From 298c8c885350d7de581f927f1d196a797627bd9f Mon Sep 17 00:00:00 2001 From: Vika Date: Sat, 17 Aug 2024 16:56:04 +0300 Subject: Don't verify TLS certificates when fetching things in dev When testing things, I don't test TLS verification, that's what reqwest unit tests should exist for. I test my things, and some of my things assume some form of TLS. I don't need it to be valid TLS, I need it to be TLS so I can use the `https://` links in dev. --- .envrc | 4 +++- src/main.rs | 9 +++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/.envrc b/.envrc index 4fafb8c..f5e765d 100644 --- a/.envrc +++ b/.envrc @@ -11,6 +11,8 @@ export BACKEND_URI="postgres://localhost?dbname=kittybox&host=/run/postgresql" export JOB_QUEUE_URI="postgres://localhost?dbname=kittybox&host=/run/postgresql" export BLOBSTORE_URI=file://./media-store export AUTH_STORE_URI=file://./auth-store -export COOKIE_KEY="$(dd if=/dev/urandom bs=64 count=1 status=none | base64)" +export COOKIE_KEY="$(dd if=/dev/urandom bs=128 count=1 status=none | base64 -w0)" # Add DATABASE_URL for `cargo test` invocations export DATABASE_URL="postgres://localhost?dbname=kittybox&host=/run/postgresql" +# Don't verify TLS certificates (works only on debug builds, don't get any funny thoughts) +export KITTYBOX_DANGER_INSECURE_TLS=1 diff --git a/src/main.rs b/src/main.rs index f683c38..34c25c0 100644 --- a/src/main.rs +++ b/src/main.rs @@ -127,6 +127,15 @@ async fn main() { } } + // This only works on debug builds. Don't get any funny thoughts. + #[cfg(debug_assertions)] + if std::env::var("KITTYBOX_DANGER_INSECURE_TLS") + .map(|y| y == "1") + .unwrap_or(false) + { + builder = builder.danger_accept_invalid_certs(true); + } + builder.build().unwrap() }; -- cgit 1.4.1