- Added a dummy hash for nonexistent users to prevent timing attacks.
- Updated test cases to include a nonexistent user scenario for better coverage.
- Introduced a global dummy hash variable to streamline authentication for nonexistent users.
- Updated the authentication logic to utilize the new dummy hash for improved consistency.
- Added support for overriding the dummy hash in the access controller for testing purposes.
- Updated the authentication logic to utilize the provided dummy hash during user authentication.
- Updated test cases to use `t.TempDir()` for creating temporary htpasswd files, enhancing test isolation and cleanup.
- Simplified file reading and error handling in the `TestCreateHtpasswdFile` function.
Co-authored-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: HexMix <32300164+mnixry@users.noreply.github.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
bind proxy-mode bearer realms to the upstream trust boundary before sending credentials, move challenge filtering behind the auth manager, and use golang.org/x/net/publicsuffix for registrable-domain handling.
When proxy TTL is set to 0, `NewRegistryPullThroughCache`
skips creating a `TTLExpirationScheduler`. When `Close()`
calls `pr.scheduler.Stop()`, it causes causing a nil pointer
dereference panic.
Signed-off-by: Joonas Bergius <joonas@defenseunicorns.com>
Since version 3.0.0, the response completed log line is no longer
present for HEAD requests to manifests that return 200.
The regression is caused by the implicit handling of manifest HEAD
responses that bypass the logging middleware when returning from
`GetManifest`.
This change ensures that the logging middleware handles responses for
manifest HEAD requests by explicitly writing `StatusOK` into the
response header before returning from `GetManifest`.
Closes: https://github.com/distribution/distribution/issues/4733
Signed-off-by: Thomas Cuthbert <tom.cuthbert@elastic.co>
The log message "Challenge established with upstream" was using
an incorrect format specifier (%s) when logging the challenge structs,
causing garbled output. This commit updates the format specifier to %+v
and removes the unnecessary challenge manager log. URLs are now
Redacted() to prevent leaking credentials.
Fixes: #4697
Co-authored-by: Sebastiaan van Stijn <thaJeztah@users.noreply.github.com>
Signed-off-by: Sumedh Vats <sumedhvats2004@gmail.com>
The `TestGracefulShutdown` test was failing intermittently, especially
with stricter HTTP handling in newer Go versions (e.g., 1.25). This was
caused by sending an incomplete HTTP request in two separate writes,
creating a race condition where the server could shut down before
receiving the full request.
This commit fixes the test's flakiness by sending a single, complete,
and valid HTTP/1.1 request before triggering the shutdown. This ensures
the test accurately verifies the intended behavior: that a valid,
in-flight request is fully processed while new connections are rejected.
Fixes:#4696
Signed-off-by: Sumedh Vats <sumedhvats2004@gmail.com>
`configureRedis` currently sets `RequireAndVerifyClientCert` and `ClientCAs`, however these are server side mTLS configurations, and do not apply for the client initiating the handshake.
Since we never actually set client side `RootCAs`, connecting to Redis with a self-signed CA results in:
```
"error": "tls: failed to verify certificate: x509: certificate signed by unknown authority",
```
Fixed by switching Redis TLS config to use `RootCAs` instead, and updating configuration accordingly.
Signed-off-by: ChandonPierre <cpierre@coreweave.com>
When building for 386, we got the following build error:
registry/storage/driver/s3-aws/s3.go:312:99: cannot use
maxChunkSize (untyped int constant 5368709120) as int value
in argument to getParameterAsInteger (overflows)
This is because the s3_64bit.go is used. Adjust the build tag matching
in s3_32bit.go and s3_64bit.go to fix this issue.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>