From 9b068a3b7dcc0e134f0f919b20a20c1660c44007 Mon Sep 17 00:00:00 2001 From: AlexWinS Date: Tue, 22 Oct 2024 00:09:46 +0300 Subject: [PATCH 1/2] feature add --no-verify-ssl for skip ssl cert verification --- internal/backend_s3.go | 2 +- internal/cfg/conf_s3.go | 11 ++++++++++- internal/cfg/config.go | 1 + internal/cfg/flags.go | 6 ++++++ 4 files changed, 18 insertions(+), 2 deletions(-) diff --git a/internal/backend_s3.go b/internal/backend_s3.go index 6e3629a..1aeb748 100644 --- a/internal/backend_s3.go +++ b/internal/backend_s3.go @@ -296,7 +296,7 @@ func (s *S3Backend) detectBucketLocationByHEAD() (err error, isAws bool) { allowFails := 3 for i := 0; i < allowFails; i++ { - resp, err = http.DefaultTransport.RoundTrip(req) + resp, err = s.S3.Config.HTTPClient.Transport.RoundTrip(req) if err != nil { return } diff --git a/internal/cfg/conf_s3.go b/internal/cfg/conf_s3.go index 013bd14..b1deaf7 100644 --- a/internal/cfg/conf_s3.go +++ b/internal/cfg/conf_s3.go @@ -17,6 +17,7 @@ package cfg import ( "crypto/md5" + `crypto/tls` "encoding/base64" "fmt" "net/http" @@ -104,11 +105,19 @@ func (c *S3Config) Init() *S3Config { } func (c *S3Config) ToAwsConfig(flags *FlagStorage) (*aws.Config, error) { + tr := &defaultHTTPTransport + if flags.NoVerifySSL { + if tr.TLSClientConfig != nil { + tr.TLSClientConfig.InsecureSkipVerify = true + } else { + tr.TLSClientConfig = &tls.Config{InsecureSkipVerify: true} + } + } awsConfig := (&aws.Config{ Region: &c.Region, Logger: GetLogger("s3"), }).WithHTTPClient(&http.Client{ - Transport: &defaultHTTPTransport, + Transport: tr, Timeout: flags.HTTPTimeout, }) if flags.DebugS3 { diff --git a/internal/cfg/config.go b/internal/cfg/config.go index d0d9757..6e6fb28 100644 --- a/internal/cfg/config.go +++ b/internal/cfg/config.go @@ -105,6 +105,7 @@ type FlagStorage struct { DropPatchConflicts bool PreferPatchUploads bool NoPreloadDir bool + NoVerifySSL bool // Debugging DebugMain bool diff --git a/internal/cfg/flags.go b/internal/cfg/flags.go index e2701dc..8bd2d0e 100644 --- a/internal/cfg/flags.go +++ b/internal/cfg/flags.go @@ -317,6 +317,11 @@ MISC OPTIONS: Value: 300 * time.Second, Usage: "Maximum delay for AWS SDK retries of throttled requests.", }, + + cli.BoolFlag{ + Name: "no-verify-ssl", + Usage: "skip verify check ssl for s3", + }, } tuningFlags := []cli.Flag{ @@ -888,6 +893,7 @@ func PopulateFlags(c *cli.Context) (ret *FlagStorage) { DropPatchConflicts: c.Bool("drop-patch-conflicts"), PreferPatchUploads: c.Bool("prefer-patch-uploads"), NoPreloadDir: c.Bool("no-preload-dir"), + NoVerifySSL: c.Bool("no-verify-ssl"), // Common Backend Config Endpoint: c.String("endpoint"), From f8cb57fbabc18f6ab8513f44799ad84b0d1cc577 Mon Sep 17 00:00:00 2001 From: AlekcWins <61598241+AlekcWins@users.noreply.github.com> Date: Fri, 25 Oct 2024 00:11:14 +0300 Subject: [PATCH 2/2] Update flags.go --- internal/cfg/flags.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/cfg/flags.go b/internal/cfg/flags.go index 8bd2d0e..16ec1d8 100644 --- a/internal/cfg/flags.go +++ b/internal/cfg/flags.go @@ -320,7 +320,7 @@ MISC OPTIONS: cli.BoolFlag{ Name: "no-verify-ssl", - Usage: "skip verify check ssl for s3", + Usage: "Skip verify check ssl for s3", }, }