← 返回首页
Disabled TLS certificate check — CodeQL query help documentation CodeQL docs
CodeQL documentation
CodeQL resources

Disabled TLS certificate check

ID: rust/disabled-certificate-check Kind: path-problem Security severity: 7.5 Severity: warning Precision: high Tags: - security - external/cwe/cwe-295 Query suites: - rust-code-scanning.qls - rust-security-extended.qls - rust-security-and-quality.qls

Click to see the query in the CodeQL repository

The danger_accept_invalid_certs option on TLS connectors and HTTP clients controls whether certificate verification is performed. If this option is set to true, the client will accept any certificate, making it susceptible to man-in-the-middle attacks.

Similarly, the danger_accept_invalid_hostnames option controls whether hostname verification is performed. If this option is set to true, the client will accept any valid certificate regardless of the site that certificate is for, again making it susceptible to man-in-the-middle attacks.

Recommendation

Do not set danger_accept_invalid_certs or danger_accept_invalid_hostnames to true, except in controlled environments such as tests. In production, always ensure certificate and hostname verification is enabled to prevent security risks.

Example

The following code snippet shows a function that creates an HTTP client with certificate verification disabled:

// BAD: Disabling certificate validation in Rust let _client = reqwest::Client::builder() .danger_accept_invalid_certs(true) // disables certificate validation .build() .unwrap();

In production code, always configure clients to verify certificates:

// GOOD: Certificate validation is enabled (default) let _client = reqwest::Client::builder() .danger_accept_invalid_certs(false) // certificate validation enabled explicitly .build() .unwrap(); let _client = native_tls::TlsConnector::builder() // certificate validation enabled by default .build() .unwrap();

References