2015-04-22 08:06:58 -04:00
|
|
|
package cliconfig
|
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/base64"
|
|
|
|
"encoding/json"
|
|
|
|
"errors"
|
|
|
|
"fmt"
|
|
|
|
"io/ioutil"
|
|
|
|
"os"
|
|
|
|
"path/filepath"
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
"github.com/docker/docker/pkg/homedir"
|
2015-06-11 14:29:29 -04:00
|
|
|
"github.com/docker/docker/pkg/system"
|
2015-04-22 08:06:58 -04:00
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
|
|
|
// Where we store the config file
|
|
|
|
CONFIGFILE = "config.json"
|
|
|
|
OLD_CONFIGFILE = ".dockercfg"
|
|
|
|
|
|
|
|
// This constant is only used for really old config files when the
|
|
|
|
// URL wasn't saved as part of the config file and it was just
|
|
|
|
// assumed to be this value.
|
|
|
|
DEFAULT_INDEXSERVER = "https://index.docker.io/v1/"
|
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
2015-04-28 11:00:18 -04:00
|
|
|
configDir = os.Getenv("DOCKER_CONFIG")
|
2015-04-22 08:06:58 -04:00
|
|
|
ErrConfigFileMissing = errors.New("The Auth config file is missing")
|
|
|
|
)
|
|
|
|
|
2015-04-28 11:00:18 -04:00
|
|
|
func init() {
|
|
|
|
if configDir == "" {
|
|
|
|
configDir = filepath.Join(homedir.Get(), ".docker")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func ConfigDir() string {
|
|
|
|
return configDir
|
|
|
|
}
|
|
|
|
|
|
|
|
func SetConfigDir(dir string) {
|
|
|
|
configDir = dir
|
|
|
|
}
|
|
|
|
|
2015-04-22 08:06:58 -04:00
|
|
|
// Registry Auth Info
|
|
|
|
type AuthConfig struct {
|
|
|
|
Username string `json:"username,omitempty"`
|
|
|
|
Password string `json:"password,omitempty"`
|
|
|
|
Auth string `json:"auth"`
|
|
|
|
Email string `json:"email"`
|
|
|
|
ServerAddress string `json:"serveraddress,omitempty"`
|
|
|
|
}
|
|
|
|
|
|
|
|
// ~/.docker/config.json file info
|
|
|
|
type ConfigFile struct {
|
|
|
|
AuthConfigs map[string]AuthConfig `json:"auths"`
|
|
|
|
HttpHeaders map[string]string `json:"HttpHeaders,omitempty"`
|
|
|
|
filename string // Note: not serialized - for internal use only
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewConfigFile(fn string) *ConfigFile {
|
|
|
|
return &ConfigFile{
|
|
|
|
AuthConfigs: make(map[string]AuthConfig),
|
|
|
|
HttpHeaders: make(map[string]string),
|
|
|
|
filename: fn,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// load up the auth config information and return values
|
|
|
|
// FIXME: use the internal golang config parser
|
|
|
|
func Load(configDir string) (*ConfigFile, error) {
|
|
|
|
if configDir == "" {
|
2015-04-28 11:00:18 -04:00
|
|
|
configDir = ConfigDir()
|
2015-04-22 08:06:58 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
configFile := ConfigFile{
|
|
|
|
AuthConfigs: make(map[string]AuthConfig),
|
|
|
|
filename: filepath.Join(configDir, CONFIGFILE),
|
|
|
|
}
|
|
|
|
|
|
|
|
// Try happy path first - latest config file
|
|
|
|
if _, err := os.Stat(configFile.filename); err == nil {
|
|
|
|
file, err := os.Open(configFile.filename)
|
|
|
|
if err != nil {
|
|
|
|
return &configFile, err
|
|
|
|
}
|
|
|
|
defer file.Close()
|
|
|
|
|
|
|
|
if err := json.NewDecoder(file).Decode(&configFile); err != nil {
|
|
|
|
return &configFile, err
|
|
|
|
}
|
|
|
|
|
|
|
|
for addr, ac := range configFile.AuthConfigs {
|
|
|
|
ac.Username, ac.Password, err = DecodeAuth(ac.Auth)
|
|
|
|
if err != nil {
|
|
|
|
return &configFile, err
|
|
|
|
}
|
|
|
|
ac.Auth = ""
|
|
|
|
ac.ServerAddress = addr
|
|
|
|
configFile.AuthConfigs[addr] = ac
|
|
|
|
}
|
|
|
|
|
|
|
|
return &configFile, nil
|
|
|
|
} else if !os.IsNotExist(err) {
|
|
|
|
// if file is there but we can't stat it for any reason other
|
|
|
|
// than it doesn't exist then stop
|
|
|
|
return &configFile, err
|
|
|
|
}
|
|
|
|
|
|
|
|
// Can't find latest config file so check for the old one
|
|
|
|
confFile := filepath.Join(homedir.Get(), OLD_CONFIGFILE)
|
|
|
|
|
|
|
|
if _, err := os.Stat(confFile); err != nil {
|
|
|
|
return &configFile, nil //missing file is not an error
|
|
|
|
}
|
|
|
|
|
|
|
|
b, err := ioutil.ReadFile(confFile)
|
|
|
|
if err != nil {
|
|
|
|
return &configFile, err
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := json.Unmarshal(b, &configFile.AuthConfigs); err != nil {
|
|
|
|
arr := strings.Split(string(b), "\n")
|
|
|
|
if len(arr) < 2 {
|
|
|
|
return &configFile, fmt.Errorf("The Auth config file is empty")
|
|
|
|
}
|
|
|
|
authConfig := AuthConfig{}
|
|
|
|
origAuth := strings.Split(arr[0], " = ")
|
|
|
|
if len(origAuth) != 2 {
|
|
|
|
return &configFile, fmt.Errorf("Invalid Auth config file")
|
|
|
|
}
|
|
|
|
authConfig.Username, authConfig.Password, err = DecodeAuth(origAuth[1])
|
|
|
|
if err != nil {
|
|
|
|
return &configFile, err
|
|
|
|
}
|
|
|
|
origEmail := strings.Split(arr[1], " = ")
|
|
|
|
if len(origEmail) != 2 {
|
|
|
|
return &configFile, fmt.Errorf("Invalid Auth config file")
|
|
|
|
}
|
|
|
|
authConfig.Email = origEmail[1]
|
|
|
|
authConfig.ServerAddress = DEFAULT_INDEXSERVER
|
|
|
|
configFile.AuthConfigs[DEFAULT_INDEXSERVER] = authConfig
|
|
|
|
} else {
|
|
|
|
for k, authConfig := range configFile.AuthConfigs {
|
|
|
|
authConfig.Username, authConfig.Password, err = DecodeAuth(authConfig.Auth)
|
|
|
|
if err != nil {
|
|
|
|
return &configFile, err
|
|
|
|
}
|
|
|
|
authConfig.Auth = ""
|
|
|
|
authConfig.ServerAddress = k
|
|
|
|
configFile.AuthConfigs[k] = authConfig
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return &configFile, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (configFile *ConfigFile) Save() error {
|
|
|
|
// Encode sensitive data into a new/temp struct
|
|
|
|
tmpAuthConfigs := make(map[string]AuthConfig, len(configFile.AuthConfigs))
|
|
|
|
for k, authConfig := range configFile.AuthConfigs {
|
|
|
|
authCopy := authConfig
|
|
|
|
|
|
|
|
authCopy.Auth = EncodeAuth(&authCopy)
|
|
|
|
authCopy.Username = ""
|
|
|
|
authCopy.Password = ""
|
|
|
|
authCopy.ServerAddress = ""
|
|
|
|
tmpAuthConfigs[k] = authCopy
|
|
|
|
}
|
|
|
|
|
|
|
|
saveAuthConfigs := configFile.AuthConfigs
|
|
|
|
configFile.AuthConfigs = tmpAuthConfigs
|
|
|
|
defer func() { configFile.AuthConfigs = saveAuthConfigs }()
|
|
|
|
|
|
|
|
data, err := json.MarshalIndent(configFile, "", "\t")
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2015-06-11 14:29:29 -04:00
|
|
|
if err := system.MkdirAll(filepath.Dir(configFile.filename), 0700); err != nil {
|
2015-04-22 08:06:58 -04:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2015-04-26 12:50:25 -04:00
|
|
|
if err := ioutil.WriteFile(configFile.filename, data, 0600); err != nil {
|
2015-04-22 08:06:58 -04:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (config *ConfigFile) Filename() string {
|
|
|
|
return config.filename
|
|
|
|
}
|
|
|
|
|
|
|
|
// create a base64 encoded auth string to store in config
|
|
|
|
func EncodeAuth(authConfig *AuthConfig) string {
|
|
|
|
authStr := authConfig.Username + ":" + authConfig.Password
|
|
|
|
msg := []byte(authStr)
|
|
|
|
encoded := make([]byte, base64.StdEncoding.EncodedLen(len(msg)))
|
|
|
|
base64.StdEncoding.Encode(encoded, msg)
|
|
|
|
return string(encoded)
|
|
|
|
}
|
|
|
|
|
|
|
|
// decode the auth string
|
|
|
|
func DecodeAuth(authStr string) (string, string, error) {
|
|
|
|
decLen := base64.StdEncoding.DecodedLen(len(authStr))
|
|
|
|
decoded := make([]byte, decLen)
|
|
|
|
authByte := []byte(authStr)
|
|
|
|
n, err := base64.StdEncoding.Decode(decoded, authByte)
|
|
|
|
if err != nil {
|
|
|
|
return "", "", err
|
|
|
|
}
|
|
|
|
if n > decLen {
|
|
|
|
return "", "", fmt.Errorf("Something went wrong decoding auth config")
|
|
|
|
}
|
|
|
|
arr := strings.SplitN(string(decoded), ":", 2)
|
|
|
|
if len(arr) != 2 {
|
|
|
|
return "", "", fmt.Errorf("Invalid auth configuration file")
|
|
|
|
}
|
|
|
|
password := strings.Trim(arr[1], "\x00")
|
|
|
|
return arr[0], password, nil
|
|
|
|
}
|