Use cleanhttp instead of bare http.Client

api/client.go

@@ -9,6 +9,8 @@ import (
 	"strings"
 	"sync"
 	"time"
+
+	"github.com/hashicorp/go-cleanhttp"
 )
 
 var (
@@ -38,10 +40,10 @@ type Config struct {
 func DefaultConfig() *Config {
 	config := &Config{
 		Address: "https://127.0.0.1:8200",
-		HttpClient: &http.Client{
+
-			Timeout: time.Second * 60,
+		HttpClient: cleanhttp.DefaultClient(),
-		},
 	}
+	config.HttpClient.Timeout = time.Second * 60
 
 	if addr := os.Getenv("VAULT_ADDR"); addr != "" {
 		config.Address = addr

builtin/credential/github/backend.go

@@ -1,9 +1,8 @@
 package github
 
 import (
-	"net/http"
-
 	"github.com/google/go-github/github"
+	"github.com/hashicorp/go-cleanhttp"
 	"github.com/hashicorp/vault/logical"
 	"github.com/hashicorp/vault/logical/framework"
 	"golang.org/x/oauth2"
@@ -54,7 +53,7 @@ type backend struct {
 // Client returns the GitHub client to communicate to GitHub via the
 // configured settings.
 func (b *backend) Client(token string) (*github.Client, error) {
-	tc := &http.Client{}
+	tc := cleanhttp.DefaultClient()
 	if token != "" {
 		tc = oauth2.NewClient(oauth2.NoContext, &tokenSource{Value: token})
 	}

builtin/logical/aws/backend_test.go

@@ -5,7 +5,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"log"
-	"net/http"
 	"os"
 	"testing"
 	"time"
@@ -13,6 +12,7 @@ import (
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/credentials"
 	"github.com/aws/aws-sdk-go/service/ec2"
+	"github.com/hashicorp/go-cleanhttp"
 	"github.com/hashicorp/vault/logical"
 	logicaltest "github.com/hashicorp/vault/logical/testing"
 	"github.com/mitchellh/mapstructure"
@@ -98,7 +98,7 @@ func testAccStepReadUser(t *testing.T, name string) logicaltest.TestStep {
 			awsConfig := &aws.Config{
 				Credentials: creds,
 				Region:      aws.String("us-east-1"),
-				HTTPClient:  &http.Client{},
+				HTTPClient:  cleanhttp.DefaultClient(),
 			}
 			client := ec2.New(awsConfig)
 

builtin/logical/aws/client.go

@@ -2,11 +2,11 @@ package aws
 
 import (
 	"fmt"
-	"net/http"
 
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/credentials"
 	"github.com/aws/aws-sdk-go/service/iam"
+	"github.com/hashicorp/go-cleanhttp"
 	"github.com/hashicorp/vault/logical"
 )
 
@@ -30,7 +30,7 @@ func clientIAM(s logical.Storage) (*iam.IAM, error) {
 	awsConfig := &aws.Config{
 		Credentials: creds,
 		Region:      aws.String(config.Region),
-		HTTPClient:  &http.Client{},
+		HTTPClient:  cleanhttp.DefaultClient(),
 	}
 	return iam.New(awsConfig), nil
 }

http/handler_test.go

@@ -7,6 +7,7 @@ import (
 	"reflect"
 	"testing"
 
+	"github.com/hashicorp/go-cleanhttp"
 	"github.com/hashicorp/vault/logical"
 	"github.com/hashicorp/vault/vault"
 )
@@ -23,7 +24,7 @@ func TestSysMounts_headerAuth(t *testing.T) {
 	}
 	req.Header.Set(AuthHeaderName, token)
 
-	client := &http.Client{}
+	client := cleanhttp.DefaultClient()
 	resp, err := client.Do(req)
 	if err != nil {
 		t.Fatalf("err: %s", err)

http/http_test.go

@@ -8,6 +8,8 @@ import (
 	"net/http"
 	"testing"
 	"time"
+
+	"github.com/hashicorp/go-cleanhttp"
 )
 
 func testHttpGet(t *testing.T, token string, addr string) *http.Response {
@@ -47,9 +49,8 @@ func testHttpData(t *testing.T, method string, token string, addr string, body i
 		req.Header.Set("X-Vault-Token", token)
 	}
 
-	client := &http.Client{
+	client := cleanhttp.DefaultClient()
-		Timeout: 60 * time.Second,
+	client.Timeout = 60 * time.Second
-	}
 
 	// From https://github.com/michiwend/gomusicbrainz/pull/4/files
 	defaultRedirectLimit := 30