Merge pull request #11477 from dmcgowan/fix-auth-http-client
Update auth client configuration to use proper tls config
This commit is contained in:
Arnaud Porterie
commit
4377a9a3bc
1 changed files with 19 additions and 1 deletions
20
docs/auth.go
20
docs/auth.go
|
|
@ -1,6 +1,7 @@
|
|||
package registry
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
|
|
@ -70,10 +71,19 @@ func (auth *RequestAuthorization) getToken() (string, error) {
|
|||
return auth.tokenCache, nil
|
||||
}
|
||||
|
||||
tlsConfig := tls.Config{
|
||||
MinVersion: tls.VersionTLS10,
|
||||
}
|
||||
if !auth.registryEndpoint.IsSecure {
|
||||
tlsConfig.InsecureSkipVerify = true
|
||||
}
|
||||
|
||||
client := &http.Client{
|
||||
Transport: &http.Transport{
|
||||
DisableKeepAlives: true,
|
||||
Proxy: http.ProxyFromEnvironment},
|
||||
Proxy: http.ProxyFromEnvironment,
|
||||
TLSClientConfig: &tlsConfig,
|
||||
},
|
||||
CheckRedirect: AddRequiredHeadersToRedirectedRequests,
|
||||
}
|
||||
factory := HTTPRequestFactory(nil)
|
||||
|
|
@ -362,10 +372,18 @@ func loginV1(authConfig *AuthConfig, registryEndpoint *Endpoint, factory *utils.
|
|||
func loginV2(authConfig *AuthConfig, registryEndpoint *Endpoint, factory *utils.HTTPRequestFactory) (string, error) {
|
||||
log.Debugf("attempting v2 login to registry endpoint %s", registryEndpoint)
|
||||
|
||||
tlsConfig := tls.Config{
|
||||
MinVersion: tls.VersionTLS10,
|
||||
}
|
||||
if !registryEndpoint.IsSecure {
|
||||
tlsConfig.InsecureSkipVerify = true
|
||||
}
|
||||
|
||||
client := &http.Client{
|
||||
Transport: &http.Transport{
|
||||
DisableKeepAlives: true,
|
||||
Proxy: http.ProxyFromEnvironment,
|
||||
TLSClientConfig: &tlsConfig,
|
||||
},
|
||||
CheckRedirect: AddRequiredHeadersToRedirectedRequests,
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue