github/distribution
1
0
Fork 0
mirror of https://github.com/distribution/distribution.git synced 2025-09-05 17:01:06 +00:00
Code Issues Projects Releases Wiki Activity

Check PEM block type when reading token cert file

Browse Source 
closes #1909

Signed-off-by: Jason Heiss <jheiss@twosigma.com>
This commit is contained in:
Jason Heiss
2016-08-31 13:00:12 -04:00
parent 41f383fb9a
commit d04481e388
2 changed files with 60 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
registry/auth/token/accesscontroller.go
View File

@@ -176,12 +176,14 @@ func newAccessController(options map[string]interface{}) (auth.AccessController,
var rootCerts []*x509.Certificate
pemBlock, rawCertBundle := pem.Decode(rawCertBundle)
for pemBlock != nil {
cert, err := x509.ParseCertificate(pemBlock.Bytes)
if err != nil {
return nil, fmt.Errorf("unable to parse token auth root certificate: %s", err)
}
if pemBlock.Type == "CERTIFICATE" {
cert, err := x509.ParseCertificate(pemBlock.Bytes)
if err != nil {
return nil, fmt.Errorf("unable to parse token auth root certificate: %s", err)
}
rootCerts = append(rootCerts, cert)
rootCerts = append(rootCerts, cert)
}
pemBlock, rawCertBundle = pem.Decode(rawCertBundle)
}