From 199be2071771c80133ee54556dfd1b90e2b4f0f2 Mon Sep 17 00:00:00 2001 From: Dane Everitt Date: Sat, 12 Dec 2020 09:56:01 -0800 Subject: [PATCH] Use custom flag for ignoring certificate errors, not the debug flag --- Makefile | 4 ++++ cmd/root.go | 18 +++++++++++------- 2 files changed, 15 insertions(+), 7 deletions(-) diff --git a/Makefile b/Makefile index eb0bfcd..bc18a83 100644 --- a/Makefile +++ b/Makefile @@ -2,6 +2,10 @@ build: GOOS=linux GOARCH=amd64 go build -ldflags="-s -w" -gcflags "all=-trimpath=$(pwd)" -o build/wings_linux_amd64 -v wings.go GOOS=linux GOARCH=arm64 go build -ldflags="-s -w" -gcflags "all=-trimpath=$(pwd)" -o build/wings_linux_arm64 -v wings.go +debug: + go build -race + ./wings --debug --ignore-certificate-errors --config config.yml + compress: upx --brute build/wings_* diff --git a/cmd/root.go b/cmd/root.go index 5fb4028..f0a66ce 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -31,12 +31,13 @@ import ( ) var ( - profiler = "" - configPath = config.DefaultLocation - debug = false - useAutomaticTls = false - tlsHostname = "" - showVersion = false + profiler = "" + configPath = config.DefaultLocation + debug = false + useAutomaticTls = false + tlsHostname = "" + showVersion = false + ignoreCertificateErrors = false ) var root = &cobra.Command{ @@ -59,6 +60,7 @@ func init() { root.PersistentFlags().StringVar(&profiler, "profiler", "", "the profiler to run for this instance") root.PersistentFlags().BoolVar(&useAutomaticTls, "auto-tls", false, "pass in order to have wings generate and manage it's own SSL certificates using Let's Encrypt") root.PersistentFlags().StringVar(&tlsHostname, "tls-hostname", "", "required with --auto-tls, the FQDN for the generated SSL certificate") + root.PersistentFlags().BoolVar(&ignoreCertificateErrors, "ignore-certificate-errors", false, "if passed any SSL certificate errors will be ignored by wings") root.AddCommand(configureCmd) root.AddCommand(diagnosticsCmd) @@ -139,8 +141,10 @@ func rootCmdRun(*cobra.Command, []string) { log.WithField("path", c.GetPath()).Info("loading configuration from path") if c.Debug { log.Debug("running in debug mode") - log.Warn("certificate checking is disabled") + } + if ignoreCertificateErrors { + log.Warn("running with --ignore-certificate-errors: TLS certificate host chains and name will not be verified") http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{ InsecureSkipVerify: true, }