TrueCloudLab/coredns
16
0
Fork 2
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

pkg/tls: remove InsecureSkipVerify=true flag (#4265)

Browse source 
CWE-295 code scanning alert flag this. Seems OK to just remove it.

Signed-off-by: Miek Gieben <miek@miek.nl>
This commit is contained in:
Miek Gieben 2020-11-05 20:08:59 +01:00 committed by GitHub
parent 723e9b06a4
commit 049369583b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 0 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

5
plugin/pkg/tls/tls.go
View file

@ -108,11 +108,6 @@ func loadRoots(caPath string) (*x509.CertPool, error) {
// NewHTTPSTransport returns an HTTP transport configured using tls.Config // NewHTTPSTransport returns an HTTP transport configured using tls.Config
func NewHTTPSTransport(cc *tls.Config) *http.Transport { func NewHTTPSTransport(cc *tls.Config) *http.Transport {
// this seems like a bad idea but was here in the previous version
if cc != nil {
cc.InsecureSkipVerify = true
}
tr := &http.Transport{ tr := &http.Transport{
Proxy: http.ProxyFromEnvironment, Proxy: http.ProxyFromEnvironment,
Dial: (&net.Dialer{ Dial: (&net.Dialer{