forked from TrueCloudLab/distribution
Add option to skip certificate verification for the s3 driver
Signed-off-by: Huu Nguyen <whoshuu@gmail.com>
This commit is contained in:
parent
749f6afb45
commit
7655a3d91f
1 changed files with 36 additions and 4 deletions
|
@ -14,6 +14,7 @@ package s3
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"context"
|
"context"
|
||||||
|
"crypto/tls"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
|
@ -90,6 +91,7 @@ type DriverParameters struct {
|
||||||
Encrypt bool
|
Encrypt bool
|
||||||
KeyID string
|
KeyID string
|
||||||
Secure bool
|
Secure bool
|
||||||
|
SkipVerify bool
|
||||||
V4Auth bool
|
V4Auth bool
|
||||||
ChunkSize int64
|
ChunkSize int64
|
||||||
MultipartCopyChunkSize int64
|
MultipartCopyChunkSize int64
|
||||||
|
@ -248,6 +250,23 @@ func FromParameters(parameters map[string]interface{}) (*Driver, error) {
|
||||||
return nil, fmt.Errorf("The secure parameter should be a boolean")
|
return nil, fmt.Errorf("The secure parameter should be a boolean")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
skipVerifyBool := false
|
||||||
|
skipVerify := parameters["skipverify"]
|
||||||
|
switch skipVerify := skipVerify.(type) {
|
||||||
|
case string:
|
||||||
|
b, err := strconv.ParseBool(skipVerify)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("The skipVerify parameter should be a boolean")
|
||||||
|
}
|
||||||
|
skipVerifyBool = b
|
||||||
|
case bool:
|
||||||
|
skipVerifyBool = skipVerify
|
||||||
|
case nil:
|
||||||
|
// do nothing
|
||||||
|
default:
|
||||||
|
return nil, fmt.Errorf("The skipVerify parameter should be a boolean")
|
||||||
|
}
|
||||||
|
|
||||||
v4Bool := true
|
v4Bool := true
|
||||||
v4auth := parameters["v4auth"]
|
v4auth := parameters["v4auth"]
|
||||||
switch v4auth := v4auth.(type) {
|
switch v4auth := v4auth.(type) {
|
||||||
|
@ -344,6 +363,7 @@ func FromParameters(parameters map[string]interface{}) (*Driver, error) {
|
||||||
encryptBool,
|
encryptBool,
|
||||||
fmt.Sprint(keyID),
|
fmt.Sprint(keyID),
|
||||||
secureBool,
|
secureBool,
|
||||||
|
skipVerifyBool,
|
||||||
v4Bool,
|
v4Bool,
|
||||||
chunkSize,
|
chunkSize,
|
||||||
multipartCopyChunkSize,
|
multipartCopyChunkSize,
|
||||||
|
@ -420,10 +440,22 @@ func New(params DriverParameters) (*Driver, error) {
|
||||||
awsConfig.WithRegion(params.Region)
|
awsConfig.WithRegion(params.Region)
|
||||||
awsConfig.WithDisableSSL(!params.Secure)
|
awsConfig.WithDisableSSL(!params.Secure)
|
||||||
|
|
||||||
|
if params.UserAgent != "" || params.SkipVerify {
|
||||||
|
httpTransport := http.DefaultTransport
|
||||||
|
if params.SkipVerify {
|
||||||
|
httpTransport = &http.Transport{
|
||||||
|
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
|
||||||
|
}
|
||||||
|
}
|
||||||
if params.UserAgent != "" {
|
if params.UserAgent != "" {
|
||||||
awsConfig.WithHTTPClient(&http.Client{
|
awsConfig.WithHTTPClient(&http.Client{
|
||||||
Transport: transport.NewTransport(http.DefaultTransport, transport.NewHeaderRequestModifier(http.Header{http.CanonicalHeaderKey("User-Agent"): []string{params.UserAgent}})),
|
Transport: transport.NewTransport(httpTransport, transport.NewHeaderRequestModifier(http.Header{http.CanonicalHeaderKey("User-Agent"): []string{params.UserAgent}})),
|
||||||
})
|
})
|
||||||
|
} else {
|
||||||
|
awsConfig.WithHTTPClient(&http.Client{
|
||||||
|
Transport: transport.NewTransport(httpTransport),
|
||||||
|
})
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
s3obj := s3.New(session.New(awsConfig))
|
s3obj := s3.New(session.New(awsConfig))
|
||||||
|
|
Loading…
Reference in a new issue