moby--moby

mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00

History

Aaron Lehmann 65370be888 Send push information to trust code out-of-band The trust code used to parse the console output of `docker push` to extract the digest, tag, and size information and determine what to sign. This is fragile and might give an attacker control over what gets signed if the attacker can find a way to influence what gets printed as part of the push output. This commit sends the push metadata out-of-band. It introduces an `Aux` field in JSONMessage that can carry application-specific data alongside progress updates. Instead of parsing formatted output, the client looks in this field to get the digest, size, and tag from the push. Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>		2016-01-08 10:57:50 -08:00
..
progress.go	Send push information to trust code out-of-band	2016-01-08 10:57:50 -08:00
progressreader.go
progressreader_test.go