Commit graph

2698 commits

Author SHA1 Message Date
Stephen J Day
55ea440428
registry/{storage,handlers}: limit content sizes
Under certain circumstances, the use of `StorageDriver.GetContent` can
result in unbounded memory allocations. In particualr, this happens when
accessing a layer through the manifests endpoint.

This problem is mitigated by setting a 4MB limit when using to access
content that may have been accepted from a user. In practice, this means
setting the limit with the use of `BlobProvider.Get` by wrapping
`StorageDriver.GetContent` in a helper that uses `StorageDriver.Reader`
with a `limitReader` that returns an error.

When mitigating this security issue, we also noticed that the size of
manifests uploaded to the registry is also unlimited. We apply similar
logic to the request body of payloads that are full buffered.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-07-06 17:13:39 -07:00
Aaron Lehmann
f86db6b226 Merge pull request #2315 from ipanova/mediatype-typo
Fixing image manifest schema2 medaitype typo in docs.
2017-06-27 11:58:08 -07:00
Aaron Lehmann
caa175c710 Merge pull request #2299 from dmage/regulator
Fix signalling Wait in regulator.enter
2017-06-23 15:25:35 -07:00
Derek McGowan
b9f76758ae Merge pull request #2310 from dmage/digest
Update Docker-Content-Digest if manifest list is rewritten
2017-06-23 15:07:39 -07:00
Igor Morozov
a97d7c0c15 moved Sirupsen to sirupsen on a case sensitive system
Signed-off-by: Igor Morozov <igor@adhoc05-sjc1.prod.uber.internal>
2017-06-23 20:28:48 +00:00
Ina Panova
5ccd03d28a Fixing image manifest schema2 medaitype typo in docs.
Signed-off-by: Ina Panova <ipanova@redhat.com>
2017-06-23 12:25:52 +02:00
Oleg Bulatov
5b1b6afae2 Update Docker-Content-Digest if manifest list is rewritten
If the client doesn't support manifest lists, the registry will
rewrite a manifest list into the old format. The Docker-Content-Digest
header should be updated in this case.

Signed-off-by: Oleg Bulatov <oleg@bulatov.me>
2017-06-16 16:20:14 +02:00
Oleg Bulatov
258345ba0d Fix signalling Wait in regulator.enter
In some conditions, regulator.exit may not send a signal to blocked
regulator.enter.

Let's assume we are in the critical section of regulator.exit and r.available
is equal to 0. And there are three more gorotines. One goroutine also executes
regulator.exit and waits for the lock. Rest run regulator.enter and wait for
the signal.

We send the signal, and after releasing the lock, there will be lock
contention:

  1. Wait from regulator.enter
  2. Lock from regulator.exit

If the winner is Lock from regulator.exit, we will not send another signal to
unlock the second Wait.

Signed-off-by: Oleg Bulatov <obulatov@redhat.com>
2017-06-02 15:41:55 +02:00
Stephen Day
1e2f10eb65 Merge pull request #2281 from sixeyed/patch-1
Add ARGs for cross-compiling
2017-05-24 13:58:24 -07:00
Derek McGowan
a1576d6e21 Merge pull request #2165 from kevinetc123/patch-1
fix some misspells
2017-05-24 11:18:20 -07:00
Derek McGowan
49bb3242da Merge pull request #2282 from mstanleyjones/put-back-architecture-doc
Put architecture.md back into distribution repo
2017-05-23 13:10:21 -07:00
Misty Stanley-Jones
b0f98e9382 Put architecture.md back into distribution repo
Signed-off-by: Misty Stanley-Jones <misty@docker.com>
2017-05-23 11:24:11 -07:00
Derek McGowan
079f5b179d Merge pull request #2276 from nycholas/patch-1
Update README.md
2017-05-23 10:30:50 -07:00
Elton Stoneman
646fc9702c Add ARGs for cross-compiling
Add build args. Defaults to Linux/x64 so no change to existing image, but can build for other platforms - e.g.
```
docker build --build-arg GOOS=windows -t distribution-builder:windows .
```

Signed-off-by: Elton Stoneman <elton@sixeyed.com>
2017-05-23 10:02:15 +01:00
Nycholas de Oliveira e Oliveira
5573a13f15 Update README.md
Signed-off-by: Nycholas de Oliveira e Oliveira <nycholas@gmail.com>
2017-05-18 10:11:41 -03:00
Derek McGowan
a528cc1fc3 Merge pull request #2206 from stevvooe/update-resumable-hash
vendor: update resumable dependency
2017-05-17 13:09:54 -07:00
Stephen J Day
f01bcc8f62
vendor: update resumable dependency
Updates resumable hash implementation to Go 1.8 equivalent. This should
be a major speedup, since it includes a number of optimizations from Go
1.7.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-05-16 15:12:58 -07:00
Stephen Day
83f857ca12 Merge pull request #2207 from docker/update-go-1.8
go 1.8: update dockerfile and circle
2017-05-16 13:16:41 -07:00
Derek McGowan
9098f843d6 Merge pull request #2275 from IamBusy/master
Remove unused function
2017-05-16 11:51:13 -07:00
Derek McGowan
df1e488526
Update registry build to use go 1.8
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2017-05-16 11:33:57 -07:00
william wei
37ca688dc0 Remove unused function
Signed-off-by: william wei <1342247033@qq.com>
2017-05-16 17:47:13 +08:00
Derek McGowan
ce936a8591 Merge pull request #2262 from m-masataka/add_description_of_timeout
DOC:configuration.md: Change description of interval.
2017-05-05 11:45:43 -07:00
Masataka Mizukoshi
7d8dab5fdc DOC:configuration.md: Change description of interval.
Signed-off-by: Masataka Mizukoshi <m.mizukoshi.wakuwaku@gmail.com>
2017-05-04 19:14:29 +00:00
Stephen Day
a40abc69f2 Merge pull request #2245 from aaronlehmann/fetch-origin
[CI] Fetch origin before diffing
2017-05-04 11:51:08 -07:00
Stephen Day
7cc8e701c9 Merge pull request #2264 from luislobo/patch-1
Fixed #htpasswd link
2017-05-04 11:24:27 -07:00
Luis Lobo Borobia
212f47c318
Fixed #htpasswd link
Fixed #htpasswd link

Signed-off-by: Luis Lobo Borobia <luislobo@gmail.com>
2017-05-03 23:19:44 -05:00
Masataka Mizukoshi
05ac637aec DOC:configuration.md: Change description of interval.
Signed-off-by: Masataka Mizukoshi <m.mizukoshi.wakuwaku@gmail.com>
2017-05-01 09:28:32 +00:00
Derek McGowan
1d7824702b Merge pull request #2247 from yuwaMSFT2/revendorazuresdk
closes #2224 re-vendor the latest Azure Storage SDK for better performance
2017-04-27 10:54:25 -07:00
Derek McGowan
b7d5d9bfed Merge pull request #2258 from tt/return-early-to-prevent-nil-pointer-dereference
Return early to prevent nil pointer dereference
2017-04-27 09:38:03 -07:00
Troels Thomsen
1935c8d50b Return early to prevent nil pointer dereference
Signed-off-by: Troels Thomsen <troels@thomsen.io>
2017-04-27 14:59:37 +02:00
Derek McGowan
f4a1d3e0d5 Merge pull request #2230 from tt/support-session-token
Support session token
2017-04-26 12:53:50 -07:00
Troels Thomsen
7f510ae9c9 Support session token
Signed-off-by: Troels Thomsen <troels@thomsen.io>
2017-04-25 19:31:50 +02:00
Derek McGowan
e85ef3c019 Merge pull request #2253 from stevvooe/allow-more-digest-alg-separators
reference: allow more than 1 digest algorithm separator
2017-04-25 09:30:17 -07:00
Stephen J Day
3da015f8aa
reference: allow more than 1 digest algorithm separator
This updates the grammar to allow more than one digest algorithm
separator, matching the regular expression and intended grammar.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-04-24 15:14:12 -07:00
Yu Wang (UC)
ac05d143d8 closes #2224: re-vendor the latest Azure Storage SDK for better performance
Signed-off-by: Yu Wang <yuwa@microsoft.com>
2017-04-14 14:20:18 -07:00
Aaron Lehmann
2f728896a0 [CI] Fetch origin before diffing
It turns out that origin/master may not be up to date in CircleCI
checkouts. Fetch origin so that diffing for the vendor check can be done
correctly.

Note that this doesn't help the case of PRs against branches other than
master, but the worst case is that those will waste a few seconds doing
unnecessary vendor validation. Since those PRs are relatively rare, that
seems fine.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2017-04-12 13:18:06 -07:00
Stephen Day
c3e06c6069 Merge pull request #2239 from stevvooe/use-request-context
register/handlers: remove context manager
2017-04-10 16:14:28 -07:00
Stephen J Day
818ba4babf
vendor: update gorilla/mux to be compatible with Go 1.7
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-04-10 15:27:42 -07:00
Stephen J Day
1f0a9dbca0
register/handlers: remove context manager
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-04-10 15:27:30 -07:00
Stephen Day
a73ed75f5a Merge pull request #2241 from dmcgowan/vendor-fix
Update vendor directory to match expectation of vndr tool
2017-04-10 14:08:28 -07:00
Derek McGowan
b22c6b7a4e Update vendor directory to match expectation of vndr tool
Adds READMEs and enforces vendor is done at repository root

Signed-off-by: Derek McGowan <derek@mcgstyle.net>
2017-04-10 12:07:32 -07:00
Stephen Day
7b9ebdc54f Merge pull request #2215 from AlvinFeng/expires
Remove expires tag from s3 upload
2017-04-07 12:14:10 -07:00
Derek McGowan
0dd6ca97af Merge pull request #2238 from SantiagoTorres/fix_readme_broken_link
DOC: README: Fix broken link in migrator
2017-04-06 10:25:25 -07:00
Santiago Torres
364d2e4a5b
DOC: README: Fix broken link in migrator
A stray space in the link for the migrator repository wasn't allowing it
to be rendered properly in markdown viewers. Remove such a space to
avoid this.

Signed-off-by: Santiago Torres-Arias <torresariass@gmail.com>
2017-04-05 19:22:18 -04:00
Derek McGowan
0700fa570d Merge pull request #2219 from dmcgowan/fix-forwarded-logic
Fix forwarded logic
2017-03-21 10:14:25 -07:00
Derek McGowan
81a47d9766 Remove support for X-Forwarded-Port
Partially reverts change adding support for X-Forwarded-Port.
Changes the logic to prefer the standard Forwarded header over
X-Forwarded headers. Prefer forwarded "host" over "for" since
"for" represents the client and not the client's request.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2017-03-20 16:13:33 -07:00
Troels Thomsen
d4c3e88426
Add test for precendence with standard port
Signed-off-by: Troels Thomsen <troels@thomsen.io>
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2017-03-20 16:10:44 -07:00
Derek McGowan
11c74e07e0 Merge pull request #2218 from aaronlehmann/restore-vendor-dir
Makefile: Restore vendor directory after dep-validate
2017-03-20 11:28:17 -07:00
Derek McGowan
d2da3173db Merge pull request #2217 from aaronlehmann/fix-vendor-validation
Fix vendor validation
2017-03-20 11:28:00 -07:00
Aaron Lehmann
299b90b0bd Makefile: Restore vendor directory after dep-validate
Currently, this target makes changes to the vendor directory, which may
overwrite local changes or cause build errors. It's better to restore
the original vendor directory after running the check.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2017-03-20 11:12:03 -07:00