mirror of
https://github.com/facebook/sapling.git
synced 2024-10-10 16:57:49 +03:00
hgcli: add cli flag to allow insecure TLS connection
Summary: Allow insecure tls connections for development. Reviewed By: ikostia Differential Revision: D14855004 fbshipit-source-id: 87a8bc42e2823df2f1f480d2fb719dc08a704660
This commit is contained in:
parent
75ecc788b6
commit
091d704947
@ -87,6 +87,7 @@ fn main() {
|
||||
.arg(Arg::from_usage(
|
||||
"--common-name [CN] 'expected SSL common name of the server see https://www.ssl.com/faqs/common-name/'",
|
||||
))
|
||||
.arg(Arg::from_usage("--insecure 'run hgcli without verifying peer certificate'"))
|
||||
.arg(Arg::from_usage("--stdio 'for remote clients'"))
|
||||
.arg(
|
||||
Arg::from_usage("--cmdserver [MODE] 'for remote clients'")
|
||||
|
@ -15,7 +15,7 @@ use slog_term;
|
||||
|
||||
use dns_lookup::lookup_addr;
|
||||
use libc::c_ulong;
|
||||
use openssl::ssl::{SslConnector, SslMethod};
|
||||
use openssl::ssl::{SslConnector, SslMethod, SslVerifyMode};
|
||||
use tokio_io::codec::{FramedRead, FramedWrite};
|
||||
use tokio_io::AsyncRead;
|
||||
use tokio_openssl::{SslConnectorExt, SslStream};
|
||||
@ -63,6 +63,7 @@ pub fn cmd(main: &ArgMatches, sub: &ArgMatches) -> BoxFuture<(), Error> {
|
||||
let common_name = sub
|
||||
.value_of("common-name")
|
||||
.expect("expected SSL common name of the Mononoke server");
|
||||
let insecure = sub.is_present("insecure");
|
||||
let is_remote_proxy = main.is_present("remote-proxy");
|
||||
let scuba_table = main.value_of("scuba-table");
|
||||
let mock_username = sub.value_of("mock-username");
|
||||
@ -75,6 +76,7 @@ pub fn cmd(main: &ArgMatches, sub: &ArgMatches) -> BoxFuture<(), Error> {
|
||||
private_key,
|
||||
ca_pem,
|
||||
ssl_common_name: common_name,
|
||||
insecure,
|
||||
is_remote_proxy,
|
||||
scuba_table,
|
||||
mock_username,
|
||||
@ -94,6 +96,7 @@ struct StdioRelay<'a> {
|
||||
private_key: &'a str,
|
||||
ca_pem: &'a str,
|
||||
ssl_common_name: &'a str,
|
||||
insecure: bool,
|
||||
is_remote_proxy: bool,
|
||||
scuba_table: Option<&'a str>,
|
||||
mock_username: Option<&'a str>,
|
||||
@ -209,6 +212,10 @@ impl<'a> StdioRelay<'a> {
|
||||
let connector = {
|
||||
let mut connector = try_boxfuture!(SslConnector::builder(SslMethod::tls()));
|
||||
|
||||
if self.insecure {
|
||||
connector.set_verify(SslVerifyMode::NONE);
|
||||
}
|
||||
|
||||
let pkcs12 = try_boxfuture!(build_identity(
|
||||
self.cert.to_owned(),
|
||||
self.private_key.to_owned(),
|
||||
|
Loading…
Reference in New Issue
Block a user