Use custom flag for ignoring certificate errors, not the debug flag

This commit is contained in:
Dane Everitt 2020-12-12 09:56:01 -08:00
parent 1c825d2a74
commit 199be20717
No known key found for this signature in database
GPG Key ID: EEA66103B3D71F53
2 changed files with 15 additions and 7 deletions

View File

@ -2,6 +2,10 @@ build:
GOOS=linux GOARCH=amd64 go build -ldflags="-s -w" -gcflags "all=-trimpath=$(pwd)" -o build/wings_linux_amd64 -v wings.go
GOOS=linux GOARCH=arm64 go build -ldflags="-s -w" -gcflags "all=-trimpath=$(pwd)" -o build/wings_linux_arm64 -v wings.go
debug:
go build -race
./wings --debug --ignore-certificate-errors --config config.yml
compress:
upx --brute build/wings_*

View File

@ -31,12 +31,13 @@ import (
)
var (
profiler = ""
configPath = config.DefaultLocation
debug = false
useAutomaticTls = false
tlsHostname = ""
showVersion = false
profiler = ""
configPath = config.DefaultLocation
debug = false
useAutomaticTls = false
tlsHostname = ""
showVersion = false
ignoreCertificateErrors = false
)
var root = &cobra.Command{
@ -59,6 +60,7 @@ func init() {
root.PersistentFlags().StringVar(&profiler, "profiler", "", "the profiler to run for this instance")
root.PersistentFlags().BoolVar(&useAutomaticTls, "auto-tls", false, "pass in order to have wings generate and manage it's own SSL certificates using Let's Encrypt")
root.PersistentFlags().StringVar(&tlsHostname, "tls-hostname", "", "required with --auto-tls, the FQDN for the generated SSL certificate")
root.PersistentFlags().BoolVar(&ignoreCertificateErrors, "ignore-certificate-errors", false, "if passed any SSL certificate errors will be ignored by wings")
root.AddCommand(configureCmd)
root.AddCommand(diagnosticsCmd)
@ -139,8 +141,10 @@ func rootCmdRun(*cobra.Command, []string) {
log.WithField("path", c.GetPath()).Info("loading configuration from path")
if c.Debug {
log.Debug("running in debug mode")
log.Warn("certificate checking is disabled")
}
if ignoreCertificateErrors {
log.Warn("running with --ignore-certificate-errors: TLS certificate host chains and name will not be verified")
http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{
InsecureSkipVerify: true,
}