diff --git a/hack/vendor.sh b/hack/vendor.sh index 9e94cfc596..a74d55133a 100755 --- a/hack/vendor.sh +++ b/hack/vendor.sh @@ -22,7 +22,7 @@ clone git github.com/vdemeester/shakers 3c10293ce22b900c27acad7b28656196fcc2f73b clone git golang.org/x/net 47990a1ba55743e6ef1affd3a14e5bac8553615d https://github.com/golang/net.git clone git github.com/docker/go-units 651fc226e7441360384da338d0fd37f2440ffbe3 clone git github.com/docker/go-connections v0.1.2 -clone git github.com/docker/engine-api v0.2.1 +clone git github.com/docker/engine-api v0.2.2 clone git github.com/RackSec/srslog 6eb773f331e46fbba8eecb8e794e635e75fc04de #get libnetwork packages diff --git a/integration-cli/docker_cli_daemon_test.go b/integration-cli/docker_cli_daemon_test.go index 190480f235..2fa39dae46 100644 --- a/integration-cli/docker_cli_daemon_test.go +++ b/integration-cli/docker_cli_daemon_test.go @@ -1439,6 +1439,29 @@ func (s *DockerDaemonSuite) TestHttpsInfo(c *check.C) { } } +// TestHttpsRun connects via two-way authenticated HTTPS to the create, attach, start, and wait endpoints. +// https://github.com/docker/docker/issues/19280 +func (s *DockerDaemonSuite) TestHttpsRun(c *check.C) { + const ( + testDaemonHTTPSAddr = "tcp://localhost:4271" + ) + + if err := s.d.StartWithBusybox("--tlsverify", "--tlscacert", "fixtures/https/ca.pem", "--tlscert", "fixtures/https/server-cert.pem", + "--tlskey", "fixtures/https/server-key.pem", "-H", testDaemonHTTPSAddr); err != nil { + c.Fatalf("Could not start daemon with busybox: %v", err) + } + + daemonArgs := []string{"--host", testDaemonHTTPSAddr, "--tlsverify", "--tlscacert", "fixtures/https/ca.pem", "--tlscert", "fixtures/https/client-cert.pem", "--tlskey", "fixtures/https/client-key.pem"} + out, err := s.d.CmdWithArgs(daemonArgs, "run", "busybox", "echo", "TLS response") + if err != nil { + c.Fatalf("Error Occurred: %s and output: %s", err, out) + } + + if !strings.Contains(out, "TLS response") { + c.Fatalf("expected output to include `TLS response`, got %v", out) + } +} + // TestTlsVerify verifies that --tlsverify=false turns on tls func (s *DockerDaemonSuite) TestTlsVerify(c *check.C) { out, err := exec.Command(dockerBinary, "daemon", "--tlsverify=false").CombinedOutput() diff --git a/vendor/src/github.com/docker/engine-api/client/client.go b/vendor/src/github.com/docker/engine-api/client/client.go index 061fd55daf..28f00e5669 100644 --- a/vendor/src/github.com/docker/engine-api/client/client.go +++ b/vendor/src/github.com/docker/engine-api/client/client.go @@ -65,7 +65,6 @@ func NewEnvClient() (*Client, error) { func NewClient(host string, version string, transport *http.Transport, httpHeaders map[string]string) (*Client, error) { var ( basePath string - tlsConfig *tls.Config scheme = "http" protoAddrParts = strings.SplitN(host, "://", 2) proto, addr = protoAddrParts[0], protoAddrParts[1] @@ -90,7 +89,7 @@ func NewClient(host string, version string, transport *http.Transport, httpHeade addr: addr, basePath: basePath, scheme: scheme, - tlsConfig: tlsConfig, + tlsConfig: transport.TLSClientConfig, httpClient: &http.Client{Transport: transport}, version: version, customHTTPHeaders: httpHeaders, diff --git a/vendor/src/github.com/docker/engine-api/types/filters/parse.go b/vendor/src/github.com/docker/engine-api/types/filters/parse.go index e99462c0a8..9c80b1eddb 100644 --- a/vendor/src/github.com/docker/engine-api/types/filters/parse.go +++ b/vendor/src/github.com/docker/engine-api/types/filters/parse.go @@ -10,12 +10,12 @@ import ( "strings" ) -// Args stores filter arguments as map key:{array of values}. -// It contains a aggregation of the list of arguments (which are in the form +// Args stores filter arguments as map key:{map key: bool}. +// It contains a aggregation of the map of arguments (which are in the form // of -f 'key=value') based on the key, and store values for the same key -// in an slice. +// in an map with string keys and boolean values. // e.g given -f 'label=label1=1' -f 'label=label2=2' -f 'image.name=ubuntu' -// the args will be {'label': {'label1=1','label2=2'}, 'image.name', {'ubuntu'}} +// the args will be {"image.name":{"ubuntu":true},"label":{"label1=1":true,"label2=2":true}} type Args struct { fields map[string]map[string]bool }