Commit graph

1077 commits

Author SHA1 Message Date
Olivier Gambier
d678e3dc57 Merge pull request #608 from dmcgowan/http-basic-auth
Implementation of a basic authentication scheme using standard .htpasswd
2015-06-15 17:40:58 -07:00
Mary Anthony
832cb9d52c Updating for Hugo
Updating for tooling tests
Updating with the new sed scripts to protect links
updating with new image
Updating with comments

Signed-off-by: Mary Anthony <mary@docker.com>
2015-06-15 14:39:33 -07:00
Stephen Day
e57e731821 Merge pull request #548 from duglin/MoveErrors
Move ErrorCode logic to new errcode package
2015-06-15 14:33:28 -07:00
Olivier Gambier
fc09e50eb4 Merge pull request #626 from dmp42/0.htpasswd
Ship htpasswd
2015-06-11 23:42:15 -07:00
Olivier Gambier
844dd6b0a5 Ship htpasswd
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-11 22:11:26 -07:00
Doug Davis
441f7cac87 Round 4
Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-06-11 21:33:35 -07:00
Stephen Day
4dc0c5e0c5 Merge pull request #624 from hopkings2008/master
add configuration file close after it is parsed.
2015-06-11 20:07:12 -07:00
yuzou
8a89040247 add configuration file close after it is parsed.
Signed-off-by: yuzou <zouyu7@huawei.com>
2015-06-12 10:41:00 +08:00
Richard
17db4d9e11 Enable the registry to be built with debug information with an environment
variable 'DISABLE_OPTIMIZATION'.

$ DISABLE_OPTIMIZATION=true make binaries

Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-06-11 17:22:08 -07:00
Stephen J Day
d9d55bcbab Minor formatting fixes related to htpasswd auth
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-06-11 17:06:35 -07:00
Olivier Gambier
9b75807a0b Merge pull request #622 from amouat/patch-2
Fix service command
2015-06-11 15:27:43 -07:00
Stephen J Day
01f730ad71 Document usage of htpasswd access controller
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-06-11 15:23:40 -07:00
Stephen Day
30d698926e Merge pull request #621 from amouat/patch-1
Fix typo
2015-06-11 15:17:53 -07:00
Adrian Mouat
a0baf93725 Fix service command
Pretty sure that service and docker were the wrong way around

Signed-off-by: Adrian Mouat <adrian.mouat@gmail.com>
2015-06-11 22:36:31 +01:00
Adrian Mouat
f670f00058 Fix typo
I think negociate is very occasionally used, but it certainly looks wrong to me.

Signed-off-by: Adrian Mouat <adrian.mouat@gmail.com>
2015-06-11 21:45:26 +01:00
Olivier Gambier
6deedd29d9 Merge pull request #615 from allingeek/master
Adding a volume for the default 'registry-dev' location.
2015-06-11 12:51:36 -07:00
Stephen Day
a5b21fa8f0 Merge pull request #617 from dmp42/pathchange
Saner default data location
2015-06-11 11:42:24 -07:00
Olivier Gambier
ad23a43bc4 Enhance building doc to reflect the new data default location
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-11 11:08:16 -07:00
Stephen Day
fc796f1722 Merge pull request #584 from xiekeyang/panic
Panic: Add Handler
2015-06-11 11:01:43 -07:00
Olivier Gambier
1ad9ac497c Merge pull request #590 from mattrobenolt/patch-1
Return valid json from StatusHandler
2015-06-11 09:51:45 -07:00
Olivier Gambier
7729294e38 Merge pull request #613 from antoniomercado/remove-nginx-authorization-unset
Removing Nginx Authorization header unset because it breaks with a user defined index endpoint
2015-06-11 08:56:02 -07:00
Olivier Gambier
8ed0c66745 Enhancing doc to persist data
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-11 01:41:15 -07:00
Olivier Gambier
69b4b73f7c Merge pull request #619 from neurodesign/fix-README-typo
Fix typo
2015-06-11 01:01:19 -07:00
Julien Fernandez
25778270be Fix typo
Signed-off-by: Julien Fernandez <julien.fernandez@gmail.com>
2015-06-11 08:50:34 +02:00
Jeff Nickoloff
5bd4b5c558 Updating the location of the volume to match the new location of the default registry data location.
Signed-off-by: Jeff Nickoloff <jeff@allingeek.com>
2015-06-10 21:24:16 -07:00
Olivier Gambier
6e0cfc17dc Saner default data location
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-10 20:54:24 -07:00
Stephen J Day
0f654c25ac Rename the basic access controller to htpasswd
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-06-10 19:41:35 -07:00
Stephen J Day
ffd3662982 Harden basic auth implementation
After consideration, the basic authentication implementation has been
simplified to only support bcrypt entries in an htpasswd file. This greatly
increases the security of the implementation by reducing the possibility of
timing attacks and other problems trying to detect the password hash type.

Also, the htpasswd file is only parsed at startup, ensuring that the file can
be edited and not effect ongoing requests. Newly added passwords take effect on
restart. Subsequently, password hash entries are now stored in a map.

Test cases have been modified accordingly.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-06-10 19:38:56 -07:00
Stephen J Day
ffe56ebe41 Refactor Basic Authentication package
This change refactors the basic authentication implementation to better follow
Go coding standards. Many types are no longer exported. The parser is now a
separate function from the authentication code. The standard functions
(*http.Request).BasicAuth/SetBasicAuth are now used where appropriate.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
abd142855a Unexported function to comply with golint
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
e4c3ab4377 Removed dashes from comments, unexported htpasswd struct
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
d4f2260e04 Added dependency to golang.org/x/crypto/bcrypt
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
04f6a4811d Fixed golint, gofmt warning advice.
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
c50dfb7dae Added support for bcrypt, plaintext; extension points for other htpasswd hash methods.
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
c4849bb99a Aligned formatting with gofmt
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
0ecaa7f40a Fixed WWW-Authenticate: header, added example config and import into main, fixed golint warnings
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
BadZen
8a204f59e7 Implementation of a basic authentication scheme using standard .htpasswd files
Signed-off-by: BadZen <dave.trombley@gmail.com>
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:37 -07:00
Olivier Gambier
7363323321 Merge pull request #612 from HuKeping/addtest-httpchecker
Test: add test for HTTPChecker
2015-06-10 17:08:55 -07:00
Jeff Nickoloff
bf305c1b91 Adding a volume for the default 'registry-dev' location.
Signed-off-by: Jeff Nickoloff <jeff@allingeek.com>
2015-06-10 10:25:41 -07:00
Antonio Mercado
b450b42c25 Removing Nginx Authorization header unset because it breaks with a user defined index endpoint
Signed-off-by: Antonio Mercado <amercado@thinknode.com>
2015-06-10 09:44:43 -04:00
Olivier Gambier
b230183b0f Merge pull request #553 from dmp42/docs-rework
Docs rework
2015-06-09 14:48:39 -07:00
Hu Keping
5d5caa0e9a Test: add test for HTTPChecker
Signed-off-by: Hu Keping <hukeping@huawei.com>
2015-06-10 01:39:34 +08:00
Matt Robenolt
b684b77a0c Return valid json from StatusHandler
Signed-off-by: Matt Robenolt <matt@ydekproductions.com>
2015-06-08 23:31:03 -07:00
Stephen Day
f63313de1f Merge pull request #599 from stevvooe/clarify-deletion-by-digest-constraint
Clarify digest in API specification
2015-06-08 19:04:53 -07:00
Stephen J Day
7e6b4e8c52 Add description of digests to API specification
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-06-08 19:04:13 -07:00
Olivier Gambier
25bd3fc777 Link to compose
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:57:06 -07:00
Olivier Gambier
b8d785c79e Use bcrypt
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:57:06 -07:00
Olivier Gambier
81e8657d7b Fix here doc conf generation
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:57:05 -07:00
Olivier Gambier
8c1784c838 Keeping in synch
- commenting out both the "JSON" and "token" specs, unless someone thinks they should be here
- added help, glossary, introduction and authentication documents

Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:57:05 -07:00
Olivier Gambier
96d79eb30e Adding authentication
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:57:05 -07:00