Fix ignore TLS errors

2025-04-02 18:31:50 -04:00 · 2024-01-22 23:20:25 -05:00 · 2024-01-22 23:20:25 -05:00 · 9655b735a1
commit 9655b735a1
parent c3bd7aeb93
5 changed files with 9 additions and 7 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -1423,7 +1423,7 @@ dependencies = [

 [[package]]
 name = "gpapi"
-version = "2.0.0-beta5"
+version = "2.0.0-beta6"
 dependencies = [
 "anyhow",
 "base64 0.21.5",
@ -1452,7 +1452,7 @@ dependencies = [

 [[package]]
 name = "gpauth"
-version = "2.0.0-beta5"
+version = "2.0.0-beta6"
 dependencies = [
 "anyhow",
 "clap",
@ -1472,7 +1472,7 @@ dependencies = [

 [[package]]
 name = "gpclient"
-version = "2.0.0-beta5"
+version = "2.0.0-beta6"
 dependencies = [
 "anyhow",
 "clap",
@ -1493,7 +1493,7 @@ dependencies = [

 [[package]]
 name = "gpservice"
-version = "2.0.0-beta5"
+version = "2.0.0-beta6"
 dependencies = [
 "anyhow",
 "axum",
@ -2478,7 +2478,7 @@ dependencies = [

 [[package]]
 name = "openconnect"
-version = "2.0.0-beta5"
+version = "2.0.0-beta6"
 dependencies = [
 "cc",
 "is_executable",
--- a/Cargo.toml
+++ b/Cargo.toml
@ -4,7 +4,7 @@ resolver = "2"
 members = ["crates/*", "apps/gpclient", "apps/gpservice", "apps/gpauth"]

 [workspace.package]
-version = "2.0.0-beta5"
+version = "2.0.0-beta6"
 authors = ["Kevin Yue <k3vinyue@gmail.com>"]
 homepage = "https://github.com/yuezk/GlobalProtect-openconnect"
 edition = "2021"
--- a/apps/gpclient/src/cli.rs
+++ b/apps/gpclient/src/cli.rs
@ -115,7 +115,7 @@ pub(crate) async fn run() {
      eprintln!("{} --fix-openssl {}\n", args[0], args[1..].join(" "));
    }

-    if err.contains("certificate verify failed") {
+    if err.contains("certificate verify failed") && !cli.ignore_tls_errors {
      eprintln!(
        "\nRe-run it with the `--ignore-tls-errors` option to ignore the certificate error, e.g.:\n"
      );
--- a/crates/gpapi/src/gateway/login.rs
+++ b/crates/gpapi/src/gateway/login.rs
@ -12,6 +12,7 @@ pub async fn gateway_login(
 ) -> anyhow::Result<String> {
  let login_url = format!("https://{}/ssl-vpn/login.esp", gateway);
  let client = Client::builder()
+    .danger_accept_invalid_certs(gp_params.ignore_tls_errors())
    .user_agent(gp_params.user_agent())
    .build()?;

--- a/crates/gpapi/src/portal/config.rs
+++ b/crates/gpapi/src/portal/config.rs
@ -120,6 +120,7 @@ pub async fn retrieve_config(

  let url = format!("{}/global-protect/getconfig.esp", portal);
  let client = Client::builder()
+    .danger_accept_invalid_certs(gp_params.ignore_tls_errors())
    .user_agent(gp_params.user_agent())
    .build()?;