From 05816a206b4e2f14d052d90bf7c5e3e08a72b3af Mon Sep 17 00:00:00 2001
From: eyedeekay <idk@mulder>
Date: Mon, 20 Nov 2023 19:00:14 -0500
Subject: [PATCH] Allow self-signed certs when using a SAMv3 dialer, disallow
 non-I2P hosts

---
 cmd/dendrite-demo-i2p/main_i2p.go | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/cmd/dendrite-demo-i2p/main_i2p.go b/cmd/dendrite-demo-i2p/main_i2p.go
index 565399941..a67eba0b8 100644
--- a/cmd/dendrite-demo-i2p/main_i2p.go
+++ b/cmd/dendrite-demo-i2p/main_i2p.go
@@ -17,7 +17,9 @@ package main
 import (
 	"bytes"
 	"context"
+	"crypto/tls"
 	"embed"
+	"fmt"
 	"net"
 	"net/http"
 	"net/url"
@@ -58,13 +60,7 @@ func Dial(network, addr string) (net.Conn, error) {
 	if strings.HasSuffix(url.Host, ".i2p") {
 		return sam.Dial(network, addr)
 	}
-	ip := net.ParseIP(url.Host)
-	if ip != nil {
-		if ip.IsLoopback() {
-			return net.Dial(network, addr)
-		}
-	}
-	return net.Dial(network, addr)
+	return nil, fmt.Errorf("unknown network %s or address %s", network, url)
 }
 
 //go:embed static/*.gotmpl
@@ -81,6 +77,9 @@ func SetupAndServeHTTPS(
 	httpClient := &http.Client{
 		Transport: &http.Transport{
 			Dial: Dial,
+			TLSClientConfig: &tls.Config{
+				InsecureSkipVerify: true,
+			},
 		},
 	}