| Name |
Last commit
|
Last Update |
|---|---|---|
| .. | ||
| common.go | ||
| generic_oauth.go | ||
| github_oauth.go | ||
| google_oauth.go | ||
| grafana_com_oauth.go | ||
| social.go |
TLS was not being verified in a number of places: - connections to grafana.com - connections to OAuth providers when TLS client authentication was enabled - connections to self-hosted Grafana installations when using the CLI tool TLS should always be verified unless the user explicitly enables an option to skip verification. Removes some instances where `InsecureSkipVerify` is explicitly set to `false`, the default, to help avoid confusion and make it more difficult to regress on this fix by accident. Adds a `--insecure` flag to `grafana-cli` to skip TLS verification. Adds a `tls_skip_verify_insecure` setting for OAuth. Adds a `app_tls_skip_verify_insecure` setting under a new `[plugins]` section. I'm not super happy with the way the global setting is used by `pkg/api/app_routes.go` but that seems to be the existing pattern used.
| Name |
Last commit
|
Last Update |
|---|---|---|
| .. | ||
| common.go | Loading commit data... | |
| generic_oauth.go | Loading commit data... | |
| github_oauth.go | Loading commit data... | |
| google_oauth.go | Loading commit data... | |
| grafana_com_oauth.go | Loading commit data... | |
| social.go | Loading commit data... |