-
Notifications
You must be signed in to change notification settings - Fork 36
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
allow using self signed certificates #14
base: master
Are you sure you want to change the base?
Conversation
api.go
Outdated
|
||
func init() { | ||
// allow using self signed certificates | ||
http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should be done, for example, as a method on the Connection
object. It should not be done for everyone.
Then people who want this behaviour can call the method. Make sense?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great idea, in fact the init function was more a quick fix than an elegant solution. Meanwhile, I put a logger on gorqlite and I identified that error come from Open function.
log.SetFlags(log.LstdFlags | log.Lshortfile)
func Open(connURL string) (Connection, error) {
...
err = conn.updateClusterInfo() // this line return that error
Open function create and return a Connection variable. So, setting InsecureSkipVerify should be done before that but conn variable is still private (perhaps to allow multiple connections from the same application). A global variable setted by Open function only for https connections works (like in the example bellow), but I can't figured out if can be set it with a method of Connection object, here maybe you have a better idea..
var InsecureSkipVerify bool
func Open(connURL string) (Connection, error) {
...
if conn.wantsHTTPS {
// allow using self signed certificates only for https connections
http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: InsecureSkipVerify}
}
...
err = conn.updateClusterInfo()
// client application code
rq.InsecureSkipVerify = true
if db, err = rq.Open(node); err != nil {
log.Fatal(err)
return
}
OK, I see what you mean. To be honest, this code is not structured super well, because it's hard to make changes to it to support what you want. I'm torn between fixing this code, or just writing a new client. |
For now, I would say you're better building your own client using this source, and just using that. I need to think about writing a new client. It wouldn't be hard. |
Ok, anyway thank you for your effort to make those things possible. I forked the client in my repository and I will make the above changes without doing pull requests. |
No description provided.