Merge pull request #2782 from hakanardo/verify_tls

Verify TLS keys loaded from docker contexts
2021-03-10 16:17:34 +01:00 · 2021-03-10 16:17:34 +01:00 · 31775a1532
parent 563124163a c239d66d5d
commit 31775a1532
1 changed files with 5 additions and 1 deletions
--- a/docker/context/context.py
+++ b/docker/context/context.py
@ -127,8 +127,12 @@ class Context:
                elif filename.startswith("key"):
                    key = os.path.join(tls_dir, endpoint, filename)
            if all([ca_cert, cert, key]):
+                verify = None
+                if endpoint == "docker":
+                    if not self.endpoints["docker"].get("SkipTLSVerify", False):
+                        verify = True
                certs[endpoint] = TLSConfig(
-                    client_cert=(cert, key), ca_cert=ca_cert)
+                    client_cert=(cert, key), ca_cert=ca_cert, verify=verify)
        self.tls_cfg = certs
        self.tls_path = tls_dir