is a TLS connection, the last parameter will call comm. Inittlsforpeer method.

Comm. What is the content of the Inittlsforpeer method? Actually, it's not complicated.

The method is defined in the Connection.go file in the fabric1.0.2 source code:

The screenshot above shows that the most important thing here is to initialize two parameters, one is SN, the other is creds.

The following conclusions are obtained through validation:

(1) SN needs and the Cryptogen tool configuration file (CRYPTOGEN.YAML) defined in the domain name is consistent, that is, the form of peer0.org1.example.com

(2) config. The corresponding file in GetPath ("Peer.tls.rootcert.file") is defined in the Docker-compose file.

-Core_peer_tls_rootcert_file=/etc/hyperledger/crypto/peer/tls/ca.crt's Files

Changing the contents of these two parameters to be obtained by passing parameters (the original way by getting the contents of the configuration file inconvenient to change, so the official example needs to disable the TLS connection to test the event listener example), go back to build an executable file, modify host hosts, add

PEER0 Container IP Address peer0.org1.example.com

To run at the command line:

./block-listener-tls-events-address=127.0.0.1:7053-events-sn=peer0.org1.example.com-events-rootca=/usr/local/ balance-transf-1.0.2/artifacts/channel/crypto-config/peerorganizations/org1.example.com/peers/ Peer0.org1.example.com/tls/ca.crt-events-from-chaincode=mycc1-events-mspdir=/usr/local/balance-transf-1.0.2/ Artifacts/channel/crypto-config/peerorganizations/org1.example.com/peers/peer0.org1.example.com/msp- Events-mspid=org1msp

After normal startup, monitor the event and print the results to the console. If you do not change these places, start the original Block-listen in the case of TLS connection will be a direct error exit.

Although the Org1 MSP to connect, but as long as in the same channel, either ORG1 or ORG2 generated blocks can be heard.

All event types are listed below.

Enum Headertype {
message = 0; Used for messages which are signed but opaque
CONFIG = 1; Used for messages which express the channel Config
Config_update = 2; Used for transactions which update the channel Config
Endorser_transaction = 3; Used by the SDK to submit endorser based transactions
Orderer_transaction = 4; Used internally by the Orderer for management
Deliver_seek_info = 5; Used as the type for Envelope messages submitted to instruct the Deliver API to seek
Chaincode_package = 6; Used for packaging Chaincode artifacts for install
}

For this example of the source code and executable file interested students, can leave a mailbox, I see will be sent alone.