Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(transport): Add option to disable SSL verification #508

Merged
merged 5 commits into from
Oct 17, 2022
Merged

feat(transport): Add option to disable SSL verification #508

merged 5 commits into from
Oct 17, 2022

Conversation

olksdr
Copy link
Contributor

@olksdr olksdr commented Oct 17, 2022

Adding this option will allow to use self-signed certificates in the user's self-hosted environments.

Using this option also allows to use any types of certs, even expired which can introduce vulnerabilities, since all the certificates are trusted by default. That's why we must make clear that it's a last resort if there is no possibility to use legitimate certificate (e.g. Let's Encrypt or similar).

related getsentry/relay#1499

@olksdr
feat(transport): Add option to disable SSL verification
2fe0e56 
Adding this option will allow to use self-signed certificates in the
user's self-hosted environments.

Using this option also allows to use any types of certs, even experired
which can introduce vulnerabilities, since all the certificates are
trusted by default. That's why we must make clear
that it's a last resort if there is no possibility to use legitimate
certificate (e.g. Let's Encrypt or similar).
@olksdr olksdr requested review from Swatinem and a team October 17, 2022 07:27
@olksdr olksdr self-assigned this Oct 17, 2022
@codecov-commenter
Copy link

codecov-commenter commented Oct 17, 2022
edited
Loading

Codecov Report

Merging #508 (857ece7) into master (af1b255) will decrease coverage by 0.51%.
The diff coverage is 7.24%.

❗ Current head 857ece7 differs from pull request most recent head d9ae05d. Consider uploading reports for the commit d9ae05d to get more accurate results

Additional details and impacted files 
@@            Coverage Diff             @@
##           master     #508      +/-   ##
==========================================
- Coverage   79.15%   78.63%   -0.52%     
==========================================
  Files          76       76              
  Lines        9086     9157      +71     
==========================================
+ Hits         7192     7201       +9     
- Misses       1894     1956      +62

Swatinem
Swatinem approved these changes Oct 17, 2022
View reviewed changes
sentry/src/transports/surf.rs Outdated
let client = if let Some(client) = client {
client
} else {
let mut http_client = http_client::isahc::IsahcClient::new();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if/else might be better here I think

@Swatinem Swatinem merged commit e11ab3b into master Oct 17, 2022
@Swatinem Swatinem deleted the feat/accept-self-signed-certs-no-verify branch October 17, 2022 10:20
@olksdr olksdr mentioned this pull request Oct 17, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Swatinem Swatinem Swatinem approved these changes

Assignees

@olksdr olksdr

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@olksdr @codecov-commenter @Swatinem