Hardened repos name validation

This commit is contained in:
Sam Alba 2013-07-09 16:46:55 -07:00
parent bf8d59a1d4
commit 358574ab57

View file

@ -67,7 +67,7 @@ func ResolveRepositoryName(reposName string) (string, string, error) {
return "", "", ErrInvalidRepositoryName return "", "", ErrInvalidRepositoryName
} }
nameParts := strings.SplitN(reposName, "/", 2) nameParts := strings.SplitN(reposName, "/", 2)
if !strings.Contains(nameParts[0], ".") { if !strings.Contains(nameParts[0], ".") && !strings.Contains(nameParts[0], ":") {
// This is a Docker Index repos (ex: samalba/hipache or ubuntu) // This is a Docker Index repos (ex: samalba/hipache or ubuntu)
err := validateRepositoryName(reposName) err := validateRepositoryName(reposName)
return auth.IndexServerAddress(), reposName, err return auth.IndexServerAddress(), reposName, err
@ -79,6 +79,12 @@ func ResolveRepositoryName(reposName string) (string, string, error) {
} }
hostname := nameParts[0] hostname := nameParts[0]
reposName = nameParts[1] reposName = nameParts[1]
if strings.Contains(hostname, "index.docker.io") {
return "", "", fmt.Errorf("Invalid repository name, try \"%s\" instead", reposName)
}
if err := validateRepositoryName(reposName); err != nil {
return "", "", err
}
endpoint := fmt.Sprintf("https://%s/v1/", hostname) endpoint := fmt.Sprintf("https://%s/v1/", hostname)
if err := pingRegistryEndpoint(endpoint); err != nil { if err := pingRegistryEndpoint(endpoint); err != nil {
utils.Debugf("Registry %s does not work (%s), falling back to http", endpoint, err) utils.Debugf("Registry %s does not work (%s), falling back to http", endpoint, err)