add comment for gRPC TLS silent failure behavior (#779)

When gRPC transport have been configured to use TLS, it may silently ignore TLS failure. This may make it harder to diagnose TLS setting issues when gRPC transport is used. This comment is added to help other developers be aware of this caveat.

Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
This commit is contained in:
yuhan6665 2021-10-22 00:01:51 -04:00 committed by 世界
parent 3bf3d96472
commit c4fc277758
No known key found for this signature in database
GPG key ID: CD109927C34A63C4

View file

@ -80,6 +80,7 @@ func Listen(ctx context.Context, address net.Address, port net.Port, settings *i
var options []grpc.ServerOption var options []grpc.ServerOption
var s *grpc.Server var s *grpc.Server
if config != nil { if config != nil {
// gRPC server may silently ignore TLS errors
options = append(options, grpc.Creds(credentials.NewTLS(config.GetTLSConfig(tls.WithNextProto("h2"))))) options = append(options, grpc.Creds(credentials.NewTLS(config.GetTLSConfig(tls.WithNextProto("h2")))))
} }
if grpcSettings.IdleTimeout > 0 || grpcSettings.HealthCheckTimeout > 0 { if grpcSettings.IdleTimeout > 0 || grpcSettings.HealthCheckTimeout > 0 {