summaryrefslogtreecommitdiff
path: root/docker/tls.py
Commit message (Collapse)AuthorAgeFilesLines
* Don't use PROTOCOL_TLSv1_2 directly to avoid ImportErrorsdperny-change-tls-defaultJoffrey F2018-01-241-15/+8
| | | | Signed-off-by: Joffrey F <joffrey@docker.com>
* Change default TLS versionDrew Erny2018-01-241-7/+34
| | | | | | | | | | Detects if python has an up-to-date version of OpenSSL that supports TLSv1.2. If it does, choose that as the default TLS version, instead of TLSv1. The Docker Engine and the majority of other Docker API servers should suppot TLSv1.2, and if they do not, the user can manually set a different (lower) version. Signed-off-by: Drew Erny <drew.erny@docker.com>
* Move ssladapter to transport modulessladapter_transport_moduleJoffrey F2016-12-011-2/+3
| | | | Signed-off-by: Joffrey F <joffrey@docker.com>
* Add docstrings to low-level APIBen Firshman2016-11-221-0/+17
| | | | Signed-off-by: Ben Firshman <ben@firshman.co.uk>
* Make docker.ssladaptor a single fileBen Firshman2016-11-221-2/+1
| | | | Signed-off-by: Ben Firshman <ben@firshman.co.uk>
* Fix a few pep8 issuesBen Firshman2016-09-141-1/+1
| | | | | | autopep8 --in-place --recursive --experimental -aaa --ignore E309 . Signed-off-by: Ben Firshman <ben@firshman.co.uk>
* Use protocol TLS v1.0 by default when none is set.963-tlsv1-defaultJoffrey F2016-03-021-1/+6
| | | | Signed-off-by: Joffrey F <joffrey@docker.com>
* Fix TLS regressionsAanand Prasad2016-02-231-2/+7
| | | | | | | | | - Set `verify` to the CA cert path if one has been specified, rather than `True` - Don't set `assert_fingerprint` Signed-off-by: Aanand Prasad <aanand.prasad@gmail.com>
* Merge pull request #920 from docker/ssl_version_simplerJoffrey F2016-02-051-5/+0
|\ | | | | Remove obsolete SSL version computation
| * Remove obsolete SSL version computationssl_version_simplerJoffrey F2016-02-031-5/+0
| | | | | | | | | | | | | | | | Recent versions of urllib3 (including the one packaged by requests) will automatically reject SSLv2/3. Additional test to check urllib3's behavior (mostly for release/packaging) Signed-off-by: Joffrey F <joffrey@docker.com>
* | Re-write kwargs_from_env to handle TLS options betterMike Dougherty2016-02-041-18/+10
|/ | | | | | | | This more closely matches the way the docker client interprets the relevant environment variables. Among other things, it's now possible to set DOCKER_TLS_VERIFY=false. Signed-off-by: Mike Dougherty <mike.dougherty@docker.com>
* Update HTTPS docs linkhttps_docs_linkJoffrey F2016-01-181-1/+1
| | | | Signed-off-by: Joffrey F <joffrey@docker.com>
* Add assert_fingerprint option.dlorenc2015-03-191-1/+4
| | | | Signed-off-by: dlorenc <lorenc.d@gmail.com>
* Require highest level of client-supported SSL/TLS cryptoEric Windisch2014-10-291-2/+5
| | | | | | | | | | | | Up to TLS 1.2, support the highest locally supported crypto protocol. This eliminates the previous default of PROTOCOL_SSLv23, replacing it with what should be TLSv1 for Python 2.7 and TLSv1.2 for newer versions of Python 3. Developers using docker-py may still specify the ssl_version to override the default. Signed-off-by: Eric Windisch <eric@windisch.us>
* Enable the overriding of `assert_hostname` on TLSConfigAanand Prasad2014-10-141-2/+6
| | | | Signed-off-by: Aanand Prasad <aanand.prasad@gmail.com>
* server_cacert -> ca_certJoffrey F2014-07-101-4/+4
|
* Improved TLSConfig API to be less obscure / more pythonic. Also improved / ↵Joffrey F2014-07-081-12/+20
| | | | amended docs
* Raise an exception when tls_ca_cert is provided and tls_verify is falseJoffrey F2014-07-031-0/+5
|
* Allow setting Client.verify to false when tls_verify is set to false in ↵Joffrey F2014-07-031-3/+3
| | | | TLSConfig
* Fixed bugs, clearer error messagesJoffrey F2014-06-241-10/+14
|
* * Merge branch 'tls' of github.com:momer/docker-py into momer-tlsJoffrey F2014-06-231-0/+51
* Exported TLS configuration in tls.TLSConfig * Merged exceptions packagee into pre-existing errors module * Flake8 fixes * Bug fixes
View Lorry Controller Status