Michael Crosby
commit
48096dad19
|
|
@ -105,22 +105,20 @@ func doRequest(req *http.Request, jar http.CookieJar, timeout TimeoutType) (*htt
|
|||
data, err := ioutil.ReadFile(path.Join(hostDir, f.Name()))
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
} else {
|
||||
pool.AppendCertsFromPEM(data)
|
||||
}
|
||||
pool.AppendCertsFromPEM(data)
|
||||
}
|
||||
if strings.HasSuffix(f.Name(), ".cert") {
|
||||
certName := f.Name()
|
||||
keyName := certName[:len(certName)-5] + ".key"
|
||||
if !hasFile(fs, keyName) {
|
||||
return nil, nil, fmt.Errorf("Missing key %s for certificate %s", keyName, certName)
|
||||
} else {
|
||||
cert, err := tls.LoadX509KeyPair(path.Join(hostDir, certName), path.Join(hostDir, keyName))
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
certs = append(certs, &cert)
|
||||
}
|
||||
cert, err := tls.LoadX509KeyPair(path.Join(hostDir, certName), path.Join(hostDir, keyName))
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
certs = append(certs, &cert)
|
||||
}
|
||||
if strings.HasSuffix(f.Name(), ".key") {
|
||||
keyName := f.Name()
|
||||
|
|
@ -138,19 +136,13 @@ func doRequest(req *http.Request, jar http.CookieJar, timeout TimeoutType) (*htt
|
|||
return nil, nil, err
|
||||
}
|
||||
return res, client, nil
|
||||
} else {
|
||||
for i, cert := range certs {
|
||||
client := newClient(jar, pool, cert, timeout)
|
||||
res, err := client.Do(req)
|
||||
if i == len(certs)-1 {
|
||||
// If this is the last cert, always return the result
|
||||
return res, client, err
|
||||
} else {
|
||||
// Otherwise, continue to next cert if 403 or 5xx
|
||||
if err == nil && res.StatusCode != 403 && !(res.StatusCode >= 500 && res.StatusCode < 600) {
|
||||
return res, client, err
|
||||
}
|
||||
}
|
||||
}
|
||||
for i, cert := range certs {
|
||||
client := newClient(jar, pool, cert, timeout)
|
||||
res, err := client.Do(req)
|
||||
// If this is the last cert, otherwise, continue to next cert if 403 or 5xx
|
||||
if i == len(certs)-1 || err == nil && res.StatusCode != 403 && res.StatusCode < 500 {
|
||||
return res, client, err
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -198,10 +190,7 @@ func pingRegistryEndpoint(endpoint string) (RegistryInfo, error) {
|
|||
|
||||
standalone := resp.Header.Get("X-Docker-Registry-Standalone")
|
||||
log.Debugf("Registry standalone header: '%s'", standalone)
|
||||
// Accepted values are "true" (case-insensitive) and "1".
|
||||
if strings.EqualFold(standalone, "true") || standalone == "1" {
|
||||
info.Standalone = true
|
||||
} else if len(standalone) > 0 {
|
||||
if !strings.EqualFold(standalone, "true") && standalone != "1" && len(standalone) > 0 {
|
||||
// there is a header set, and it is not "true" or "1", so assume fails
|
||||
info.Standalone = false
|
||||
}
|
||||
|
|
@ -306,12 +295,12 @@ func AddRequiredHeadersToRedirectedRequests(req *http.Request, via []*http.Reque
|
|||
if via != nil && via[0] != nil {
|
||||
if trustedLocation(req) && trustedLocation(via[0]) {
|
||||
req.Header = via[0].Header
|
||||
} else {
|
||||
for k, v := range via[0].Header {
|
||||
if k != "Authorization" {
|
||||
for _, vv := range v {
|
||||
req.Header.Add(k, vv)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
for k, v := range via[0].Header {
|
||||
if k != "Authorization" {
|
||||
for _, vv := range v {
|
||||
req.Header.Add(k, vv)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue