verify blob digest
This commit is contained in:
Michael Yang
parent
924ce739f9
commit
bf198c3918
1 changed files with 27 additions and 0 deletions
|
|
@ -623,6 +623,13 @@ func PullModel(name, username, password string, fn func(api.ProgressResponse)) e
|
|||
completed += layer.Size
|
||||
}
|
||||
|
||||
fn(api.ProgressResponse{Status: "verifying sha256 digest"})
|
||||
for _, layer := range layers {
|
||||
if err := verifyBlob(layer.Digest); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
fn(api.ProgressResponse{Status: "writing manifest"})
|
||||
|
||||
manifestJSON, err := json.Marshal(manifest)
|
||||
|
|
@ -917,3 +924,23 @@ func makeRequest(method, url string, headers map[string]string, body io.Reader,
|
|||
|
||||
return resp, nil
|
||||
}
|
||||
|
||||
func verifyBlob(digest string) error {
|
||||
fp, err := GetBlobsPath(digest)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
f, err := os.Open(fp)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
defer f.Close()
|
||||
|
||||
fileDigest, _ := GetSHA256Digest(f)
|
||||
if digest != fileDigest {
|
||||
return fmt.Errorf("digest mismatch: want %s, got %s", digest, fileDigest)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue