github/troubleshoot
1
0
Fork 0
mirror of https://github.com/replicatedhq/troubleshoot.git synced 2026-04-15 07:16:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #376 from replicatedhq/divolgin/insecretls

Browse Source 
Don't skip TLS validation on http package's default client
This commit is contained in:
divolgin
2021-06-30 11:47:25 -07:00
committed by GitHub
parent 8fbae89465 52bbc0f2bf
commit 6aa97a9a51
1 changed files with 22 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
pkg/collect/http.go
View File

@@ -22,6 +22,16 @@ type HTTPError struct {
Message string `json:"message"`
}
var (
httpInsecureClient = &http.Client{
Transport: &http.Transport{
TLSClientConfig: &tls.Config{
InsecureSkipVerify: true,
},
},
}
)
func HTTP(c *Collector, httpCollector *troubleshootv1beta2.HTTP) (map[string][]byte, error) {
var response *http.Response
var err error
@@ -53,8 +63,9 @@ func HTTP(c *Collector, httpCollector *troubleshootv1beta2.HTTP) (map[string][]b
}
func doGet(get *troubleshootv1beta2.Get) (*http.Response, error) {
http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{
InsecureSkipVerify: get.InsecureSkipVerify,
httpClient := http.DefaultClient
if get.InsecureSkipVerify {
httpClient = httpInsecureClient
}
req, err := http.NewRequest("GET", get.URL, nil)
@@ -66,12 +77,13 @@ func doGet(get *troubleshootv1beta2.Get) (*http.Response, error) {
req.Header.Set(k, v)
}
return http.DefaultClient.Do(req)
return httpClient.Do(req)
}
func doPost(post *troubleshootv1beta2.Post) (*http.Response, error) {
http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{
InsecureSkipVerify: post.InsecureSkipVerify,
httpClient := http.DefaultClient
if post.InsecureSkipVerify {
httpClient = httpInsecureClient
}
req, err := http.NewRequest("POST", post.URL, strings.NewReader(post.Body))
@@ -83,12 +95,13 @@ func doPost(post *troubleshootv1beta2.Post) (*http.Response, error) {
req.Header.Set(k, v)
}
return http.DefaultClient.Do(req)
return httpClient.Do(req)
}
func doPut(put *troubleshootv1beta2.Put) (*http.Response, error) {
http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{
InsecureSkipVerify: put.InsecureSkipVerify,
httpClient := http.DefaultClient
if put.InsecureSkipVerify {
httpClient = httpInsecureClient
}
req, err := http.NewRequest("PUT", put.URL, strings.NewReader(put.Body))
@@ -100,7 +113,7 @@ func doPut(put *troubleshootv1beta2.Put) (*http.Response, error) {
req.Header.Set(k, v)
}
return http.DefaultClient.Do(req)
return httpClient.Do(req)
}
func responseToOutput(response *http.Response, err error, doRedact bool) ([]byte, error) {