RSDK-7854 - fix local dialing, server_hostname setting (viamrobotics#632

)
stuqdog · Jun 11, 2024 · aecf132 · aecf132
1 parent fc3ec46
commit aecf132
Showing 1 changed file with 12 additions and 2 deletions.
diff --git a/src/viam/rpc/dial.py b/src/viam/rpc/dial.py
@@ -313,12 +313,22 @@ async def _dial_direct(address: str, options: Optional[DialOptions] = None) -> C
     if insecure:
         ctx = None
     else:
-        ctx = ssl.create_default_context(purpose=ssl.Purpose.SERVER_AUTH)
+        is_local_host = host is not None and (host.startswith("localhost") or host.startswith("0.0.0.0") or host.startswith("127."))
+        if is_local_host:
+            ctx = ssl._create_unverified_context(purpose=ssl.Purpose.SERVER_AUTH)
+        else:
+            ctx = ssl.create_default_context(purpose=ssl.Purpose.SERVER_AUTH)
         ctx.minimum_version = ssl.TLSVersion.TLSv1_2
         ctx.set_ciphers("ECDHE+AESGCM:ECDHE+CHACHA20:DHE+AESGCM:DHE+CHACHA20")
         ctx.set_alpn_protocols(["h2"])
 
-        if options is not None and options.auth_entity and host != options.auth_entity:
+        if (
+            options is not None
+            and options.auth_entity
+            and host != options.auth_entity
+            and options.credentials is not None
+            and options.credentials.type != "api-key"
+        ):
             server_hostname = options.auth_entity
 
         # Test if downgrade is required.