vendor: update google/cadvisor and opencontainers/runc
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano
2
vendor/github.com/docker/go-connections/nat/nat.go
generated
vendored
2
vendor/github.com/docker/go-connections/nat/nat.go
generated
vendored
@@ -113,7 +113,7 @@ func SplitProtoPort(rawPort string) (string, string) {
|
||||
}
|
||||
|
||||
func validateProto(proto string) bool {
|
||||
for _, availableProto := range []string{"tcp", "udp"} {
|
||||
for _, availableProto := range []string{"tcp", "udp", "sctp"} {
|
||||
if availableProto == proto {
|
||||
return true
|
||||
}
|
||||
|
||||
1
vendor/github.com/docker/go-connections/tlsconfig/certpool_other.go
generated
vendored
1
vendor/github.com/docker/go-connections/tlsconfig/certpool_other.go
generated
vendored
@@ -4,7 +4,6 @@ package tlsconfig
|
||||
|
||||
import (
|
||||
"crypto/x509"
|
||||
|
||||
)
|
||||
|
||||
// SystemCertPool returns an new empty cert pool,
|
||||
|
||||
26
vendor/github.com/docker/go-connections/tlsconfig/config.go
generated
vendored
26
vendor/github.com/docker/go-connections/tlsconfig/config.go
generated
vendored
@@ -46,8 +46,6 @@ var acceptedCBCCiphers = []uint16{
|
||||
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
|
||||
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
|
||||
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
|
||||
tls.TLS_RSA_WITH_AES_256_CBC_SHA,
|
||||
tls.TLS_RSA_WITH_AES_128_CBC_SHA,
|
||||
}
|
||||
|
||||
// DefaultServerAcceptedCiphers should be uses by code which already has a crypto/tls
|
||||
@@ -65,22 +63,34 @@ var allTLSVersions = map[uint16]struct{}{
|
||||
}
|
||||
|
||||
// ServerDefault returns a secure-enough TLS configuration for the server TLS configuration.
|
||||
func ServerDefault() *tls.Config {
|
||||
return &tls.Config{
|
||||
// Avoid fallback to SSL protocols < TLS1.0
|
||||
MinVersion: tls.VersionTLS10,
|
||||
func ServerDefault(ops ...func(*tls.Config)) *tls.Config {
|
||||
tlsconfig := &tls.Config{
|
||||
// Avoid fallback by default to SSL protocols < TLS1.2
|
||||
MinVersion: tls.VersionTLS12,
|
||||
PreferServerCipherSuites: true,
|
||||
CipherSuites: DefaultServerAcceptedCiphers,
|
||||
}
|
||||
|
||||
for _, op := range ops {
|
||||
op(tlsconfig)
|
||||
}
|
||||
|
||||
return tlsconfig
|
||||
}
|
||||
|
||||
// ClientDefault returns a secure-enough TLS configuration for the client TLS configuration.
|
||||
func ClientDefault() *tls.Config {
|
||||
return &tls.Config{
|
||||
func ClientDefault(ops ...func(*tls.Config)) *tls.Config {
|
||||
tlsconfig := &tls.Config{
|
||||
// Prefer TLS1.2 as the client minimum
|
||||
MinVersion: tls.VersionTLS12,
|
||||
CipherSuites: clientCipherSuites,
|
||||
}
|
||||
|
||||
for _, op := range ops {
|
||||
op(tlsconfig)
|
||||
}
|
||||
|
||||
return tlsconfig
|
||||
}
|
||||
|
||||
// certPool returns an X.509 certificate pool from `caFile`, the certificate file.
|
||||
|
||||
Reference in New Issue
Block a user