vbatts/registry
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
4737 commits 18 branches 49 tags 22 MiB
Commit graph

4737 commits

This branch
This branch
All branches
Author SHA1 Message Date
Doug Davis
56349665b7 Round 4 
Signed-off-by: Doug Davis <dug@us.ibm.com>
 2015-06-11 21:33:35 -07:00
Doug Davis
441f7cac87 Round 4 
Signed-off-by: Doug Davis <dug@us.ibm.com>
 2015-06-11 21:33:35 -07:00
Stephen Day
4dc0c5e0c5 Merge pull request #624 from hopkings2008/master 
add configuration file close after it is parsed.
 2015-06-11 20:07:12 -07:00
yuzou
8a89040247 add configuration file close after it is parsed. 
Signed-off-by: yuzou <zouyu7@huawei.com>
 2015-06-12 10:41:00 +08:00
Richard
17db4d9e11 Enable the registry to be built with debug information with an environment 
variable 'DISABLE_OPTIMIZATION'.

$ DISABLE_OPTIMIZATION=true make binaries

Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
 2015-06-11 17:22:08 -07:00
Stephen J Day
f6ee0f46af Minor formatting fixes related to htpasswd auth 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-11 17:06:35 -07:00
Stephen J Day
d9d55bcbab Minor formatting fixes related to htpasswd auth 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-11 17:06:35 -07:00
Olivier Gambier
9b75807a0b Merge pull request #622 from amouat/patch-2 
Fix service command
 2015-06-11 15:27:43 -07:00
Stephen J Day
01f730ad71 Document usage of htpasswd access controller 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-11 15:23:40 -07:00
Stephen Day
30d698926e Merge pull request #621 from amouat/patch-1 
Fix typo
 2015-06-11 15:17:53 -07:00
Adrian Mouat
a0baf93725 Fix service command 
Pretty sure that service and docker were the wrong way around

Signed-off-by: Adrian Mouat <adrian.mouat@gmail.com>
 2015-06-11 22:36:31 +01:00
Adrian Mouat
f670f00058 Fix typo 
I think negociate is very occasionally used, but it certainly looks wrong to me.

Signed-off-by: Adrian Mouat <adrian.mouat@gmail.com>
 2015-06-11 21:45:26 +01:00
Olivier Gambier
6deedd29d9 Merge pull request #615 from allingeek/master 
Adding a volume for the default 'registry-dev' location.
 2015-06-11 12:51:36 -07:00
Stephen Day
a5b21fa8f0 Merge pull request #617 from dmp42/pathchange 
Saner default data location
 2015-06-11 11:42:24 -07:00
Olivier Gambier
ad23a43bc4 Enhance building doc to reflect the new data default location 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-11 11:08:16 -07:00
Stephen Day
fc796f1722 Merge pull request #584 from xiekeyang/panic 
Panic: Add Handler
 2015-06-11 11:01:43 -07:00
Olivier Gambier
1ad9ac497c Merge pull request #590 from mattrobenolt/patch-1 
Return valid json from StatusHandler
 2015-06-11 09:51:45 -07:00
Olivier Gambier
7729294e38 Merge pull request #613 from antoniomercado/remove-nginx-authorization-unset 
Removing Nginx Authorization header unset because it breaks with a user defined index endpoint
 2015-06-11 08:56:02 -07:00
Olivier Gambier
8ed0c66745 Enhancing doc to persist data 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-11 01:41:15 -07:00
Olivier Gambier
69b4b73f7c Merge pull request #619 from neurodesign/fix-README-typo 
Fix typo
 2015-06-11 01:01:19 -07:00
Julien Fernandez
25778270be Fix typo 
Signed-off-by: Julien Fernandez <julien.fernandez@gmail.com>
 2015-06-11 08:50:34 +02:00
Jeff Nickoloff
5bd4b5c558 Updating the location of the volume to match the new location of the default registry data location. 
Signed-off-by: Jeff Nickoloff <jeff@allingeek.com>
 2015-06-10 21:24:16 -07:00
Olivier Gambier
280b9c50ac Saner default data location 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-10 20:54:24 -07:00
Olivier Gambier
6e0cfc17dc Saner default data location 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-10 20:54:24 -07:00
Stephen J Day
e667be389a Rename the basic access controller to htpasswd 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-10 19:41:35 -07:00
Stephen J Day
0f654c25ac Rename the basic access controller to htpasswd 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-10 19:41:35 -07:00
Stephen J Day
14f3b07db0 Harden basic auth implementation 
After consideration, the basic authentication implementation has been
simplified to only support bcrypt entries in an htpasswd file. This greatly
increases the security of the implementation by reducing the possibility of
timing attacks and other problems trying to detect the password hash type.

Also, the htpasswd file is only parsed at startup, ensuring that the file can
be edited and not effect ongoing requests. Newly added passwords take effect on
restart. Subsequently, password hash entries are now stored in a map.

Test cases have been modified accordingly.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-10 19:38:56 -07:00
Stephen J Day
ffd3662982 Harden basic auth implementation 
After consideration, the basic authentication implementation has been
simplified to only support bcrypt entries in an htpasswd file. This greatly
increases the security of the implementation by reducing the possibility of
timing attacks and other problems trying to detect the password hash type.

Also, the htpasswd file is only parsed at startup, ensuring that the file can
be edited and not effect ongoing requests. Newly added passwords take effect on
restart. Subsequently, password hash entries are now stored in a map.

Test cases have been modified accordingly.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-10 19:38:56 -07:00
Stephen J Day
427c457801 Refactor Basic Authentication package 
This change refactors the basic authentication implementation to better follow
Go coding standards. Many types are no longer exported. The parser is now a
separate function from the authentication code. The standard functions
(*http.Request).BasicAuth/SetBasicAuth are now used where appropriate.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-10 19:06:38 -07:00
Stephen J Day
ffe56ebe41 Refactor Basic Authentication package 
This change refactors the basic authentication implementation to better follow
Go coding standards. Many types are no longer exported. The parser is now a
separate function from the authentication code. The standard functions
(*http.Request).BasicAuth/SetBasicAuth are now used where appropriate.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
3504445680 Unexported function to comply with golint 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
abd142855a Unexported function to comply with golint 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
fe9ca88946 Removed dashes from comments, unexported htpasswd struct 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
e4c3ab4377 Removed dashes from comments, unexported htpasswd struct 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
15bbde99c1 Fixed golint, gofmt warning advice. 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
d4f2260e04 Added dependency to golang.org/x/crypto/bcrypt 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
ff67393b2b Added support for bcrypt, plaintext; extension points for other htpasswd hash methods. 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
04f6a4811d Fixed golint, gofmt warning advice. 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
d2b7988b7f Aligned formatting with gofmt 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
c50dfb7dae Added support for bcrypt, plaintext; extension points for other htpasswd hash methods. 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
7733b6c892 Fixed WWW-Authenticate: header, added example config and import into main, fixed golint warnings 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
c4849bb99a Aligned formatting with gofmt 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
0ecaa7f40a Fixed WWW-Authenticate: header, added example config and import into main, fixed golint warnings 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
BadZen
60262521bd Implementation of a basic authentication scheme using standard .htpasswd files 
Signed-off-by: BadZen <dave.trombley@gmail.com>
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:37 -07:00
BadZen
8a204f59e7 Implementation of a basic authentication scheme using standard .htpasswd files 
Signed-off-by: BadZen <dave.trombley@gmail.com>
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:37 -07:00
Olivier Gambier
7363323321 Merge pull request #612 from HuKeping/addtest-httpchecker 
Test: add test for HTTPChecker
 2015-06-10 17:08:55 -07:00
Jeff Nickoloff
bf305c1b91 Adding a volume for the default 'registry-dev' location. 
Signed-off-by: Jeff Nickoloff <jeff@allingeek.com>
 2015-06-10 10:25:41 -07:00
Antonio Mercado
b450b42c25 Removing Nginx Authorization header unset because it breaks with a user defined index endpoint 
Signed-off-by: Antonio Mercado <amercado@thinknode.com>
 2015-06-10 09:44:43 -04:00
Arnaud Porterie
aa8d3d2ca3 Merge pull request #13815 from tiborvass/do-not-send-basic-auth-on-302 
Do not set auth headers for registry v1 if 302
 2015-06-09 15:34:53 -07:00
Olivier Gambier
b230183b0f Merge pull request #553 from dmp42/docs-rework 
Docs rework
 2015-06-09 14:48:39 -07:00