summaryrefslogtreecommitdiff
path: root/pkg/api/handlers/compat
diff options
context:
space:
mode:
authorJakub Guzik <jakubmguzik@gmail.com>2021-03-19 00:09:18 +0100
committerJakub Guzik <jakubmguzik@gmail.com>2021-03-19 00:09:29 +0100
commitaa2d6e6e6c7434058c4b1a46d4354391ed4d96d0 (patch)
treed52ba042d287135d4ca14f4619413316c9fea7e4 /pkg/api/handlers/compat
parent5d9b07096b49877608250c7d51e0ee35b9d502c7 (diff)
downloadpodman-aa2d6e6e6c7434058c4b1a46d4354391ed4d96d0.tar.gz
podman-aa2d6e6e6c7434058c4b1a46d4354391ed4d96d0.tar.bz2
podman-aa2d6e6e6c7434058c4b1a46d4354391ed4d96d0.zip
Fix volumes and networks list/prune filters in http api
This is the continuation work started in #9711. It turns out that list/prune commands for volumes in libpod/compat api have very dangerous error handling when broken filter input is supplied. Problem also affects network list/prune in libpod. This commit unifies filter handling across libpod/compat api and adds sanity apiv2 testcases. Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
Diffstat (limited to 'pkg/api/handlers/compat')
-rw-r--r--pkg/api/handlers/compat/events.go54
-rw-r--r--pkg/api/handlers/compat/networks.go26
-rw-r--r--pkg/api/handlers/compat/volumes.go27
3 files changed, 16 insertions, 91 deletions
diff --git a/pkg/api/handlers/compat/events.go b/pkg/api/handlers/compat/events.go
index 9e82831d7..dd0a9e7a9 100644
--- a/pkg/api/handlers/compat/events.go
+++ b/pkg/api/handlers/compat/events.go
@@ -1,69 +1,19 @@
package compat
import (
- "encoding/json"
- "fmt"
"net/http"
"github.com/containers/podman/v3/libpod"
"github.com/containers/podman/v3/libpod/events"
"github.com/containers/podman/v3/pkg/api/handlers/utils"
"github.com/containers/podman/v3/pkg/domain/entities"
+ "github.com/containers/podman/v3/pkg/util"
"github.com/gorilla/schema"
jsoniter "github.com/json-iterator/go"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
)
-// filtersFromRequests extracts the "filters" parameter from the specified
-// http.Request. The parameter can either be a `map[string][]string` as done
-// in new versions of Docker and libpod, or a `map[string]map[string]bool` as
-// done in older versions of Docker. We have to do a bit of Yoga to support
-// both - just as Docker does as well.
-//
-// Please refer to https://github.com/containers/podman/issues/6899 for some
-// background.
-func filtersFromRequest(r *http.Request) ([]string, error) {
- var (
- compatFilters map[string]map[string]bool
- filters map[string][]string
- libpodFilters []string
- raw []byte
- )
-
- if _, found := r.URL.Query()["filters"]; found {
- raw = []byte(r.Form.Get("filters"))
- } else if _, found := r.URL.Query()["Filters"]; found {
- raw = []byte(r.Form.Get("Filters"))
- } else {
- return []string{}, nil
- }
-
- // Backwards compat with older versions of Docker.
- if err := json.Unmarshal(raw, &compatFilters); err == nil {
- for filterKey, filterMap := range compatFilters {
- for filterValue, toAdd := range filterMap {
- if toAdd {
- libpodFilters = append(libpodFilters, fmt.Sprintf("%s=%s", filterKey, filterValue))
- }
- }
- }
- return libpodFilters, nil
- }
-
- if err := json.Unmarshal(raw, &filters); err != nil {
- return nil, err
- }
-
- for filterKey, filterSlice := range filters {
- for _, filterValue := range filterSlice {
- libpodFilters = append(libpodFilters, fmt.Sprintf("%s=%s", filterKey, filterValue))
- }
- }
-
- return libpodFilters, nil
-}
-
// NOTE: this endpoint serves both the docker-compatible one and the new libpod
// one.
func GetEvents(w http.ResponseWriter, r *http.Request) {
@@ -92,7 +42,7 @@ func GetEvents(w http.ResponseWriter, r *http.Request) {
fromStart = true
}
- libpodFilters, err := filtersFromRequest(r)
+ libpodFilters, err := util.FiltersFromRequest(r)
if err != nil {
utils.Error(w, "failed to parse parameters", http.StatusBadRequest, errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String()))
return
diff --git a/pkg/api/handlers/compat/networks.go b/pkg/api/handlers/compat/networks.go
index 7e06cad66..77ed548d8 100644
--- a/pkg/api/handlers/compat/networks.go
+++ b/pkg/api/handlers/compat/networks.go
@@ -17,6 +17,7 @@ import (
"github.com/containers/podman/v3/pkg/domain/entities"
"github.com/containers/podman/v3/pkg/domain/infra/abi"
networkid "github.com/containers/podman/v3/pkg/network"
+ "github.com/containers/podman/v3/pkg/util"
"github.com/docker/docker/api/types"
dockerNetwork "github.com/docker/docker/api/types/network"
"github.com/gorilla/schema"
@@ -181,18 +182,12 @@ func findPluginByName(plugins []*libcni.NetworkConfig, pluginType string) ([]byt
func ListNetworks(w http.ResponseWriter, r *http.Request) {
runtime := r.Context().Value("runtime").(*libpod.Runtime)
- filters, err := filtersFromRequest(r)
+ filterMap, err := util.PrepareFilters(r)
if err != nil {
- utils.Error(w, "Something went wrong.", http.StatusBadRequest, errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String()))
+ utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String()))
return
}
- filterMap := map[string][]string{}
- for _, filter := range filters {
- split := strings.SplitN(filter, "=", 2)
- if len(split) > 1 {
- filterMap[split[0]] = append(filterMap[split[0]], split[1])
- }
- }
+
config, err := runtime.GetConfig()
if err != nil {
utils.InternalServerError(w, err)
@@ -208,7 +203,7 @@ func ListNetworks(w http.ResponseWriter, r *http.Request) {
reports := []*types.NetworkResource{}
logrus.Debugf("netNames: %q", strings.Join(netNames, ", "))
for _, name := range netNames {
- report, err := getNetworkResourceByNameOrID(name, runtime, filterMap)
+ report, err := getNetworkResourceByNameOrID(name, runtime, *filterMap)
if err != nil {
utils.InternalServerError(w, err)
return
@@ -401,22 +396,15 @@ func Disconnect(w http.ResponseWriter, r *http.Request) {
// Prune removes unused networks
func Prune(w http.ResponseWriter, r *http.Request) {
runtime := r.Context().Value("runtime").(*libpod.Runtime)
- filters, err := filtersFromRequest(r)
+ filterMap, err := util.PrepareFilters(r)
if err != nil {
utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "Decode()"))
return
}
- filterMap := map[string][]string{}
- for _, filter := range filters {
- split := strings.SplitN(filter, "=", 2)
- if len(split) > 1 {
- filterMap[split[0]] = append(filterMap[split[0]], split[1])
- }
- }
ic := abi.ContainerEngine{Libpod: runtime}
pruneOptions := entities.NetworkPruneOptions{
- Filters: filterMap,
+ Filters: *filterMap,
}
pruneReports, err := ic.NetworkPrune(r.Context(), pruneOptions)
if err != nil {
diff --git a/pkg/api/handlers/compat/volumes.go b/pkg/api/handlers/compat/volumes.go
index d2febc615..42ece643b 100644
--- a/pkg/api/handlers/compat/volumes.go
+++ b/pkg/api/handlers/compat/volumes.go
@@ -5,7 +5,6 @@ import (
"encoding/json"
"net/http"
"net/url"
- "strings"
"time"
"github.com/containers/podman/v3/libpod"
@@ -14,6 +13,7 @@ import (
"github.com/containers/podman/v3/pkg/api/handlers/utils"
"github.com/containers/podman/v3/pkg/domain/filters"
"github.com/containers/podman/v3/pkg/domain/infra/abi/parse"
+ "github.com/containers/podman/v3/pkg/util"
docker_api_types "github.com/docker/docker/api/types"
docker_api_types_volume "github.com/docker/docker/api/types/volume"
"github.com/gorilla/schema"
@@ -22,16 +22,10 @@ import (
func ListVolumes(w http.ResponseWriter, r *http.Request) {
var (
- decoder = r.Context().Value("decoder").(*schema.Decoder)
runtime = r.Context().Value("runtime").(*libpod.Runtime)
)
- query := struct {
- Filters map[string][]string `schema:"filters"`
- }{
- // override any golang type defaults
- }
-
- if err := decoder.Decode(&query, r.URL.Query()); err != nil {
+ filtersMap, err := util.PrepareFilters(r)
+ if err != nil {
utils.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError,
errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String()))
return
@@ -39,14 +33,14 @@ func ListVolumes(w http.ResponseWriter, r *http.Request) {
// Reject any libpod specific filters since `GenerateVolumeFilters()` will
// happily parse them for us.
- for filter := range query.Filters {
+ for filter := range *filtersMap {
if filter == "opts" {
utils.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError,
errors.Errorf("unsupported libpod filters passed to docker endpoint"))
return
}
}
- volumeFilters, err := filters.GenerateVolumeFilters(query.Filters)
+ volumeFilters, err := filters.GenerateVolumeFilters(*filtersMap)
if err != nil {
utils.InternalServerError(w, err)
return
@@ -265,20 +259,13 @@ func PruneVolumes(w http.ResponseWriter, r *http.Request) {
var (
runtime = r.Context().Value("runtime").(*libpod.Runtime)
)
- filtersList, err := filtersFromRequest(r)
+ filterMap, err := util.PrepareFilters(r)
if err != nil {
utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "Decode()"))
return
}
- filterMap := map[string][]string{}
- for _, filter := range filtersList {
- split := strings.SplitN(filter, "=", 2)
- if len(split) > 1 {
- filterMap[split[0]] = append(filterMap[split[0]], split[1])
- }
- }
- f := (url.Values)(filterMap)
+ f := (url.Values)(*filterMap)
filterFuncs, err := filters.GenerateVolumeFilters(f)
if err != nil {
utils.Error(w, "Something when wrong.", http.StatusInternalServerError, errors.Wrapf(err, "failed to parse filters for %s", f.Encode()))