perf: support "skip insecure verify" and "sni" for SSL #67 #113

2024-01-11 00:32:55 +08:00 · 2024-01-11 00:32:55 +08:00 · 5d2080aafb
parent d989cdd85b
commit 5d2080aafb
7 changed files with 27 additions and 10 deletions
--- a/backend/services/connection_service.go
+++ b/backend/services/connection_service.go
@ -107,14 +107,11 @@ func (c *connectionService) buildOption(config types.ConnectionConfig) (*redis.O
 			caCertPool.AppendCertsFromPEM(ca)
 		}

-		if len(certs) <= 0 {
-			return nil, errors.New("tls config error")
-		}
-
 		tlsConfig = &tls.Config{
 			RootCAs:            caCertPool,
-			InsecureSkipVerify: false,
+			InsecureSkipVerify: config.SSL.AllowInsecure,
 			Certificates:       certs,
+			ServerName:         strings.TrimSpace(config.SSL.SNI),
 		}
 	}

--- a/backend/types/connection.go
+++ b/backend/types/connection.go
@ -46,6 +46,8 @@ type ConnectionSSL struct {
 	KeyFile       string `json:"keyFile,omitempty" yaml:"keyFile,omitempty"`
 	CertFile      string `json:"certFile,omitempty" yaml:"certFile,omitempty"`
 	CAFile        string `json:"caFile,omitempty" yaml:"caFile,omitempty"`
+	AllowInsecure bool   `json:"allowInsecure,omitempty" yaml:"allowInsecure,omitempty"`
+	SNI           string `json:"sni,omitempty" yaml:"sni,omitempty"`
 }

 type ConnectionSSH struct {
--- a/frontend/src/components/common/FileOpenInput.vue
+++ b/frontend/src/components/common/FileOpenInput.vue
@ -25,7 +25,7 @@ const handleSelectFile = async () => {
        const path = get(data, 'path', '')
        emit('update:value', path)
    } else {
-        emit('update:value', '')
+        // emit('update:value', '')
    }
 }
 </script>
--- a/frontend/src/components/dialogs/ConnectionDialog.vue
+++ b/frontend/src/components/dialogs/ConnectionDialog.vue
@ -464,6 +464,16 @@ const onClose = () => {
                                :disabled="!generalForm.ssl.enable"
                                :placeholder="$t('dialogue.connection.ssl.ca_file_tip')" />
                        </n-form-item>
+                        <n-form-item>
+                            <n-checkbox v-model:checked="generalForm.ssl.allowInsecure" size="medium">
+                                {{ $t('dialogue.connection.ssl.allow_insecure') }}
+                            </n-checkbox>
+                        </n-form-item>
+                        <n-form-item :label="$t('dialogue.connection.ssl.sni')">
+                            <n-input
+                                v-model:value="generalForm.ssl.sni"
+                                :placeholder="$t('dialogue.connection.ssl.sni')" />
+                        </n-form-item>
                    </n-form>
                </n-tab-pane>

--- a/frontend/src/langs/en-us.json
+++ b/frontend/src/langs/en-us.json
@ -201,6 +201,9 @@
      "ssl": {
        "title": "SSL/TLS",
        "enable": "Enable SSL/TLS",
+        "allow_insecure": "Allow Insecure Connection",
+        "sni": "Server Name(SNI)",
+        "sni_tip": "(Optional) Server Name",
        "cert_file": "Public Key",
        "key_file": "Private Key",
        "ca_file": "Authority",
--- a/frontend/src/langs/zh-cn.json
+++ b/frontend/src/langs/zh-cn.json
@ -201,6 +201,9 @@
      "ssl": {
        "title": "SSL/TLS",
        "enable": "启用SSL",
+        "allow_insecure": "允许不安全连接",
+        "sni": "服务器名(SNI)",
+        "sni_tip": "(可选)服务器名",
        "cert_file": "公钥文件",
        "key_file": "私钥文件",
        "ca_file": "授权文件",
--- a/frontend/src/stores/connections.js
+++ b/frontend/src/stores/connections.js
@ -159,6 +159,8 @@ const useConnectionStore = defineStore('connections', {
                markColor: '',
                ssl: {
                    enable: false,
+                    allowInsecure: true,
+                    sni: '',
                    certFile: '',
                    keyFile: '',
                    caFile: '',