moby--moby

Commit Graph

Author	SHA1	Message	Date
Aaron Lehmann	257c59251b	Vendor updated version of docker/distribution This updates the vendored docker/distribution to the current master branch. Note the following changes: - The manifest package was split into manifest/schema1. Most references to the manifest package in the engine needed to be updated to use schema1 instead. - Validation functions in api/v2 were replaced by the distribution/reference package. The engine code has been updated to use the reference package for validation where necessary. A future PR will change the engine to use the types defined in distribution/reference more comprehensively. - The reference package explicitly allows double _ characters in repository names. registry_test.go was updated for this. - TestPullFailsWithAlteredManifest was corrupting the manifest JSON, now that the schema1 package unmarshals the correct payload. The test is being changed to modify the JSON without affecting its length, which allows the pull to succeed to the point where digest validation happens. Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>	2015-11-02 12:40:18 -08:00
Aaron Lehmann	011bfd666e	Unmarshal signed payload when pulling by digest Add a unit test for validateManifest which ensures extra data can't be injected by adding data to the JSON object outside the payload area. This also removes validation of legacy signatures at pull time. This starts the path of deprecating legacy signatures, whose presence in the very JSON document they attempt to sign is problematic. These signatures were only checked for official images, and since they only caused a weakly-worded message to be printed, removing the verification should not cause impact. Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>	2015-10-12 10:51:28 -07:00
Tonis Tiigi	504e67b867	Calculate hash based image IDs on pull Generate a hash chain involving the image configuration, layer digests, and parent image hashes. Use the digests to compute IDs for each image in a manifest, instead of using the remotely specified IDs. To avoid breaking users' caches, check for images already in the graph under old IDs, and avoid repulling an image if the version on disk under the legacy ID ends up with the same digest that was computed from the manifest for that image. When a calculated ID already exists in the graph but can't be verified, continue trying SHA256(digest) until a suitable ID is found. "save" and "load" are not changed to use a similar scheme. "load" will preserve the IDs present in the tar file. Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>	2015-10-12 10:51:28 -07:00

Author

SHA1

Message

Date

Aaron Lehmann

257c59251b

Vendor updated version of docker/distribution

This updates the vendored docker/distribution to the current master
branch.

Note the following changes:

- The manifest package was split into manifest/schema1. Most references
  to the manifest package in the engine needed to be updated to use
  schema1 instead.

- Validation functions in api/v2 were replaced by the
  distribution/reference package. The engine code has been updated to
  use the reference package for validation where necessary. A future PR
  will change the engine to use the types defined in
  distribution/reference more comprehensively.

- The reference package explicitly allows double _ characters in
  repository names. registry_test.go was updated for this.

- TestPullFailsWithAlteredManifest was corrupting the manifest JSON, now
  that the schema1 package unmarshals the correct payload. The test is
  being changed to modify the JSON without affecting its length, which
  allows the pull to succeed to the point where digest validation
  happens.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>

2015-11-02 12:40:18 -08:00

Aaron Lehmann

011bfd666e

Unmarshal signed payload when pulling by digest

Add a unit test for validateManifest which ensures extra data can't be
injected by adding data to the JSON object outside the payload area.

This also removes validation of legacy signatures at pull time. This
starts the path of deprecating legacy signatures, whose presence in the
very JSON document they attempt to sign is problematic.  These
signatures were only checked for official images, and since they only
caused a weakly-worded message to be printed, removing the verification
should not cause impact.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>

2015-10-12 10:51:28 -07:00

Tonis Tiigi

504e67b867

Calculate hash based image IDs on pull

Generate a hash chain involving the image configuration, layer digests,
and parent image hashes. Use the digests to compute IDs for each image
in a manifest, instead of using the remotely specified IDs.

To avoid breaking users' caches, check for images already in the graph
under old IDs, and avoid repulling an image if the version on disk under
the legacy ID ends up with the same digest that was computed from the
manifest for that image.

When a calculated ID already exists in the graph but can't be verified,
continue trying SHA256(digest) until a suitable ID is found.

"save" and "load" are not changed to use a similar scheme. "load" will
preserve the IDs present in the tar file.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>

2015-10-12 10:51:28 -07:00

3 Commits