Commit 2f497263 authored by Patrick Lee's avatar Patrick Lee Committed by Brad Fitzpatrick

cmd/pprof: add options to skip tls verification

Don't verify tls host when profiling https+insecure://host/port/...,
as per discussion in https://go-review.googlesource.com/#/c/20885/.

Fixes: #11468

Change-Id: Ibfc236e5442a00339334602a4014e017c62d9e7a
Reviewed-on: https://go-review.googlesource.com/33157Reviewed-by: 's avatarBrad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
parent 4966150a
...@@ -7,6 +7,7 @@ ...@@ -7,6 +7,7 @@
package fetch package fetch
import ( import (
"crypto/tls"
"fmt" "fmt"
"io" "io"
"io/ioutil" "io/ioutil"
...@@ -72,11 +73,26 @@ func PostURL(source, post string) ([]byte, error) { ...@@ -72,11 +73,26 @@ func PostURL(source, post string) ([]byte, error) {
// httpGet is a wrapper around http.Get; it is defined as a variable // httpGet is a wrapper around http.Get; it is defined as a variable
// so it can be redefined during for testing. // so it can be redefined during for testing.
var httpGet = func(url string, timeout time.Duration) (*http.Response, error) { var httpGet = func(source string, timeout time.Duration) (*http.Response, error) {
url, err := url.Parse(source)
if err != nil {
return nil, err
}
var tlsConfig *tls.Config
if url.Scheme == "https+insecure" {
tlsConfig = &tls.Config{
InsecureSkipVerify: true,
}
url.Scheme = "https"
source = url.String()
}
client := &http.Client{ client := &http.Client{
Transport: &http.Transport{ Transport: &http.Transport{
ResponseHeaderTimeout: timeout + 5*time.Second, ResponseHeaderTimeout: timeout + 5*time.Second,
TLSClientConfig: tlsConfig,
}, },
} }
return client.Get(url) return client.Get(source)
} }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment