Merge pull request #2782 from hakanardo/verify_tls

Verify TLS keys loaded from docker contexts
author: Anca Iordache <aiordache@users.noreply.github.com> 2021-03-10 16:17:34 +0100
committer: GitHub <noreply@github.com> 2021-03-10 16:17:34 +0100
commit: 31775a1532a66cf8a4c183a99bb5c73623147295 (patch)
tree: 0be21b27c52a0d6cf21a14e16bc5faa4647f314a
parent: 563124163a5d092e954846121150d896ddca0836 (diff)
parent: c239d66d5d261f0f956925705c679fffb61bdb05 (diff)
download: docker-py-31775a1532a66cf8a4c183a99bb5c73623147295.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/docker/context/context.py b/docker/context/context.py
index 2413b2e..b1cacf9 100644
--- a/docker/context/context.py
+++ b/docker/context/context.py
@@ -127,8 +127,12 @@ class Context:
                 elif filename.startswith("key"):
                     key = os.path.join(tls_dir, endpoint, filename)
             if all([ca_cert, cert, key]):
+                verify = None
+                if endpoint == "docker":
+                    if not self.endpoints["docker"].get("SkipTLSVerify", False):
+                        verify = True
                 certs[endpoint] = TLSConfig(
-                    client_cert=(cert, key), ca_cert=ca_cert)
+                    client_cert=(cert, key), ca_cert=ca_cert, verify=verify)
         self.tls_cfg = certs
         self.tls_path = tls_dir
author	Anca Iordache <aiordache@users.noreply.github.com>	2021-03-10 16:17:34 +0100
committer	GitHub <noreply@github.com>	2021-03-10 16:17:34 +0100
commit	31775a1532a66cf8a4c183a99bb5c73623147295 (patch)
tree	0be21b27c52a0d6cf21a14e16bc5faa4647f314a
parent	563124163a5d092e954846121150d896ddca0836 (diff)
parent	c239d66d5d261f0f956925705c679fffb61bdb05 (diff)
download	docker-py-31775a1532a66cf8a4c183a99bb5c73623147295.tar.gz