1 /* 2 * 3 * Copyright 2020 gRPC authors. 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 */ 18 19 // Package insecure provides an implementation of the 20 // credentials.TransportCredentials interface which disables transport security. 21 package insecure 22 23 import ( 24 "context" 25 "net" 26 27 "google.golang.org/grpc/credentials" 28 ) 29 30 // NewCredentials returns a credentials which disables transport security. 31 // 32 // Note that using this credentials with per-RPC credentials which require 33 // transport security is incompatible and will cause grpc.Dial() to fail. 34 func NewCredentials() credentials.TransportCredentials { 35 return insecureTC{} 36 } 37 38 // insecureTC implements the insecure transport credentials. The handshake 39 // methods simply return the passed in net.Conn and set the security level to 40 // NoSecurity. 41 type insecureTC struct{} 42 43 func (insecureTC) ClientHandshake(ctx context.Context, _ string, conn net.Conn) (net.Conn, credentials.AuthInfo, error) { 44 return conn, info{credentials.CommonAuthInfo{SecurityLevel: credentials.NoSecurity}}, nil 45 } 46 47 func (insecureTC) ServerHandshake(conn net.Conn) (net.Conn, credentials.AuthInfo, error) { 48 return conn, info{credentials.CommonAuthInfo{SecurityLevel: credentials.NoSecurity}}, nil 49 } 50 51 func (insecureTC) Info() credentials.ProtocolInfo { 52 return credentials.ProtocolInfo{SecurityProtocol: "insecure"} 53 } 54 55 func (insecureTC) Clone() credentials.TransportCredentials { 56 return insecureTC{} 57 } 58 59 func (insecureTC) OverrideServerName(string) error { 60 return nil 61 } 62 63 // info contains the auth information for an insecure connection. 64 // It implements the AuthInfo interface. 65 type info struct { 66 credentials.CommonAuthInfo 67 } 68 69 // AuthType returns the type of info as a string. 70 func (info) AuthType() string { 71 return "insecure" 72 } 73 74 // insecureBundle implements an insecure bundle. 75 // An insecure bundle provides a thin wrapper around insecureTC to support 76 // the credentials.Bundle interface. 77 type insecureBundle struct{} 78 79 // NewBundle returns a bundle with disabled transport security and no per rpc credential. 80 func NewBundle() credentials.Bundle { 81 return insecureBundle{} 82 } 83 84 // NewWithMode returns a new insecure Bundle. The mode is ignored. 85 func (insecureBundle) NewWithMode(string) (credentials.Bundle, error) { 86 return insecureBundle{}, nil 87 } 88 89 // PerRPCCredentials returns an nil implementation as insecure 90 // bundle does not support a per rpc credential. 91 func (insecureBundle) PerRPCCredentials() credentials.PerRPCCredentials { 92 return nil 93 } 94 95 // TransportCredentials returns the underlying insecure transport credential. 96 func (insecureBundle) TransportCredentials() credentials.TransportCredentials { 97 return NewCredentials() 98 } 99