opts/hosts.go
package opts // import "github.com/docker/docker/opts"
import (
"net"
"net/url"
"path/filepath"
"strconv"
"strings"
"github.com/docker/docker/pkg/homedir"
"github.com/pkg/errors"
)
const (
// DefaultHTTPPort Default HTTP Port used if only the protocol is provided to -H flag e.g. dockerd -H tcp://
// These are the IANA registered port numbers for use with Docker
// see http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=docker
DefaultHTTPPort = 2375 // Default HTTP Port
// DefaultTLSHTTPPort Default HTTP Port used when TLS enabled
DefaultTLSHTTPPort = 2376 // Default TLS encrypted HTTP Port
// DefaultUnixSocket Path for the unix socket.
// Docker daemon by default always listens on the default unix socket
DefaultUnixSocket = "/var/run/docker.sock"
// DefaultTCPHost constant defines the default host string used by docker on Windows
DefaultTCPHost = "tcp://" + DefaultHTTPHost + ":2375"
// DefaultTLSHost constant defines the default host string used by docker for TLS sockets
DefaultTLSHost = "tcp://" + DefaultHTTPHost + ":2376"
// DefaultNamedPipe defines the default named pipe used by docker on Windows
DefaultNamedPipe = `//./pipe/docker_engine`
// HostGatewayName is the string value that can be passed
// to the IPAddr section in --add-host that is replaced by
// the value of HostGatewayIP daemon config value
HostGatewayName = "host-gateway"
)
// ValidateHost validates that the specified string is a valid host and returns it.
func ValidateHost(val string) (string, error) {
host := strings.TrimSpace(val)
// The empty string means default and is not handled by parseDaemonHost
if host != "" {
_, err := parseDaemonHost(host)
if err != nil {
return val, err
}
}
// Note: unlike most flag validators, we don't return the mutated value here
// we need to know what the user entered later (using ParseHost) to adjust for TLS
return val, nil
}
// ParseHost and set defaults for a Daemon host string.
// defaultToTLS is preferred over defaultToUnixXDG.
func ParseHost(defaultToTLS, defaultToUnixXDG bool, val string) (string, error) {
host := strings.TrimSpace(val)
if host == "" {
if defaultToTLS {
host = DefaultTLSHost
} else if defaultToUnixXDG {
runtimeDir, err := homedir.GetRuntimeDir()
if err != nil {
return "", err
}
host = "unix://" + filepath.Join(runtimeDir, "docker.sock")
} else {
host = DefaultHost
}
} else {
var err error
host, err = parseDaemonHost(host)
if err != nil {
return val, err
}
}
return host, nil
}
// parseDaemonHost parses the specified address and returns an address that will be used as the host.
// Depending on the address specified, this may return one of the global Default* strings defined in hosts.go.
func parseDaemonHost(address string) (string, error) {
proto, addr, ok := strings.Cut(address, "://")
if !ok && proto != "" {
addr = proto
proto = "tcp"
}
switch proto {
case "tcp":
return ParseTCPAddr(address, DefaultTCPHost)
case "unix":
a, err := parseSimpleProtoAddr(proto, addr, DefaultUnixSocket)
if err != nil {
return "", errors.Wrapf(err, "invalid bind address (%s)", address)
}
return a, nil
case "npipe":
a, err := parseSimpleProtoAddr(proto, addr, DefaultNamedPipe)
if err != nil {
return "", errors.Wrapf(err, "invalid bind address (%s)", address)
}
return a, nil
case "fd":
return address, nil
default:
return "", errors.Errorf("invalid bind address (%s): unsupported proto '%s'", address, proto)
}
}
// parseSimpleProtoAddr parses and validates that the specified address is a valid
// socket address for simple protocols like unix and npipe. It returns a formatted
// socket address, either using the address parsed from addr, or the contents of
// defaultAddr if addr is a blank string.
func parseSimpleProtoAddr(proto, addr, defaultAddr string) (string, error) {
if strings.Contains(addr, "://") {
return "", errors.Errorf("invalid %s address: %s", proto, addr)
}
if addr == "" {
addr = defaultAddr
}
return proto + "://" + addr, nil
}
// ParseTCPAddr parses and validates that the specified address is a valid TCP
// address. It returns a formatted TCP address, either using the address parsed
// from tryAddr, or the contents of defaultAddr if tryAddr is a blank string.
// tryAddr is expected to have already been Trim()'d
// defaultAddr must be in the full `tcp://host:port` form
func ParseTCPAddr(tryAddr string, defaultAddr string) (string, error) {
def, err := parseTCPAddr(defaultAddr, true)
if err != nil {
return "", errors.Wrapf(err, "invalid default address (%s)", defaultAddr)
}
addr, err := parseTCPAddr(tryAddr, false)
if err != nil {
return "", errors.Wrapf(err, "invalid bind address (%s)", tryAddr)
}
host := addr.Hostname()
if host == "" {
host = def.Hostname()
}
port := addr.Port()
if port == "" {
port = def.Port()
}
return "tcp://" + net.JoinHostPort(host, port), nil
}
// parseTCPAddr parses the given addr and validates if it is in the expected
// format. If strict is enabled, the address must contain a scheme (tcp://),
// a host (or IP-address) and a port number.
func parseTCPAddr(address string, strict bool) (*url.URL, error) {
if !strict && !strings.Contains(address, "://") {
address = "tcp://" + address
}
parsedURL, err := url.Parse(address)
if err != nil {
return nil, err
}
if parsedURL.Scheme != "tcp" {
return nil, errors.Errorf("unsupported proto '%s'", parsedURL.Scheme)
}
if parsedURL.Path != "" {
return nil, errors.New("should not contain a path element")
}
if strict && parsedURL.Host == "" {
return nil, errors.New("no host or IP address")
}
if parsedURL.Port() != "" || strict {
if p, err := strconv.Atoi(parsedURL.Port()); err != nil || p == 0 {
return nil, errors.Errorf("invalid port: %s", parsedURL.Port())
}
}
return parsedURL, nil
}
// ValidateExtraHost validates that the specified string is a valid extrahost and returns it.
// ExtraHost is in the form of name:ip where the ip has to be a valid ip (IPv4 or IPv6).
func ValidateExtraHost(val string) (string, error) {
// allow for IPv6 addresses in extra hosts by only splitting on first ":"
name, ip, ok := strings.Cut(val, ":")
if !ok || name == "" {
return "", errors.Errorf("bad format for add-host: %q", val)
}
// Skip IPaddr validation for special "host-gateway" string
if ip != HostGatewayName {
if _, err := ValidateIPAddress(ip); err != nil {
return "", errors.Errorf("invalid IP address in add-host: %q", ip)
}
}
return val, nil
}