Respect ALL_PROXY during registry operations

Use sockets.DialerFromEnvironment, as is done in other places, to transparently support SOCKS proxy config from ALL_PROXY environment variable. Requires the *engine* have the ALL_PROXY env var set, which doesn't seem ideal. Maybe it should be a CLI option somehow? Only tested with push and a v2 registry so far. I'm happy to look further into testing more broadly, but I wanted to get feedback on the general idea first. Signed-off-by: Brett Higgins <brhiggins@arbor.net>
2022-11-09 12:21:53 -05:00 · 2016-04-25 07:54:48 -04:00 · 2016-04-25 07:54:48 -04:00 · 207027087e
commit 207027087e
parent e974eadd94
2 changed files with 31 additions and 13 deletions
--- a/distribution/registry.go
+++ b/distribution/registry.go
@ -15,6 +15,7 @@ import (
 	"github.com/docker/docker/dockerversion"
 	"github.com/docker/docker/registry"
 	"github.com/docker/engine-api/types"
+	"github.com/docker/go-connections/sockets"
 	"golang.org/x/net/context"
 )

@ -43,20 +44,27 @@ func NewV2Repository(ctx context.Context, repoInfo *registry.RepositoryInfo, end
 		repoName = repoInfo.RemoteName()
 	}

+	direct := &net.Dialer{
+		Timeout:   30 * time.Second,
+		KeepAlive: 30 * time.Second,
+		DualStack: true,
+	}
+
 	// TODO(dmcgowan): Call close idle connections when complete, use keep alive
 	base := &http.Transport{
-		Proxy: http.ProxyFromEnvironment,
-		Dial: (&net.Dialer{
-			Timeout:   30 * time.Second,
-			KeepAlive: 30 * time.Second,
-			DualStack: true,
-		}).Dial,
+		Proxy:               http.ProxyFromEnvironment,
+		Dial:                direct.Dial,
 		TLSHandshakeTimeout: 10 * time.Second,
 		TLSClientConfig:     endpoint.TLSConfig,
 		// TODO(dmcgowan): Call close idle connections when complete and use keep alive
 		DisableKeepAlives: true,
 	}

+	proxyDialer, err := sockets.DialerFromEnvironment(direct)
+	if err == nil {
+		base.Dial = proxyDialer.Dial
+	}
+
 	modifiers := registry.DockerHeaders(dockerversion.DockerUserAgent(ctx), metaHeaders)
 	authTransport := transport.NewTransport(base, modifiers...)

--- a/registry/registry.go
+++ b/registry/registry.go
@ -16,6 +16,7 @@ import (

 	"github.com/Sirupsen/logrus"
 	"github.com/docker/distribution/registry/client/transport"
+	"github.com/docker/go-connections/sockets"
 	"github.com/docker/go-connections/tlsconfig"
 )

@ -165,16 +166,25 @@ func NewTransport(tlsConfig *tls.Config) *http.Transport {
 		var cfg = tlsconfig.ServerDefault
 		tlsConfig = &cfg
 	}
-	return &http.Transport{
-		Proxy: http.ProxyFromEnvironment,
-		Dial: (&net.Dialer{
-			Timeout:   30 * time.Second,
-			KeepAlive: 30 * time.Second,
-			DualStack: true,
-		}).Dial,
+
+	direct := &net.Dialer{
+		Timeout:   30 * time.Second,
+		KeepAlive: 30 * time.Second,
+		DualStack: true,
+	}
+
+	base := &http.Transport{
+		Proxy:               http.ProxyFromEnvironment,
+		Dial:                direct.Dial,
 		TLSHandshakeTimeout: 10 * time.Second,
 		TLSClientConfig:     tlsConfig,
 		// TODO(dmcgowan): Call close idle connections when complete and use keep alive
 		DisableKeepAlives: true,
 	}
+
+	proxyDialer, err := sockets.DialerFromEnvironment(direct)
+	if err == nil {
+		base.Dial = proxyDialer.Dial
+	}
+	return base
 }