vbatts/pkg
1
0
Fork 0
Code Pull requests Releases Activity
1948 commits 2 branches 0 tags 3.9 MiB
Commit graph

4 commits

Author SHA1 Message Date
Jessica Frazelle
b9fcb41e6d fix variables that werent being called 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
 2016-03-17 13:19:55 -07:00
David Calavera
44005e59d4 Call plugins with custom transports. 
Small refactor to be able to use custom transports
to call remote plugins.

Signed-off-by: David Calavera <david.calavera@gmail.com>
 2016-03-02 12:54:53 -05:00
Liron Levin
b3ff922a7b Fix #20508 - Authz plugin enabled with large text/JSON POST payload corrupts body 
Based on the discussion, we have changed the following:

1. Send body only if content-type is application/json (based on the
Docker official daemon REST specification, this is the provided for all
APIs that requires authorization.

2. Correctly verify that the msg body is smaller than max cap (this was
the actual bug). Fix includes UT.

3. Minor: Check content length > 0 (it was -1 for load, altough an
attacker can still modify this)

Signed-off-by: Liron Levin <liron@twistlock.com>
 2016-02-25 08:11:55 +02:00
John Howard
06d7595dc1 Windows CI: test-unit turn off pkg\authorisation 
Signed-off-by: John Howard <jhoward@microsoft.com>
 2016-02-11 17:42:12 -08:00
Renamed from authorization/authz_test.go (Browse further)