InTheForest/moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2026-01-11 18:51:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update authz plugin list on failure.

Browse Source 
When daemon fails to load an authz plugin, it should be removed from
the plugin list. Else the plugin is retried on every request and
response, resulting in undesired behavior (eg. daemon panic)

Signed-off-by: Anusha Ragunathan <anusha@docker.com>
This commit is contained in:
Anusha Ragunathan
2016-10-26 16:29:48 -07:00
parent ff6db320f8
commit fae904af02
3 changed files with 32 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
pkg/authorization/middleware.go
View File

@@ -2,6 +2,7 @@ package authorization
import (
"net/http"
"strings"
"sync"
"github.com/Sirupsen/logrus"
@@ -59,6 +60,11 @@ func (m *Middleware) WrapHandler(handler func(ctx context.Context, w http.Respon
if err := authCtx.AuthZRequest(w, r); err != nil {
logrus.Errorf("AuthZRequest for %s %s returned error: %s", r.Method, r.RequestURI, err)
if strings.Contains(err.Error(), ErrInvalidPlugin.Error()) {
m.mu.Lock()
m.plugins = authCtx.plugins
m.mu.Unlock()
}
return err
}
@@ -72,6 +78,11 @@ func (m *Middleware) WrapHandler(handler func(ctx context.Context, w http.Respon
if err := authCtx.AuthZResponse(rw, r); errD == nil && err != nil {
logrus.Errorf("AuthZResponse for %s %s returned error: %s", r.Method, r.RequestURI, err)
if strings.Contains(err.Error(), ErrInvalidPlugin.Error()) {
m.mu.Lock()
m.plugins = authCtx.plugins
m.mu.Unlock()
}
return err
}