LBRYCommunity/lbcd
1
0
Fork 0
Code Issues 17 Pull requests 4 Projects Releases 28 Packages Wiki Activity

[lbry] rpcclient: support SkipVerify of TLS certificate. (#39)

Browse source
This commit is contained in:
Roy Lee 2022-05-15 22:59:30 -07:00
parent 3111601ac9
commit fb3ef35189
1 changed files with 7 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
rpcclient/infrastructure.go
View file

@ -1192,6 +1192,9 @@ type ConnConfig struct {
// the wire in cleartext. // the wire in cleartext.
DisableTLS bool DisableTLS bool
// SkipVerify instruct the client to skip verifying TLS certificate.
SkipVerify bool
// Certificates are the bytes for a PEM-encoded certificate chain used // Certificates are the bytes for a PEM-encoded certificate chain used
// for the TLS connection. It has no effect if the DisableTLS parameter // for the TLS connection. It has no effect if the DisableTLS parameter
// is true. // is true.
@ -1295,7 +1298,8 @@ func newHTTPClient(config *ConnConfig) (*http.Client, error) {
pool := x509.NewCertPool() pool := x509.NewCertPool()
pool.AppendCertsFromPEM(config.Certificates) pool.AppendCertsFromPEM(config.Certificates)
tlsConfig = &tls.Config{ tlsConfig = &tls.Config{
RootCAs: pool, RootCAs: pool,
InsecureSkipVerify: config.SkipVerify,
} }
} }
} }
@ -1318,7 +1322,8 @@ func dial(config *ConnConfig) (*websocket.Conn, error) {
var scheme = "ws" var scheme = "ws"
if !config.DisableTLS { if !config.DisableTLS {
tlsConfig = &tls.Config{ tlsConfig = &tls.Config{
MinVersion: tls.VersionTLS12, MinVersion: tls.VersionTLS12,
InsecureSkipVerify: config.SkipVerify,
} }
if len(config.Certificates) > 0 { if len(config.Certificates) > 0 {
pool := x509.NewCertPool() pool := x509.NewCertPool()