From fc033ad6667ceb92c0f370da3feb657c84ee78a7 Mon Sep 17 00:00:00 2001
From: "Sascha L. Teichmann" <sascha.teichmann@intevation.de>
Date: Sun, 12 Dec 2021 18:17:46 +0100
Subject: [PATCH] Added unsecure flag to csaf_uploader.

---
 cmd/csaf_uploader/main.go | 31 ++++++++++++++++++++-----------
 1 file changed, 20 insertions(+), 11 deletions(-)

diff --git a/cmd/csaf_uploader/main.go b/cmd/csaf_uploader/main.go
index bd10657..582b8bd 100644
--- a/cmd/csaf_uploader/main.go
+++ b/cmd/csaf_uploader/main.go
@@ -10,6 +10,7 @@ package main
 
 import (
 	"bytes"
+	"crypto/tls"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -41,6 +42,8 @@ type options struct {
 	PasswordInteractive   bool `short:"i" long:"password-interactive" description:"Enter password interactively" no-ini:"true"`
 	PassphraseInteractive bool `short:"I" long:"passphrase-interacive" description:"Enter passphrase interactively" no-ini:"true"`
 
+	Insecure bool `long:"insecure" description:"Do not check TSL certificates from provider"`
+
 	Config *string `short:"c" long:"config" description:"Path to config ini file" value-name:"INI-FILE" no-ini:"true"`
 }
 
@@ -104,6 +107,18 @@ func newProcessor(opts *options) (*processor, error) {
 	return &p, nil
 }
 
+func (p *processor) httpClient() *http.Client {
+	var transport *http.Transport
+	if p.opts.Insecure {
+		transport = &http.Transport{
+			TLSClientConfig: &tls.Config{
+				InsecureSkipVerify: true,
+			},
+		}
+	}
+	return &http.Client{Transport: transport}
+}
+
 func writeStrings(header string, messages []string) {
 	if len(messages) > 0 {
 		fmt.Println(header)
@@ -120,7 +135,7 @@ func (p *processor) create() error {
 	}
 	req.Header.Set("X-CSAF-PROVIDER-AUTH", p.cachedAuth)
 
-	resp, err := http.DefaultClient.Do(req)
+	resp, err := p.httpClient().Do(req)
 	if err != nil {
 		return err
 	}
@@ -237,7 +252,7 @@ func (p *processor) process(filename string) error {
 		return err
 	}
 
-	resp, err := http.DefaultClient.Do(req)
+	resp, err := p.httpClient().Do(req)
 	if err != nil {
 		return err
 	}
@@ -297,12 +312,6 @@ func readInteractive(prompt string, pw **string) error {
 }
 
 func check(err error) {
-	if err != nil {
-		log.Fatalf("error: %v\n", err)
-	}
-}
-
-func checkParser(err error) {
 	if err != nil {
 		if e, ok := err.(*flags.Error); ok && e.Type == flags.ErrHelp {
 			os.Exit(0)
@@ -317,18 +326,18 @@ func main() {
 	parser := flags.NewParser(&opts, flags.Default)
 
 	args, err := parser.Parse()
-	checkParser(err)
+	check(err)
 
 	if opts.Config != nil {
 		iniParser := flags.NewIniParser(parser)
 		iniParser.ParseAsDefaults = true
 		name, err := homedir.Expand(*opts.Config)
 		check(err)
-		checkParser(iniParser.ParseFile(name))
+		check(iniParser.ParseFile(name))
 	} else if iniFile := findIniFile(); iniFile != "" {
 		iniParser := flags.NewIniParser(parser)
 		iniParser.ParseAsDefaults = true
-		checkParser(iniParser.ParseFile(iniFile))
+		check(iniParser.ParseFile(iniFile))
 	}
 
 	if opts.PasswordInteractive {