Commit graph

1488 commits

Author SHA1 Message Date
Stephen Day
f89e584aa5 Merge pull request #637 from stevvooe/fix-build-without-rados
Ensure that rados is disabled without build tag
2015-06-17 18:38:27 -07:00
Doug Davis
c4eb195cc1 Move challenge http status code logic
See: 3ea67df373/registry/handlers/app.go (L498)

Per the comment on line 498, this moves the logic of setting the http
status code into the serveJSON func, leaving the auth.Challenge.ServeHTTP()
func to just set the auth challenge header.

Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-06-17 18:23:55 -07:00
Olivier Gambier
b5977c0868 Merge pull request #641 from moxiegirl/hugo-test-fixes
Hugo final 1.7 Documentation PR -- please read carefully
2015-06-17 18:04:53 -07:00
Mary Anthony
1aa8b00bdf Adding in the better sed
Renaming to index.md;rereading of Hugo showed me my mistake; removing commented out/Markdown has no comment feature
Updating with Olivier. Yay! It looks great

Signed-off-by: Mary Anthony <mary@docker.com>
2015-06-17 17:31:13 -07:00
Stephen J Day
b65a4a8713 Ensure that rados is disabled without build tag
This ensures that rados is not required when building the registry. This was
slightly tricky in that when the flags were applied, the rados package was
completely missing. This led to a problem where rados was basically unlistable
and untestable as a package. This was fixed by simply adding a doc.go file that
is included whether rados is built or not.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-06-16 20:00:02 -07:00
Stephen Day
3ea67df373 Merge pull request #623 from ahmetalpbalkan/azure-vendor
storage/driver/azure: Update vendored Azure SDK
2015-06-16 17:41:38 -07:00
Ahmet Alp Balkan
daa22cacba storage/driver/azure: Update vendored Azure SDK
This change refreshes the updated version of Azure SDK
for Go that has the latest changes.

I manually vendored the new SDK (github.com/Azure/azure-sdk-for-go)
and I removed `management/` `core/` packages manually simply because
they're not used here and they have a fork of `net/http` and `crypto/tls`
for a particular reason. It was introducing a 44k SLOC change otherwise...

This also undoes the `include_azure` flag (actually Steven removed the
driver from imports but forgot to add the build flag apparently, so the
flag wasn't really including azure. 😄 ). This also must be obsolete
now.

Fixes #620, #175.

Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
2015-06-16 17:13:44 -07:00
Stephen Day
25f9e314d2 Merge pull request #636 from stevvooe/uuid-generate-detect-eperm
Correctly detect EPERM on crypto/rand.Random.Read failure
2015-06-16 16:39:18 -07:00
Stephen Day
939b199154 Merge pull request #616 from RichardScothern/debug_build
Enable the registry to be built with debug symbols
2015-06-16 16:19:15 -07:00
Stephen J Day
7e35d16cb6 Correctly detect EPERM on crypto/rand.Random.Read failure
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-06-16 13:06:58 -07:00
moxiegirl
020bd0b45f Merge pull request #631 from moxiegirl/test-tooling
Updating for new docs build and tooling infrastructure 1.7 release; Thank you Olivier. I promise to look at all of this after Dockercon.  We'll make it perfect.
2015-06-15 17:57:25 -07:00
Olivier Gambier
d678e3dc57 Merge pull request #608 from dmcgowan/http-basic-auth
Implementation of a basic authentication scheme using standard .htpasswd
2015-06-15 17:40:58 -07:00
Mary Anthony
832cb9d52c Updating for Hugo
Updating for tooling tests
Updating with the new sed scripts to protect links
updating with new image
Updating with comments

Signed-off-by: Mary Anthony <mary@docker.com>
2015-06-15 14:39:33 -07:00
Stephen Day
e57e731821 Merge pull request #548 from duglin/MoveErrors
Move ErrorCode logic to new errcode package
2015-06-15 14:33:28 -07:00
Olivier Gambier
fc09e50eb4 Merge pull request #626 from dmp42/0.htpasswd
Ship htpasswd
2015-06-11 23:42:15 -07:00
Olivier Gambier
844dd6b0a5 Ship htpasswd
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-11 22:11:26 -07:00
Doug Davis
441f7cac87 Round 4
Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-06-11 21:33:35 -07:00
Stephen Day
4dc0c5e0c5 Merge pull request #624 from hopkings2008/master
add configuration file close after it is parsed.
2015-06-11 20:07:12 -07:00
yuzou
8a89040247 add configuration file close after it is parsed.
Signed-off-by: yuzou <zouyu7@huawei.com>
2015-06-12 10:41:00 +08:00
Richard
17db4d9e11 Enable the registry to be built with debug information with an environment
variable 'DISABLE_OPTIMIZATION'.

$ DISABLE_OPTIMIZATION=true make binaries

Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-06-11 17:22:08 -07:00
Stephen J Day
d9d55bcbab Minor formatting fixes related to htpasswd auth
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-06-11 17:06:35 -07:00
Olivier Gambier
9b75807a0b Merge pull request #622 from amouat/patch-2
Fix service command
2015-06-11 15:27:43 -07:00
Stephen J Day
01f730ad71 Document usage of htpasswd access controller
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-06-11 15:23:40 -07:00
Stephen Day
30d698926e Merge pull request #621 from amouat/patch-1
Fix typo
2015-06-11 15:17:53 -07:00
Adrian Mouat
a0baf93725 Fix service command
Pretty sure that service and docker were the wrong way around

Signed-off-by: Adrian Mouat <adrian.mouat@gmail.com>
2015-06-11 22:36:31 +01:00
Adrian Mouat
f670f00058 Fix typo
I think negociate is very occasionally used, but it certainly looks wrong to me.

Signed-off-by: Adrian Mouat <adrian.mouat@gmail.com>
2015-06-11 21:45:26 +01:00
Olivier Gambier
6deedd29d9 Merge pull request #615 from allingeek/master
Adding a volume for the default 'registry-dev' location.
2015-06-11 12:51:36 -07:00
Stephen Day
a5b21fa8f0 Merge pull request #617 from dmp42/pathchange
Saner default data location
2015-06-11 11:42:24 -07:00
Olivier Gambier
ad23a43bc4 Enhance building doc to reflect the new data default location
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-11 11:08:16 -07:00
Stephen Day
fc796f1722 Merge pull request #584 from xiekeyang/panic
Panic: Add Handler
2015-06-11 11:01:43 -07:00
Olivier Gambier
1ad9ac497c Merge pull request #590 from mattrobenolt/patch-1
Return valid json from StatusHandler
2015-06-11 09:51:45 -07:00
Olivier Gambier
7729294e38 Merge pull request #613 from antoniomercado/remove-nginx-authorization-unset
Removing Nginx Authorization header unset because it breaks with a user defined index endpoint
2015-06-11 08:56:02 -07:00
Olivier Gambier
8ed0c66745 Enhancing doc to persist data
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-11 01:41:15 -07:00
Olivier Gambier
69b4b73f7c Merge pull request #619 from neurodesign/fix-README-typo
Fix typo
2015-06-11 01:01:19 -07:00
Julien Fernandez
25778270be Fix typo
Signed-off-by: Julien Fernandez <julien.fernandez@gmail.com>
2015-06-11 08:50:34 +02:00
Jeff Nickoloff
5bd4b5c558 Updating the location of the volume to match the new location of the default registry data location.
Signed-off-by: Jeff Nickoloff <jeff@allingeek.com>
2015-06-10 21:24:16 -07:00
Olivier Gambier
6e0cfc17dc Saner default data location
Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-06-10 20:54:24 -07:00
Stephen J Day
0f654c25ac Rename the basic access controller to htpasswd
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-06-10 19:41:35 -07:00
Stephen J Day
ffd3662982 Harden basic auth implementation
After consideration, the basic authentication implementation has been
simplified to only support bcrypt entries in an htpasswd file. This greatly
increases the security of the implementation by reducing the possibility of
timing attacks and other problems trying to detect the password hash type.

Also, the htpasswd file is only parsed at startup, ensuring that the file can
be edited and not effect ongoing requests. Newly added passwords take effect on
restart. Subsequently, password hash entries are now stored in a map.

Test cases have been modified accordingly.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-06-10 19:38:56 -07:00
Stephen J Day
ffe56ebe41 Refactor Basic Authentication package
This change refactors the basic authentication implementation to better follow
Go coding standards. Many types are no longer exported. The parser is now a
separate function from the authentication code. The standard functions
(*http.Request).BasicAuth/SetBasicAuth are now used where appropriate.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
abd142855a Unexported function to comply with golint
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
e4c3ab4377 Removed dashes from comments, unexported htpasswd struct
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
d4f2260e04 Added dependency to golang.org/x/crypto/bcrypt
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
04f6a4811d Fixed golint, gofmt warning advice.
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
c50dfb7dae Added support for bcrypt, plaintext; extension points for other htpasswd hash methods.
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
c4849bb99a Aligned formatting with gofmt
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
Dave Trombley
0ecaa7f40a Fixed WWW-Authenticate: header, added example config and import into main, fixed golint warnings
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:38 -07:00
BadZen
8a204f59e7 Implementation of a basic authentication scheme using standard .htpasswd files
Signed-off-by: BadZen <dave.trombley@gmail.com>
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
2015-06-10 19:06:37 -07:00
Olivier Gambier
7363323321 Merge pull request #612 from HuKeping/addtest-httpchecker
Test: add test for HTTPChecker
2015-06-10 17:08:55 -07:00
Jeff Nickoloff
bf305c1b91 Adding a volume for the default 'registry-dev' location.
Signed-off-by: Jeff Nickoloff <jeff@allingeek.com>
2015-06-10 10:25:41 -07:00