Use default http.Transport for AWS S3 session
Previously we used a custom Transport in order to modify the user agent header. This prevented the AWS SDK from being able to customize SSL and other client TLS parameters since it could not understand the Transport type. Instead we can simply use the SDK function MakeAddToUserAgentFreeFormHandler to customize the UserAgent if necessary and leave all the TLS configuration to the AWS SDK. The only exception being SkipVerify which we have to handle, but we can set it onto the standard http.Transport which does not interfere with the SDKs ability to set other options. Signed-off-by: Kirat Singh <kirat.singh@gmail.com>pull/3841/head
Kirat Singh
parent
cf87e8d07e
commit
3117e2eb2f
|
|
@ -36,7 +36,6 @@ import (
|
|||
"github.com/aws/aws-sdk-go/service/s3"
|
||||
|
||||
dcontext "github.com/distribution/distribution/v3/context"
|
||||
"github.com/distribution/distribution/v3/registry/client/transport"
|
||||
storagedriver "github.com/distribution/distribution/v3/registry/storage/driver"
|
||||
"github.com/distribution/distribution/v3/registry/storage/driver/base"
|
||||
"github.com/distribution/distribution/v3/registry/storage/driver/factory"
|
||||
|
|
@ -526,28 +525,24 @@ func New(params DriverParameters) (*Driver, error) {
|
|||
awsConfig.UseDualStackEndpoint = endpoints.DualStackEndpointStateEnabled
|
||||
}
|
||||
|
||||
if params.UserAgent != "" || params.SkipVerify {
|
||||
httpTransport := http.DefaultTransport
|
||||
if params.SkipVerify {
|
||||
httpTransport = &http.Transport{
|
||||
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
|
||||
}
|
||||
}
|
||||
if params.UserAgent != "" {
|
||||
awsConfig.WithHTTPClient(&http.Client{
|
||||
Transport: transport.NewTransport(httpTransport, transport.NewHeaderRequestModifier(http.Header{http.CanonicalHeaderKey("User-Agent"): []string{params.UserAgent}})),
|
||||
})
|
||||
} else {
|
||||
awsConfig.WithHTTPClient(&http.Client{
|
||||
Transport: transport.NewTransport(httpTransport),
|
||||
})
|
||||
if params.SkipVerify {
|
||||
httpTransport := &http.Transport{
|
||||
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
|
||||
}
|
||||
awsConfig.WithHTTPClient(&http.Client{
|
||||
Transport: httpTransport,
|
||||
})
|
||||
}
|
||||
|
||||
sess, err := session.NewSession(awsConfig)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create new session with aws config: %v", err)
|
||||
}
|
||||
|
||||
if params.UserAgent != "" {
|
||||
sess.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler(params.UserAgent))
|
||||
}
|
||||
|
||||
s3obj := s3.New(sess)
|
||||
|
||||
// enable S3 compatible signature v2 signing instead
|
||||
|
|
|
|||
Loading…
Reference in New Issue