jclouds-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ignasi Barrera <notificati...@github.com>
Subject Re: [jclouds-labs] Upgrade to docker 1.7 (#188)
Date Tue, 21 Jul 2015 09:06:52 GMT
> +         client.setConnectTimeout(utils.getConnectionTimeout(), TimeUnit.MILLISECONDS);
> +         client.setReadTimeout(utils.getSocketOpenTimeout(), TimeUnit.MILLISECONDS);
> +         client.setFollowRedirects(false);
> +         ConnectionSpec tlsSpec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
> +                 .tlsVersions(TlsVersion.TLS_1_0, TlsVersion.TLS_1_1, TlsVersion.TLS_1_2)
> +                 .build();
> +         ConnectionSpec cleartextSpec = new ConnectionSpec.Builder(ConnectionSpec.CLEARTEXT)
> +                 .build();
> +         client.setConnectionSpecs(ImmutableList.of(tlsSpec, cleartextSpec));
> +         client.setSslSocketFactory(sslContextWithKeysSupplier.get().getSocketFactory());
> +
> +         if (utils.relaxHostname()) {
> +            client.setHostnameVerifier(hostnameVerifier);
> +         }
> +         return client;
> +      }

In that case I'd suggest that the docker provider uses a linked binding to bind the [UntrustedSSLContextSupplier](https://github.com/jclouds/jclouds/blob/master/core/src/main/java/org/jclouds/http/config/SSLModule.java#L76)
to one that both implements the trustallcerts but has the Docker keys in it, but keep the
OkHttp client supplier approach and avoid copy/pasting the OkHttp module config. WDYT?

---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs/pull/188/files#r35082825
Mime
View raw message