advancedtls: fix build on version prior to 1.14 (#3950)

* advancedtls: fix build on version prior to 1.14

security/advancedtls/go.mod

@@ -1,6 +1,6 @@
 module google.golang.org/grpc/security/advancedtls
 
-go 1.13
+go 1.14
 
 require (
 	github.com/google/go-cmp v0.5.1

security/advancedtls/sni.go

@@ -1,4 +1,4 @@
-// +build !appengine
+// +build !appengine,go1.14
 
 /*
  *

security/advancedtls/sni_beforego114.go

@@ -0,0 +1,42 @@
+// +build !appengine,!go1.14
+
+/*
+ *
+ * Copyright 2020 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package advancedtls
+
+import (
+	"crypto/tls"
+	"fmt"
+)
+
+// buildGetCertificates returns the first cert contained in ServerOptions for
+// non-appengine builds before version 1.4.
+func buildGetCertificates(clientHello *tls.ClientHelloInfo, o *ServerOptions) (*tls.Certificate, error) {
+	if o.IdentityOptions.GetIdentityCertificatesForServer == nil {
+		return nil, fmt.Errorf("function GetCertificates must be specified")
+	}
+	certificates, err := o.IdentityOptions.GetIdentityCertificatesForServer(clientHello)
+	if err != nil {
+		return nil, err
+	}
+	if len(certificates) == 0 {
+		return nil, fmt.Errorf("no certificates configured")
+	}
+	return certificates[0], nil
+}