1 files changed, 12 insertions, 6 deletions

diff --git a/docker/auth/auth.py b/docker/auth/auth.py
index 0bd386d..c13eed4 100644
--- a/docker/auth/auth.py
+++ b/docker/auth/auth.py
@@ -34,17 +34,22 @@ def swap_protocol(url):
     return url
 
 
-def expand_registry_url(hostname):
+def expand_registry_url(hostname, insecure=False):
     if hostname.startswith('http:') or hostname.startswith('https:'):
         if '/' not in hostname[9:]:
             hostname = hostname + '/v1/'
         return hostname
     if utils.ping('https://' + hostname + '/v1/_ping'):
         return 'https://' + hostname + '/v1/'
-    return 'http://' + hostname + '/v1/'
+    elif insecure:
+        return 'http://' + hostname + '/v1/'
+    else:
+        raise errors.DockerException(
+            "HTTPS endpoint unresponsive and insecure mode isn't enabled."
+        )
 
 
-def resolve_repository_name(repo_name):
+def resolve_repository_name(repo_name, insecure=False):
     if '://' in repo_name:
         raise errors.InvalidRepository(
             'Repository name cannot contain a scheme ({0})'.format(repo_name))
@@ -56,11 +61,12 @@ def resolve_repository_name(repo_name):
         raise errors.InvalidRepository(
             'Invalid repository name ({0})'.format(repo_name))
 
-    if 'index.docker.io' in parts[0]:
+    if 'index.docker.io' in parts[0] or 'registry.hub.docker.com' in parts[0]:
         raise errors.InvalidRepository(
-            'Invalid repository name, try "{0}" instead'.format(parts[1]))
+            'Invalid repository name, try "{0}" instead'.format(parts[1])
+        )
 
-    return expand_registry_url(parts[0]), parts[1]
+    return expand_registry_url(parts[0], insecure), parts[1]
 
 
 def resolve_authconfig(authconfig, registry=None):