Skip to content

D
docker-py
Kaydet (Commit) f4114274 authored tarafından Joffrey F's avatar Joffrey F
Dosyalara gözat
Seçenekler

Use protocol TLS v1.0 by default when none is set. 

Signed-off-by: 's avatarJoffrey F <joffrey@docker.com>
üst 062c76d8
Hide whitespace changes
Inline Side-by-side
Showing with 6 additions and 1 deletion
docker/tls.py
Dosyayı görüntüle @ f4114274
import os import os
import ssl
from . import errors from . import errors
from .ssladapter import ssladapter from .ssladapter import ssladapter
...@@ -19,10 +20,14 @@ class TLSConfig(object): ...@@ -19,10 +20,14 @@ class TLSConfig(object):
# here, but also disable any public/default CA pool verification by # here, but also disable any public/default CA pool verification by
# leaving tls_verify=False # leaving tls_verify=False
self.ssl_version = ssl_version
self.assert_hostname = assert_hostname self.assert_hostname = assert_hostname
self.assert_fingerprint = assert_fingerprint self.assert_fingerprint = assert_fingerprint
# TLS v1.0 seems to be the safest default; SSLv23 fails in mysterious
# ways: https://github.com/docker/docker-py/issues/963
self.ssl_version = ssl_version or ssl.PROTOCOL_TLSv1
# "tls" and "tls_verify" must have both or neither cert/key files # "tls" and "tls_verify" must have both or neither cert/key files
# In either case, Alert the user when both are expected, but any are # In either case, Alert the user when both are expected, but any are
# missing. # missing.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment