perf: support "skip insecure verify" and "sni" for SSL #67 #113

This commit is contained in:
Lykin 2024-01-11 00:32:55 +08:00
parent d989cdd85b
commit 5d2080aafb
7 changed files with 27 additions and 10 deletions

View File

@ -107,14 +107,11 @@ func (c *connectionService) buildOption(config types.ConnectionConfig) (*redis.O
caCertPool.AppendCertsFromPEM(ca) caCertPool.AppendCertsFromPEM(ca)
} }
if len(certs) <= 0 {
return nil, errors.New("tls config error")
}
tlsConfig = &tls.Config{ tlsConfig = &tls.Config{
RootCAs: caCertPool, RootCAs: caCertPool,
InsecureSkipVerify: false, InsecureSkipVerify: config.SSL.AllowInsecure,
Certificates: certs, Certificates: certs,
ServerName: strings.TrimSpace(config.SSL.SNI),
} }
} }

View File

@ -42,10 +42,12 @@ type ConnectionDB struct {
} }
type ConnectionSSL struct { type ConnectionSSL struct {
Enable bool `json:"enable,omitempty" yaml:"enable,omitempty"` Enable bool `json:"enable,omitempty" yaml:"enable,omitempty"`
KeyFile string `json:"keyFile,omitempty" yaml:"keyFile,omitempty"` KeyFile string `json:"keyFile,omitempty" yaml:"keyFile,omitempty"`
CertFile string `json:"certFile,omitempty" yaml:"certFile,omitempty"` CertFile string `json:"certFile,omitempty" yaml:"certFile,omitempty"`
CAFile string `json:"caFile,omitempty" yaml:"caFile,omitempty"` CAFile string `json:"caFile,omitempty" yaml:"caFile,omitempty"`
AllowInsecure bool `json:"allowInsecure,omitempty" yaml:"allowInsecure,omitempty"`
SNI string `json:"sni,omitempty" yaml:"sni,omitempty"`
} }
type ConnectionSSH struct { type ConnectionSSH struct {

View File

@ -25,7 +25,7 @@ const handleSelectFile = async () => {
const path = get(data, 'path', '') const path = get(data, 'path', '')
emit('update:value', path) emit('update:value', path)
} else { } else {
emit('update:value', '') // emit('update:value', '')
} }
} }
</script> </script>

View File

@ -464,6 +464,16 @@ const onClose = () => {
:disabled="!generalForm.ssl.enable" :disabled="!generalForm.ssl.enable"
:placeholder="$t('dialogue.connection.ssl.ca_file_tip')" /> :placeholder="$t('dialogue.connection.ssl.ca_file_tip')" />
</n-form-item> </n-form-item>
<n-form-item>
<n-checkbox v-model:checked="generalForm.ssl.allowInsecure" size="medium">
{{ $t('dialogue.connection.ssl.allow_insecure') }}
</n-checkbox>
</n-form-item>
<n-form-item :label="$t('dialogue.connection.ssl.sni')">
<n-input
v-model:value="generalForm.ssl.sni"
:placeholder="$t('dialogue.connection.ssl.sni')" />
</n-form-item>
</n-form> </n-form>
</n-tab-pane> </n-tab-pane>

View File

@ -201,6 +201,9 @@
"ssl": { "ssl": {
"title": "SSL/TLS", "title": "SSL/TLS",
"enable": "Enable SSL/TLS", "enable": "Enable SSL/TLS",
"allow_insecure": "Allow Insecure Connection",
"sni": "Server Name(SNI)",
"sni_tip": "(Optional) Server Name",
"cert_file": "Public Key", "cert_file": "Public Key",
"key_file": "Private Key", "key_file": "Private Key",
"ca_file": "Authority", "ca_file": "Authority",

View File

@ -201,6 +201,9 @@
"ssl": { "ssl": {
"title": "SSL/TLS", "title": "SSL/TLS",
"enable": "启用SSL", "enable": "启用SSL",
"allow_insecure": "允许不安全连接",
"sni": "服务器名(SNI)",
"sni_tip": "(可选)服务器名",
"cert_file": "公钥文件", "cert_file": "公钥文件",
"key_file": "私钥文件", "key_file": "私钥文件",
"ca_file": "授权文件", "ca_file": "授权文件",

View File

@ -159,6 +159,8 @@ const useConnectionStore = defineStore('connections', {
markColor: '', markColor: '',
ssl: { ssl: {
enable: false, enable: false,
allowInsecure: true,
sni: '',
certFile: '', certFile: '',
keyFile: '', keyFile: '',
caFile: '', caFile: '',