Commit graph

1549 commits

Author SHA1 Message Date
Phil Estes
0c0578b01b Split client and server cipher suite list in TLS defaults
Per @ewindisch, removing the CBC ciphers from the client preferred TLS
cipher suites.  This will allow a future version of the server to also
remove the CBC ciphers from the accepted list.

This changes the server default to client + additional CBC cipher list,
and client default to the non-CBC ciphers.

Also, cipher order preference is modified so that best and highest-bit count
ciphers are most preferred.

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
2015-06-11 14:00:31 -04:00
Brian Goff
f666eef0d4 generate plugin clients via template
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2015-06-10 11:41:40 -04:00
Shijiang Wei
e10c7b3f07 Add the parent directory to changes set if new files are generated
The "TestChangesWithChanges" case randomlly fails on my development
VM with the following errors:
```
--- FAIL: TestChangesWithChanges (0.00s)
        changes_test.go:201: no change for expected change C /dir1/subfolder != A /dir1/subfolder/newFile
```

If I apply the following patch to changes_test.go, the test passes.

```diff
diff --git a/pkg/archive/changes_test.go b/pkg/archive/changes_test.go
index 290b2dd..ba1aca0 100644
--- a/pkg/archive/changes_test.go
+++ b/pkg/archive/changes_test.go
@@ -156,6 +156,7 @@ func TestChangesWithChanges(t *testing.T) {
        }
        defer os.RemoveAll(layer)
        createSampleDir(t, layer)
+       time.Sleep(5 * time.Millisecond)
        os.MkdirAll(path.Join(layer, "dir1/subfolder"), 0740)

        // Let's modify modtime for dir1 to be sure it's the same for the two layer (to not having false positive)
```

It seems that if a file is created immediately after the directory is created,
the `archive.Changes` function could't recognize that the parent directory of
the new file is modified.

Perhaps the problem may reproduce on machines with low time precision?
I had successfully reproduced the failure on my development VM as well as
a VM on DigitalOcean.

Signed-off-by: Shijiang Wei <mountkin@gmail.com>
2015-06-10 20:29:29 +08:00
Tibor Vass
6c2626b90e Refactor TLS code with a new tlsconfig package
This patch creates a new `tlsconfig` package to handle creation of
secure-enough TLS configurations for clients and servers.

The package was created by refactoring TLS code in the client and the
daemon. After this patch, it is expected that all code creating TLS
configurations use this `tlsconfig` package for greater security,
consistency and readability.

On the server side, this fixes a bug where --tlsverify was not taken
into account. Now, if specified, it will require the client to
authenticate.

Signed-off-by: Tibor Vass <tibor@docker.com>
2015-06-05 12:38:38 -04:00
David Calavera
afecf24bf7 Merge pull request from Microsoft/10662-implementmeminfo
Windows: Implement ReadMemInfo()
2015-06-04 16:09:24 -07:00
Zefan Li
2f287cc873 Don't forget to clenaup tmpdir in TestFileSpecPlugin()
Also remove redundant code.

Signed-off-by: Zefan Li <lizefan@huawei.com>
2015-06-04 21:26:15 +08:00
Antonio Murdaca
58c924d2cd Merge pull request from ahmetalpbalkan/durations
Allow duration strings as --since/--until
2015-06-03 22:14:42 +02:00
Alexander Morozov
0b830276db Merge pull request from Microsoft/10662-chrootarchive
Windows: chrootarchive refactor
2015-06-03 09:54:42 -07:00
Ahmet Alp Balkan
5f7c584bb3 Allow duration strings as --since/--until
Fixes . This change enables Go duration strings
computed relative to the client machine’s time to be used
as input parameters to `docker events --since/--until`
and `docker logs --since` arguments.

Added unit tests for pkg/timeutils.GetTimestamp as well.

Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
2015-06-02 21:02:47 +00:00
Doug Davis
8754d64fab Merge pull request from vdemeester/pkg-jsonmessage-test-coverage
Add test coverage to pkg/jsonmessage
2015-06-02 16:54:50 -04:00
Vincent Demeester
723e5b9b41 Add test coverage to pkg/jsonmessage
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2015-06-02 21:19:38 +02:00
David Calavera
cf18f70f12 Merge pull request from vieux/PrintfIfNotEmpty
do not print empty values in docker info
2015-06-02 10:52:45 -07:00
d41068be63 Merge pull request from vdemeester/pkg-tarsum-test-coverage
Add test coverage for pkg/tarsum
2015-06-02 11:44:42 -04:00
Phil Estes
b409c2cb74 Merge pull request from Microsoft/10662-revert908db
Windows: Undo 908db518 for Windows daemon
2015-06-02 10:22:39 -04:00
Vincent Demeester
e4059984de Add test coverage for pkg/tarsum
And removing unused code.
- tarsum.go :
  NewTarSumHash could be non exported (for now)
  NewTarSumForLabel is never used, except for the tests
- fileinfosums.go:
  SortByPos is never used, except for the tests
- versionning.go:
  GetVersions is never used, expect for the tests

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2015-06-02 09:08:01 +02:00
Jessie Frazelle
be2a96cfe7 Merge pull request from duglin/Issue13417a
Allow .dockerignore to ignore everything
2015-06-01 15:59:57 -07:00
Jessie Frazelle
076d066d59 Merge pull request from sanketsaurav/master
Proposing Bose, Raman and Ramanujan
2015-06-01 15:56:16 -07:00
Victor Vieux
27435a1e56 no not print empty keys in docker info
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2015-06-01 15:05:20 -07:00
John Howard
4ac6f93049 Windows: Implement ReadMemInfo()
Signed-off-by: John Howard <jhoward@microsoft.com>
2015-06-01 12:40:33 -07:00
Doug Davis
17f257a938 Allow .dockerignore to ignore everything
Change CLI error msg because it was too specific and didn't make sense
when there were errors not related to inaccessible files.

Removed some log.Error() calls since they're not really errors we should
log. Returning the error will be enough.

Closes: 

Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-05-30 04:16:00 -07:00
Sanket Saurav
dd288f63c4 Proposing Bose, Raman and Ramanujan
Signed-off-by: Sanket Saurav <sanketsaurav@gmail.com>
2015-05-30 04:14:11 +05:30
David Calavera
b538852b61 Merge pull request from runcom/remove-PortSpecs
Remove PortSpecs from Config
2015-05-29 14:31:48 -07:00
Phil Estes
93b26d601b Merge pull request from WeiZhang555/httpClose
bug fix: close http response body no longer in use
2015-05-29 16:59:17 -04:00
Phil Estes
e5d2c5eb34 Merge pull request from WeiZhang555/errRet
return error when failed to read http response body
2015-05-29 16:57:27 -04:00
Alexander Morozov
90c414b594 Merge pull request from vdemeester/pkg-stringutils-test-coverage
Add test coverage for pkg/stringutils
2015-05-29 13:38:12 -07:00
Antonio Murdaca
a4dde1908d Remove PortSpecs from Config
Signed-off-by: Antonio Murdaca <me@runcom.ninja>
2015-05-29 22:38:09 +02:00
Alexander Morozov
5ab78ffaba Merge pull request from vdemeester/11588-pkg-pools-test-coverage
Add test coverage for pkg/pools ()
2015-05-29 13:36:20 -07:00
David Calavera
0381b5ceb9 Merge pull request from runcom/syslog-connection-url-log-opt
Add syslog-address log-opt
2015-05-29 10:21:57 -07:00
Vincent Demeester
deb54ede2e Add test coverage for pkg/stringutils
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2015-05-29 15:49:29 +02:00
Vincent Demeester
ebda0e5892 Add test coverage to pkg/timeutils
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2015-05-29 15:09:35 +02:00
Zhang Wei
a0e7dc03a2 return error when failed to read http response body
Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2015-05-29 12:52:51 +08:00
Zhang Wei
eb82070d00 bug fix: close http response body no longer in use
Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2015-05-29 12:03:40 +08:00
Antonio Murdaca
447509b313 Add syslog-address log-opt
Signed-off-by: Antonio Murdaca <me@runcom.ninja>
2015-05-29 00:42:11 +02:00
John Howard
b973596a91 Windows: Undo 908db518 for Windows daemon
Signed-off-by: John Howard <jhoward@microsoft.com>
2015-05-28 12:04:09 -07:00
David Calavera
b09240a9c3 Merge pull request from duglin/niceHelp2
Nice help2
2015-05-28 11:09:02 -07:00
Moysés Borges
35c5de58c3 Modified progress reader to close silently when read is complete.
Closes 

Signed-off-by: Moysés Borges <moysesb@gmail.com>
2015-05-28 14:09:30 -03:00
Arnaud Porterie
f7309796db Merge pull request from calavera/plugin_discovery
Proposal: Volume refactor and external volume plugins
2015-05-23 18:44:18 -07:00
Doug Davis
ef185a9afc Carry
Continues 11858 by:
- Making sure the exit code is always zero when we ask for help
- Making sure the exit code isn't zero when we print help on error cases
- Making sure both short and long usage go to the same stream (stdout vs stderr)
- Making sure all docker commands support --help
- Test that all cmds send --help to stdout, exit code 0, show full usage, no blank lines at end
- Test that all cmds (that support it) show short usage on bad arg to stderr, no blank line at end
- Test that all cmds complain about a bad option, no blank line at end
- Test that docker (w/o subcmd) does the same stuff mentioned above properly

Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-05-23 09:14:18 -07:00
David Calavera
83e643da0d Volumes refactor and external plugin implementation.
Signed by all authors:

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
Signed-off-by: David Calavera <david.calavera@gmail.com>
Signed-off-by: Jeff Lindsay <progrium@gmail.com>
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
Signed-off-by: Luke Marsden <luke@clusterhq.com>
Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-05-21 20:34:17 -07:00
David Calavera
f6c6ae7fad Extract sockets initialization to a package.
Because I just used it somewhere else and it would be nice if I didn't have to copy and paste the code.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-05-20 16:48:39 -07:00
John Howard
d025345cdd Windows: chrootarchive refactor
Signed-off-by: John Howard <jhoward@microsoft.com>
2015-05-20 08:56:42 -07:00
John Howard
f883e81d79 Windows: Archive package changes for Windows daemon
Signed-off-by: John Howard <jhoward@microsoft.com>
2015-05-20 08:55:54 -07:00
Qiang Huang
1aca4cb80e Fix unit-test build error on ARM64
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2015-05-20 10:45:04 +08:00
Jana Radhakrishnan
24fd826fc0 Removed dead code from docker after libnetwork integration
As part of this some generic packages like iptables, etchosts and resolvconf
have also been moved to libnetwork. Even though they can still be
consumed in a generic fashion they will reside and be maintained
from within the libnetwork project.

Signed-off-by: Jana Radhakrishnan <mrjana@docker.com>
2015-05-19 22:40:55 +00:00
David Calavera
0b092ef5cf Merge pull request from LK4D4/fix_race_in_rand
Use goroutine-safe version of rand.Source
2015-05-19 14:20:33 -07:00
Jessie Frazelle
5e2aec2983 Merge pull request from fmzhen/remove-regex-replace
Removal of the regex to replace ips
2015-05-19 22:59:17 +02:00
Alexander Morozov
66d8f1a5ea Use goroutine-safe version of rand.Source
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-05-19 12:32:40 -07:00
Arnaud Porterie
31232249f7 Merge pull request from tiborvass/refactor-v1-auth
registry: Refactor requestfactory to use http.RoundTrippers
2015-05-19 09:57:34 -07:00
Tibor Vass
8a732f53f7 Add transport package to support CancelRequest
Signed-off-by: Tibor Vass <tibor@docker.com>
2015-05-18 23:31:42 -04:00
Zhang Wei
b085b4b5a7 clean some redundant else clauses
Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2015-05-19 10:54:04 +08:00