docker
/
docker-py
mirror of https://github.com/docker/docker-py.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix TLS regressions 

- Set `verify` to the CA cert path if one has been specified, rather
  than `True`

- Don't set `assert_fingerprint`

Signed-off-by: Aanand Prasad <aanand.prasad@gmail.com>
This commit is contained in:
Aanand Prasad 2016-02-23 14:29:52 -08:00
parent cc450d697c
commit 9ba0ddf267
3 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
docker/tls.py
View File

@ -54,10 +54,15 @@ class TLSConfig(object):
def configure_client(self, client): def configure_client(self, client):
client.ssl_version = self.ssl_version client.ssl_version = self.ssl_version
if self.verify and self.ca_cert:
client.verify = self.ca_cert
else:
client.verify = self.verify client.verify = self.verify
client.ca_cert = self.ca_cert
if self.cert: if self.cert:
client.cert = self.cert client.cert = self.cert
client.mount('https://', ssladapter.SSLAdapter( client.mount('https://', ssladapter.SSLAdapter(
ssl_version=self.ssl_version, ssl_version=self.ssl_version,
assert_hostname=self.assert_hostname, assert_hostname=self.assert_hostname,

2
docker/utils/utils.py
View File

@ -489,7 +489,7 @@ def kwargs_from_env(ssl_version=None, assert_hostname=None):
verify=tls_verify, verify=tls_verify,
ssl_version=ssl_version, ssl_version=ssl_version,
assert_hostname=assert_hostname, assert_hostname=assert_hostname,
assert_fingerprint=tls_verify) )
return params return params

4
tests/unit/utils_test.py
View File

@ -194,7 +194,7 @@ class KwargsFromEnvTest(base.BaseTestCase):
try: try:
client = Client(**kwargs) client = Client(**kwargs)
self.assertEqual(kwargs['base_url'], client.base_url) self.assertEqual(kwargs['base_url'], client.base_url)
self.assertEqual(kwargs['tls'].verify, client.verify) self.assertEqual(kwargs['tls'].ca_cert, client.verify)
self.assertEqual(kwargs['tls'].cert, client.cert) self.assertEqual(kwargs['tls'].cert, client.cert)
except TypeError as e: except TypeError as e:
self.fail(e) self.fail(e)
@ -213,7 +213,6 @@ class KwargsFromEnvTest(base.BaseTestCase):
try: try:
client = Client(**kwargs) client = Client(**kwargs)
self.assertEqual(kwargs['base_url'], client.base_url) self.assertEqual(kwargs['base_url'], client.base_url)
self.assertEqual(kwargs['tls'].ca_cert, client.ca_cert)
self.assertEqual(kwargs['tls'].cert, client.cert) self.assertEqual(kwargs['tls'].cert, client.cert)
self.assertFalse(kwargs['tls'].verify) self.assertFalse(kwargs['tls'].verify)
except TypeError as e: except TypeError as e:
@ -238,7 +237,6 @@ class KwargsFromEnvTest(base.BaseTestCase):
try: try:
client = Client(**kwargs) client = Client(**kwargs)
self.assertEqual(kwargs['base_url'], client.base_url) self.assertEqual(kwargs['base_url'], client.base_url)
self.assertEqual(kwargs['tls'].ca_cert, client.ca_cert)
self.assertEqual(kwargs['tls'].cert, client.cert) self.assertEqual(kwargs['tls'].cert, client.cert)
self.assertFalse(kwargs['tls'].verify) self.assertFalse(kwargs['tls'].verify)
except TypeError as e: except TypeError as e: