Rolling your own TLS transport
Nate Finch
nate.finch at canonical.com
Thu Jan 14 16:35:59 UTC 2016
tl;dr: don't. Use NewHttpTLSTransport from github.com/juju/utils.
There was a bug with downloading tools where we weren't respecting the
proxy set in the environment. I thought this pretty unlikely to be our
fault, since go by default obeys the proxy in the environment. The only way
it could happen is if we were rolling our own transport value... which of
course we were (albeit for good reason - to avoid a bug).
So, I fixed NewHttpTLSTransport to obey the environment's proxy, and while
I was doing that, I grepped around to make sure no one else was doing the
same thing, and I found an instance where someone had rolled their own TLS
transport value, without even using NewHttpTLSTransport (no doubt because
the programmer didn't know that function existed).
So now I'm emailing everyone so you'll know that function exists. If you
need to make an HTTPS connection somewhere, please use NewHttpTLSTransport
when you create your http.Client, instead of rolling your own.
-Nate
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/juju-dev/attachments/20160114/910e1ef4/attachment.html>
More information about the Juju-dev
mailing list