Pull with digest revision falls back to v1 registry

[nakedible-p]

Pulling via digest (e.g. docker pull registry@sha256:cafebabe...) has the added security verification that the pulled image (or manifest) must match the digest explicitly - having the benefit that if the digest is obtained via secure means, the registry can be untrusted as everything fetched is verified against the digest.

However, that behavior is limited to v2 registries. The current client will happily fall back to v1 registry and attempt to fetch a tag named sha256:cafebabe.... The normal registry code will not serve such an image, but a malicious registry might. This might allow a man-in-the-middle attacker to subvert the security of pulling with digest.

In short, there is no sense in falling back to v1 registry if the pull is being done with the digest format - the intention of the user is to get a verified image.

Alternatively - a command line option to disable v1 registry support altogether, or something similar, would also plug this security hole.

[GordonTheTurtle]

Hi!
If you are reporting a new issue (that does not have any duplicates already open) we would like to take this time to remind you of the information we need to debug the problem you are seeing. This is an automated response so if this ticket is not about a bug, do not fret.
Please see:
https://github.com/docker/docker/blob/master/CONTRIBUTING.md#reporting-other-issues

Description of problem:


`docker version`:


`docker info`:


`uname -a`:


Environment details (AWS, VirtualBox, physical, etc.):


How reproducible:


Steps to Reproduce:
1.
2.
3.


Actual Results:


Expected Results:


Additional info:

#ENEEDMOREINFO

[stevvooe]

👍 This does indeed need to be fixed. There is no condition under which we should fallback to v1 when fetching by digest.