0a8edc17c9
This adds the pakage api/rest/client which implements a go-client for the REST API component. It also update the ipfs-cluster-ctl tool to rely on it. Originally, I wanted this to live it in it's own separate repository, but the api client uses /api/types.go, which is part of cluster. Therefore it would need to import all of cluster as a dependency. ipfs-cluster-ctl would also need to import go-ipfs-cluster-api-client as a dependency, creating circular gx deps which would be a mess to maintain. Only the splitting of cluster in multiple repositories (at least for api, rest, ipfs-cluster-ctl, rest/client and test) would allow better dependency management by allowing rest/client and the ctl tool to only import what is needed, but this is something which brings maintenance costs and can probably wait a bit until cluster is more stable. License: MIT Signed-off-by: Hector Sanjuan <code@hector.link>
26 lines
642 B
Go
26 lines
642 B
Go
package client
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"net/http"
|
|
)
|
|
|
|
func newTLSTransport(skipVerify bool) *http.Transport {
|
|
// based on https://github.com/denji/golang-tls
|
|
tlsCfg := &tls.Config{
|
|
MinVersion: tls.VersionTLS12,
|
|
CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
|
|
PreferServerCipherSuites: true,
|
|
CipherSuites: []uint16{
|
|
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
|
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
|
|
tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
|
|
tls.TLS_RSA_WITH_AES_256_CBC_SHA,
|
|
},
|
|
InsecureSkipVerify: skipVerify,
|
|
}
|
|
return &http.Transport{
|
|
TLSClientConfig: tlsCfg,
|
|
}
|
|
}
|