docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fixing bugs raised by @mtrmac 

Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
This commit is contained in:
David Lawrence 2015-12-09 11:00:04 -08:00
parent ec78a03045
commit 03aa3509bd
1 changed files with 14 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
server/snapshot/snapshot.go
View File

@ -58,7 +58,13 @@ func GetOrCreateSnapshot(gun string, store storage.MetaStore, cryptoService sign
logrus.Error("Failed to unmarshal existing snapshot") logrus.Error("Failed to unmarshal existing snapshot")
return nil, err return nil, err
} }
if !snapshotExpired(sn) && !contentExpired(gun, sn, store) {
// want to ensure we always execute both of these such that if snapExp == true,
// we update the meta in preparation for resigning
snapExp := snapshotExpired(sn)
contExp := contentExpired(gun, sn, store)
if !snapExp && !contExp {
return d, nil return d, nil
} }
} }
@ -96,14 +102,11 @@ func contentExpired(gun string, sn *data.SignedSnapshot, store storage.MetaStore
if err != nil { if err != nil {
return false return false
} }
roleExp, newHash := roleExpired(curr, meta) roleExp, newMeta := roleExpired(curr, meta)
if roleExp { if roleExp {
updatedMeta[role] = data.FileMeta{ updatedMeta[role] = newMeta
Length: int64(len(curr)), } else {
Hashes: data.Hashes{ updatedMeta[role] = meta
"sha256": newHash,
},
}
} }
expired = expired || roleExp expired = expired || roleExp
} }
@ -115,16 +118,16 @@ func contentExpired(gun string, sn *data.SignedSnapshot, store storage.MetaStore
// roleExpired checks if the content for a specific role differs from // roleExpired checks if the content for a specific role differs from
// the snapshot // the snapshot
func roleExpired(roleData []byte, meta data.FileMeta) (bool, []byte) { func roleExpired(roleData []byte, meta data.FileMeta) (bool, data.FileMeta) {
currMeta, err := data.NewFileMeta(bytes.NewReader(roleData), "sha256") currMeta, err := data.NewFileMeta(bytes.NewReader(roleData), "sha256")
if err != nil { if err != nil {
// if we can't generate FileMeta from the current roleData, we should // if we can't generate FileMeta from the current roleData, we should
// continue to serve the old role if it isn't time expired // continue to serve the old role if it isn't time expired
// because we won't be able to generate a new one. // because we won't be able to generate a new one.
return false, nil return false, data.FileMeta{}
} }
hash := currMeta.Hashes["sha256"] hash := currMeta.Hashes["sha256"]
return !bytes.Equal(hash, meta.Hashes["sha256"]), hash return !bytes.Equal(hash, meta.Hashes["sha256"]), currMeta
} }
// createSnapshot uses an existing snapshot to create a new one. // createSnapshot uses an existing snapshot to create a new one.