| package opts // import "github.com/docker/docker/opts" |
| |
| import ( |
| "net" |
| "net/url" |
| "path/filepath" |
| "strconv" |
| "strings" |
| |
| "github.com/docker/docker/pkg/homedir" |
| "github.com/pkg/errors" |
| ) |
| |
| const ( |
| // DefaultHTTPPort Default HTTP Port used if only the protocol is provided to -H flag e.g. dockerd -H tcp:// |
| // These are the IANA registered port numbers for use with Docker |
| // see http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=docker |
| DefaultHTTPPort = 2375 // Default HTTP Port |
| // DefaultTLSHTTPPort Default HTTP Port used when TLS enabled |
| DefaultTLSHTTPPort = 2376 // Default TLS encrypted HTTP Port |
| // DefaultUnixSocket Path for the unix socket. |
| // Docker daemon by default always listens on the default unix socket |
| DefaultUnixSocket = "/var/run/docker.sock" |
| // DefaultTCPHost constant defines the default host string used by docker on Windows |
| DefaultTCPHost = "tcp://" + DefaultHTTPHost + ":2375" |
| // DefaultTLSHost constant defines the default host string used by docker for TLS sockets |
| DefaultTLSHost = "tcp://" + DefaultHTTPHost + ":2376" |
| // DefaultNamedPipe defines the default named pipe used by docker on Windows |
| DefaultNamedPipe = `//./pipe/docker_engine` |
| // HostGatewayName is the string value that can be passed |
| // to the IPAddr section in --add-host that is replaced by |
| // the value of HostGatewayIP daemon config value |
| HostGatewayName = "host-gateway" |
| ) |
| |
| // ValidateHost validates that the specified string is a valid host and returns it. |
| func ValidateHost(val string) (string, error) { |
| host := strings.TrimSpace(val) |
| // The empty string means default and is not handled by parseDaemonHost |
| if host != "" { |
| _, err := parseDaemonHost(host) |
| if err != nil { |
| return val, err |
| } |
| } |
| // Note: unlike most flag validators, we don't return the mutated value here |
| // we need to know what the user entered later (using ParseHost) to adjust for TLS |
| return val, nil |
| } |
| |
| // ParseHost and set defaults for a Daemon host string. |
| // defaultToTLS is preferred over defaultToUnixXDG. |
| func ParseHost(defaultToTLS, defaultToUnixXDG bool, val string) (string, error) { |
| host := strings.TrimSpace(val) |
| if host == "" { |
| if defaultToTLS { |
| host = DefaultTLSHost |
| } else if defaultToUnixXDG { |
| runtimeDir, err := homedir.GetRuntimeDir() |
| if err != nil { |
| return "", err |
| } |
| host = "unix://" + filepath.Join(runtimeDir, "docker.sock") |
| } else { |
| host = DefaultHost |
| } |
| } else { |
| var err error |
| host, err = parseDaemonHost(host) |
| if err != nil { |
| return val, err |
| } |
| } |
| return host, nil |
| } |
| |
| // parseDaemonHost parses the specified address and returns an address that will be used as the host. |
| // Depending on the address specified, this may return one of the global Default* strings defined in hosts.go. |
| func parseDaemonHost(address string) (string, error) { |
| proto, addr, ok := strings.Cut(address, "://") |
| if !ok && proto != "" { |
| addr = proto |
| proto = "tcp" |
| } |
| |
| switch proto { |
| case "tcp": |
| return ParseTCPAddr(address, DefaultTCPHost) |
| case "unix": |
| a, err := parseSimpleProtoAddr(proto, addr, DefaultUnixSocket) |
| if err != nil { |
| return "", errors.Wrapf(err, "invalid bind address (%s)", address) |
| } |
| return a, nil |
| case "npipe": |
| a, err := parseSimpleProtoAddr(proto, addr, DefaultNamedPipe) |
| if err != nil { |
| return "", errors.Wrapf(err, "invalid bind address (%s)", address) |
| } |
| return a, nil |
| case "fd": |
| return address, nil |
| default: |
| return "", errors.Errorf("invalid bind address (%s): unsupported proto '%s'", address, proto) |
| } |
| } |
| |
| // parseSimpleProtoAddr parses and validates that the specified address is a valid |
| // socket address for simple protocols like unix and npipe. It returns a formatted |
| // socket address, either using the address parsed from addr, or the contents of |
| // defaultAddr if addr is a blank string. |
| func parseSimpleProtoAddr(proto, addr, defaultAddr string) (string, error) { |
| if strings.Contains(addr, "://") { |
| return "", errors.Errorf("invalid %s address: %s", proto, addr) |
| } |
| if addr == "" { |
| addr = defaultAddr |
| } |
| return proto + "://" + addr, nil |
| } |
| |
| // ParseTCPAddr parses and validates that the specified address is a valid TCP |
| // address. It returns a formatted TCP address, either using the address parsed |
| // from tryAddr, or the contents of defaultAddr if tryAddr is a blank string. |
| // tryAddr is expected to have already been Trim()'d |
| // defaultAddr must be in the full `tcp://host:port` form |
| func ParseTCPAddr(tryAddr string, defaultAddr string) (string, error) { |
| def, err := parseTCPAddr(defaultAddr, true) |
| if err != nil { |
| return "", errors.Wrapf(err, "invalid default address (%s)", defaultAddr) |
| } |
| |
| addr, err := parseTCPAddr(tryAddr, false) |
| if err != nil { |
| return "", errors.Wrapf(err, "invalid bind address (%s)", tryAddr) |
| } |
| |
| host := addr.Hostname() |
| if host == "" { |
| host = def.Hostname() |
| } |
| port := addr.Port() |
| if port == "" { |
| port = def.Port() |
| } |
| |
| return "tcp://" + net.JoinHostPort(host, port), nil |
| } |
| |
| // parseTCPAddr parses the given addr and validates if it is in the expected |
| // format. If strict is enabled, the address must contain a scheme (tcp://), |
| // a host (or IP-address) and a port number. |
| func parseTCPAddr(address string, strict bool) (*url.URL, error) { |
| if !strict && !strings.Contains(address, "://") { |
| address = "tcp://" + address |
| } |
| parsedURL, err := url.Parse(address) |
| if err != nil { |
| return nil, err |
| } |
| if parsedURL.Scheme != "tcp" { |
| return nil, errors.Errorf("unsupported proto '%s'", parsedURL.Scheme) |
| } |
| if parsedURL.Path != "" { |
| return nil, errors.New("should not contain a path element") |
| } |
| if strict && parsedURL.Host == "" { |
| return nil, errors.New("no host or IP address") |
| } |
| if parsedURL.Port() != "" || strict { |
| if p, err := strconv.Atoi(parsedURL.Port()); err != nil || p == 0 { |
| return nil, errors.Errorf("invalid port: %s", parsedURL.Port()) |
| } |
| } |
| return parsedURL, nil |
| } |
| |
| // ValidateExtraHost validates that the specified string is a valid extrahost and returns it. |
| // ExtraHost is in the form of name:ip where the ip has to be a valid ip (IPv4 or IPv6). |
| func ValidateExtraHost(val string) (string, error) { |
| // allow for IPv6 addresses in extra hosts by only splitting on first ":" |
| name, ip, ok := strings.Cut(val, ":") |
| if !ok || name == "" { |
| return "", errors.Errorf("bad format for add-host: %q", val) |
| } |
| // Skip IPaddr validation for special "host-gateway" string |
| if ip != HostGatewayName { |
| if _, err := ValidateIPAddress(ip); err != nil { |
| return "", errors.Errorf("invalid IP address in add-host: %q", ip) |
| } |
| } |
| return val, nil |
| } |