ServerHandshake implements the server side ALTS handshaker.
(rawConn net.Conn)
| 216 | |
| 217 | // ServerHandshake implements the server side ALTS handshaker. |
| 218 | func (g *altsTC) ServerHandshake(rawConn net.Conn) (_ net.Conn, _ credentials.AuthInfo, err error) { |
| 219 | if !vmOnGCP { |
| 220 | return nil, nil, ErrUntrustedPlatform |
| 221 | } |
| 222 | // Connecting to ALTS handshaker service. |
| 223 | hsConn, err := service.Dial(g.hsAddress) |
| 224 | if err != nil { |
| 225 | return nil, nil, err |
| 226 | } |
| 227 | // Do not close hsConn since it's shared with other handshakes. |
| 228 | |
| 229 | ctx, cancel := context.WithTimeout(context.Background(), defaultTimeout) |
| 230 | defer cancel() |
| 231 | opts := handshaker.DefaultServerHandshakerOptions() |
| 232 | opts.RPCVersions = &altspb.RpcProtocolVersions{ |
| 233 | MaxRpcVersion: maxRPCVersion, |
| 234 | MinRpcVersion: minRPCVersion, |
| 235 | } |
| 236 | shs, err := handshaker.NewServerHandshaker(ctx, hsConn, rawConn, opts) |
| 237 | if err != nil { |
| 238 | return nil, nil, err |
| 239 | } |
| 240 | secConn, authInfo, err := shs.ServerHandshake(ctx) |
| 241 | if err != nil { |
| 242 | return nil, nil, err |
| 243 | } |
| 244 | // Close the handshaker since we have obtained a connection. |
| 245 | defer shs.Close() |
| 246 | altsAuthInfo, ok := authInfo.(AuthInfo) |
| 247 | if !ok { |
| 248 | return nil, nil, errors.New("server-side auth info is not of type alts.AuthInfo") |
| 249 | } |
| 250 | match, _ := checkRPCVersions(opts.RPCVersions, altsAuthInfo.PeerRPCVersions()) |
| 251 | if !match { |
| 252 | return nil, nil, fmt.Errorf("client-side RPC versions is not compatible with this server, local versions: %v, peer versions: %v", opts.RPCVersions, altsAuthInfo.PeerRPCVersions()) |
| 253 | } |
| 254 | return secConn, authInfo, nil |
| 255 | } |
| 256 | |
| 257 | func (g *altsTC) Info() credentials.ProtocolInfo { |
| 258 | return *g.info |
nothing calls this directly
no test coverage detected