forked/reqwest-impersonate
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

change invalid cert api to match native-tls (#327)

Browse Source
This commit is contained in:
Scott Schroeder
2018-08-13 15:08:02 -07:00
committed by Sean McArthur
parent 11f8588989
commit d8e47babf6
2 changed files with 30 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
src/async_impl/client.rs
View File

@@ -141,7 +141,9 @@ impl ClientBuilder {
self self
} }
/// Disable hostname verification. /// Controls the use of hostname verification.
///
/// Defaults to `false`.
/// ///
/// # Warning /// # Warning
/// ///
@@ -150,47 +152,33 @@ impl ClientBuilder {
/// site will be trusted for use from any other. This introduces a /// site will be trusted for use from any other. This introduces a
/// significant vulnerability to man-in-the-middle attacks. /// significant vulnerability to man-in-the-middle attacks.
#[inline] #[inline]
pub fn danger_disable_hostname_verification(&mut self) -> &mut ClientBuilder { pub fn danger_accept_invalid_hostnames(&mut self, accept_invalid_hostname: bool) -> &mut ClientBuilder {
if let Some(config) = config_mut(&mut self.config, &self.err) { if let Some(config) = config_mut(&mut self.config, &self.err) {
config.hostname_verification = false; config.hostname_verification = !accept_invalid_hostname;
} }
self self
} }
/// Enable hostname verification.
#[inline]
pub fn enable_hostname_verification(&mut self) -> &mut ClientBuilder {
if let Some(config) = config_mut(&mut self.config, &self.err) {
config.hostname_verification = true;
}
self
}
/// Disable certs verification. /// Controls the use of certificate validation.
///
/// Defaults to `false`.
/// ///
/// # Warning /// # Warning
/// ///
/// You should think very carefully before you use this method. If /// You should think very carefully before using this method. If
/// hostname verification is not used, any valid certificate for any /// invalid certificates are trusted, *any* certificate for *any* site
/// site will be trusted for use from any other. This introduces a /// will be trusted for use. This includes expired certificates. This
/// significant vulnerability to man-in-the-middle attacks. /// introduces significant vulnerabilities, and should only be used
/// as a last resort.
#[inline] #[inline]
pub fn danger_disable_certs_verification(&mut self) -> &mut ClientBuilder { pub fn danger_accept_invalid_certs(&mut self, accept_invalid_certs: bool) -> &mut ClientBuilder {
if let Some(config) = config_mut(&mut self.config, &self.err) { if let Some(config) = config_mut(&mut self.config, &self.err) {
config.certs_verification = false; config.certs_verification = !accept_invalid_certs;
} }
self self
} }
/// Enable certs verification.
#[inline]
pub fn enable_certs_verification(&mut self) -> &mut ClientBuilder {
if let Some(config) = config_mut(&mut self.config, &self.err) {
config.certs_verification = true;
}
self
}
/// Sets the default headers for every request. /// Sets the default headers for every request.
#[inline] #[inline]

42
src/client.rs
View File

@@ -144,7 +144,9 @@ impl ClientBuilder {
} }
/// Disable hostname verification. /// Controls the use of hostname verification.
///
/// Defaults to `false`.
/// ///
/// # Warning /// # Warning
/// ///
@@ -153,40 +155,26 @@ impl ClientBuilder {
/// site will be trusted for use from any other. This introduces a /// site will be trusted for use from any other. This introduces a
/// significant vulnerability to man-in-the-middle attacks. /// significant vulnerability to man-in-the-middle attacks.
#[inline] #[inline]
pub fn danger_disable_hostname_verification(&mut self) -> &mut ClientBuilder { pub fn danger_accept_invalid_hostnames(&mut self, accept_invalid_hostname: bool) -> &mut ClientBuilder {
self.inner.danger_disable_hostname_verification(); self.inner.danger_accept_invalid_hostnames(accept_invalid_hostname);
self self
} }
/// Enable hostname verification.
/// Controls the use of certificate validation.
/// ///
/// Default is enabled. /// Defaults to `false`.
#[inline]
pub fn enable_hostname_verification(&mut self) -> &mut ClientBuilder {
self.inner.enable_hostname_verification();
self
}
/// Disable certs verification.
/// ///
/// # Warning /// # Warning
/// ///
/// You should think very carefully before you use this method. If /// You should think very carefully before using this method. If
/// hostname verification is not used, any valid certificate for any /// invalid certificates are trusted, *any* certificate for *any* site
/// site will be trusted for use from any other. This introduces a /// will be trusted for use. This includes expired certificates. This
/// significant vulnerability to man-in-the-middle attacks. /// introduces significant vulnerabilities, and should only be used
/// as a last resort.
#[inline] #[inline]
pub fn danger_disable_certs_verification(&mut self) -> &mut ClientBuilder { pub fn danger_accept_invalid_certs(&mut self, accept_invalid_certs: bool) -> &mut ClientBuilder {
self.inner.danger_disable_certs_verification(); self.inner.danger_accept_invalid_certs(accept_invalid_certs);
self
}
/// Enable certs verification.
///
/// Default is enabled.
#[inline]
pub fn enable_certs_verification(&mut self) -> &mut ClientBuilder {
self.inner.enable_certs_verification();
self self
} }