Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add disableverifyhostname parameter #25

Merged
merged 1 commit into from
Apr 15, 2020
Merged

add disableverifyhostname parameter #25

merged 1 commit into from
Apr 15, 2020

Conversation

doodlesbykumbi
Copy link

disableverifyhostname prevents checking the hostname on tls verification. This means that only the certificate is verified.

BradleyBoutcher
BradleyBoutcher reviewed Apr 15, 2020
View reviewed changes
tds.go
}
_, err = certs[0].Verify(opts)
}

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks like tlsConn.Handshake() can return an error before we get to line 1151. We should have error handling there as well as at the end of this if block

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's no need. This block of conditional code is only executed if err is nil, plus the other conditions.

@doodlesbykumbi doodlesbykumbi force-pushed the disable-verify-hostname branch from a71c92c to 5e511e7 Compare April 15, 2020 21:11
@doodlesbykumbi doodlesbykumbi mentioned this pull request Apr 15, 2020
Merged
1 task
BradleyBoutcher
BradleyBoutcher reviewed Apr 15, 2020
View reviewed changes
tds.go
@@ -1145,6 +1148,27 @@ initiate_connection:
passthrough := passthroughConn{c: &handshakeConn}
tlsConn := tls.Client(&passthrough, &config)
err = tlsConn.Handshake()

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change

I'd just remove this extra line and it's good to go

BradleyBoutcher
BradleyBoutcher reviewed Apr 15, 2020
View reviewed changes
Copy link

@BradleyBoutcher BradleyBoutcher left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One small thing

@doodlesbykumbi
add disableverifyhostname parameter
7eb9d7f 
disableverifyhostname prevents checking the hostname on tls verification. This means that only the certificate is verified.
@doodlesbykumbi doodlesbykumbi force-pushed the disable-verify-hostname branch from 5e511e7 to 7eb9d7f Compare April 15, 2020 21:34
BradleyBoutcher
BradleyBoutcher approved these changes Apr 15, 2020
View reviewed changes
Copy link

@BradleyBoutcher BradleyBoutcher left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@doodlesbykumbi doodlesbykumbi merged commit 7e4507e into master Apr 15, 2020
@doodlesbykumbi doodlesbykumbi deleted the disable-verify-hostname branch April 15, 2020 21:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@BradleyBoutcher BradleyBoutcher BradleyBoutcher approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@doodlesbykumbi @BradleyBoutcher