From f44eac49fae1b33e6ff4c6f42c5e7305caf22252 Mon Sep 17 00:00:00 2001
From: Sam Alba <sam.alba@gmail.com>
Date: Tue, 9 Jul 2013 11:30:12 -0700
Subject: [PATCH] Fixed potential security issue (never try http on official
 index when polling the endpoint). Also fixed local repos name when pulling
 index.docker.io/foo/bar

---
 registry/registry.go | 14 ++++++++++++--
 server.go            |  5 +++++
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/registry/registry.go b/registry/registry.go
index c458f616f8..2f225aed98 100644
--- a/registry/registry.go
+++ b/registry/registry.go
@@ -18,8 +18,14 @@ import (
 )
 
 var ErrAlreadyExists = errors.New("Image already exists")
+var ErrInvalidRepositoryName = errors.New("Invalid repository name (ex: \"registry.domain.tld/myrepos\")")
 
 func pingRegistryEndpoint(endpoint string) error {
+	if endpoint == auth.IndexServerAddress() {
+		// Skip the check, we now this one is valid
+		// (and we never want to fallback to http in case of error)
+		return nil
+	}
 	resp, err := http.Get(endpoint + "_ping")
 	if err != nil {
 		return err
@@ -56,16 +62,20 @@ func validateRepositoryName(repositoryName string) error {
 
 // Resolves a repository name to a endpoint + name
 func ResolveRepositoryName(reposName string) (string, string, error) {
+	if strings.Contains(reposName, "://") {
+		// It cannot contain a scheme!
+		return "", "", ErrInvalidRepositoryName
+	}
 	nameParts := strings.SplitN(reposName, "/", 2)
 	if !strings.Contains(nameParts[0], ".") {
 		// This is a Docker Index repos (ex: samalba/hipache or ubuntu)
 		err := validateRepositoryName(reposName)
-		return "https://index.docker.io/v1/", reposName, err
+		return auth.IndexServerAddress(), reposName, err
 	}
 	if len(nameParts) < 2 {
 		// There is a dot in repos name (and no registry address)
 		// Is it a Registry address without repos name?
-		return "", "", fmt.Errorf("Invalid repository name (ex: \"registry.domain.tld/myrepos\")")
+		return "", "", ErrInvalidRepositoryName
 	}
 	hostname := nameParts[0]
 	reposName = nameParts[1]
diff --git a/server.go b/server.go
index f535da6fc6..f1c0909516 100644
--- a/server.go
+++ b/server.go
@@ -485,6 +485,11 @@ func (srv *Server) ImagePull(localName string, tag string, out io.Writer, sf *ut
 		return err
 	}
 
+	if endpoint == auth.IndexServerAddress() {
+		// If pull "index.docker.io/foo/bar", it's stored locally under "foo/bar"
+		localName = remoteName
+	}
+
 	out = utils.NewWriteFlusher(out)
 	err = srv.pullRepository(r, out, localName, remoteName, tag, endpoint, sf)
 	if err != nil {