vbatts/registry
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
4625 commits 18 branches 0 tags 22 MiB
Commit graph

4625 commits

This branch
This branch
All branches
Author SHA1 Message Date
Olivier Gambier
6deedd29d9 Merge pull request #615 from allingeek/master 
Adding a volume for the default 'registry-dev' location.
 2015-06-11 12:51:36 -07:00
Stephen Day
a5b21fa8f0 Merge pull request #617 from dmp42/pathchange 
Saner default data location
 2015-06-11 11:42:24 -07:00
Olivier Gambier
ad23a43bc4 Enhance building doc to reflect the new data default location 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-11 11:08:16 -07:00
Stephen Day
fc796f1722 Merge pull request #584 from xiekeyang/panic 
Panic: Add Handler
 2015-06-11 11:01:43 -07:00
Olivier Gambier
1ad9ac497c Merge pull request #590 from mattrobenolt/patch-1 
Return valid json from StatusHandler
 2015-06-11 09:51:45 -07:00
Olivier Gambier
7729294e38 Merge pull request #613 from antoniomercado/remove-nginx-authorization-unset 
Removing Nginx Authorization header unset because it breaks with a user defined index endpoint
 2015-06-11 08:56:02 -07:00
Olivier Gambier
8ed0c66745 Enhancing doc to persist data 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-11 01:41:15 -07:00
Olivier Gambier
69b4b73f7c Merge pull request #619 from neurodesign/fix-README-typo 
Fix typo
 2015-06-11 01:01:19 -07:00
Julien Fernandez
25778270be Fix typo 
Signed-off-by: Julien Fernandez <julien.fernandez@gmail.com>
 2015-06-11 08:50:34 +02:00
Jeff Nickoloff
5bd4b5c558 Updating the location of the volume to match the new location of the default registry data location. 
Signed-off-by: Jeff Nickoloff <jeff@allingeek.com>
 2015-06-10 21:24:16 -07:00
Olivier Gambier
280b9c50ac Saner default data location 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-10 20:54:24 -07:00
Olivier Gambier
6e0cfc17dc Saner default data location 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-10 20:54:24 -07:00
Stephen J Day
e667be389a Rename the basic access controller to htpasswd 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-10 19:41:35 -07:00
Stephen J Day
0f654c25ac Rename the basic access controller to htpasswd 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-10 19:41:35 -07:00
Stephen J Day
14f3b07db0 Harden basic auth implementation 
After consideration, the basic authentication implementation has been
simplified to only support bcrypt entries in an htpasswd file. This greatly
increases the security of the implementation by reducing the possibility of
timing attacks and other problems trying to detect the password hash type.

Also, the htpasswd file is only parsed at startup, ensuring that the file can
be edited and not effect ongoing requests. Newly added passwords take effect on
restart. Subsequently, password hash entries are now stored in a map.

Test cases have been modified accordingly.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-10 19:38:56 -07:00
Stephen J Day
ffd3662982 Harden basic auth implementation 
After consideration, the basic authentication implementation has been
simplified to only support bcrypt entries in an htpasswd file. This greatly
increases the security of the implementation by reducing the possibility of
timing attacks and other problems trying to detect the password hash type.

Also, the htpasswd file is only parsed at startup, ensuring that the file can
be edited and not effect ongoing requests. Newly added passwords take effect on
restart. Subsequently, password hash entries are now stored in a map.

Test cases have been modified accordingly.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-10 19:38:56 -07:00
Stephen J Day
427c457801 Refactor Basic Authentication package 
This change refactors the basic authentication implementation to better follow
Go coding standards. Many types are no longer exported. The parser is now a
separate function from the authentication code. The standard functions
(*http.Request).BasicAuth/SetBasicAuth are now used where appropriate.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-10 19:06:38 -07:00
Stephen J Day
ffe56ebe41 Refactor Basic Authentication package 
This change refactors the basic authentication implementation to better follow
Go coding standards. Many types are no longer exported. The parser is now a
separate function from the authentication code. The standard functions
(*http.Request).BasicAuth/SetBasicAuth are now used where appropriate.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
3504445680 Unexported function to comply with golint 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
abd142855a Unexported function to comply with golint 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
fe9ca88946 Removed dashes from comments, unexported htpasswd struct 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
e4c3ab4377 Removed dashes from comments, unexported htpasswd struct 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
15bbde99c1 Fixed golint, gofmt warning advice. 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
d4f2260e04 Added dependency to golang.org/x/crypto/bcrypt 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
ff67393b2b Added support for bcrypt, plaintext; extension points for other htpasswd hash methods. 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
04f6a4811d Fixed golint, gofmt warning advice. 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
d2b7988b7f Aligned formatting with gofmt 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
c50dfb7dae Added support for bcrypt, plaintext; extension points for other htpasswd hash methods. 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
7733b6c892 Fixed WWW-Authenticate: header, added example config and import into main, fixed golint warnings 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
c4849bb99a Aligned formatting with gofmt 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
0ecaa7f40a Fixed WWW-Authenticate: header, added example config and import into main, fixed golint warnings 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
BadZen
60262521bd Implementation of a basic authentication scheme using standard .htpasswd files 
Signed-off-by: BadZen <dave.trombley@gmail.com>
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:37 -07:00
BadZen
8a204f59e7 Implementation of a basic authentication scheme using standard .htpasswd files 
Signed-off-by: BadZen <dave.trombley@gmail.com>
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:37 -07:00
Olivier Gambier
7363323321 Merge pull request #612 from HuKeping/addtest-httpchecker 
Test: add test for HTTPChecker
 2015-06-10 17:08:55 -07:00
Jeff Nickoloff
bf305c1b91 Adding a volume for the default 'registry-dev' location. 
Signed-off-by: Jeff Nickoloff <jeff@allingeek.com>
 2015-06-10 10:25:41 -07:00
Antonio Mercado
b450b42c25 Removing Nginx Authorization header unset because it breaks with a user defined index endpoint 
Signed-off-by: Antonio Mercado <amercado@thinknode.com>
 2015-06-10 09:44:43 -04:00
Arnaud Porterie
aa8d3d2ca3 Merge pull request #13815 from tiborvass/do-not-send-basic-auth-on-302 
Do not set auth headers for registry v1 if 302
 2015-06-09 15:34:53 -07:00
Olivier Gambier
b230183b0f Merge pull request #553 from dmp42/docs-rework 
Docs rework
 2015-06-09 14:48:39 -07:00
Hu Keping
5d5caa0e9a Test: add test for HTTPChecker 
Signed-off-by: Hu Keping <hukeping@huawei.com>
 2015-06-10 01:39:34 +08:00
Matt Robenolt
b684b77a0c Return valid json from StatusHandler 
Signed-off-by: Matt Robenolt <matt@ydekproductions.com>
 2015-06-08 23:31:03 -07:00
Alexander Morozov
84b7bd6dba Merge pull request #13816 from xiekeyang/remove 
Registry: remove unwanted return variable name
 2015-06-08 20:38:30 -07:00
xiekeyang
5b3e2c7dda Registry: remove unwanted return variable name 
Signed-off-by: xiekeyang <xiekeyang@huawei.com>
 2015-06-09 10:58:33 +08:00
Stephen Day
f63313de1f Merge pull request #599 from stevvooe/clarify-deletion-by-digest-constraint 
Clarify digest in API specification
 2015-06-08 19:04:53 -07:00
Stephen Day
f654e9a96e Merge pull request #599 from stevvooe/clarify-deletion-by-digest-constraint 
Clarify digest in API specification
 2015-06-08 19:04:53 -07:00
Stephen J Day
7e6b4e8c52 Add description of digests to API specification 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-08 19:04:13 -07:00
Tibor Vass
5a8f690426 Do not set auth headers if 302 
This patch ensures no auth headers are set for v1 registries if there
was a 302 redirect.

This also ensures v2 does not use authTransport.

Signed-off-by: Tibor Vass <tibor@docker.com>
 2015-06-08 19:59:39 -04:00
Olivier Gambier
25bd3fc777 Link to compose 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-08 15:57:06 -07:00
Olivier Gambier
b8d785c79e Use bcrypt 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-08 15:57:06 -07:00
Olivier Gambier
81e8657d7b Fix here doc conf generation 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-08 15:57:05 -07:00
Olivier Gambier
8c1784c838 Keeping in synch 
- commenting out both the "JSON" and "token" specs, unless someone thinks they should be here
- added help, glossary, introduction and authentication documents

Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-08 15:57:05 -07:00