From 5cef006c5a8ac0c0b771d78999119ff2db029e10 Mon Sep 17 00:00:00 2001 From: Victor Vieux Date: Sat, 7 Jun 2014 21:17:56 +0000 Subject: [PATCH 1/2] improve trusted location detection Docker-DCO-1.1-Signed-off-by: Victor Vieux (github: vieux) --- docs/registry.go | 2 +- docs/registry_test.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/registry.go b/docs/registry.go index 8d1a9f22..95cc7406 100644 --- a/docs/registry.go +++ b/docs/registry.go @@ -766,7 +766,7 @@ func trustedLocation(req *http.Request) bool { } for _, trusted := range trusteds { - if strings.HasSuffix(hostname, trusted) { + if hostname == trusted || strings.HasSuffix(hostname, "."+trusted) { return true } } diff --git a/docs/registry_test.go b/docs/registry_test.go index 2857ab4a..91a5ffa1 100644 --- a/docs/registry_test.go +++ b/docs/registry_test.go @@ -235,7 +235,7 @@ func TestValidRepositoryName(t *testing.T) { } func TestTrustedLocation(t *testing.T) { - for _, url := range []string{"http://example.com", "https://example.com:7777", "http://docker.io", "http://test.docker.io"} { + for _, url := range []string{"http://example.com", "https://example.com:7777", "http://docker.io", "http://test.docker.io", "https://fakedocker.com"} { req, _ := http.NewRequest("GET", url, nil) if trustedLocation(req) == true { t.Fatalf("'%s' shouldn't be detected as a trusted location", url) From 4ec6e68e04a58a1abce9cd14967047ec6feeb334 Mon Sep 17 00:00:00 2001 From: Victor Vieux Date: Sat, 7 Jun 2014 23:48:25 +0000 Subject: [PATCH 2/2] Disable timeout for push Docker-DCO-1.1-Signed-off-by: Victor Vieux (github: vieux) --- docs/registry.go | 23 +++++++++++------------ docs/registry_test.go | 2 +- docs/service.go | 2 +- 3 files changed, 13 insertions(+), 14 deletions(-) diff --git a/docs/registry.go b/docs/registry.go index 95cc7406..e91e7d12 100644 --- a/docs/registry.go +++ b/docs/registry.go @@ -790,22 +790,21 @@ func AddRequiredHeadersToRedirectedRequests(req *http.Request, via []*http.Reque return nil } -func NewRegistry(authConfig *AuthConfig, factory *utils.HTTPRequestFactory, indexEndpoint string) (r *Registry, err error) { - httpDial := func(proto string, addr string) (net.Conn, error) { - conn, err := net.Dial(proto, addr) - if err != nil { - return nil, err - } - conn = utils.NewTimeoutConn(conn, time.Duration(1)*time.Minute) - return conn, nil - } - +func NewRegistry(authConfig *AuthConfig, factory *utils.HTTPRequestFactory, indexEndpoint string, timeout bool) (r *Registry, err error) { httpTransport := &http.Transport{ - Dial: httpDial, DisableKeepAlives: true, Proxy: http.ProxyFromEnvironment, } - + if timeout { + httpTransport.Dial = func(proto string, addr string) (net.Conn, error) { + conn, err := net.Dial(proto, addr) + if err != nil { + return nil, err + } + conn = utils.NewTimeoutConn(conn, time.Duration(1)*time.Minute) + return conn, nil + } + } r = &Registry{ authConfig: authConfig, client: &http.Client{ diff --git a/docs/registry_test.go b/docs/registry_test.go index 91a5ffa1..2aae80ed 100644 --- a/docs/registry_test.go +++ b/docs/registry_test.go @@ -18,7 +18,7 @@ var ( func spawnTestRegistry(t *testing.T) *Registry { authConfig := &AuthConfig{} - r, err := NewRegistry(authConfig, utils.NewHTTPRequestFactory(), makeURL("/v1/")) + r, err := NewRegistry(authConfig, utils.NewHTTPRequestFactory(), makeURL("/v1/"), true) if err != nil { t.Fatal(err) } diff --git a/docs/service.go b/docs/service.go index 1c7a93de..89a4baa7 100644 --- a/docs/service.go +++ b/docs/service.go @@ -82,7 +82,7 @@ func (s *Service) Search(job *engine.Job) engine.Status { job.GetenvJson("authConfig", authConfig) job.GetenvJson("metaHeaders", metaHeaders) - r, err := NewRegistry(authConfig, HTTPRequestFactory(metaHeaders), IndexServerAddress()) + r, err := NewRegistry(authConfig, HTTPRequestFactory(metaHeaders), IndexServerAddress(), true) if err != nil { return job.Error(err) }