Fix bug for registry names with ports

Signed-off-by: Shiwei Zhang <shizh@microsoft.com>
notaryproject · Sep 1, 2020 · 3dc7623 · 3dc7623
1 parent d8bdff0
commit 3dc7623
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 4 deletions.
diff --git a/cmd/nv2/main.go b/cmd/nv2/main.go
@@ -13,7 +13,7 @@ func main() {
 	app := &cli.App{
 		Name:    "nv2",
 		Usage:   "Notary V2 - Prototype",
-		Version: "0.3.1",
+		Version: "0.3.2",
 		Authors: []*cli.Author{
 			{
 				Name:  "Shiwei Zhang",

diff --git a/pkg/signature/scheme.go b/pkg/signature/scheme.go
@@ -50,7 +50,7 @@ func (s *Scheme) SignRaw(signerID string, content []byte) (string, error) {
 
 	signed, sig, err := signer.Sign(EncodeSegment(content))
 	if err != nil {
-		return "", nil
+		return "", err
 	}
 
 	return strings.Join([]string{

diff --git a/pkg/signature/x509/verifier.go b/pkg/signature/x509/verifier.go
@@ -144,8 +144,10 @@ func verifyReferences(seg string, cert *x509.Certificate) error {
 	roots := x509.NewCertPool()
 	roots.AddCert(cert)
 	for _, reference := range claims.Manifest.References {
+		domain := strings.SplitN(reference, "/", 2)[0]
+		domain = strings.SplitN(domain, ":", 2)[0]
 		if _, err := cert.Verify(x509.VerifyOptions{
-			DNSName: strings.SplitN(reference, "/", 2)[0],
+			DNSName: domain,
 			Roots:   roots,
 		}); err != nil {
 			return err

diff --git a/pkg/tuf/local/verifier.go b/pkg/tuf/local/verifier.go
@@ -144,8 +144,10 @@ func verifyReferences(raw []byte, cert *x509.Certificate) error {
 	roots := x509.NewCertPool()
 	roots.AddCert(cert)
 	for reference := range targets.Targets {
+		domain := strings.SplitN(reference, "/", 2)[0]
+		domain = strings.SplitN(domain, ":", 2)[0]
 		if _, err := cert.Verify(x509.VerifyOptions{
-			DNSName: strings.SplitN(reference, "/", 2)[0],
+			DNSName: domain,
 			Roots:   roots,
 		}); err != nil {
 			return err