0ct0pu5/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
35831 commits 14 branches 412 tags 338 MiB
Commit graph

14 commits

Author SHA1 Message Date
Jameson Hyde
a79fabbfe8 If url includes scheme, urlPath will drop hostname, which would not match the auth check 
Signed-off-by: Jameson Hyde <jameson.hyde@docker.com>
(cherry picked from commit 754fb8d9d03895ae3ab60d2ad778152b0d835206)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
 2019-01-09 17:31:53 +00:00
Jameson Hyde
fc274cd2ff Authz plugin security fixes for 0-length content and path validation Signed-off-by: Jameson Hyde <jameson.hyde@docker.com> 
fix comments

(cherry picked from commit 9659c3a52bac57e615b5fb49b0652baca448643e)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
 2019-01-09 17:31:53 +00:00
odg0318
6ac73d34e4 If Content-Type is application/json;charset=UTF-8, RequestBody is empty. 
Signed-off-by: odg0318 <odg0318@gmail.com>
 2018-04-05 04:03:45 -04:00
Daniel Nephin
4f0d95fa6e Add canonical import comment 
Signed-off-by: Daniel Nephin <dnephin@docker.com>
 2018-02-05 16:51:57 -05:00
Josh Soref
39bcaee47b
Spelling fixes 
* additional
* ambiguous
* anonymous
* anything
* application
* because
* before
* building
* capabilities
* circumstances
* commit
* committer
* compresses
* concatenated
* config
* container
* container's
* current
* definition
* delimiter
* disassociates
* discovery
* distributed
* doesnotexist
* downloads
* duplicates
* either
* enhancing
* enumerate
* escapable
* exactly
* expect
* expectations
* expected
* explicitly
* false
* filesystem
* following
* forbidden
* git with
* healthcheck
* ignore
* independent
* inheritance
* investigating
* irrelevant
* it
* logging
* looking
* membership
* mimic
* minimum
* modify
* mountpoint
* multiline
* notifier
* outputting
* outside
* overridden
* override
* parsable
* plugins
* precedence
* propagation
* provided
* provides
* registries
* repositories
* returning
* settings
* should
* signals
* someone
* something
* specifically
* successfully
* synchronize
* they've
* thinking
* uninitialized
* unintentionally
* unmarshaling
* unnamed
* unreferenced
* verify

Signed-off-by: Josh Soref <jsoref@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2017-07-03 13:13:09 -07:00
Doron Podoleanu
6bec735c91 Use const http status code instead of just numbers see #24783 
Signed-off-by: Doron Podoleanu <doronp@il.ibm.com>
 2016-07-19 10:40:20 +03:00
Tibor Vass
f37117045c plugins: experimental support for new plugin management 
This patch introduces a new experimental engine-level plugin management
with a new API and command line. Plugins can be distributed via a Docker
registry, and their lifecycle is managed by the engine.
This makes plugins a first-class construct.

For more background, have a look at issue #20363.

Documentation is in a separate commit. If you want to understand how the
new plugin system works, you can start by reading the documentation.

Note: backwards compatibility with existing plugins is maintained,
albeit they won't benefit from the advantages of the new system.

Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Anusha Ragunathan <anusha@docker.com>
 2016-06-14 14:20:27 -07:00
Antonio Murdaca
d1b7e8373b authz: cleanups 
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
 2016-06-12 17:23:19 +02:00
Akihiro Suda
f437e2d148 Fix racy tests in pkg/authorization 
Fix #23012

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
 2016-06-01 03:25:56 +00:00
Antonio Murdaca
6a96684442 pkg: authorization: cleanup tests 
- do use use log pkg
- do not t.Fatal in goroutine
- cleanups

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
 2016-05-08 14:18:38 +02:00
Jessica Frazelle
0e025b4bb1
fix variables that werent being called 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
 2016-03-17 13:19:55 -07:00
David Calavera
1a63023450 Call plugins with custom transports. 
Small refactor to be able to use custom transports
to call remote plugins.

Signed-off-by: David Calavera <david.calavera@gmail.com>
 2016-03-02 12:54:53 -05:00
Liron Levin
ca5c2abecf Fix #20508 - Authz plugin enabled with large text/JSON POST payload corrupts body 
Based on the discussion, we have changed the following:

1. Send body only if content-type is application/json (based on the
Docker official daemon REST specification, this is the provided for all
APIs that requires authorization.

2. Correctly verify that the msg body is smaller than max cap (this was
the actual bug). Fix includes UT.

3. Minor: Check content length > 0 (it was -1 for load, altough an
attacker can still modify this)

Signed-off-by: Liron Levin <liron@twistlock.com>
 2016-02-25 08:11:55 +02:00
John Howard
57faef5c71 Windows CI: test-unit turn off pkg\authorisation 
Signed-off-by: John Howard <jhoward@microsoft.com>
 2016-02-11 17:42:12 -08:00
Renamed from pkg/authorization/authz_test.go (Browse further)