mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
65370be888
The trust code used to parse the console output of `docker push` to extract the digest, tag, and size information and determine what to sign. This is fragile and might give an attacker control over what gets signed if the attacker can find a way to influence what gets printed as part of the push output. This commit sends the push metadata out-of-band. It introduces an `Aux` field in JSONMessage that can carry application-specific data alongside progress updates. Instead of parsing formatted output, the client looks in this field to get the digest, size, and tag from the push. Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
73 lines
2 KiB
Go
73 lines
2 KiB
Go
package progress
|
|
|
|
import (
|
|
"fmt"
|
|
)
|
|
|
|
// Progress represents the progress of a transfer.
|
|
type Progress struct {
|
|
ID string
|
|
|
|
// Progress contains a Message or...
|
|
Message string
|
|
|
|
// ...progress of an action
|
|
Action string
|
|
Current int64
|
|
Total int64
|
|
|
|
// Aux contains extra information not presented to the user, such as
|
|
// digests for push signing.
|
|
Aux interface{}
|
|
|
|
LastUpdate bool
|
|
}
|
|
|
|
// Output is an interface for writing progress information. It's
|
|
// like a writer for progress, but we don't call it Writer because
|
|
// that would be confusing next to ProgressReader (also, because it
|
|
// doesn't implement the io.Writer interface).
|
|
type Output interface {
|
|
WriteProgress(Progress) error
|
|
}
|
|
|
|
type chanOutput chan<- Progress
|
|
|
|
func (out chanOutput) WriteProgress(p Progress) error {
|
|
out <- p
|
|
return nil
|
|
}
|
|
|
|
// ChanOutput returns a Output that writes progress updates to the
|
|
// supplied channel.
|
|
func ChanOutput(progressChan chan<- Progress) Output {
|
|
return chanOutput(progressChan)
|
|
}
|
|
|
|
// Update is a convenience function to write a progress update to the channel.
|
|
func Update(out Output, id, action string) {
|
|
out.WriteProgress(Progress{ID: id, Action: action})
|
|
}
|
|
|
|
// Updatef is a convenience function to write a printf-formatted progress update
|
|
// to the channel.
|
|
func Updatef(out Output, id, format string, a ...interface{}) {
|
|
Update(out, id, fmt.Sprintf(format, a...))
|
|
}
|
|
|
|
// Message is a convenience function to write a progress message to the channel.
|
|
func Message(out Output, id, message string) {
|
|
out.WriteProgress(Progress{ID: id, Message: message})
|
|
}
|
|
|
|
// Messagef is a convenience function to write a printf-formatted progress
|
|
// message to the channel.
|
|
func Messagef(out Output, id, format string, a ...interface{}) {
|
|
Message(out, id, fmt.Sprintf(format, a...))
|
|
}
|
|
|
|
// Aux sends auxiliary information over a progress interface, which will not be
|
|
// formatted for the UI. This is used for things such as push signing.
|
|
func Aux(out Output, a interface{}) {
|
|
out.WriteProgress(Progress{Aux: a})
|
|
}
|