From f78f77dde6b5195a67584a68e6ca56f20d9d3c45 Mon Sep 17 00:00:00 2001
From: Malte Bauch <malte.bauch@h-da.de>
Date: Fri, 13 Sep 2024 13:01:51 +0000
Subject: [PATCH] Add additional TLS config option: InsecureSkipVerify

See merge request danet/quant!207
---
 goKMS/config/config.go | 9 +++++----
 goKMS/kms/tls/tls.go   | 7 ++++---
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/goKMS/config/config.go b/goKMS/config/config.go
index aba94318..c3de91ae 100644
--- a/goKMS/config/config.go
+++ b/goKMS/config/config.go
@@ -31,10 +31,11 @@ type Peer struct {
 }
 
 type TLSConfig struct {
-	Active   bool   `yaml:"Active"`
-	CAFile   string `yaml:"CAFile"`
-	CertFile string `yaml:"CertFile"`
-	KeyFile  string `yaml:"KeyFile"`
+	Active             bool   `yaml:"Active"`
+	InsecureSkipVerify bool   `yaml:"InsecureSkipVerify"`
+	CAFile             string `yaml:"CAFile"`
+	CertFile           string `yaml:"CertFile"`
+	KeyFile            string `yaml:"KeyFile"`
 }
 
 type QuantumModule struct {
diff --git a/goKMS/kms/tls/tls.go b/goKMS/kms/tls/tls.go
index 9f3dc73f..040b8199 100644
--- a/goKMS/kms/tls/tls.go
+++ b/goKMS/kms/tls/tls.go
@@ -84,8 +84,9 @@ func GenerateTLSLibraryConfig(tlsConfig config.TLSConfig) (*tls.Config, error) {
 	}
 
 	return &tls.Config{
-		MinVersion:   tls.VersionTLS13,
-		RootCAs:      cp,
-		Certificates: []tls.Certificate{cert},
+		MinVersion:         tls.VersionTLS13,
+		RootCAs:            cp,
+		Certificates:       []tls.Certificate{cert},
+		InsecureSkipVerify: tlsConfig.InsecureSkipVerify,
 	}, nil
 }
-- 
GitLab