MCPcopy
hub / github.com/nats-io/nats.go / checkForSecure

Method checkForSecure

nats.go:2845–2869  ·  view source on GitHub ↗

This will check to see if the connection should be secure. This can be dictated from either end and should only be called after the INIT protocol has been received.

()

Source from the content-addressed store, hash-verified

2843// secure. This can be dictated from either end and should
2844// only be called after the INIT protocol has been received.
2845func (nc *Conn) checkForSecure() error {
2846 // Check to see if we need to engage TLS
2847 o := nc.Opts
2848
2849 // Check for mismatch in setups
2850 if o.Secure && !nc.info.TLSRequired && !nc.info.TLSAvailable {
2851 return ErrSecureConnWanted
2852 } else if nc.info.TLSRequired && !o.Secure {
2853 // Switch to Secure since server needs TLS.
2854 o.Secure = true
2855 }
2856
2857 if o.Secure {
2858 // If TLS handshake first is true, we have already done
2859 // the handshake, so we are done here.
2860 if o.TLSHandshakeFirst {
2861 return nil
2862 }
2863 // Need to rewrap with bufio
2864 if err := nc.makeTLSConn(); err != nil {
2865 return err
2866 }
2867 }
2868 return nil
2869}
2870
2871// processExpectedInfo will look for the expected first INFO message
2872// sent when a connection is established. The lock should be held entering.

Callers 1

processExpectedInfoMethod · 0.95

Calls 1

makeTLSConnMethod · 0.95

Tested by

no test coverage detected