diff options
author | Hakan Ardo <hakan@debian.org> | 2021-03-03 09:27:21 +0100 |
---|---|---|
committer | Hakan Ardo <hakan@debian.org> | 2021-03-03 09:30:19 +0100 |
commit | c239d66d5d261f0f956925705c679fffb61bdb05 (patch) | |
tree | 343652f38cb73245244b193072fe9dbe5805c838 | |
parent | 55f405e04a91ddbbc26aa738bd3cb41bd28f8dbd (diff) | |
download | docker-py-c239d66d5d261f0f956925705c679fffb61bdb05.tar.gz |
Verify TLS keys loaded from docker contexts
This maches the behaviour of the docker cli when using contexts.
Signed-off-by: Hakan Ardo <hakan@debian.org>
-rw-r--r-- | docker/context/context.py | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/docker/context/context.py b/docker/context/context.py index 2413b2e..b1cacf9 100644 --- a/docker/context/context.py +++ b/docker/context/context.py @@ -127,8 +127,12 @@ class Context: elif filename.startswith("key"): key = os.path.join(tls_dir, endpoint, filename) if all([ca_cert, cert, key]): + verify = None + if endpoint == "docker": + if not self.endpoints["docker"].get("SkipTLSVerify", False): + verify = True certs[endpoint] = TLSConfig( - client_cert=(cert, key), ca_cert=ca_cert) + client_cert=(cert, key), ca_cert=ca_cert, verify=verify) self.tls_cfg = certs self.tls_path = tls_dir |