feat: client verifies server's TLS certificate by default

Configuration setting can disable it.
author: Lars Wirzenius <liw@liw.fi> 2021-02-06 09:54:26 +0200
committer: Lars Wirzenius <liw@liw.fi> 2021-02-06 10:40:07 +0200
commit: 520fc35ce0269df2963a5b53112f614257b08bc6 (patch)
tree: 794b7405db1fcd33d5f708b7de697e3bcf403944 /src/client.rs
parent: b426e6e89e077fce0b74c79c13751cf4db5af75e (diff)
download: obnam2-520fc35ce0269df2963a5b53112f614257b08bc6.tar.gz
1 files changed, 5 insertions, 3 deletions
diff --git a/src/client.rs b/src/client.rs
index 3d3b2a5..7cd6df7 100644
--- a/src/client.rs
+++ b/src/client.rs
@@ -20,6 +20,7 @@ use std::path::{Path, PathBuf};
 #[derive(Debug, Serialize, Deserialize, Clone)]
 pub struct ClientConfig {
     pub server_url: String,
+    pub verify_tls_cert: bool,
     pub root: PathBuf,
     pub log: Option<PathBuf>,
 }
@@ -105,13 +106,14 @@ pub struct BackupClient {
 }
 
 impl BackupClient {
-    pub fn new(base_url: &str) -> ClientResult<Self> {
+    pub fn new(config: &ClientConfig) -> ClientResult<Self> {
+        info!("creating backup client with config: {:#?}", config);
         let client = Client::builder()
-            .danger_accept_invalid_certs(true)
+            .danger_accept_invalid_certs(!config.verify_tls_cert)
             .build()?;
         Ok(Self {
             client,
-            base_url: base_url.to_string(),
+            base_url: config.server_url.to_string(),
         })
     }
author	Lars Wirzenius <liw@liw.fi>	2021-02-06 09:54:26 +0200
committer	Lars Wirzenius <liw@liw.fi>	2021-02-06 10:40:07 +0200
commit	520fc35ce0269df2963a5b53112f614257b08bc6 (patch)
tree	794b7405db1fcd33d5f708b7de697e3bcf403944 /src/client.rs
parent	b426e6e89e077fce0b74c79c13751cf4db5af75e (diff)
download	obnam2-520fc35ce0269df2963a5b53112f614257b08bc6.tar.gz