Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

allow using self signed certificates #14

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

allow using self signed certificates #14

wants to merge 2 commits into from

Conversation

geosoft1
Copy link

No description provided.

api.go Outdated

func init() {
// allow using self signed certificates
http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be done, for example, as a method on the Connection object. It should not be done for everyone.

Then people who want this behaviour can call the method. Make sense?

Copy link
Author

@geosoft1 geosoft1 Sep 25, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great idea, in fact the init function was more a quick fix than an elegant solution. Meanwhile, I put a logger on gorqlite and I identified that error come from Open function.

log.SetFlags(log.LstdFlags | log.Lshortfile)
func Open(connURL string) (Connection, error) {
...
	err = conn.updateClusterInfo()  // this line return that error

Open function create and return a Connection variable. So, setting InsecureSkipVerify should be done before that but conn variable is still private (perhaps to allow multiple connections from the same application). A global variable setted by Open function only for https connections works (like in the example bellow), but I can't figured out if can be set it with a method of Connection object, here maybe you have a better idea..

var InsecureSkipVerify bool

func Open(connURL string) (Connection, error) {
	...
	if conn.wantsHTTPS {
		// allow using self signed certificates only for https connections
		http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: InsecureSkipVerify}
	}
	...
	err = conn.updateClusterInfo()

// client application code
rq.InsecureSkipVerify = true
if db, err = rq.Open(node); err != nil {
	log.Fatal(err)
	return
}

@otoolep
Copy link
Member

otoolep commented Sep 25, 2020

OK, I see what you mean. To be honest, this code is not structured super well, because it's hard to make changes to it to support what you want.

I'm torn between fixing this code, or just writing a new client.

@otoolep
Copy link
Member

otoolep commented Sep 25, 2020

For now, I would say you're better building your own client using this source, and just using that. I need to think about writing a new client. It wouldn't be hard.

@geosoft1
Copy link
Author

Ok, anyway thank you for your effort to make those things possible. I forked the client in my repository and I will make the above changes without doing pull requests.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants