diff options
| author |  Miek Gieben <miek@miek.nl>
| 2020-11-05 20:08:59 +0100 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2020-11-05 20:08:59 +0100 |
| commit | 049369583bec9c6f3ab751cd68bcfc4224e7df45 (patch) | |
| tree | 75fe9c186873c44ae2e99694ac42de50d12e8603 /plugin | |
| parent | 723e9b06a439bfce19d689aca7030d95e4dc2c19 (diff) | |
| download | coredns-049369583bec9c6f3ab751cd68bcfc4224e7df45.tar.gz coredns-049369583bec9c6f3ab751cd68bcfc4224e7df45.tar.zst coredns-049369583bec9c6f3ab751cd68bcfc4224e7df45.zip | |
pkg/tls: remove InsecureSkipVerify=true flag (#4265)
CWE-295 code scanning alert flag this. Seems OK to just remove it.
Signed-off-by: Miek Gieben <miek@miek.nl>
Diffstat (limited to 'plugin')
| -rw-r--r-- | plugin/pkg/tls/tls.go | 5 |
1 files changed, 0 insertions, 5 deletions
diff --git a/plugin/pkg/tls/tls.go b/plugin/pkg/tls/tls.go index 6fc10dd8e..2709895b8 100644 --- a/plugin/pkg/tls/tls.go +++ b/plugin/pkg/tls/tls.go @@ -108,11 +108,6 @@ func loadRoots(caPath string) (*x509.CertPool, error) { // NewHTTPSTransport returns an HTTP transport configured using tls.Config func NewHTTPSTransport(cc *tls.Config) *http.Transport { - // this seems like a bad idea but was here in the previous version - if cc != nil { - cc.InsecureSkipVerify = true - } - tr := &http.Transport{ Proxy: http.ProxyFromEnvironment, Dial: (&net.Dialer{ |