mirror of
https://github.com/docker/compose.git
synced 2025-07-23 13:45:00 +02:00
Specifying --tls no longer overrides all other TLS options
Add an option to skip hostname verification Signed-off-by: Joffrey F <joffrey@docker.com>
This commit is contained in:
parent
7166408d2a
commit
26f3861791
@ -22,14 +22,17 @@ def tls_config_from_options(options):
|
||||
key = options.get('--tlskey')
|
||||
verify = options.get('--tlsverify')
|
||||
|
||||
if tls is True:
|
||||
advanced_opts = any([ca_cert, cert, key, verify])
|
||||
|
||||
if tls is True and not advanced_opts:
|
||||
return True
|
||||
elif any([ca_cert, cert, key, verify]):
|
||||
elif advanced_opts:
|
||||
client_cert = None
|
||||
if cert or key:
|
||||
client_cert = (cert, key)
|
||||
return TLSConfig(
|
||||
client_cert=client_cert, verify=verify, ca_cert=ca_cert
|
||||
client_cert=client_cert, verify=verify, ca_cert=ca_cert,
|
||||
assert_hostname=options.get('--skip-hostname-check')
|
||||
)
|
||||
else:
|
||||
return None
|
||||
|
@ -156,6 +156,9 @@ class TopLevelCommand(object):
|
||||
--tlscert CLIENT_CERT_PATH Path to TLS certificate file
|
||||
--tlskey TLS_KEY_PATH Path to TLS key file
|
||||
--tlsverify Use TLS and verify the remote
|
||||
--skip-hostname-check Don't check the daemon's hostname against the name specified
|
||||
in the client certificate (for example if your docker host
|
||||
is an IP address)
|
||||
|
||||
Commands:
|
||||
build Build or rebuild services
|
||||
|
Loading…
x
Reference in New Issue
Block a user