1 /*
2 *
3 * Copyright 2020 gRPC authors.
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 */
18 19 // Package insecure provides an implementation of the
20 // credentials.TransportCredentials interface which disables transport security.
21 package insecure
22 23 import (
24 "context"
25 "net"
26 27 "google.golang.org/grpc/credentials"
28 )
29 30 // NewCredentials returns a credentials which disables transport security.
31 //
32 // Note that using this credentials with per-RPC credentials which require
33 // transport security is incompatible and will cause RPCs to fail.
34 func NewCredentials() credentials.TransportCredentials {
35 return insecureTC{}
36 }
37 38 // insecureTC implements the insecure transport credentials. The handshake
39 // methods simply return the passed in net.Conn and set the security level to
40 // NoSecurity.
41 type insecureTC struct{}
42 43 func (insecureTC) ClientHandshake(_ context.Context, _ string, conn net.Conn) (net.Conn, credentials.AuthInfo, error) {
44 return conn, info{credentials.CommonAuthInfo{SecurityLevel: credentials.NoSecurity}}, nil
45 }
46 47 func (insecureTC) ServerHandshake(conn net.Conn) (net.Conn, credentials.AuthInfo, error) {
48 return conn, info{credentials.CommonAuthInfo{SecurityLevel: credentials.NoSecurity}}, nil
49 }
50 51 func (insecureTC) Info() credentials.ProtocolInfo {
52 return credentials.ProtocolInfo{SecurityProtocol: "insecure"}
53 }
54 55 func (insecureTC) Clone() credentials.TransportCredentials {
56 return insecureTC{}
57 }
58 59 func (insecureTC) OverrideServerName(string) error {
60 return nil
61 }
62 63 // info contains the auth information for an insecure connection.
64 // It implements the AuthInfo interface.
65 type info struct {
66 credentials.CommonAuthInfo
67 }
68 69 // AuthType returns the type of info as a string.
70 func (info) AuthType() string {
71 return "insecure"
72 }
73 74 // ValidateAuthority allows any value to be overridden for the :authority
75 // header.
76 func (info) ValidateAuthority(string) error {
77 return nil
78 }
79 80 // insecureBundle implements an insecure bundle.
81 // An insecure bundle provides a thin wrapper around insecureTC to support
82 // the credentials.Bundle interface.
83 type insecureBundle struct{}
84 85 // NewBundle returns a bundle with disabled transport security and no per rpc credential.
86 func NewBundle() credentials.Bundle {
87 return insecureBundle{}
88 }
89 90 // NewWithMode returns a new insecure Bundle. The mode is ignored.
91 func (insecureBundle) NewWithMode(string) (credentials.Bundle, error) {
92 return insecureBundle{}, nil
93 }
94 95 // PerRPCCredentials returns an nil implementation as insecure
96 // bundle does not support a per rpc credential.
97 func (insecureBundle) PerRPCCredentials() credentials.PerRPCCredentials {
98 return nil
99 }
100 101 // TransportCredentials returns the underlying insecure transport credential.
102 func (insecureBundle) TransportCredentials() credentials.TransportCredentials {
103 return NewCredentials()
104 }
105