feat: enable CIRA connection in console #133
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #133 +/- ##
==========================================
- Coverage 36.51% 35.57% -0.95%
==========================================
Files 55 56 +1
Lines 4017 4124 +107
==========================================
Hits 1467 1467
- Misses 2458 2565 +107
Partials 92 92 ☔ View full report in Codecov by Sentry. |
rsdmike
force-pushed
the
main
branch
5 times, most recently
from
e0ea0e5 to
62fb1d5
Compare
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| func (s *Server) ListenAndServe() error { | ||
| config := &tls.Config{ | ||
| Certificates: []tls.Certificate{s.certificates}, | ||
| InsecureSkipVerify: true, |
Check failure
Code scanning / CodeQL
Disabled TLS certificate check High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 5 days ago
To fix the issue, remove InsecureSkipVerify: true from the TLS configuration of the server. By default, when this field is unset or false, the TLS implementation will properly verify certificate chains, hostnames, and all other security requirements for incoming connections. This change will not affect other features such as the use of custom cipher suites.
- Edit the
ListenAndServemethod ininternal/controller/tcp/cira/tunnel.go, specifically the tls.Config block (lines 66-70). - Remove line 68 setting
InsecureSkipVerify: true. - No other imports, definitions, or functionality need to change; certificate verification will now be enforced automatically.
| @@ -65,7 +65,6 @@ | ||
| func (s *Server) ListenAndServe() error { | ||
| config := &tls.Config{ | ||
| Certificates: []tls.Certificate{s.certificates}, | ||
| InsecureSkipVerify: true, | ||
| MinVersion: tls.VersionTLS12, | ||
| } | ||
|
|
addresses Add Support for CIRA Fixes #665
1 participant
No description provided.