Add option to enable TLS verification

client.go

@@ -23,15 +23,17 @@ type Client struct {
 	Host       string
 	Port       int
 	ApiVersion int
+	TlsVerify  bool
 }
 
-func NewClient(username, password, host string, port, apiversion int) *Client {
+func NewClient(username, password, host string, port, apiversion int, tlsverify bool) *Client {
 	return &Client{
 		Username:   username,
 		Password:   password,
 		Host:       host,
 		Port:       port,
 		ApiVersion: apiversion,
+		TlsVerify:  tlsverify,
 	}
 }
 
@@ -122,7 +124,7 @@ func (s *Client) GetHttpClient() (*http.Client) {
 	// Ganeti often has a self-signed certificate that is used for the RAPI
 	// @TODO This should be configural
 	tr := &http.Transport{
-		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: !s.TlsVerify},
 	}
 	return &http.Client{Transport: tr}
 }

client_test.go

@@ -35,7 +35,15 @@ func getTestClient(t *testing.T) *Client {
 	if version_error != nil {
 		t.Errorf("Failed to convert '%v' to integer: %v", version, version_error)
 	}
-	return NewClient(username, password, host, _port, _version)
+	tlsverify := os.Getenv("RAPI_TLS_VERIFY")
+	if len(tlsverify) == 0 {
+		tlsverify = "false"
+	}
+	_tlsverify, tlsverify_err := strconv.ParseBool(tlsverify)
+	if tlsverify_err != nil {
+		t.Errorf("Failed to convert '%v' to bool: %v'", tlsverify, tlsverify_err)
+	}
+	return NewClient(username, password, host, _port, _version, _tlsverify)
 }
 
 func TestClusterInfo(t *testing.T) {
@@ -64,7 +72,7 @@ func TestGetNetworksBulk(t *testing.T) {
 
 func TestGetNetworkInformation(t *testing.T) {
 	c := getTestClient(t)
-	n, err := c.GetNetworks()
+	_, err := c.GetNetworks()
 	if err != nil {
 		t.Errorf("Got error requesting network list %s", err)
 	}