MCPcopy
hub / github.com/grpc/grpc-go / ClientHandshake

Method ClientHandshake

internal/xds/bootstrap/tlscreds/bundle.go:123–142  ·  view source on GitHub ↗
(ctx context.Context, authority string, rawConn net.Conn)

Source from the content-addressed store, hash-verified

121}
122
123func (c *reloadingCreds) ClientHandshake(ctx context.Context, authority string, rawConn net.Conn) (net.Conn, credentials.AuthInfo, error) {
124 km, err := c.provider.KeyMaterial(ctx)
125 if err != nil {
126 return nil, nil, err
127 }
128 var config *tls.Config
129 if km.SPIFFEBundleMap != nil {
130 config = &tls.Config{
131 InsecureSkipVerify: true,
132 VerifyPeerCertificate: buildSPIFFEVerifyFunc(km.SPIFFEBundleMap),
133 Certificates: km.Certs,
134 }
135 } else {
136 config = &tls.Config{
137 RootCAs: km.Roots,
138 Certificates: km.Certs,
139 }
140 }
141 return credentials.NewTLS(config).ClientHandshake(ctx, authority, rawConn)
142}
143
144func (c *reloadingCreds) Info() credentials.ProtocolInfo {
145 return credentials.ProtocolInfo{SecurityProtocol: "tls"}

Callers

nothing calls this directly

Calls 4

NewTLSFunction · 0.92
buildSPIFFEVerifyFuncFunction · 0.85
KeyMaterialMethod · 0.65
ClientHandshakeMethod · 0.65

Tested by

no test coverage detected