b25f8546f8
Ensure that environment variables can override config file entries.
...
Also support parameterized allowed backends when parsing for
storage backends, so that a DB backend can be tested.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-11-30 10:58:57 -08:00
b1fdea5b56
Add shared config file parsing to the utils package.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-11-30 10:58:57 -08:00
15c3bbeb9c
Remove explicit test for parsing garbage in certs.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-23 20:55:59 -07:00
09dc607bef
Read multiple CA certs from a single PEM file - thanks @mtrmac!
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-23 15:56:47 -07:00
61f9f84254
Use configuration option structures to set up client TLS and server TLS.
...
Test for if client cert is passed without a client key and vice versa.
Fail in ConfigureClientTLS if only one of client cert/key is passed.
Lint fixes.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-21 18:43:33 -07:00
412e0facc8
Explicitly check the skip tls verify boolean in notary client
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-21 10:38:48 -07:00
5cdb46a9da
Accept the same ciphersuites in the client and server as docker.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-19 17:31:18 -07:00
fb1013b997
Add servername to the client TLS config, and use it to build notary-server's
...
TLS connection to notary-signer.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-19 17:29:54 -07:00
b399783eee
Slight refactoring of ConfigureServerTLS and added a ConfigureClientTLS
...
as well.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-19 17:29:54 -07:00
7356dfd273
Change ConfigServerTLS to take a client CA directory instead of certs
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-19 17:29:54 -07:00
77dc081ead
Add a utility which generates a tls configuration for you given the
...
requisite certs.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-19 17:29:54 -07:00
Ying Li