Add an option for ignoring SSL cert errors.

2025-11-26 12:03:12 +03:00 · 2016-02-26 13:46:27 +01:00
parent 1eae834b66
commit 15f18a28c2
5 changed files with 30 additions and 2 deletions
--- a/lib/config.go
+++ b/lib/config.go
@@ -34,6 +34,7 @@ type Config struct {
 	pageSize              uint
 	maxConcurrentRequests uint
 	basicAuth             bool
+	allowInsecure         bool
 }

 func (u *urlValue) String() string {
@@ -47,6 +48,7 @@ func (c *Config) BindToFlags(flags *flag.FlagSet) {
 	flags.UintVar(&c.pageSize, "page-size", c.pageSize, "page size for paginated requests")
 	flags.UintVar(&c.maxConcurrentRequests, "max-requests", c.maxConcurrentRequests, "concurrent API request limit")
 	flags.BoolVar(&c.basicAuth, "basic-auth", c.basicAuth, "use basic auth instead of token auth")
+	flags.BoolVar(&c.allowInsecure, "allow-insecure", c.allowInsecure, "ignore SSL certificate validation errors")

 	c.credentials.BindToFlags(flags)
 }
@@ -59,6 +61,10 @@ func (c *Config) Credentials() auth.RegistryCredentials {
 	return &c.credentials
 }

+func (c *Config) AllowInsecure() bool {
+	return c.allowInsecure
+}
+
 func NewConfig() Config {
 	return Config{
 		registryUrl:           DEFAULT_REGISTRY_URL,
--- a/lib/connector/basic_auth_connector.go
+++ b/lib/connector/basic_auth_connector.go
@@ -50,7 +50,7 @@ func (r *basicAuthConnector) Request(method string, url *url.URL, hint string) (
 func NewBasicAuthConnector(cfg Config) Connector {
 	return &basicAuthConnector{
 		cfg:        cfg,
-		httpClient: http.DefaultClient,
+		httpClient: createHttpClient(cfg),
 		semaphore:  newSemaphore(cfg.MaxConcurrentRequests()),
 		stat:       new(statistics),
 	}
--- a/lib/connector/token_auth_config.go
+++ b/lib/connector/token_auth_config.go
@@ -7,4 +7,5 @@ import (
 type Config interface {
 	MaxConcurrentRequests() uint
 	Credentials() auth.RegistryCredentials
+	AllowInsecure() bool
 }
--- a/lib/connector/http_client_factory.go
+++ b/lib/connector/http_client_factory.go
@@ -0,0 +1,21 @@
+package connector
+
+import (
+	"crypto/tls"
+	"net/http"
+)
+
+func createHttpClient(cfg Config) *http.Client {
+	var tlsConfig *tls.Config
+	if cfg.AllowInsecure() {
+		tlsConfig = &tls.Config{
+			InsecureSkipVerify: true,
+		}
+	}
+
+	return &http.Client{
+		Transport: &http.Transport{
+			TLSClientConfig: tlsConfig,
+		},
+	}
+}
--- a/lib/connector/token_auth_connector.go
+++ b/lib/connector/token_auth_connector.go
@@ -124,7 +124,7 @@ func (r *tokenAuthConnector) GetStatistics() Statistics {
 func NewTokenAuthConnector(cfg Config) Connector {
 	connector := tokenAuthConnector{
 		cfg:        cfg,
-		httpClient: http.DefaultClient,
+		httpClient: createHttpClient(cfg),
 		semaphore:  newSemaphore(cfg.MaxConcurrentRequests()),
 		tokenCache: newTokenCache(),
 		stat:       new(statistics),