msb-public
/
helm
mirror of https://github.com/helm/helm
1
0
Code Issues Projects Releases Wiki Activity

CAFile is now optional, in that case the default RootCAs are used

Browse Source
pull/2615/head
Nandor Kracser 7 years ago
parent 42ede7f6f8
commit 5f96fb816c
2 changed files with 11 additions and 8 deletions
Show Stats Download Patch File Download Diff File

2
pkg/getter/httpgetter.go
Unescape View File

@ -50,7 +50,7 @@ func (g *httpGetter) Get(href string) (*bytes.Buffer, error) {
// newHTTPGetter constructs a valid http/https client as Getter // newHTTPGetter constructs a valid http/https client as Getter
func newHTTPGetter(URL, CertFile, KeyFile, CAFile string) (Getter, error) { func newHTTPGetter(URL, CertFile, KeyFile, CAFile string) (Getter, error) {
var client httpGetter var client httpGetter
if CertFile != "" && KeyFile != "" && CAFile != "" { if CertFile != "" && KeyFile != "" {
tlsConf, err := tlsutil.NewClientTLS(CertFile, KeyFile, CAFile) tlsConf, err := tlsutil.NewClientTLS(CertFile, KeyFile, CAFile)
if err != nil { if err != nil {
return nil, fmt.Errorf("can't create TLS config for client: %s", err.Error()) return nil, fmt.Errorf("can't create TLS config for client: %s", err.Error())

17
pkg/tlsutil/tls.go
Unescape View File

@ -29,14 +29,17 @@ func NewClientTLS(certFile, keyFile, caFile string) (*tls.Config, error) {
if err != nil { if err != nil {
return nil, err return nil, err
} }
cp, err := CertPoolFromFile(caFile) config := tls.Config{
if err != nil {
return nil, err
}
return &tls.Config{
Certificates: []tls.Certificate{*cert}, Certificates: []tls.Certificate{*cert},
RootCAs: cp, }
}, nil if caFile != "" {
cp, err := CertPoolFromFile(caFile)
if err != nil {
return nil, err
}
config.RootCAs = cp
}
return &config, nil
} }
// CertPoolFromFile returns an x509.CertPool containing the certificates // CertPoolFromFile returns an x509.CertPool containing the certificates

Write Preview
Loading…
Cancel
Save