Skip to content

D
docker-py
Kaydet (Commit) 94cb0bdc authored tarafından Joffrey F's avatar Joffrey F
Dosyalara gözat
Seçenekler

Fixed bugs, clearer error messages

üst 72c29ee5
Show whitespace changes
Inline Side-by-side
Showing with 14 additions and 10 deletions
docker/client.py
Dosyayı görüntüle @ 94cb0bdc
...@@ -61,7 +61,7 @@ class Client(requests.Session): ...@@ -61,7 +61,7 @@ class Client(requests.Session):
self._timeout = timeout self._timeout = timeout
self._auth_configs = auth.load_config() self._auth_configs = auth.load_config()
""" Use SSLAdapter for the ability to specify SSL version """ # Use SSLAdapter for the ability to specify SSL version
if isinstance(tls, TLSConfig): if isinstance(tls, TLSConfig):
tls.configure_client(self) tls.configure_client(self)
elif tls: elif tls:
......
docker/tls.py
Dosyayı görüntüle @ 94cb0bdc
...@@ -5,6 +5,10 @@ from .ssladapter import ssladapter ...@@ -5,6 +5,10 @@ from .ssladapter import ssladapter
class TLSConfig(object): class TLSConfig(object):
cert = None
verify = None
ssl_version = None
def __init__(self, tls, tls_cert=None, tls_key=None, tls_verify=False, def __init__(self, tls, tls_cert=None, tls_key=None, tls_verify=False,
tls_ca_cert=None, ssl_version=None): tls_ca_cert=None, ssl_version=None):
# Argument compatibility/mapping with # Argument compatibility/mapping with
...@@ -25,11 +29,12 @@ class TLSConfig(object): ...@@ -25,11 +29,12 @@ class TLSConfig(object):
if not (tls_cert and tls_key) or (not os.path.isfile(tls_cert) or if not (tls_cert and tls_key) or (not os.path.isfile(tls_cert) or
not os.path.isfile(tls_key)): not os.path.isfile(tls_key)):
raise errors.TLSParameterError( raise errors.TLSParameterError(
'You must provide either both "tls_cert"/"tls_key" files, ' 'Client certificate must provide certificate and key files'
'or neither, in order to use TLS.') ' through tls_cert and tls_key params respectively'
)
self.cert = (tls_cert, tls_key) self.cert = (tls_cert, tls_key)
# Either set tls_verify to True (public/default CA checks) or to the # Either set verify to True (public/default CA checks) or to the
# path of a CA Cert file. # path of a CA Cert file.
if tls_verify: if tls_verify:
if not tls_ca_cert: if not tls_ca_cert:
...@@ -38,14 +43,13 @@ class TLSConfig(object): ...@@ -38,14 +43,13 @@ class TLSConfig(object):
self.verify = tls_ca_cert self.verify = tls_ca_cert
else: else:
raise errors.TLSParameterError( raise errors.TLSParameterError(
'If "tls_verify" is set, then "tls_ca_cert" must be blank' 'Invalid CA certificate provided for `tls_ca_cert`.'
' (to check public CA list) OR a path to a Cert File.'
) )
else:
self.verify = False
def configure_client(self, client): def configure_client(self, client):
client.verify = self.verify
client.ssl_version = self.ssl_version client.ssl_version = self.ssl_version
if self.verify is not None:
client.verify = self.verify
if self.cert:
client.cert = self.cert client.cert = self.cert
self.mount('https://', ssladapter.SSLAdapter(self.ssl_version)) client.mount('https://', ssladapter.SSLAdapter(self.ssl_version))
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment