client: add --insecure-skip-tls-verification option

Additionally this checks if the launcher property is set too which
happens if the launcher is passed this flag.

runelite-client/src/main/java/net/runelite/client/RuneLite.java

@@ -34,10 +34,17 @@ import java.io.File;
 import java.lang.management.ManagementFactory;
 import java.lang.management.RuntimeMXBean;
 import java.nio.file.Paths;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.cert.X509Certificate;
 import java.util.Locale;
 import javax.annotation.Nullable;
 import javax.inject.Provider;
 import javax.inject.Singleton;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
 import javax.swing.SwingUtilities;
 import joptsimple.ArgumentAcceptingOptionSpec;
 import joptsimple.OptionParser;
@@ -233,9 +240,16 @@ public class RuneLite
 			}
 		});
 
-		final OkHttpClient okHttpClient = RuneLiteAPI.CLIENT.newBuilder()
+		OkHttpClient.Builder okHttpClientBuilder = RuneLiteAPI.CLIENT.newBuilder()
-			.cache(new Cache(new File(CACHE_DIR, "okhttp"), MAX_OKHTTP_CACHE_SIZE))
+			.cache(new Cache(new File(CACHE_DIR, "okhttp"), MAX_OKHTTP_CACHE_SIZE));
-			.build();
+
+		final boolean insecureSkipTlsVerification = options.has("insecure-skip-tls-verification");
+		if (insecureSkipTlsVerification || RuneLiteProperties.isInsecureSkipTlsVerification())
+		{
+			setupInsecureTrustManager(okHttpClientBuilder);
+		}
+
+		final OkHttpClient okHttpClient = okHttpClientBuilder.build();
 
 		SplashScreen.init();
 		SplashScreen.stage(0, "Retrieving client", "");
@@ -433,4 +447,37 @@ public class RuneLite
 			return null;
 		}
 	}
+
+	private static void setupInsecureTrustManager(OkHttpClient.Builder okHttpClientBuilder)
+	{
+		try
+		{
+			X509TrustManager trustManager = new X509TrustManager()
+			{
+				@Override
+				public void checkClientTrusted(X509Certificate[] chain, String authType)
+				{
+				}
+
+				@Override
+				public void checkServerTrusted(X509Certificate[] chain, String authType)
+				{
+				}
+
+				@Override
+				public X509Certificate[] getAcceptedIssuers()
+				{
+					return new X509Certificate[0];
+				}
+			};
+
+			SSLContext sc = SSLContext.getInstance("SSL");
+			sc.init(null, new TrustManager[]{trustManager}, new SecureRandom());
+			okHttpClientBuilder.sslSocketFactory(sc.getSocketFactory(), trustManager);
+		}
+		catch (NoSuchAlgorithmException | KeyManagementException ex)
+		{
+			log.warn("unable to setup insecure trust manager", ex);
+		}
+	}
 }

runelite-client/src/main/java/net/runelite/client/RuneLiteProperties.java

@@ -41,6 +41,7 @@ public class RuneLiteProperties
 	private static final String WIKI_LINK = "runelite.wiki.link";
 	private static final String PATREON_LINK = "runelite.patreon.link";
 	private static final String LAUNCHER_VERSION_PROPERTY = "runelite.launcher.version";
+	private static final String INSECURE_SKIP_TLS_VERIFICATION_PROPERTY = "runelite.insecure-skip-tls-verification";
 	private static final String TROUBLESHOOTING_LINK = "runelite.wiki.troubleshooting.link";
 	private static final String BUILDING_LINK = "runelite.wiki.building.link";
 	private static final String DNS_CHANGE_LINK = "runelite.dnschange.link";
@@ -110,6 +111,11 @@ public class RuneLiteProperties
 		return System.getProperty(LAUNCHER_VERSION_PROPERTY);
 	}
 
+	public static boolean isInsecureSkipTlsVerification()
+	{
+		return Boolean.getBoolean(INSECURE_SKIP_TLS_VERIFICATION_PROPERTY);
+	}
+
 	public static String getTroubleshootingLink()
 	{
 		return properties.getProperty(TROUBLESHOOTING_LINK);