Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow for TLS on inspector #2620

Closed
wants to merge 2 commits into from
Closed

Allow for TLS on inspector #2620

wants to merge 2 commits into from

Conversation

ahopkins
Copy link
Member

@ahopkins ahopkins commented Dec 8, 2022

This will allow someone to run the inspector with a TLS cert making it one step closer to being more secure to run against remote hosted applications.

I would still not advise this yet since there is no authentication mechanism yet.

@ahopkins ahopkins requested a review from a team as a code owner December 8, 2022 08:47
@ahopkins ahopkins marked this pull request as draft December 8, 2022 08:50
):
context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
context.load_cert_chain(self.tls_cert, self.tls_key)
yield context.wrap_socket(sock, server_side=True)

Check failure

Code scanning / CodeQL

Use of insecure SSL/TLS version

Insecure SSL/TLS protocol version TLSv1 allowed by [call to ssl.SSLContext](1). Insecure SSL/TLS protocol version TLSv1_1 allowed by [call to ssl.SSLContext](1).
sock = create_connection((self.host, self.port))
sock.settimeout(15)
if self.secure:
sock = context.wrap_socket(sock, server_hostname="localhost")

Check failure

Code scanning / CodeQL

Use of insecure SSL/TLS version

Insecure SSL/TLS protocol version TLSv1 allowed by [call to ssl.create_default_context](1). Insecure SSL/TLS protocol version TLSv1_1 allowed by [call to ssl.create_default_context](1).
@ahopkins ahopkins mentioned this pull request Dec 13, 2022
@ahopkins
Copy link
Member Author

Closed in favor of #2626

@ahopkins ahopkins closed this Dec 13, 2022
@ahopkins ahopkins deleted the inspect-tls branch December 13, 2022 22:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

1 participant