From c4fc27775812618e65bf144425516e49603f91db Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Fri, 22 Oct 2021 00:01:51 -0400 Subject: [PATCH] add comment for gRPC TLS silent failure behavior (#779) When gRPC transport have been configured to use TLS, it may silently ignore TLS failure. This may make it harder to diagnose TLS setting issues when gRPC transport is used. This comment is added to help other developers be aware of this caveat. Co-authored-by: Shelikhoo --- transport/internet/grpc/hub.go | 1 + 1 file changed, 1 insertion(+) diff --git a/transport/internet/grpc/hub.go b/transport/internet/grpc/hub.go index a2a5ce40..40bb0b51 100644 --- a/transport/internet/grpc/hub.go +++ b/transport/internet/grpc/hub.go @@ -80,6 +80,7 @@ func Listen(ctx context.Context, address net.Address, port net.Port, settings *i var options []grpc.ServerOption var s *grpc.Server if config != nil { + // gRPC server may silently ignore TLS errors options = append(options, grpc.Creds(credentials.NewTLS(config.GetTLSConfig(tls.WithNextProto("h2"))))) } if grpcSettings.IdleTimeout > 0 || grpcSettings.HealthCheckTimeout > 0 {