mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
44a8e10bfc
AWS recently launched a new version of the EC2 Instance Metadata Service, which is used to provide credentials to the awslogs driver when running on Amazon EC2. This new version of the IMDS adds defense-in-depth mechanisms against open firewalls, reverse proxies, and SSRF vulnerabilities and is generally an improvement over the previous version. An updated version of the AWS SDK is able to handle the both the previous version and the new version of the IMDS and functions when either is enabled. More information about IMDSv2 is available at the following links: * https://aws.amazon.com/blogs/security/defense-in-depth-open-firewalls-reverse-proxies-ssrf-vulnerabilities-ec2-instance-metadata-service/ * https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html Closes https://github.com/moby/moby/issues/40422 Signed-off-by: Samuel Karp <skarp@amazon.com>
45 lines
962 B
Go
45 lines
962 B
Go
package ini
|
|
|
|
// skipper is used to skip certain blocks of an ini file.
|
|
// Currently skipper is used to skip nested blocks of ini
|
|
// files. See example below
|
|
//
|
|
// [ foo ]
|
|
// nested = ; this section will be skipped
|
|
// a=b
|
|
// c=d
|
|
// bar=baz ; this will be included
|
|
type skipper struct {
|
|
shouldSkip bool
|
|
TokenSet bool
|
|
prevTok Token
|
|
}
|
|
|
|
func newSkipper() skipper {
|
|
return skipper{
|
|
prevTok: emptyToken,
|
|
}
|
|
}
|
|
|
|
func (s *skipper) ShouldSkip(tok Token) bool {
|
|
// should skip state will be modified only if previous token was new line (NL);
|
|
// and the current token is not WhiteSpace (WS).
|
|
if s.shouldSkip &&
|
|
s.prevTok.Type() == TokenNL &&
|
|
tok.Type() != TokenWS {
|
|
s.Continue()
|
|
return false
|
|
}
|
|
s.prevTok = tok
|
|
return s.shouldSkip
|
|
}
|
|
|
|
func (s *skipper) Skip() {
|
|
s.shouldSkip = true
|
|
}
|
|
|
|
func (s *skipper) Continue() {
|
|
s.shouldSkip = false
|
|
// empty token is assigned as we return to default state, when should skip is false
|
|
s.prevTok = emptyToken
|
|
}
|