Don't require TLS for in-process connection

Signed-off-by: Neil Twigg <neil@nats.io>
nats-io · Jul 19, 2023 · e9aa7ed · e9aa7ed
1 parent 80fb29f
commit e9aa7ed
Showing 1 changed file with 10 additions and 2 deletions.
diff --git a/server/server.go b/server/server.go
@@ -2217,7 +2217,7 @@ func (s *Server) AcceptLoop(clr chan struct{}) {
 func (s *Server) InProcessConn() (net.Conn, error) {
 	pl, pr := net.Pipe()
 	if !s.startGoRoutine(func() {
-		s.createClient(pl)
+		s.createClientInProcess(pl)
 		s.grWG.Done()
 	}) {
 		pl.Close()
@@ -2572,6 +2572,14 @@ func (c *tlsMixConn) Read(b []byte) (int, error) {
 }
 
 func (s *Server) createClient(conn net.Conn) *client {
+	return s.createClientEx(conn, false)
+}
+
+func (s *Server) createClientInProcess(conn net.Conn) *client {
+	return s.createClientEx(conn, true)
+}
+
+func (s *Server) createClientEx(conn net.Conn, inProcess bool) *client {
 	// Snapshot server options.
 	opts := s.getOpts()
 
@@ -2659,7 +2667,7 @@ func (s *Server) createClient(conn net.Conn) *client {
 	}
 	s.clients[c.cid] = c
 
-	tlsRequired := info.TLSRequired
+	tlsRequired := info.TLSRequired && !inProcess
 	s.mu.Unlock()
 
 	// Re-Grab lock