Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
install.sh: Invoke curl with secure defaults
When invoking the install script, the installation process can fail silently so that the `k3d` binary includes only the ASCII string 'Not found'. This can be avoided by passing the `--fail` flag so that the command fails if a 4XX or 5XX response is received. This change adds a `scurl` function that invokes `curl` with this flag, as well as flags that ensure that at least TLS v1.2 is used (this helps mitigate protocol downgrade attacks). This is based on the defaults we use in Linkerd. See: https://github.com/linkerd/linkerd2/blob/a0b112471eef7e3975fbc8564df52d83894c3fa3/bin/scurl Signed-off-by: Oliver Gould <[email protected]>
- Loading branch information