From 8257e8c42a8157c671b390e4cbb158c5481a6c8e Mon Sep 17 00:00:00 2001 From: Troels Thomsen Date: Thu, 22 Oct 2015 20:55:51 +0200 Subject: [PATCH 1/6] Use case of type name Signed-off-by: Troels Thomsen --- docs/storage/manifeststore.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/storage/manifeststore.go b/docs/storage/manifeststore.go index d161fb5a5..9af225412 100644 --- a/docs/storage/manifeststore.go +++ b/docs/storage/manifeststore.go @@ -47,7 +47,7 @@ func SkipLayerVerification(ms distribution.ManifestService) error { ms.skipDependencyVerification = true return nil } - return fmt.Errorf("skip layer verification only valid for manifeststore") + return fmt.Errorf("skip layer verification only valid for manifestStore") } func (ms *manifestStore) Put(manifest *schema1.SignedManifest) error { From a9a1b57900460b10bdf27eb642c5e5f02f844b22 Mon Sep 17 00:00:00 2001 From: Troels Thomsen Date: Wed, 25 Nov 2015 21:16:28 +0100 Subject: [PATCH 2/6] Remove name verification Signed-off-by: Troels Thomsen --- docs/storage/manifeststore.go | 3 --- 1 file changed, 3 deletions(-) diff --git a/docs/storage/manifeststore.go b/docs/storage/manifeststore.go index 9af225412..9c04b0031 100644 --- a/docs/storage/manifeststore.go +++ b/docs/storage/manifeststore.go @@ -106,9 +106,6 @@ func (ms *manifestStore) GetByTag(tag string, options ...distribution.ManifestSe // content, leaving trust policies of that content up to consumers. func (ms *manifestStore) verifyManifest(ctx context.Context, mnfst *schema1.SignedManifest) error { var errs distribution.ErrManifestVerification - if mnfst.Name != ms.repository.Name() { - errs = append(errs, fmt.Errorf("repository name does not match manifest name")) - } if len(mnfst.History) != len(mnfst.FSLayers) { errs = append(errs, fmt.Errorf("mismatched history and fslayer cardinality %d != %d", From 6fb6183083a626be81d595800fcfea56ea7e0624 Mon Sep 17 00:00:00 2001 From: Troels Thomsen Date: Thu, 26 Nov 2015 10:28:28 +0100 Subject: [PATCH 3/6] Verify manifest name length Signed-off-by: Troels Thomsen --- docs/storage/manifeststore.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/storage/manifeststore.go b/docs/storage/manifeststore.go index 9c04b0031..4cbfbda27 100644 --- a/docs/storage/manifeststore.go +++ b/docs/storage/manifeststore.go @@ -7,6 +7,7 @@ import ( "github.com/docker/distribution/context" "github.com/docker/distribution/digest" "github.com/docker/distribution/manifest/schema1" + "github.com/docker/distribution/reference" "github.com/docker/libtrust" ) @@ -107,6 +108,10 @@ func (ms *manifestStore) GetByTag(tag string, options ...distribution.ManifestSe func (ms *manifestStore) verifyManifest(ctx context.Context, mnfst *schema1.SignedManifest) error { var errs distribution.ErrManifestVerification + if len(mnfst.Name) > reference.NameTotalLengthMax { + errs = append(errs, fmt.Errorf("manifest name must not be more than %v characters", reference.NameTotalLengthMax)) + } + if len(mnfst.History) != len(mnfst.FSLayers) { errs = append(errs, fmt.Errorf("mismatched history and fslayer cardinality %d != %d", len(mnfst.History), len(mnfst.FSLayers))) From 8299937613b6a5ae6dd1767e7ff633be5fbf893a Mon Sep 17 00:00:00 2001 From: Troels Thomsen Date: Thu, 26 Nov 2015 10:28:35 +0100 Subject: [PATCH 4/6] Verify manifest name format Signed-off-by: Troels Thomsen --- docs/storage/manifeststore.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/storage/manifeststore.go b/docs/storage/manifeststore.go index 4cbfbda27..2505b57c7 100644 --- a/docs/storage/manifeststore.go +++ b/docs/storage/manifeststore.go @@ -112,6 +112,10 @@ func (ms *manifestStore) verifyManifest(ctx context.Context, mnfst *schema1.Sign errs = append(errs, fmt.Errorf("manifest name must not be more than %v characters", reference.NameTotalLengthMax)) } + if !reference.NameRegexp.MatchString(mnfst.Name) { + errs = append(errs, fmt.Errorf("invalid manifest name format")) + } + if len(mnfst.History) != len(mnfst.FSLayers) { errs = append(errs, fmt.Errorf("mismatched history and fslayer cardinality %d != %d", len(mnfst.History), len(mnfst.FSLayers))) From beeff299f86c658756e6f755ade148bb9a51069b Mon Sep 17 00:00:00 2001 From: Troels Thomsen Date: Tue, 1 Dec 2015 22:22:27 +0100 Subject: [PATCH 5/6] Use well-known error type Signed-off-by: Troels Thomsen --- docs/storage/manifeststore.go | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/docs/storage/manifeststore.go b/docs/storage/manifeststore.go index 2505b57c7..024c8e4bb 100644 --- a/docs/storage/manifeststore.go +++ b/docs/storage/manifeststore.go @@ -109,11 +109,19 @@ func (ms *manifestStore) verifyManifest(ctx context.Context, mnfst *schema1.Sign var errs distribution.ErrManifestVerification if len(mnfst.Name) > reference.NameTotalLengthMax { - errs = append(errs, fmt.Errorf("manifest name must not be more than %v characters", reference.NameTotalLengthMax)) + errs = append(errs, + distribution.ErrManifestNameInvalid{ + Name: mnfst.Name, + Reason: fmt.Errorf("manifest name must not be more than %v characters", reference.NameTotalLengthMax), + }) } if !reference.NameRegexp.MatchString(mnfst.Name) { - errs = append(errs, fmt.Errorf("invalid manifest name format")) + errs = append(errs, + distribution.ErrManifestNameInvalid{ + Name: mnfst.Name, + Reason: fmt.Errorf("invalid manifest name format"), + }) } if len(mnfst.History) != len(mnfst.FSLayers) { From e1cf7c418b81b5bc6700f9efcd6ddf7f4ec06816 Mon Sep 17 00:00:00 2001 From: Troels Thomsen Date: Tue, 1 Dec 2015 22:26:37 +0100 Subject: [PATCH 6/6] Map error type to error code Signed-off-by: Troels Thomsen --- docs/handlers/images.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/handlers/images.go b/docs/handlers/images.go index f753f099f..d30fce267 100644 --- a/docs/handlers/images.go +++ b/docs/handlers/images.go @@ -169,6 +169,8 @@ func (imh *imageManifestHandler) PutImageManifest(w http.ResponseWriter, r *http switch verificationError := verificationError.(type) { case distribution.ErrManifestBlobUnknown: imh.Errors = append(imh.Errors, v2.ErrorCodeManifestBlobUnknown.WithDetail(verificationError.Digest)) + case distribution.ErrManifestNameInvalid: + imh.Errors = append(imh.Errors, v2.ErrorCodeNameInvalid.WithDetail(err)) case distribution.ErrManifestUnverified: imh.Errors = append(imh.Errors, v2.ErrorCodeManifestUnverified) default: