through proxies.
Add a function to examine X-Forward-For and X-Real-Ip headers for
originating IP addresses. Use RemoteAddr for notification request
record and HTTP request context.
This changeset simply adds hooks into the configuration system to support
multiple different kinds of output formats. These formatters are provided by
logrus and include options such as "text" and "json". The configuraiton
documentation has been updated accordingly.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
Set represents a unique set of digests which allow for efficient lookup.
Dumping short codes is a function which takes in a digest set.
Any operation involving short codes may be considered secure if the list of digests added to the set is the complete list of referenceable digests.
Contains benchmarks for Add, Lookup, and Dump.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
This enables Azure storage driver to be used with non-default
cloud endpoints like Azure China or Azure Government that does
not use `.blob.core.windows.net` FQDN suffix.
Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
This enables Azure storage driver to be used with non-default
cloud endpoints like Azure China or Azure Government that does
not use `.blob.core.windows.net` FQDN suffix.
Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
No longer add the body to the error when a 404 is received on get repository data.
closes#11510
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Pushing a v2 image layer has two steps:
- POST to get a new upload URL
- PUT to that upload URL
We were previously not checking the response code of
the POST request and the PUT would fail in weird ways.
Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
This addresses a subtle deadlock where an error during a copy prevented pipe
closure to propagate correctly. By closing down the read end of the pipe rather
than the write end, the waiting writer is properly signaled. A nice side-effect
of this change is that errors encountered by io.Copy are no propagated to the
verifier's Write method.
A test to ensure validation errors for unsupported digest types has been added,
as well.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
Currently the http clients used by auth use the default tls config. The config needs to be updated to only support TLS1.0 and newer as well as respect registry insecure configuration.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
When docker push get response with unknown HTTP status, docker daemon
print:
"Error: Status XXX trying to push repository XXX: XXX"
But when docker pull meets response with unknown status code, it gives:
"HTTP code: XXX"
This commit helps docker pull print more detailed error info like push
does, so push and pull can behave consistently when error happens.
Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
Add ability to refer to an image by repository name and digest using the
format repository@digest. Works for pull, push, run, build, and rmi.
Signed-off-by: Andy Goldstein <agoldste@redhat.com>
Currently when registry error strings contain new line characters only the last line is displayed to the client. Quote the string to ensure the client can see the entire body value.
fixes#11346
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Currently when the registry ping is sent, it creates the request directly from http.NewRequest instead of from the http request factory. The request factory adds useful header information such as user agent which is needed by the registry.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
