From c8fd65ea6aa8f8e252a52b1c2cc32dae2a9434d5 Mon Sep 17 00:00:00 2001
From: Matej Vasek <mvasek@redhat.com>
Date: Thu, 16 Sep 2021 00:36:13 +0200
Subject: fix inverted condition

[NO TESTS NEEDED]

Signed-off-by: Matej Vasek <mvasek@redhat.com>
---
 pkg/api/handlers/compat/images_push.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'pkg/api/handlers')

diff --git a/pkg/api/handlers/compat/images_push.go b/pkg/api/handlers/compat/images_push.go
index 07ff76819..8b6d3d56a 100644
--- a/pkg/api/handlers/compat/images_push.go
+++ b/pkg/api/handlers/compat/images_push.go
@@ -152,7 +152,7 @@ loop: // break out of for/select infinite loop
 		case err := <-pushErrChan:
 			if err != nil {
 				var msg string
-				if errors.Cause(err) != storage.ErrImageUnknown {
+				if errors.Is(err, storage.ErrImageUnknown) {
 					msg = "An image does not exist locally with the tag: " + imageName
 				} else {
 					msg = err.Error()
-- 
cgit v1.2.3-54-g00ecf


From 1a25a90a4ec01fb254b617a8350683cbf28c6ca5 Mon Sep 17 00:00:00 2001
From: Matej Vasek <mvasek@redhat.com>
Date: Wed, 15 Sep 2021 19:12:31 +0200
Subject: Fix /auth compat endpoint

Signed-off-by: Matej Vasek <mvasek@redhat.com>
---
 pkg/api/handlers/compat/auth.go | 16 +++++++++++++---
 test/apiv2/60-auth.at           |  9 +++++++--
 2 files changed, 20 insertions(+), 5 deletions(-)

(limited to 'pkg/api/handlers')

diff --git a/pkg/api/handlers/compat/auth.go b/pkg/api/handlers/compat/auth.go
index 2244adc3d..cf53e060c 100644
--- a/pkg/api/handlers/compat/auth.go
+++ b/pkg/api/handlers/compat/auth.go
@@ -50,9 +50,19 @@ func Auth(w http.ResponseWriter, r *http.Request) {
 			Status:        "Login Succeeded",
 		})
 	} else {
-		utils.WriteResponse(w, http.StatusBadRequest, entities.AuthReport{
-			IdentityToken: "",
-			Status:        "login attempt to " + authConfig.ServerAddress + " failed with status: " + err.Error(),
+		var msg string
+
+		var unauthErr DockerClient.ErrUnauthorizedForCredentials
+		if errors.As(err, &unauthErr) {
+			msg = "401 Unauthorized"
+		} else {
+			msg = err.Error()
+		}
+
+		utils.WriteResponse(w, http.StatusInternalServerError, struct {
+			Message string `json:"message"`
+		}{
+			Message: "login attempt to " + authConfig.ServerAddress + " failed with status: " + msg,
 		})
 	}
 }
diff --git a/test/apiv2/60-auth.at b/test/apiv2/60-auth.at
index cfde519c1..1e087d12b 100644
--- a/test/apiv2/60-auth.at
+++ b/test/apiv2/60-auth.at
@@ -5,10 +5,15 @@
 
 start_registry
 
+# Test unreachable
+t POST /v1.40/auth username=$REGISTRY_USERNAME password=WrOnGPassWord serveraddress=does.not.exist.io:1234/ \
+  500 \
+  .message~'.*no such host.*'
+
 # Test with wrong password. Confirm bad status and appropriate error message
 t POST /v1.40/auth username=$REGISTRY_USERNAME password=WrOnGPassWord serveraddress=localhost:$REGISTRY_PORT/ \
-  400 \
-  .Status~'.* invalid username/password'
+  500 \
+  .message~'.* 401 Unauthorized'
 
 # Test with the right password. Confirm status message
 t POST /v1.40/auth username=$REGISTRY_USERNAME password=$REGISTRY_PASSWORD serveraddress=localhost:$REGISTRY_PORT/ \
-- 
cgit v1.2.3-54-g00ecf


From 863ea75c4f29add42bfff517974c8b4f36925334 Mon Sep 17 00:00:00 2001
From: Paul Holzinger <pholzing@redhat.com>
Date: Mon, 20 Sep 2021 13:43:30 +0200
Subject: compat API: /images/json prefix image id with sha256

Docker adds the `sha256:` prefix to the image ID, so our compat endpoint
has to do this as well.

Fixes #11623

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
---
 pkg/api/handlers/types.go                       | 3 ++-
 test/apiv2/python/rest_api/test_v2_0_0_image.py | 5 +++++
 2 files changed, 7 insertions(+), 1 deletion(-)

(limited to 'pkg/api/handlers')

diff --git a/pkg/api/handlers/types.go b/pkg/api/handlers/types.go
index b82c586ea..fedab3bb3 100644
--- a/pkg/api/handlers/types.go
+++ b/pkg/api/handlers/types.go
@@ -183,7 +183,8 @@ func ImageToImageSummary(l *libimage.Image) (*entities.ImageSummary, error) {
 	}
 
 	is := entities.ImageSummary{
-		ID:           l.ID(),
+		// docker adds sha256: in front of the ID
+		ID:           "sha256:" + l.ID(),
 		ParentId:     imageData.Parent,
 		RepoTags:     imageData.RepoTags,
 		RepoDigests:  imageData.RepoDigests,
diff --git a/test/apiv2/python/rest_api/test_v2_0_0_image.py b/test/apiv2/python/rest_api/test_v2_0_0_image.py
index bcacaa935..58d03b149 100644
--- a/test/apiv2/python/rest_api/test_v2_0_0_image.py
+++ b/test/apiv2/python/rest_api/test_v2_0_0_image.py
@@ -32,6 +32,9 @@ class ImageTestCase(APITestCase):
             for k in required_keys:
                 self.assertIn(k, item)
 
+            # Id should be prefixed with sha256: (#11645)
+            self.assertIn("sha256:",item['Id'])
+
     def test_inspect(self):
         r = requests.get(self.podman_url + "/v1.40/images/alpine/json")
         self.assertEqual(r.status_code, 200, r.text)
@@ -59,6 +62,8 @@ class ImageTestCase(APITestCase):
         for item in required_keys:
             self.assertIn(item, image)
         _ = parse(image["Created"])
+        # Id should be prefixed with sha256: (#11645)
+        self.assertIn("sha256:",image['Id'])
 
     def test_delete(self):
         r = requests.delete(self.podman_url + "/v1.40/images/alpine?force=true")
-- 
cgit v1.2.3-54-g00ecf