1
0
Fork 0
mirror of https://github.com/vbatts/sl-feeds.git synced 2024-11-21 23:35:39 +00:00

sl-feeds: adding --insecure and --ca flags

pulling straight from https://forfuncsake.github.io/post/2017/08/trust-extra-ca-cert-in-go-app/
Thanks @forfuncsake

Fixes #18

Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
This commit is contained in:
Vincent Batts 2021-04-15 21:58:37 -04:00
parent cb0663b0e8
commit d62d8c04d0
Signed by: vbatts
GPG key ID: 10937E57733F1362

View file

@ -1,9 +1,12 @@
package main package main
import ( import (
"crypto/tls"
"crypto/x509"
"fmt" "fmt"
"io/ioutil" "io/ioutil"
"log" "log"
"net/http"
"os" "os"
"path/filepath" "path/filepath"
"time" "time"
@ -33,6 +36,14 @@ func main() {
Name: "quiet, q", Name: "quiet, q",
Usage: "Less output", Usage: "Less output",
}, },
cli.BoolFlag{
Name: "insecure",
Usage: "do not validate server certificate",
},
cli.StringFlag{
Name: "ca",
Usage: "additional CA cert to use",
},
cli.BoolFlag{ cli.BoolFlag{
Name: "sample-config", Name: "sample-config",
Usage: "Output sample config file to stdout", Usage: "Output sample config file to stdout",
@ -41,6 +52,29 @@ func main() {
// This is the main/default application // This is the main/default application
app.Action = func(c *cli.Context) error { app.Action = func(c *cli.Context) error {
rootCAs, _ := x509.SystemCertPool()
if c.String("ca") != "" {
if rootCAs == nil {
rootCAs = x509.NewCertPool()
}
// Read in the cert file
certs, err := ioutil.ReadFile(c.String("ca"))
if err != nil {
log.Fatalf("Failed to append %q to RootCAs: %v", c.String("ca"), err)
}
// Append our cert to the system pool
if ok := rootCAs.AppendCertsFromPEM(certs); !ok {
log.Println("No certs appended, using system certs only")
}
}
if c.Bool("insecure") {
config := &tls.Config{
InsecureSkipVerify: true,
RootCAs: rootCAs,
}
http.DefaultTransport = &http.Transport{TLSClientConfig: config}
}
if c.Bool("sample-config") { if c.Bool("sample-config") {
c := Config{ c := Config{
Dest: "$HOME/public_html/feeds/", Dest: "$HOME/public_html/feeds/",