git-echo/linux_patch_api
Private
Public Access
1
0
Fork 0
Code Releases 32 Wiki Activity

fix(enroll): skip TLS validation during enrollment bootstrap to allow certificate acquisition

Browse Source
This commit is contained in:
Echo
2026-05-17 22:20:48 +00:00
parent 286f9059e2
commit f57d92406f
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/config/loader.rs
View File

@ -142,16 +142,16 @@ pub struct AppConfig {
impl AppConfig { impl AppConfig {
/// Load configuration from a YAML file /// Load configuration from a YAML file
pub fn load(path: &str) -> Result<Self> { pub fn load(path: &str, skip_tls_validation: bool) -> Result<Self> {
let content = std::fs::read_to_string(path) let content = std::fs::read_to_string(path)
.with_context(|| format!("Failed to read config file: {}", path))?; .with_context(|| format!("Failed to read config file: {}", path))?;
let config: AppConfig = serde_yaml::from_str(&content) let config: AppConfig = serde_yaml::from_str(&content)
.with_context(|| format!("Failed to parse config file: {}", path))?; .with_context(|| format!("Failed to parse config file: {}", path))?;
// Validate TLS configuration if enabled // Validate TLS configuration if enabled (skip during enrollment bootstrap)
if let Some(ref tls) = config.tls { if let Some(ref tls) = config.tls {
if tls.enabled { if tls.enabled && !skip_tls_validation {
if !std::path::Path::new(&tls.ca_cert).exists() { if !std::path::Path::new(&tls.ca_cert).exists() {
anyhow::bail!("TLS CA certificate not found: {}", tls.ca_cert); anyhow::bail!("TLS CA certificate not found: {}", tls.ca_cert);
} }

2
src/main.rs
View File

@ -64,7 +64,7 @@ async fn main() -> Result<()> {
); );
// Load configuration // Load configuration
let config = match AppConfig::load(&args.config) { let config = match AppConfig::load(&args.config, args.enroll.is_some()) {
Ok(cfg) => { Ok(cfg) => {
info!( info!(
port = cfg.server.port, port = cfg.server.port,