TLSClientConfig - Code Search

src/net/http/alpn_test.go

		}
	}

	// Request to an advertised but unhandled NPN protocol.
	// Server will hang up.
	{
		certPool := x509.NewCertPool()
		certPool.AddCert(ts.Certificate())
		tr := &Transport{
			TLSClientConfig: &tls.Config{
				RootCAs:    certPool,
				NextProtos: []string{"unhandled-proto"},
			},
		}
		defer tr.CloseIdleConnections()
		c := &Client{
			Transport: tr,
		}
		res, err := c.Get(ts.URL)

Registered: Wed Jun 12 16:32:35 UTC 2024

- Last Modified: Tue Oct 20 18:41:18 UTC 2020

- 3K bytes

- Viewed (0)

github.com/kubernetes/kubernetes

staging/src/k8s.io/apimachinery/pkg/util/proxy/dial.go

			return dialer(ctx, "tcp", dialAddr)
		}
		var d net.Dialer
		return d.DialContext(ctx, "tcp", dialAddr)
	case "https":
		// Get the tls config from the transport if we recognize it
		tlsConfig, err := utilnet.TLSClientConfig(transport)
		if err != nil {
			klog.V(5).Infof("Unable to unwrap transport %T to get at TLS config: %v", transport, err)
		}

		if dialer != nil {
			// We have a dialer; use it to open the connection, then

Registered: Sat Jun 15 01:39:40 UTC 2024

- Last Modified: Mon Oct 23 22:33:38 UTC 2023

- 3.8K bytes

- Viewed (0)

github.com/kubernetes/kubernetes

staging/src/k8s.io/apimachinery/pkg/util/net/http.go

}

type TLSClientConfigHolder interface {
	TLSClientConfig() *tls.Config
}

func TLSClientConfig(transport http.RoundTripper) (*tls.Config, error) {
	if transport == nil {
		return nil, nil
	}

	switch transport := transport.(type) {
	case *http.Transport:
		return transport.TLSClientConfig, nil
	case TLSClientConfigHolder:
		return transport.TLSClientConfig(), nil
	case RoundTripperWrapper:

Registered: Sat Jun 15 01:39:40 UTC 2024

- Last Modified: Sat Mar 05 00:08:58 UTC 2022

- 20.8K bytes

- Viewed (0)

github.com/istio/istio

pkg/test/echo/server/forwarder/http.go

	}

	return doForward(ctx, cfg, c.e, call.makeRequest)
}

func newHTTP3TransportGetter(cfg *Config) (httpTransportGetter, func()) {
	newConn := func() *http3.RoundTripper {
		return &http3.RoundTripper{
			TLSClientConfig: cfg.tlsConfig,
			QUICConfig:      &quic.Config{},
		}
	}
	closeFn := func(conn *http3.RoundTripper) func() {
		return func() {
			_ = conn.Close()
		}
	}
	noCloseFn := func() {}

Registered: Fri Jun 14 15:00:06 UTC 2024

- Last Modified: Tue Apr 30 13:56:46 UTC 2024

- 7.9K bytes

- Viewed (0)

github.com/kubernetes/kubernetes

pkg/kubelet/certificate/transport_test.go

	s.TLS = &tls.Config{
		// Just request a cert, we don't need to verify it.
		ClientAuth: tls.RequestClientCert,
	}
	s.StartTLS()
	defer s.Close()

	c := &rest.Config{
		Host: s.URL,
		TLSClientConfig: rest.TLSClientConfig{
			// We don't care about the server's cert.
			Insecure: true,
		},
		ContentConfig: rest.ContentConfig{
			// This is a hack. We don't actually care about the serializer.

Registered: Sat Jun 15 01:39:40 UTC 2024

- Last Modified: Fri Sep 18 08:52:58 UTC 2020

- 7.8K bytes

- Viewed (0)

github.com/istio/istio

pkg/istio-agent/health/health_probers.go

	h.Config = cfg

	// Create an http.Transport with TLSClientConfig for HTTPProber if the scheme is https,
	// otherwise set up an empty one.
	if cfg.Scheme == string(scheme.HTTPS) {
		// nolint: gosec
		// This is matching Kubernetes. It is a reasonable usage of this, as it is just a health check over localhost.
		h.Transport = &http.Transport{
			DisableKeepAlives: true,
			TLSClientConfig:   &tls.Config{InsecureSkipVerify: true},
		}
	} else {

Registered: Fri Jun 14 15:00:06 UTC 2024

- Last Modified: Tue May 23 17:08:31 UTC 2023

- 5.7K bytes

- Viewed (0)

github.com/kubernetes/kubernetes

staging/src/k8s.io/apimachinery/pkg/util/proxy/dial_test.go

				DialContext:     tc.Dial,
				TLSClientConfig: tlsConfigCopy,
			}

			extractedDial, err := utilnet.DialerFor(transport)
			if err != nil {
				t.Fatal(err)
			}
			if fmt.Sprintf("%p", extractedDial) != fmt.Sprintf("%p", tc.Dial) {
				t.Fatalf("%s: Unexpected dial", k)
			}

			extractedTLSConfig, err := utilnet.TLSClientConfig(transport)
			if err != nil {
				t.Fatal(err)
			}

Registered: Sat Jun 15 01:39:40 UTC 2024

- Last Modified: Mon Oct 23 22:33:38 UTC 2023

- 8.4K bytes

- Viewed (0)

github.com/istio/istio

istioctl/pkg/kubeinject/kubeinject.go

	} else {
		var err error
		certPool, err = x509.SystemCertPool()
		if err != nil {
			return nil, err
		}
	}
	tlsClientConfig := &tls.Config{RootCAs: certPool, MinVersion: tls.VersionTLS12}
	client := http.Client{
		Timeout: time.Second * 5,
		Transport: &http.Transport{
			TLSClientConfig: tlsClientConfig,
		},
	}
	if cc.Service != nil {

Registered: Fri Jun 14 15:00:06 UTC 2024

- Last Modified: Fri Mar 29 02:29:02 UTC 2024

- 21.6K bytes

- Viewed (0)

github.com/istio/istio

pkg/test/echo/server/forwarder/websocket.go

	}
	if len(cfg.UDS) > 0 {
		dialContext = func(network, addr string) (net.Conn, error) {
			return newDialer(cfg).Dial("unix", cfg.UDS)
		}
	}

	dialer := &websocket.Dialer{
		TLSClientConfig:  cfg.tlsConfig,
		NetDial:          dialContext,
		HandshakeTimeout: cfg.timeout,
	}

	conn, _, err := dialer.Dial(req.Url, wsReq)
	if err != nil {
		// timeout or bad handshake

Registered: Fri Jun 14 15:00:06 UTC 2024

- Last Modified: Mon Jul 11 16:27:16 UTC 2022

- 3.3K bytes

- Viewed (0)

github.com/istio/istio

samples/jwt-server/src/main_test.go

	caCertPool := x509.NewCertPool()
	caCertPool.AppendCertsFromPEM(caCert)

	// creating https client with client certificate and certificate authority
	httpsClient := &http.Client{
		Transport: &http.Transport{
			TLSClientConfig: &tls.Config{
				RootCAs:    caCertPool,
				MinVersion: tls.VersionTLS12,
			},
		},
	}

	server := NewJwtServer(serverCert, serverKey)

	// Start the test server on port 8443.

Registered: Fri Jun 14 15:00:06 UTC 2024

- Last Modified: Thu Feb 23 16:58:02 UTC 2023

- 2.2K bytes

- Viewed (0)

Search Options