We use cookies to ensure you get the best experience on our website
Strona główna Odkrywaj Pomoc
Zarejestruj się Zaloguj się
0ct0pu5
/
moby
1
0
Forkuj 0
Pliki Problemy 0 Oczekujące zmiany 0 Wiki
Przeglądaj źródła

Fix: Docker Daemon didn't send actual actions client ask for to Token Server

The Docker Daemon should send actual actions client ask for to issue tokens,

not all the permissions that client is guaranteed.

Signed-off-by: xiekeyang <xiekeyang@huawei.com>
xiekeyang 9 lat temu
rodzic
e137f2d081
commit
e451ddbf46
3 zmienionych plików z 4 dodań i 4 usunięć
Zunifikowany widok Pokaż statystyki zmian
  1. 1 1
      graph/pull_v2.go
  2. 1 1
      graph/push_v2.go
  3. 2 2
      graph/registry.go

+ 1 - 1
graph/pull_v2.go
Wyświetl plik 

@@ -34,7 +34,7 @@ type v2Puller struct {
 
 
 
 func (p *v2Puller) Pull(tag string) (fallback bool, err error) {
 
 func (p *v2Puller) Pull(tag string) (fallback bool, err error) {
 
 	// TODO(tiborvass): was ReceiveTimeout
 
 	// TODO(tiborvass): was ReceiveTimeout
 
-	p.repo, err = NewV2Repository(p.repoInfo, p.endpoint, p.config.MetaHeaders, p.config.AuthConfig)
 
+	p.repo, err = NewV2Repository(p.repoInfo, p.endpoint, p.config.MetaHeaders, p.config.AuthConfig, "pull")
 
 	if err != nil {
 
 	if err != nil {
 
 		logrus.Debugf("Error getting v2 registry: %v", err)
 
 		logrus.Debugf("Error getting v2 registry: %v", err)
 
 		return true, err
 
 		return true, err

+ 1 - 1
graph/push_v2.go
Wyświetl plik 

@@ -30,7 +30,7 @@ type v2Pusher struct {
 
 }
 
 }
 
 
 
 func (p *v2Pusher) Push() (fallback bool, err error) {
 
 func (p *v2Pusher) Push() (fallback bool, err error) {
 
-	p.repo, err = NewV2Repository(p.repoInfo, p.endpoint, p.config.MetaHeaders, p.config.AuthConfig)
 
+	p.repo, err = NewV2Repository(p.repoInfo, p.endpoint, p.config.MetaHeaders, p.config.AuthConfig, "push", "pull")
 
 	if err != nil {
 
 	if err != nil {
 
 		logrus.Debugf("Error getting v2 registry: %v", err)
 
 		logrus.Debugf("Error getting v2 registry: %v", err)
 
 		return true, err
 
 		return true, err

+ 2 - 2
graph/registry.go
Wyświetl plik 

@@ -30,7 +30,7 @@ func (dcs dumbCredentialStore) Basic(*url.URL) (string, string) {
 
 // NewV2Repository returns a repository (v2 only). It creates a HTTP transport
 
 // NewV2Repository returns a repository (v2 only). It creates a HTTP transport
 
 // providing timeout settings and authentication support, and also verifies the
 
 // providing timeout settings and authentication support, and also verifies the
 
 // remote API version.
 
 // remote API version.
 
-func NewV2Repository(repoInfo *registry.RepositoryInfo, endpoint registry.APIEndpoint, metaHeaders http.Header, authConfig *cliconfig.AuthConfig) (distribution.Repository, error) {
 
+func NewV2Repository(repoInfo *registry.RepositoryInfo, endpoint registry.APIEndpoint, metaHeaders http.Header, authConfig *cliconfig.AuthConfig, actions ...string) (distribution.Repository, error) {
 
 	ctx := context.Background()
 
 	ctx := context.Background()
 
 
 
 	repoName := repoInfo.CanonicalName
 
 	repoName := repoInfo.CanonicalName
 
@@ -91,7 +91,7 @@ func NewV2Repository(repoInfo *registry.RepositoryInfo, endpoint registry.APIEnd
 
 	}
 
 	}
 
 
 
 	creds := dumbCredentialStore{auth: authConfig}
 
 	creds := dumbCredentialStore{auth: authConfig}
 
-	tokenHandler := auth.NewTokenHandler(authTransport, creds, repoName, "push", "pull")
 
+	tokenHandler := auth.NewTokenHandler(authTransport, creds, repoName, actions...)
 
 	basicHandler := auth.NewBasicHandler(creds)
 
 	basicHandler := auth.NewBasicHandler(creds)
 
 	modifiers = append(modifiers, auth.NewAuthorizer(challengeManager, tokenHandler, basicHandler))
 
 	modifiers = append(modifiers, auth.NewAuthorizer(challengeManager, tokenHandler, basicHandler))
 
 	tr := transport.NewTransport(base, modifiers...)
 
 	tr := transport.NewTransport(base, modifiers...)

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5