forked from TrueCloudLab/distribution
commit
08d0d3756c
2 changed files with 18 additions and 14 deletions
|
@ -22,10 +22,13 @@ type registry struct {
|
||||||
resumableDigestEnabled bool
|
resumableDigestEnabled bool
|
||||||
schema1SigningKey libtrust.PrivateKey
|
schema1SigningKey libtrust.PrivateKey
|
||||||
blobDescriptorServiceFactory distribution.BlobDescriptorServiceFactory
|
blobDescriptorServiceFactory distribution.BlobDescriptorServiceFactory
|
||||||
manifestURLs struct {
|
manifestURLs manifestURLs
|
||||||
allow *regexp.Regexp
|
}
|
||||||
deny *regexp.Regexp
|
|
||||||
}
|
// manifestURLs holds regular expressions for controlling manifest URL whitelisting
|
||||||
|
type manifestURLs struct {
|
||||||
|
allow *regexp.Regexp
|
||||||
|
deny *regexp.Regexp
|
||||||
}
|
}
|
||||||
|
|
||||||
// RegistryOption is the type used for functional options for NewRegistry.
|
// RegistryOption is the type used for functional options for NewRegistry.
|
||||||
|
@ -245,9 +248,10 @@ func (repo *repository) Manifests(ctx context.Context, options ...distribution.M
|
||||||
blobStore: blobStore,
|
blobStore: blobStore,
|
||||||
},
|
},
|
||||||
schema2Handler: &schema2ManifestHandler{
|
schema2Handler: &schema2ManifestHandler{
|
||||||
ctx: ctx,
|
ctx: ctx,
|
||||||
repository: repo,
|
repository: repo,
|
||||||
blobStore: blobStore,
|
blobStore: blobStore,
|
||||||
|
manifestURLs: repo.registry.manifestURLs,
|
||||||
},
|
},
|
||||||
manifestListHandler: &manifestListHandler{
|
manifestListHandler: &manifestListHandler{
|
||||||
ctx: ctx,
|
ctx: ctx,
|
||||||
|
|
|
@ -1,12 +1,11 @@
|
||||||
package storage
|
package storage
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"encoding/json"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/url"
|
"net/url"
|
||||||
|
|
||||||
"encoding/json"
|
|
||||||
|
|
||||||
"github.com/docker/distribution"
|
"github.com/docker/distribution"
|
||||||
"github.com/docker/distribution/context"
|
"github.com/docker/distribution/context"
|
||||||
"github.com/docker/distribution/digest"
|
"github.com/docker/distribution/digest"
|
||||||
|
@ -21,9 +20,10 @@ var (
|
||||||
|
|
||||||
//schema2ManifestHandler is a ManifestHandler that covers schema2 manifests.
|
//schema2ManifestHandler is a ManifestHandler that covers schema2 manifests.
|
||||||
type schema2ManifestHandler struct {
|
type schema2ManifestHandler struct {
|
||||||
repository distribution.Repository
|
repository distribution.Repository
|
||||||
blobStore distribution.BlobStore
|
blobStore distribution.BlobStore
|
||||||
ctx context.Context
|
ctx context.Context
|
||||||
|
manifestURLs manifestURLs
|
||||||
}
|
}
|
||||||
|
|
||||||
var _ ManifestHandler = &schema2ManifestHandler{}
|
var _ ManifestHandler = &schema2ManifestHandler{}
|
||||||
|
@ -97,8 +97,8 @@ func (ms *schema2ManifestHandler) verifyManifest(ctx context.Context, mnfst sche
|
||||||
if len(fsLayer.URLs) == 0 {
|
if len(fsLayer.URLs) == 0 {
|
||||||
err = errMissingURL
|
err = errMissingURL
|
||||||
}
|
}
|
||||||
allow := ms.repository.manifestURLs.allow
|
allow := ms.manifestURLs.allow
|
||||||
deny := ms.repository.manifestURLs.deny
|
deny := ms.manifestURLs.deny
|
||||||
for _, u := range fsLayer.URLs {
|
for _, u := range fsLayer.URLs {
|
||||||
var pu *url.URL
|
var pu *url.URL
|
||||||
pu, err = url.Parse(u)
|
pu, err = url.Parse(u)
|
||||||
|
|
Loading…
Reference in a new issue