[1.17.0-rc1] Package owned by a private owner can be retrieved without authentication

[a1ex4]

Description

I upload a package using a curl command following the docs with my private account, I retrieve the package direct link using the Web UI. Then using this link with a browser private window I can download the package without any authentication.

Here are the container logs showing a 401 followed by a 200 and successful download:

2022/06/22 21:26:06 [62b388ee] router: completed GET /api/packages/owner/generic/package/version/package.bin for 172.18.0.23:55060, 401 Unauthorized in 2.2ms @ packages/api.go:31(packages.reqPackageAccess)
2022/06/22 21:26:06 [62b388ee-2] router: completed GET /api/packages/owner/generic/package/version/package.bin for 172.18.0.23:55062, 200 OK in 59.5ms @ generic/generic.go:34(generic.DownloadPackageFile)

Gitea Version

1.17.0-rc1

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

No response

Screenshots

No response

Git Version

No response

Operating System

No response

How are you running Gitea?

Docker with latest tag

Database

No response

[KN4CK3R]

Tested again and works as intended.

Your browser/client has saved credentials it uses for the second request. Otherwise there would be no second request.

// public profile
[62b43734] router: completed GET /api/packages/KN4CK3R/generic/test/0.1.0/test.tgz for 172.17.0.1:36910, 200 OK in 15.5ms @ generic/generic.go:34(generic.DownloadPackageFile)
// private profile
[62b43742] router: completed GET /api/packages/KN4CK3R/generic/test/0.1.0/test.tgz for 172.17.0.1:36910, 401 Unauthorized in 0.4ms @ packages/api.go:31(packages.reqPackageAccess)
[62b43745] router: completed GET /api/packages/KN4CK3R/generic/test/0.1.0/test.tgz for 172.17.0.1:36910, 401 Unauthorized in 0.4ms @ packages/api.go:31(packages.reqPackageAccess)

[kolaente]

I was able to docker pull a docker image belonging to a private repository without authenticating. Also the package shows up under the "Packages" section of the organization. Is this intended behaviour?

Edit: maybe related to #19583

[KN4CK3R]

If you have read access to the owner you can read the packages. The repository is irrelevant for the access check.

[davidhiendl]

I can confirm this issue still exists. I just build and pushed a docker image to a private repository and then was able to pull the package from a 2nd host without any logins.

[KN4CK3R]

Still works for me. User kn4ck3r is private in the example:

$> docker pull alpine
Using default tag: latest
latest: Pulling from library/alpine
213ec9aee27d: Pull complete
Digest: sha256:bc41182d7ef5ffc53a40b044e725193bc10142a1243f395ee852a8d9730fc2ad
Status: Downloaded newer image for alpine:latest
docker.io/library/alpine:latest

$> docker tag alpine:latest host.docker.internal:3000/kn4ck3r/alpine:latest

$> docker push host.docker.internal:3000/kn4ck3r/alpine:latest
The push refers to repository [host.docker.internal:3000/kn4ck3r/alpine]
994393dc58e7: Preparing
unauthorized: authentication required

$> docker login host.docker.internal:3000
Username: KN4CK3R
Password:
Login Succeeded

$> docker push host.docker.internal:3000/kn4ck3r/alpine:latest
The push refers to repository [host.docker.internal:3000/kn4ck3r/alpine]
994393dc58e7: Pushed
latest: digest: sha256:1304f174557314a7ed9eddb4eab12fed12cb0cd9809e4c28f29af86979a3c870 size: 528

$> docker image rm alpine:latest
Untagged: alpine:latest
Untagged: alpine@sha256:bc41182d7ef5ffc53a40b044e725193bc10142a1243f395ee852a8d9730fc2ad

$> docker image rm host.docker.internal:3000/kn4ck3r/alpine:latest
Untagged: host.docker.internal:3000/kn4ck3r/alpine:latest
Untagged: host.docker.internal:3000/kn4ck3r/alpine@sha256:1304f174557314a7ed9eddb4eab12fed12cb0cd9809e4c28f29af86979a3c870
Deleted: sha256:9c6f0724472873bb50a2ae67a9e7adcb57673a183cea8b06eb778dca859181b5
Deleted: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7

$> docker logout host.docker.internal:3000
Removing login credentials for host.docker.internal:3000

$> docker pull host.docker.internal:3000/kn4ck3r/alpine:latest
Error response from daemon: unauthorized: authentication required

$> docker login host.docker.internal:3000
Username: KN4CK3R
Password:
Login Succeeded

$> docker pull host.docker.internal:3000/kn4ck3r/alpine:latest
latest: Pulling from kn4ck3r/alpine
213ec9aee27d: Pull complete
Digest: sha256:1304f174557314a7ed9eddb4eab12fed12cb0cd9809e4c28f29af86979a3c870
Status: Downloaded newer image for host.docker.internal:3000/kn4ck3r/alpine:latest
host.docker.internal:3000/kn4ck3r/alpine:latest

[wxiaoguang]

Hello, this issue has been inactive for more than 2 weeks. Feel free to re-open with a reproducible setup (eg: docker compose, detailed operation commands, like above) if there is still a problem.

[sandstormkeshav]

I am also able to pull packages that are in a private repo without any authentication.

[wxiaoguang]

Can you provide a reproducible setup (eg: docker compose, detailed operation commands, like above)?

[sandstormkeshav]

Can you provide a reproducible setup (eg: docker compose, detailed operation commands, like above)?

Here is an example with me running the same commands as above.

root@drone:~# docker pull alpine
Using default tag: latest
latest: Pulling from library/alpine
213ec9aee27d: Pull complete 
Digest: sha256:bc41182d7ef5ffc53a40b044e725193bc10142a1243f395ee852a8d9730fc2ad
Status: Downloaded newer image for alpine:latest
docker.io/library/alpine:latest
root@drone:~# docker tag alpine:latest git.mydomain.com/sandstormkeshav/alpine:latest
root@drone:~# docker push git.mydomain.com/sandstormkeshav/alpine:latest
The push refers to repository [git.mydomain.com/sandstormkeshav/alpine]
994393dc58e7: Preparing 
unauthorized: authentication required
root@drone:~# docker login git.mydomain.com
Username: sandstormkeshav
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
root@drone:~# docker push git.mydomain.com/sandstormkeshav/alpine:latest
The push refers to repository [git.mydomain.com/sandstormkeshav/alpine]
994393dc58e7: Pushed 
latest: digest: sha256:1304f174557314a7ed9eddb4eab12fed12cb0cd9809e4c28f29af86979a3c870 size: 528
root@drone:~# docker image rm alpine:latest 
Untagged: alpine:latest
Untagged: alpine@sha256:bc41182d7ef5ffc53a40b044e725193bc10142a1243f395ee852a8d9730fc2ad
root@drone:~# docker image rm git.mydomain.com/sandstormkeshav/alpine:latest 
Untagged: git.mydomain.com/sandstormkeshav/alpine:latest
Untagged: git.mydomain.com/sandstormkeshav/alpine@sha256:1304f174557314a7ed9eddb4eab12fed12cb0cd9809e4c28f29af86979a3c870
Deleted: sha256:9c6f0724472873bb50a2ae67a9e7adcb57673a183cea8b06eb778dca859181b5
Deleted: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7
root@drone:~# docker logout git.mydomain.com
Removing login credentials for git.mydomain.com
root@drone:~# docker pull git.mydomain.com/sandstormkeshav/alpine:latest
latest: Pulling from sandstormkeshav/alpine
213ec9aee27d: Pull complete 
Digest: sha256:1304f174557314a7ed9eddb4eab12fed12cb0cd9809e4c28f29af86979a3c870
Status: Downloaded newer image for git.mydomain.com/sandstormkeshav/alpine:latest
git.mydomain.com/sandstormkeshav/alpine:latest

My docker run is as follows:
I do have a reverse proxy in the middle to add https but this is not a caching proxy.

docker run
  -d
  --name='Gitea'
  --net='bridge'
  -e TZ="America/Los_Angeles"
  -p '9378:3000/tcp'
  -p '9322:22/tcp'
  -v '/mnt/data/gitea':'/data':'rw' 'gitea/gitea:1' 

[wxiaoguang]

@KN4CK3R do you have time to take a look?

[KN4CK3R]

I take look later

[KN4CK3R]

I really don't know what's the problem here... Still works for me:

> docker pull alpine
Using default tag: latest
latest: Pulling from library/alpine
213ec9aee27d: Pull complete
Digest: sha256:bc41182d7ef5ffc53a40b044e725193bc10142a1243f395ee852a8d9730fc2ad
Status: Downloaded newer image for alpine:latest
docker.io/library/alpine:latest
> docker tag alpine gitea-dev.local-lan.li:3000/testorg/alpine:latest
> docker push gitea-dev.local-lan.li:3000/testorg/alpine:latest
The push refers to repository [gitea-dev.local-lan.li:3000/testorg/alpine]
994393dc58e7: Preparing
unauthorized: authentication required
> docker login gitea-dev.local-lan.li:3000
Username: KN4CK3R
Password:
Login Succeeded
> docker push gitea-dev.local-lan.li:3000/testorg/alpine:latest
The push refers to repository [gitea-dev.local-lan.li:3000/testorg/alpine]
994393dc58e7: Pushed
latest: digest: sha256:1304f174557314a7ed9eddb4eab12fed12cb0cd9809e4c28f29af86979a3c870 size: 528
> docker logout gitea-dev.local-lan.li:3000
Removing login credentials for gitea-dev.local-lan.li:3000
> docker image rm gitea-dev.local-lan.li:3000/testorg/alpine:latest
Untagged: gitea-dev.local-lan.li:3000/testorg/alpine:latest
Untagged: gitea-dev.local-lan.li:3000/testorg/alpine@sha256:1304f174557314a7ed9eddb4eab12fed12cb0cd9809e4c28f29af86979a3c870
> docker image rm alpine:latest
Untagged: alpine:latest
Untagged: alpine@sha256:bc41182d7ef5ffc53a40b044e725193bc10142a1243f395ee852a8d9730fc2ad
Deleted: sha256:9c6f0724472873bb50a2ae67a9e7adcb57673a183cea8b06eb778dca859181b5
Deleted: sha256:994393dc58e7931862558d06e46aa2bb17487044f670f310dffe1d24e4d1eec7
> docker pull gitea-dev.local-lan.li:3000/testorg/alpine:latest
Error response from daemon: unauthorized: authentication required

testorg is a private org.

@wxiaoguang Are you able to reproduce this?

[davidhiendl]

The interesting thing is I was having the issue on the 1.17.x release but I have been using the dev branch and now the 1.18.0-rc0 and the issue is not reproducible for me anymore either.

[KN4CK3R]

I have tested this now with 1.17.1-3 and every version responds with authentication required 🤷‍♂️

[sandstormkeshav]

I have tested this now with 1.17.1-3 and every version responds with authentication required 🤷‍♂️

I was able to confirm that authentication is required for pulling when using a private organization as you demonstrated above.
However I think the issue is if I have the user visibility set as public, but that user creates a private repository and links the packages to that repository, they still can be pulled without authentication

When setting the user visibility to private, auth is needed in order to pull packages. Is this the intended behavior that a public visibility user who has packages in a private repository can still pull packages without any authentication?

[KN4CK3R]

A linked repository is irrelevant for the package registry. It's just a way to visually link a package to a repo. Only the package owner visibility is considered. There is an open issue to add more fine granular access control.

[sandstormkeshav]

Understood! Thank you for explaining, since it is expected behavior I think we can close.