TrueCloudLab/distribution: The toolkit to pack, ship, store, and deliver container content

The toolkit to pack, ship, store, and deliver container content

cncf containers oci oci-specification registry

Find a file

Stephen J Day 14f3b07db0 Harden basic auth implementation After consideration, the basic authentication implementation has been simplified to only support bcrypt entries in an htpasswd file. This greatly increases the security of the implementation by reducing the possibility of timing attacks and other problems trying to detect the password hash type. Also, the htpasswd file is only parsed at startup, ensuring that the file can be edited and not effect ongoing requests. Newly added passwords take effect on restart. Subsequently, password hash entries are now stored in a map. Test cases have been modified accordingly. Signed-off-by: Stephen J Day <stephen.day@docker.com>	2015-06-10 19:38:56 -07:00
docs	Harden basic auth implementation	2015-06-10 19:38:56 -07:00

Stephen J Day 14f3b07db0 Harden basic auth implementation

After consideration, the basic authentication implementation has been
simplified to only support bcrypt entries in an htpasswd file. This greatly
increases the security of the implementation by reducing the possibility of
timing attacks and other problems trying to detect the password hash type.

Also, the htpasswd file is only parsed at startup, ensuring that the file can
be edited and not effect ongoing requests. Newly added passwords take effect on
restart. Subsequently, password hash entries are now stored in a map.

Test cases have been modified accordingly.

Signed-off-by: Stephen J Day <stephen.day@docker.com>

2015-06-10 19:38:56 -07:00

docs

Harden basic auth implementation

2015-06-10 19:38:56 -07:00