docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,859 Commits 21 Branches 28 Tags 816 MiB
Commit Graph

37 Commits

Author SHA1 Message Date
Ying Li 04ec865b31 Update all the server validation and generation code to use the builder. 
This means that the server cannot accept any roots not signed by an
x509 key whose GUN doesn't match the GUN being updated.

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-04-27 10:58:58 -07:00
Ying Li 839a1d076f Add support for thresholds, which means signed.VerifyRoot needs to be have just like 
signed.VerifySignatures. So remove signed.VerifyRoot and just use signed.VerifySignatures
instead.  Also, to fix some tests, add an additional check for version when validating
metadata since versions can't be negative.

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-04-19 15:14:14 -07:00
Ying Li e8cdc32f0b Clean up after rebase and address review comments 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-03-23 13:24:52 -07:00
Ying Li 210eab829f Error (and add tests for this) if the root in the server store is corrupt 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-03-23 13:24:52 -07:00
Ying Li 3b80293a0c Add test cases generating a timestamp from previous timestamps 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-03-23 13:24:52 -07:00
Ying Li 433a298a8b Simplify the validateRoot logic in server validators 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-03-23 13:24:52 -07:00
Ying Li c0796f17ef Rename 'validateSnapshot' to 'loadAndValidateSnapshot' since it loads now 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-03-23 13:24:52 -07:00
Ying Li d3bb063fb2 Update the server to generate the timestamp on update, just like snapshot. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-03-23 13:24:52 -07:00
Ying Li 8768c12901 Return the creation date for GetChecksum and GetCurrent from the server database store. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-03-14 17:18:18 -07:00
Ying Li d45b9f86ef Fix mispelling of 'occur' 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-03-07 17:22:41 -08:00
Ying Li 314cfb9a17 Add targets metadata validation to the targets data structure 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-02-22 19:16:32 -08:00
David Lawrence 1db128778d completely removing KeyDB 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-02-16 21:11:13 -08:00
Riyaz Faizullabhoy b46391ee8f Remove RoleWithKeys 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-16 10:07:00 -08:00
Ying Li ac265186ee Rename repo.GetRole to repo.GetRoleWithNames and use the Keys data structure more. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-02-11 09:51:08 -08:00
Ying Li 3b3cc3f152 Update server handlers to pass the RoleWithKeys to signed.Verify instead of KeyDB. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-02-10 15:21:05 -08:00
Ying Li cf4b77b760 Revert "switching out to consistently use canonical json for all marshalling of TUF data" 
This reverts commit f417c834c4.

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-08 14:53:09 -08:00
David Lawrence d52dbde683 removing the ability to configure role names. It adds a lot of complexity without adding much value. If somebody wants custom role names they can implement it at the display level 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-07 17:38:05 -08:00
David Lawrence f417c834c4 switching out to consistently use canonical json for all marshalling of TUF data 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-06 11:15:27 -08:00
Riyaz Faizullabhoy dbb8c1065f use path instead of filepath to express TUF roles 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-04 16:23:02 -08:00
David Lawrence e0dd8c82bf removing TODO for delegated roles on server 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-16 22:00:58 -08:00
David Lawrence ad0582ae9c test that a child role gets removed from the update if it doesn't exist in the parent 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-16 19:27:04 -08:00
David Lawrence a27e4f7471 moving comment about sorting for clarity 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-16 16:44:12 -08:00
David Lawrence 38d2175087 tests for new validation code 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-16 15:06:48 -08:00
David Lawrence 63ecf5f92f server side delegations support in validation and snapshot generation 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-16 15:06:05 -08:00
David Lawrence 8bca542c17 restructuring validateUpdate to get rid of prepRepo 
removing attempt in server/snapshot/snapshot.go to regenerate
metadata for roles in snapshot.

Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-11 16:20:20 -08:00
Ying Li fb9afbc5d8 Server propogates validation failures in the 400 response. 
Previously, it just said that the update was invalid, but not why.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-09 15:10:17 -08:00
Ying Li 3aa13e6645 Move validation errors to tuf, since that is the expected server interface. 
Also make the validation errors serializable as JSON.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-09 14:04:44 -08:00
David Lawrence b0c7ef5b88 addressing @cyli's comments 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-07 12:55:09 -08:00
David Lawrence cae5940c70 generate snapshots server side 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-07 12:55:09 -08:00
David Lawrence c2c474b9c6 generalize notary server key storage to be able to handle any role, not just timestamps 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-03 11:25:45 -08:00
Ying Li 9c3d87d5eb When validating root.json on the server, timestamp threshold must be 1. 
This is because the server handles the timestamp key and timestamp signing.
So there can only ever be 1 key.  Thanks @mtrmac for pointing this out.

This change also refactors some of the test code somewhat.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-11-24 17:47:00 -05:00
Ying Li bd84f3cce1 Address review comments. 
Thanks @mtrmac!

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-11-24 13:55:15 -05:00
Ying Li 4f8c1a8ef4 Server check that the root.json's timestamp key ID is valid. 
If the client sends a root.json with an invalid timestamp key ID,
possibly because they are pushing an existing repo to a new server,
then the server should reject the update.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-11-18 00:57:40 -08:00
David Lawrence 2833a88292 adding gotuf to notary 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-10-27 16:36:06 -07:00
David Lawrence 8a996f417a updating godeps and notary for some syntax changes in gotuf brought on by golint 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-10-20 23:56:35 -07:00
David Lawrence 6616bed616 validation tests 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-08-06 17:38:37 -07:00
David Lawrence 0ece438313 server side validation during updates 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-08-05 14:00:07 -07:00