// NewHttpClient returns a new HttpClient for the given host (which may be "host:port") func NewHttpClient(c *config.Configuration, host string) *HttpClient { httpClientsMutex.Lock() defer httpClientsMutex.Unlock() if httpClients == nil { httpClients = make(map[string]*HttpClient) } if client, ok := httpClients[host]; ok { return client } dialtime := c.GitConfigInt("lfs.dialtimeout", 30) keepalivetime := c.GitConfigInt("lfs.keepalive", 1800) // 30 minutes tlstime := c.GitConfigInt("lfs.tlstimeout", 30) tr := &http.Transport{ Proxy: http.ProxyFromEnvironment, Dial: (&net.Dialer{ Timeout: time.Duration(dialtime) * time.Second, KeepAlive: time.Duration(keepalivetime) * time.Second, }).Dial, TLSHandshakeTimeout: time.Duration(tlstime) * time.Second, MaxIdleConnsPerHost: c.ConcurrentTransfers(), } tr.TLSClientConfig = &tls.Config{} if isCertVerificationDisabledForHost(host) { tr.TLSClientConfig.InsecureSkipVerify = true } else { tr.TLSClientConfig.RootCAs = getRootCAsForHost(host) } client := &HttpClient{ &http.Client{Transport: tr, CheckRedirect: CheckRedirect}, } httpClients[host] = client return client }