yggdrasil-network/yggdrasil-go
1
0
Fork 0
mirror of https://github.com/yggdrasil-network/yggdrasil-go.git synced 2025-04-28 14:15:06 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Remove TLS root validation

Browse source 
This is just too complicated compared to the per-peer/per-listener/per-interface password
approach.
This commit is contained in:
Neil Alexander 2023-10-11 18:25:35 +01:00
parent 6dc847de31
commit 45b773eade
No known key found for this signature in database
GPG key ID: A02A2019A2BB0944
7 changed files with 29 additions and 196 deletions
Download patch file Download diff file Expand all files Collapse all files

9
src/core/options.go
View file

@ -2,19 +2,12 @@ package core
import (
"crypto/ed25519"
"crypto/x509"
"fmt"
"net/url"
)
func (c *Core) _applyOption(opt SetupOption) (err error) {
switch v := opt.(type) {
case RootCertificate:
cert := x509.Certificate(v)
if c.config.roots == nil {
c.config.roots = x509.NewCertPool()
}
c.config.roots.AddCert(&cert)
case Peer:
u, err := url.Parse(v.URI)
if err != nil {
@ -39,7 +32,6 @@ type SetupOption interface {
isSetupOption()
}
type RootCertificate x509.Certificate
type ListenAddress string
type Peer struct {
URI string
@ -49,7 +41,6 @@ type NodeInfo map[string]interface{}
type NodeInfoPrivacy bool
type AllowedPublicKey ed25519.PublicKey
func (a RootCertificate) isSetupOption() {}
func (a ListenAddress) isSetupOption() {}
func (a Peer) isSetupOption() {}
func (a NodeInfo) isSetupOption() {}