Tibor Vass
8065dad50b
registry: parse INDEXSERVERADDRESS into a URL for easier check in isSecure
...
Signed-off-by: Tibor Vass <teabee89@gmail.com>
2014-11-14 14:20:19 -08:00
Tibor Vass
8b0e8b6621
Put mock registry address in insecureRegistries for unit tests
...
Signed-off-by: Tibor Vass <teabee89@gmail.com>
Conflicts:
registry/registry_mock_test.go
2014-11-14 14:20:19 -08:00
Tibor Vass
44d97c1fd0
registry: refactor registry.IsSecure calls into registry.NewEndpoint
...
Signed-off-by: Tibor Vass <teabee89@gmail.com>
Conflicts:
registry/endpoint.go
registry/endpoint_test.go
registry/registry_test.go
2014-11-14 14:05:31 -08:00
Tibor Vass
ae0ebb9d07
Add the possibility of specifying a subnet for --insecure-registry
...
Signed-off-by: Tibor Vass <teabee89@gmail.com>
2014-11-14 12:31:11 -08:00
Tibor Vass
f0920e61bf
registry: parse INDEXSERVERADDRESS into a URL for easier check in isSecure
...
Signed-off-by: Tibor Vass <teabee89@gmail.com>
2014-11-13 07:02:24 -08:00
Tibor Vass
cca910e878
Put mock registry address in insecureRegistries for unit tests
...
Signed-off-by: Tibor Vass <teabee89@gmail.com>
2014-11-12 20:34:03 -06:00
Tibor Vass
80255ff224
registry: refactor registry.IsSecure calls into registry.NewEndpoint
...
Signed-off-by: Tibor Vass <teabee89@gmail.com>
2014-11-12 20:34:03 -06:00
Erik Hollensbe
524aa8b1a6
registry: always treat 127.0.0.1 as insecure for all cases anytime anywhere
...
Docker-DCO-1.1-Signed-off-by: Erik Hollensbe <github@hollensbe.org> (github: erikh)
2014-11-12 12:14:43 -08:00
Johan Euphrosine
8582d04393
registry: default --insecure-registry to localhost and 127.0.0.1
...
Signed-off-by: Johan Euphrosine <proppy@google.com>
2014-11-12 09:12:42 -08:00
Tibor Vass
c00cd583e9
Merge pull request #9095 from proppy/is-secure-test
...
registry: add tests for IsSecure
2014-11-11 16:52:36 -05:00
Johan Euphrosine
cd246befe2
registry: add tests for IsSecure
...
Signed-off-by: Johan Euphrosine <proppy@google.com>
2014-11-11 11:02:32 -08:00
Vincent Batts
7dd4199fe8
registry: don't iterate through certs
...
the golang tls.Conn does a fine job of that.
http://golang.org/src/pkg/crypto/tls/handshake_client.go?#L334
Signed-off-by: Vincent Batts <vbatts@redhat.com>
2014-11-04 16:12:23 -05:00
Tibor Vass
eba996acfb
Merge pull request #8870 from tiborvass/merge_release_v1.3.1
...
Merge release v1.3.1
2014-10-30 20:24:34 -04:00
Tibor Vass
47a494e0fd
Fix login command
...
Signed-off-by: Tibor Vass <teabee89@gmail.com>
2014-10-30 19:44:44 -04:00
Tibor Vass
1b72e0234e
Do not verify certificate when using --insecure-registry on an HTTPS registry
...
Signed-off-by: Tibor Vass <teabee89@gmail.com>
Conflicts:
registry/registry.go
registry/registry_test.go
registry/service.go
registry/session.go
Conflicts:
registry/endpoint.go
registry/registry.go
2014-10-30 19:44:09 -04:00
Michael Crosby
552c17d618
Don't hard code true for auth job
...
Signed-off-by: Michael Crosby <michael@docker.com>
Conflicts:
registry/service.go
2014-10-30 19:41:55 -04:00
Michael Crosby
50e11c9d8e
Refactor IsSecure change
...
Fix issue with restoring the tag store and setting static configuration
from the daemon. i.e. the field on the TagStore struct must be made
internal or the json.Unmarshal in restore will overwrite the insecure
registries to be an empty struct.
Signed-off-by: Michael Crosby <michael@docker.com>
Conflicts:
graph/pull.go
graph/push.go
graph/tags.go
2014-10-30 19:41:55 -04:00
unclejack
034c1cfb9d
make http usage for registry explicit
...
Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)
Conflicts:
daemon/config.go
daemon/daemon.go
graph/pull.go
graph/push.go
graph/tags.go
registry/registry.go
registry/service.go
2014-10-30 19:41:55 -04:00
Tibor Vass
96272e1c9a
Merge pull request #8861 from tiborvass/bump_v1.3.1
...
Bump v1.3.1
2014-10-30 12:43:43 -04:00
Tibor Vass
0481c669c7
Fix login command
...
Signed-off-by: Tibor Vass <teabee89@gmail.com>
2014-10-30 09:17:11 -04:00
Victor Vieux
5685221c5f
Merge pull request #8387 from vbatts/vbatts-registry_test_enpoint
...
registry/endpoint: make it testable
2014-10-29 13:36:17 -07:00
Jessie Frazelle
21ba3078b6
Merge pull request #8669 from monsterzz/8668-dualstack-registry
...
Use dual-stack Dialer when talking to registy
2014-10-29 12:03:12 -07:00
Michael Crosby
751e25119f
Merge pull request #8836 from jfrazelle/hub-login-error
...
Fix error on successful login.
2014-10-28 18:09:17 -07:00
Jessica Frazelle
22f87eb9be
Fix error on successful login.
...
Docker-DCO-1.1-Signed-off-by: Jessica Frazelle <jess@docker.com> (github: jfrazelle)
2014-10-28 17:42:03 -07:00
Igor Dolzhikov
1a8edd0d55
excluding unused transformation to []byte
...
Signed-off-by: Igor Dolzhikov <bluesriverz@gmail.com>
2014-10-28 01:04:36 +06:00
Alexandr Morozov
0827b71157
Mass gofmt
...
Signed-off-by: Alexandr Morozov <lk4d4@docker.com>
2014-10-24 15:11:48 -07:00
Alexandr Morozov
32654af8b6
Use logrus everywhere for logging
...
Fixed #8761
Signed-off-by: Alexandr Morozov <lk4d4@docker.com>
2014-10-24 15:03:06 -07:00
Vincent Batts
bcbb7e0c41
registry/endpoint: make it testable
...
Signed-off-by: Vincent Batts <vbatts@redhat.com>
2014-10-24 16:27:17 -04:00
Tibor Vass
d81951fffa
Merge pull request #8423 from unclejack/lint_changes
...
lint changes part 1
2014-10-21 12:15:58 -04:00
Gleb M Borisov
ef57ab120c
Use dual-stack Dialer when talking to registy
...
Signed-off-by: Gleb M. Borisov <borisov.gleb@gmail.com>
2014-10-21 03:59:11 +04:00
Daniel, Dao Quang Minh
dff0678909
Avoid fallback to SSL protocols < TLS1.0
...
Signed-off-by: Tibor Vass <teabee89@gmail.com>
Docker-DCO-1.1-Signed-off-by: Daniel, Dao Quang Minh <dqminh89@gmail.com> (github: dqminh)
Conflicts:
registry/registry.go
2014-10-20 16:51:06 -04:00
Tibor Vass
798fd3c764
Do not verify certificate when using --insecure-registry on an HTTPS registry
...
Signed-off-by: Tibor Vass <teabee89@gmail.com>
Conflicts:
registry/registry.go
registry/registry_test.go
registry/service.go
registry/session.go
2014-10-20 16:51:06 -04:00
Michael Crosby
27ddc260e2
Don't hard code true for auth job
...
Signed-off-by: Michael Crosby <michael@docker.com>
Conflicts:
registry/service.go
2014-10-20 16:51:05 -04:00
Michael Crosby
2b9798fa19
Refactor IsSecure change
...
Fix issue with restoring the tag store and setting static configuration
from the daemon. i.e. the field on the TagStore struct must be made
internal or the json.Unmarshal in restore will overwrite the insecure
registries to be an empty struct.
Signed-off-by: Michael Crosby <michael@docker.com>
Conflicts:
graph/pull.go
graph/push.go
graph/tags.go
2014-10-20 16:51:05 -04:00
unclejack
8b1c40732a
make http usage for registry explicit
...
Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)
Conflicts:
daemon/config.go
daemon/daemon.go
graph/pull.go
graph/push.go
graph/tags.go
registry/registry.go
registry/service.go
2014-10-20 16:51:05 -04:00
Dan Walsh
3a6fe4c5c9
On Red Hat Registry Servers we return 404 on certification errors.
...
We do this to prevent leakage of information, we don't want people
to be able to probe for existing content.
According to RFC 2616, "This status code (404) is commonly used when the server does not
wish to reveal exactly why the request has been refused, or when no other response i
is applicable."
https://www.ietf.org/rfc/rfc2616.txt
10.4.4 403 Forbidden
The server understood the request, but is refusing to fulfill it.
Authorization will not help and the request SHOULD NOT be repeated.
If the request method was not HEAD and the server wishes to make
public why the request has not been fulfilled, it SHOULD describe the
reason for the refusal in the entity. If the server does not wish to
make this information available to the client, the status code 404
(Not Found) can be used instead.
10.4.5 404 Not Found
The server has not found anything matching the Request-URI. No
indication is given of whether the condition is temporary or
permanent. The 410 (Gone) status code SHOULD be used if the server
knows, through some internally configurable mechanism, that an old
resource is permanently unavailable and has no forwarding address.
This status code is commonly used when the server does not wish to
reveal exactly why the request has been refused, or when no other
response is applicable.
When docker is running through its certificates, it should continue
trying with a new certificate even if it gets back a 404 error code.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
2014-10-20 13:20:48 -04:00
Tibor Vass
4c89bdaba2
Merge pull request #8588 from dqminh/remove-sslv3
...
remove sslv3 from server's TLS supported versions
2014-10-17 12:05:48 -04:00
Michael Crosby
09b02899d9
Merge pull request #8323 from crosbymichael/bump_v1.3.0
...
Bump to version 1.3.0
2014-10-16 10:08:54 -07:00
Daniel, Dao Quang Minh
20867c3b1f
Avoid fallback to SSL protocols < TLS1.0
...
Signed-off-by: Tibor Vass <teabee89@gmail.com>
Docker-DCO-1.1-Signed-off-by: Daniel, Dao Quang Minh <dqminh89@gmail.com> (github: dqminh)
2014-10-15 22:39:51 -04:00
Michael Crosby
f71654074b
Merge branch 'master' into bump_v1.3.0
2014-10-15 19:15:13 +00:00
Derek McGowan
479ed10e61
Support tarsum dev version to fix issue with mtime
...
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2014-10-10 16:04:29 -07:00
Derek McGowan
1538e42d56
Update manifest format to rename blobsums and use arrays of dictionaries
...
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2014-10-10 16:04:29 -07:00
Derek McGowan
f290f44632
Use direct registry url
...
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2014-10-10 16:04:28 -07:00
unclejack
7bfdb6d495
registry: lint
...
Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)
2014-10-06 22:34:39 +03:00
Derek McGowan
c47aa21c35
Add comment for permission and fix wrong format variable
...
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2014-10-02 17:41:57 -07:00
Derek McGowan
b7f7b0a2c9
Add provenance pull flow for official images
...
Add support for pulling signed images from a version 2 registry.
Only official images within the library namespace will be pull from the
new registry and check the build signature.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2014-10-01 18:26:06 -07:00
Vincent Batts
d629bebce2
registry: getting Endpoint ironned out
...
Signed-off-by: Vincent Batts <vbatts@redhat.com>
2014-10-01 13:19:40 -07:00
Tibor Vass
48b43c2645
Replace get.docker.io -> get.docker.com and test.docker.io -> test.docker.com
...
Signed-off-by: Tibor Vass <teabee89@gmail.com>
2014-09-24 18:53:27 -04:00
Phil Estes
b7da79fd14
Refactor all pre-compiled regexp to package level vars
...
Addresses #8057
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
2014-09-16 12:57:44 -04:00
Michael Crosby
a81b3ec0d7
Merge pull request #7689 from vbatts/vbatts-tarsum_versioning
...
TarSum: versioning
2014-09-10 15:08:36 -07:00