From f59a1c7ad8c571f1eaaf148941741cd4026a519f Mon Sep 17 00:00:00 2001 From: bndw Date: Fri, 13 Feb 2026 21:25:36 -0800 Subject: feat: auto-detect TLS in testclient Add automatic TLS detection for testclient: - Use TLS for port 443 - Use TLS for non-localhost addresses - Use insecure for localhost/127.0.0.1 (development) Now works with both: ./bin/testclient # local ./bin/testclient -addr nostr-grpc.x.bdw.to:443 # production --- cmd/testclient/main.go | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'cmd/testclient') diff --git a/cmd/testclient/main.go b/cmd/testclient/main.go index 224d9d9..85f9917 100644 --- a/cmd/testclient/main.go +++ b/cmd/testclient/main.go @@ -7,9 +7,11 @@ import ( "io" "log" "os" + "strings" "time" "google.golang.org/grpc" + "google.golang.org/grpc/credentials" "google.golang.org/grpc/credentials/insecure" pb "northwest.io/nostr-grpc/api/nostr/v1" @@ -20,7 +22,20 @@ func main() { addr := flag.String("addr", "localhost:50051", "relay address") flag.Parse() - conn, err := grpc.NewClient(*addr, grpc.WithTransportCredentials(insecure.NewCredentials())) + // Auto-detect TLS: use TLS for port 443 or non-localhost addresses + var opts []grpc.DialOption + useTLS := strings.HasSuffix(*addr, ":443") || + (!strings.HasPrefix(*addr, "localhost") && !strings.HasPrefix(*addr, "127.0.0.1") && !strings.HasPrefix(*addr, ":")) + + if useTLS { + opts = append(opts, grpc.WithTransportCredentials(credentials.NewClientTLSFromCert(nil, ""))) + log.Printf("Connecting with TLS to %s", *addr) + } else { + opts = append(opts, grpc.WithTransportCredentials(insecure.NewCredentials())) + log.Printf("Connecting without TLS to %s", *addr) + } + + conn, err := grpc.NewClient(*addr, opts...) if err != nil { log.Fatalf("failed to connect: %v", err) } -- cgit v1.2.3