[lbry] rpcclient: support SkipVerify of TLS certificate. (#39)

This commit is contained in:
Roy Lee 2022-05-15 22:59:30 -07:00
parent 3111601ac9
commit fb3ef35189

View file

@ -1192,6 +1192,9 @@ type ConnConfig struct {
// the wire in cleartext.
DisableTLS bool
// SkipVerify instruct the client to skip verifying TLS certificate.
SkipVerify bool
// Certificates are the bytes for a PEM-encoded certificate chain used
// for the TLS connection. It has no effect if the DisableTLS parameter
// is true.
@ -1296,6 +1299,7 @@ func newHTTPClient(config *ConnConfig) (*http.Client, error) {
pool.AppendCertsFromPEM(config.Certificates)
tlsConfig = &tls.Config{
RootCAs: pool,
InsecureSkipVerify: config.SkipVerify,
}
}
}
@ -1319,6 +1323,7 @@ func dial(config *ConnConfig) (*websocket.Conn, error) {
if !config.DisableTLS {
tlsConfig = &tls.Config{
MinVersion: tls.VersionTLS12,
InsecureSkipVerify: config.SkipVerify,
}
if len(config.Certificates) > 0 {
pool := x509.NewCertPool()