After consideration, the basic authentication implementation has been
simplified to only support bcrypt entries in an htpasswd file. This greatly
increases the security of the implementation by reducing the possibility of
timing attacks and other problems trying to detect the password hash type.
Also, the htpasswd file is only parsed at startup, ensuring that the file can
be edited and not effect ongoing requests. Newly added passwords take effect on
restart. Subsequently, password hash entries are now stored in a map.
Test cases have been modified accordingly.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
This change refactors the basic authentication implementation to better follow
Go coding standards. Many types are no longer exported. The parser is now a
separate function from the authentication code. The standard functions
(*http.Request).BasicAuth/SetBasicAuth are now used where appropriate.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
- commenting out both the "JSON" and "token" specs, unless someone thinks they should be here
- added help, glossary, introduction and authentication documents
Signed-off-by: Olivier Gambier <olivier@docker.com>
- adding glossary
- removing empty "advanced"
- commenting out building and architecture for now
- minor text enhancements
Signed-off-by: Olivier Gambier <olivier@docker.com>
Simplified index again, to make access to information more obvious and more direct.
Added a TLDR for people in a hurry.
Signed-off-by: Olivier Gambier <olivier@docker.com>
Use cases, generalities, image naming overview.
Removed most of it from index, and some of it from other random pages.
Signed-off-by: Olivier Gambier <olivier@docker.com>
This PR addresses some issues contributors have been having with updating
dependencies. The tarsum package had required an external google package which
is no longer required. This was being picked up as an import rewrite and
getting removed. It is no longer present, so we can just update the package and
delete the tar package.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
This is a follow-up of https://github.com/docker/distribution/pull/545
and makes some stylistic changes in the CONTRIBUTING document;
- Replaces checkboxes with regular bullets. Because the checkboxes are
read-only for non-contributors, they are presented as 'greyed out',
which makes them harder to see (depending on the browser used)
- Replaces bullets for numbered lists in the "creating an issue" and
"contributing a patch" sections. The numbers make it easier for
readers to track where they left off.
- Cleans up some minor Markdown changes for consistency
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
