diff --git a/daemon/pkg/registry/registry.go b/daemon/pkg/registry/registry.go index d4c0c053e9..5f9b823d1c 100644 --- a/daemon/pkg/registry/registry.go +++ b/daemon/pkg/registry/registry.go @@ -30,9 +30,8 @@ func hostCertsDir(hostnameAndPort string) string { return filepath.Join(CertsDir(), hostnameAndPort) } -// newTLSConfig constructs a client TLS configuration based on server defaults +// newTLSConfig constructs a client TLS configuration based on server defaults. func newTLSConfig(ctx context.Context, hostname string, isSecure bool) (*tls.Config, error) { - // PreferredServerCipherSuites should have no effect tlsConfig := tlsconfig.ServerDefault() tlsConfig.InsecureSkipVerify = !isSecure @@ -112,9 +111,9 @@ func loadTLSConfig(ctx context.Context, directory string, tlsConfig *tls.Config) return nil } -// Headers returns request modifiers with a User-Agent and metaHeaders +// Headers returns request modifiers with a User-Agent and metaHeaders. func Headers(userAgent string, metaHeaders http.Header) []transport.RequestModifier { - modifiers := []transport.RequestModifier{} + var modifiers []transport.RequestModifier if userAgent != "" { modifiers = append(modifiers, transport.NewHeaderRequestModifier(http.Header{ "User-Agent": []string{userAgent}, diff --git a/daemon/pkg/registry/search_endpoint_v1.go b/daemon/pkg/registry/search_endpoint_v1.go index e1053638ee..9537ab2ac9 100644 --- a/daemon/pkg/registry/search_endpoint_v1.go +++ b/daemon/pkg/registry/search_endpoint_v1.go @@ -177,14 +177,13 @@ func httpClient(tr http.RoundTripper) *http.Client { } func trustedLocation(req *http.Request) bool { - var ( - trusteds = []string{"docker.com", "docker.io"} - hostname = strings.SplitN(req.Host, ":", 2)[0] - ) if req.URL.Scheme != "https" { return false } - + var ( + trusteds = []string{"docker.com", "docker.io"} + hostname, _, _ = strings.Cut(req.Host, ":") + ) for _, trusted := range trusteds { if hostname == trusted || strings.HasSuffix(hostname, "."+trusted) { return true