perf: support "skip insecure verify" and "sni" for SSL #67 #113

backend/services/connection_service.go

@@ -107,14 +107,11 @@ func (c *connectionService) buildOption(config types.ConnectionConfig) (*redis.O
 			caCertPool.AppendCertsFromPEM(ca)
 		}
 
-		if len(certs) <= 0 {
-			return nil, errors.New("tls config error")
-		}
-
 		tlsConfig = &tls.Config{
 			RootCAs:            caCertPool,
-			InsecureSkipVerify: false,
+			InsecureSkipVerify: config.SSL.AllowInsecure,
 			Certificates:       certs,
+			ServerName:         strings.TrimSpace(config.SSL.SNI),
 		}
 	}
 

backend/types/connection.go

@@ -42,10 +42,12 @@ type ConnectionDB struct {
 }
 
 type ConnectionSSL struct {
-	Enable   bool   `json:"enable,omitempty" yaml:"enable,omitempty"`
-	KeyFile  string `json:"keyFile,omitempty" yaml:"keyFile,omitempty"`
-	CertFile string `json:"certFile,omitempty" yaml:"certFile,omitempty"`
-	CAFile   string `json:"caFile,omitempty" yaml:"caFile,omitempty"`
+	Enable        bool   `json:"enable,omitempty" yaml:"enable,omitempty"`
+	KeyFile       string `json:"keyFile,omitempty" yaml:"keyFile,omitempty"`
+	CertFile      string `json:"certFile,omitempty" yaml:"certFile,omitempty"`
+	CAFile        string `json:"caFile,omitempty" yaml:"caFile,omitempty"`
+	AllowInsecure bool   `json:"allowInsecure,omitempty" yaml:"allowInsecure,omitempty"`
+	SNI           string `json:"sni,omitempty" yaml:"sni,omitempty"`
 }
 
 type ConnectionSSH struct {

frontend/src/components/common/FileOpenInput.vue

@@ -25,7 +25,7 @@ const handleSelectFile = async () => {
         const path = get(data, 'path', '')
         emit('update:value', path)
     } else {
-        emit('update:value', '')
+        // emit('update:value', '')
     }
 }
 </script>

frontend/src/components/dialogs/ConnectionDialog.vue

@@ -464,6 +464,16 @@ const onClose = () => {
                                 :disabled="!generalForm.ssl.enable"
                                 :placeholder="$t('dialogue.connection.ssl.ca_file_tip')" />
                         </n-form-item>
+                        <n-form-item>
+                            <n-checkbox v-model:checked="generalForm.ssl.allowInsecure" size="medium">
+                                {{ $t('dialogue.connection.ssl.allow_insecure') }}
+                            </n-checkbox>
+                        </n-form-item>
+                        <n-form-item :label="$t('dialogue.connection.ssl.sni')">
+                            <n-input
+                                v-model:value="generalForm.ssl.sni"
+                                :placeholder="$t('dialogue.connection.ssl.sni')" />
+                        </n-form-item>
                     </n-form>
                 </n-tab-pane>
 

frontend/src/langs/en-us.json

@@ -201,6 +201,9 @@
       "ssl": {
         "title": "SSL/TLS",
         "enable": "Enable SSL/TLS",
+        "allow_insecure": "Allow Insecure Connection",
+        "sni": "Server Name(SNI)",
+        "sni_tip": "(Optional) Server Name",
         "cert_file": "Public Key",
         "key_file": "Private Key",
         "ca_file": "Authority",

frontend/src/langs/zh-cn.json

@@ -201,6 +201,9 @@
       "ssl": {
         "title": "SSL/TLS",
         "enable": "启用SSL",
+        "allow_insecure": "允许不安全连接",
+        "sni": "服务器名(SNI)",
+        "sni_tip": "(可选)服务器名",
         "cert_file": "公钥文件",
         "key_file": "私钥文件",
         "ca_file": "授权文件",

frontend/src/stores/connections.js

@@ -159,6 +159,8 @@ const useConnectionStore = defineStore('connections', {
                 markColor: '',
                 ssl: {
                     enable: false,
+                    allowInsecure: true,
+                    sni: '',
                     certFile: '',
                     keyFile: '',
                     caFile: '',