1
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2024-12-16 21:56:40 -05:00

cmd: reverse-proxy: add --insecure flag (with warning) (#3389)

This commit is contained in:
linquize 2020-05-13 00:43:18 +08:00 committed by GitHub
parent ea7e4b4024
commit 44536a7594
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -59,6 +59,7 @@ default, all incoming headers are passed through unmodified.)
fs.String("from", "localhost", "Address on which to receive traffic") fs.String("from", "localhost", "Address on which to receive traffic")
fs.String("to", "", "Upstream address to which to to proxy traffic") fs.String("to", "", "Upstream address to which to to proxy traffic")
fs.Bool("change-host-header", false, "Set upstream Host header to address of upstream") fs.Bool("change-host-header", false, "Set upstream Host header to address of upstream")
fs.Bool("insecure", false, "Disable TLS verification (WARNING: DISABLES SECURITY, WHY ARE YOU EVEN USING TLS?)")
return fs return fs
}(), }(),
}) })
@ -68,6 +69,7 @@ func cmdReverseProxy(fs caddycmd.Flags) (int, error) {
from := fs.String("from") from := fs.String("from")
to := fs.String("to") to := fs.String("to")
changeHost := fs.Bool("change-host-header") changeHost := fs.Bool("change-host-header")
insecure := fs.Bool("insecure")
httpPort := strconv.Itoa(caddyhttp.DefaultHTTPPort) httpPort := strconv.Itoa(caddyhttp.DefaultHTTPPort)
httpsPort := strconv.Itoa(caddyhttp.DefaultHTTPSPort) httpsPort := strconv.Itoa(caddyhttp.DefaultHTTPSPort)
@ -127,6 +129,9 @@ func cmdReverseProxy(fs caddycmd.Flags) (int, error) {
ht := HTTPTransport{} ht := HTTPTransport{}
if toAddr.Scheme == "https" { if toAddr.Scheme == "https" {
ht.TLS = new(TLSConfig) ht.TLS = new(TLSConfig)
if insecure {
ht.TLS.InsecureSkipVerify = true
}
} }
handler := Handler{ handler := Handler{