force clients to set tls.Config.InsecureSkipVerify when using mint

mint doesn't verify the certificate chain. This change forces users of quic-go to acknowledge mint's insecure behavior by explicitely setting InsecureSkipVerify.
2018-01-26 17:30:07 +11:00
parent db0a3d105e
commit d76f5a839c
4 changed files with 32 additions and 7 deletions
--- a/server_tls_test.go
+++ b/server_tls_test.go
@@ -36,7 +36,8 @@ var _ = Describe("Stateless TLS handling", func() {
 			Versions: []protocol.VersionNumber{protocol.VersionTLS},
 		}
 		var err error
-		server, sessionChan, err = newServerTLS(conn, config, nil, testdata.GetTLSConfig())
+		tlsConf := testdata.GetTLSConfig()
+		server, sessionChan, err = newServerTLS(conn, config, nil, tlsConf)
 		Expect(err).ToNot(HaveOccurred())
 		server.newMintConn = func(bc *handshake.CryptoStreamConn, v protocol.VersionNumber) (handshake.MintTLS, <-chan handshake.TransportParameters, error) {
 			mintReply = bc