Stephen J Day
ffd3662982
Harden basic auth implementation
...
After consideration, the basic authentication implementation has been
simplified to only support bcrypt entries in an htpasswd file. This greatly
increases the security of the implementation by reducing the possibility of
timing attacks and other problems trying to detect the password hash type.
Also, the htpasswd file is only parsed at startup, ensuring that the file can
be edited and not effect ongoing requests. Newly added passwords take effect on
restart. Subsequently, password hash entries are now stored in a map.
Test cases have been modified accordingly.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-06-10 19:38:56 -07:00
Stephen J Day
ffe56ebe41
Refactor Basic Authentication package
...
This change refactors the basic authentication implementation to better follow
Go coding standards. Many types are no longer exported. The parser is now a
separate function from the authentication code. The standard functions
(*http.Request).BasicAuth/SetBasicAuth are now used where appropriate.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
abd142855a
Unexported function to comply with golint
...
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
e4c3ab4377
Removed dashes from comments, unexported htpasswd struct
...
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
d4f2260e04
Added dependency to golang.org/x/crypto/bcrypt
...
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
04f6a4811d
Fixed golint, gofmt warning advice.
...
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
c50dfb7dae
Added support for bcrypt, plaintext; extension points for other htpasswd hash methods.
...
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
c4849bb99a
Aligned formatting with gofmt
...
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
0ecaa7f40a
Fixed WWW-Authenticate: header, added example config and import into main, fixed golint warnings
...
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
BadZen
8a204f59e7
Implementation of a basic authentication scheme using standard .htpasswd files
...
Signed-off-by: BadZen <dave.trombley@gmail.com>
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:37 -07:00
Olivier Gambier
7363323321
Merge pull request #612 from HuKeping/addtest-httpchecker
...
Test: add test for HTTPChecker
2015-06-10 17:08:55 -07:00
Jeff Nickoloff
bf305c1b91
Adding a volume for the default 'registry-dev' location.
...
Signed-off-by: Jeff Nickoloff <jeff@allingeek.com>
2015-06-10 10:25:41 -07:00
Antonio Mercado
b450b42c25
Removing Nginx Authorization header unset because it breaks with a user defined index endpoint
...
Signed-off-by: Antonio Mercado <amercado@thinknode.com>
2015-06-10 09:44:43 -04:00
Olivier Gambier
b230183b0f
Merge pull request #553 from dmp42/docs-rework
...
Docs rework
2015-06-09 14:48:39 -07:00
Hu Keping
5d5caa0e9a
Test: add test for HTTPChecker
...
Signed-off-by: Hu Keping <hukeping@huawei.com>
2015-06-10 01:39:34 +08:00
Matt Robenolt
b684b77a0c
Return valid json from StatusHandler
...
Signed-off-by: Matt Robenolt <matt@ydekproductions.com>
2015-06-08 23:31:03 -07:00
Stephen Day
f63313de1f
Merge pull request #599 from stevvooe/clarify-deletion-by-digest-constraint
...
Clarify digest in API specification
2015-06-08 19:04:53 -07:00
Stephen J Day
7e6b4e8c52
Add description of digests to API specification
...
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-06-08 19:04:13 -07:00
Olivier Gambier
25bd3fc777
Link to compose
...
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:57:06 -07:00
Olivier Gambier
b8d785c79e
Use bcrypt
...
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:57:06 -07:00
Olivier Gambier
81e8657d7b
Fix here doc conf generation
...
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:57:05 -07:00
Olivier Gambier
8c1784c838
Keeping in synch
...
- commenting out both the "JSON" and "token" specs, unless someone thinks they should be here
- added help, glossary, introduction and authentication documents
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:57:05 -07:00
Olivier Gambier
96d79eb30e
Adding authentication
...
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:57:05 -07:00
Olivier Gambier
74873aed14
Removing internal information
...
Removed content has been ported to the wiki
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:57:05 -07:00
Olivier Gambier
c1c638d01f
Minor keyword add
...
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:55:52 -07:00
Olivier Gambier
c405f3717a
Minor fixes
...
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:55:52 -07:00
Olivier Gambier
56ff32c683
Revising glossary
...
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:55:52 -07:00
Olivier Gambier
10ba376a99
Minor cleanup in the index
...
- adding glossary
- removing empty "advanced"
- commenting out building and architecture for now
- minor text enhancements
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:55:51 -07:00
Olivier Gambier
c3b3802503
Small fixes
...
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:55:51 -07:00
Olivier Gambier
b7b8e64f1d
Moved instructions up
...
Make it more obvious that environment variables is the way to go.
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:55:51 -07:00
Olivier Gambier
26d87ed1a5
No reason to detail here
...
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:55:51 -07:00
Olivier Gambier
431e829fa5
Simplified index
...
Simplified index again, to make access to information more obvious and more direct.
Added a TLDR for people in a hurry.
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:55:51 -07:00
Olivier Gambier
d9dfe54308
Separated "help"
...
Help page is separate now.
Removed the bulk of it from various pages.
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:55:51 -07:00
Olivier Gambier
4eb8d907b9
Separate introduction
...
Use cases, generalities, image naming overview.
Removed most of it from index, and some of it from other random pages.
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:55:51 -07:00
Olivier Gambier
2fb5c97a97
Deployment rewrote
...
Strong focus on simplification.
Entirely removed custom build instructions.
Providing sane, one-liner defaults.
Verified, easy-to-use TLS instructions.
Removed hybrid instructions.
Removed authentication with nginx instructions (either wait for native support, or move it to advanced topics).
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-08 15:55:51 -07:00
Stephen Day
89e0955d4c
Merge pull request #607 from vbatts/vbatts-v2_spec_blurb
...
spec/manifest: clarify the v2-s1 is provisional
2015-06-08 14:04:41 -07:00
Vincent Batts
0165b85861
spec/manifest: clarify the v2-s1 is provisional
...
Signed-off-by: Vincent Batts <vbatts@redhat.com>
2015-06-08 16:48:48 -04:00
xiekeyang
aa73c53690
Panic: Add Handler
...
Signed-off-by: xiekeyang <xiekeyang@huawei.com>
2015-06-06 02:38:52 +00:00
Olivier Gambier
e03780c785
Merge pull request #598 from stevvooe/update-tarsum-package
...
Update tarsum package
2015-06-05 17:57:37 -07:00
Stephen Day
7da35f1d94
Merge pull request #601 from ahmetalpbalkan/docs-1
...
docs: Update azure docs in configuration.md
2015-06-05 17:55:03 -07:00
Olivier Gambier
8faf69470f
Merge pull request #596 from stevvooe/repo-name-validation
...
Add more repository name validation test cases
2015-06-05 17:46:25 -07:00
Ahmet Alp Balkan
89f183639a
docs: Update azure docs in configuration.md
...
Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
2015-06-05 17:25:17 -07:00
Derek McGowan
19ec4e2c7a
Add docker developer flow
...
Integrate flags better with the development flow a Docker developer.
Add a shell function to make invocation of tests easy.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2015-06-05 13:19:55 -07:00
Derek McGowan
a438494b49
Replace docker-compose installation instructions
...
Use Docker Compose installation guide from official documentation
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2015-06-05 13:19:55 -07:00
Derek McGowan
b39e6395fd
Update docker image
...
Use dmcgowan/docker-integration until can push to distribution namespace
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2015-06-05 13:19:55 -07:00
Derek McGowan
4ebd6b7e1d
Add support for docker volume
...
Added an environment variable which can be used to pass in the docker volume for the container. This allows caching the pulled images between runs, preventing unnecessary image pulls.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2015-06-05 13:19:55 -07:00
Derek McGowan
de638db71e
Add bats script to replace test_docker.sh
...
Remove Makefile in favor of run.sh script or manual instructions.
Update readme to reflect instructions for running integration tests.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2015-06-05 13:19:50 -07:00
Stephen Day
bd535a882d
Merge pull request #595 from HuKeping/addtest
...
Test: add test for health/check
2015-06-05 10:34:16 -07:00
Hu Keping
5680d7b8b7
Test: add test for health/check
...
Signed-off-by: Hu Keping <hukeping@huawei.com>
2015-06-05 18:02:34 +08:00
Stephen J Day
c54adb667f
Clarify that manifests can only be deleted by digest
...
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-06-04 18:59:08 -07:00