opts/hosts.go - external/github.com/docker/cli - Git at Google

 package opts

 import (
 	"fmt"
 	"net"
 	"net/url"
 	"strconv"
 	"strings"
 )

 const (
 	// defaultHTTPPort Default HTTP Port used if only the protocol is provided to -H flag e.g. dockerd -H tcp://
 	// These are the IANA registered port numbers for use with Docker
 	// see http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=docker
 	defaultHTTPPort = "2375" // Default HTTP Port
 	// defaultTLSHTTPPort Default HTTP Port used when TLS enabled
 	defaultTLSHTTPPort = "2376" // Default TLS encrypted HTTP Port
 	// defaultUnixSocket Path for the unix socket.
 	// Docker daemon by default always listens on the default unix socket
 	defaultUnixSocket = "/var/run/docker.sock"
 	// defaultTCPHost constant defines the default host string used by docker on Windows
 	defaultTCPHost = "tcp://" + defaultHTTPHost + ":" + defaultHTTPPort
 	// DefaultTLSHost constant defines the default host string used by docker for TLS sockets
 	defaultTLSHost = "tcp://" + defaultHTTPHost + ":" + defaultTLSHTTPPort
 	// DefaultNamedPipe defines the default named pipe used by docker on Windows
 	defaultNamedPipe = `//./pipe/docker_engine`
 	// hostGatewayName defines a special string which users can append to --add-host
 	// to add an extra entry in /etc/hosts that maps host.docker.internal to the host IP
 	// TODO Consider moving the hostGatewayName constant defined in docker at
 	// github.com/docker/docker/daemon/network/constants.go outside of the "daemon"
 	// package, so that the CLI can consume it.
 	hostGatewayName = "host-gateway"
 )

 // ParseHost and set defaults for a Daemon host string
 func ParseHost(defaultToTLS bool, val string) (string, error) {
 	host := strings.TrimSpace(val)
 	if host == "" {
 		if defaultToTLS {
 			host = defaultTLSHost
 		} else {
 			host = defaultHost
 		}
 	} else {
 		var err error
 		host, err = parseDockerDaemonHost(host)
 		if err != nil {
 			return val, err
 		}
 	}
 	return host, nil
 }

 // parseDockerDaemonHost parses the specified address and returns an address that will be used as the host.
 // Depending of the address specified, this may return one of the global Default* strings defined in hosts.go.
 func parseDockerDaemonHost(addr string) (string, error) {
 	proto, host, hasProto := strings.Cut(addr, "://")
 	if !hasProto && proto != "" {
 		host = proto
 		proto = "tcp"
 	}

 	switch proto {
 	case "tcp":
 		return ParseTCPAddr(host, defaultTCPHost)
 	case "unix":
 		return parseSimpleProtoAddr(proto, host, defaultUnixSocket)
 	case "npipe":
 		return parseSimpleProtoAddr(proto, host, defaultNamedPipe)
 	case "fd":
 		return addr, nil
 	case "ssh":
 		return addr, nil
 	default:
 		return "", fmt.Errorf("invalid bind address format: %s", addr)
 	}
 }

 // parseSimpleProtoAddr parses and validates that the specified address is a valid
 // socket address for simple protocols like unix and npipe. It returns a formatted
 // socket address, either using the address parsed from addr, or the contents of
 // defaultAddr if addr is a blank string.
 func parseSimpleProtoAddr(proto, addr, defaultAddr string) (string, error) {
 	addr = strings.TrimPrefix(addr, proto+"://")
 	if strings.Contains(addr, "://") {
 		return "", fmt.Errorf("invalid proto, expected %s: %s", proto, addr)
 	}
 	if addr == "" {
 		addr = defaultAddr
 	}
 	return fmt.Sprintf("%s://%s", proto, addr), nil
 }

 // ParseTCPAddr parses and validates that the specified address is a valid TCP
 // address. It returns a formatted TCP address, either using the address parsed
 // from tryAddr, or the contents of defaultAddr if tryAddr is a blank string.
 // tryAddr is expected to have already been Trim()'d
 // defaultAddr must be in the full `tcp://host:port` form
 func ParseTCPAddr(tryAddr string, defaultAddr string) (string, error) {
 	if tryAddr == "" || tryAddr == "tcp://" {
 		return defaultAddr, nil
 	}
 	addr := strings.TrimPrefix(tryAddr, "tcp://")
 	if strings.Contains(addr, "://") || addr == "" {
 		return "", fmt.Errorf("invalid proto, expected tcp: %s", tryAddr)
 	}

 	defaultAddr = strings.TrimPrefix(defaultAddr, "tcp://")
 	defaultHost, defaultPort, err := net.SplitHostPort(defaultAddr)
 	if err != nil {
 		return "", err
 	}
 	// url.Parse fails for trailing colon on IPv6 brackets on Go 1.5, but
 	// not 1.4. See https://github.com/golang/go/issues/12200 and
 	// https://github.com/golang/go/issues/6530.
 	if strings.HasSuffix(addr, "]:") {
 		addr += defaultPort
 	}

 	u, err := url.Parse("tcp://" + addr)
 	if err != nil {
 		return "", err
 	}
 	host, port, err := net.SplitHostPort(u.Host)
 	if err != nil {
 		// try port addition once
 		host, port, err = net.SplitHostPort(net.JoinHostPort(u.Host, defaultPort))
 	}
 	if err != nil {
 		return "", fmt.Errorf("invalid bind address format: %s", tryAddr)
 	}

 	if host == "" {
 		host = defaultHost
 	}
 	if port == "" {
 		port = defaultPort
 	}
 	p, err := strconv.Atoi(port)
 	if err != nil && p == 0 {
 		return "", fmt.Errorf("invalid bind address format: %s", tryAddr)
 	}

 	return fmt.Sprintf("tcp://%s%s", net.JoinHostPort(host, port), u.Path), nil
 }

 // ValidateExtraHost validates that the specified string is a valid extrahost and
 // returns it. ExtraHost is in the form of name:ip or name=ip, where the ip has
 // to be a valid ip (IPv4 or IPv6). The address may be enclosed in square
 // brackets.
 //
 // For example:
 //
 //	my-hostname:127.0.0.1
 //	my-hostname:::1
 //	my-hostname=::1
 //	my-hostname:[::1]
 //
 // For compatibility with the API server, this function normalises the given
 // argument to use the ':' separator and strip square brackets enclosing the
 // address.
 func ValidateExtraHost(val string) (string, error) {
 	k, v, ok := strings.Cut(val, "=")
 	if !ok {
 		// allow for IPv6 addresses in extra hosts by only splitting on first ":"
 		k, v, ok = strings.Cut(val, ":")
 	}
 	// Check that a hostname was given, and that it doesn't contain a ":". (Colon
 	// isn't allowed in a hostname, along with many other characters. It's
 	// special-cased here because the API server doesn't know about '=' separators in
 	// '--add-host'. So, it'll split at the first colon and generate a strange error
 	// message.)
 	if !ok || k == "" || strings.Contains(k, ":") {
 		return "", fmt.Errorf("bad format for add-host: %q", val)
 	}
 	// Skip IPaddr validation for "host-gateway" string
 	if v != hostGatewayName {
 		// If the address is enclosed in square brackets, extract it (for IPv6, but
 		// permit it for IPv4 as well; we don't know the address family here, but it's
 		// unambiguous).
 		if len(v) > 2 && v[0] == '[' && v[len(v)-1] == ']' {
 			v = v[1 : len(v)-1]
 		}
 		// ValidateIPAddress returns the address in canonical form (for example,
 		// 0:0:0:0:0:0:0:1 -> ::1). But, stick with the original form, to avoid
 		// surprising a user who's expecting to see the address they supplied in the
 		// output of 'docker inspect' or '/etc/hosts'.
 		if _, err := ValidateIPAddress(v); err != nil {
 			return "", fmt.Errorf("invalid IP address in add-host: %q", v)
 		}
 	}
 	// This result is passed directly to the API, the daemon doesn't accept the '='
 	// separator or an address enclosed in brackets. So, construct something it can
 	// understand.
 	return k + ":" + v, nil
 }
	package opts

	import (
	"fmt"
	"net"
	"net/url"
	"strconv"
	"strings"
	)

	const (
	// defaultHTTPPort Default HTTP Port used if only the protocol is provided to -H flag e.g. dockerd -H tcp://
	// These are the IANA registered port numbers for use with Docker
	// see http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=docker
	defaultHTTPPort = "2375" // Default HTTP Port
	// defaultTLSHTTPPort Default HTTP Port used when TLS enabled
	defaultTLSHTTPPort = "2376" // Default TLS encrypted HTTP Port
	// defaultUnixSocket Path for the unix socket.
	// Docker daemon by default always listens on the default unix socket
	defaultUnixSocket = "/var/run/docker.sock"
	// defaultTCPHost constant defines the default host string used by docker on Windows
	defaultTCPHost = "tcp://" + defaultHTTPHost + ":" + defaultHTTPPort
	// DefaultTLSHost constant defines the default host string used by docker for TLS sockets
	defaultTLSHost = "tcp://" + defaultHTTPHost + ":" + defaultTLSHTTPPort
	// DefaultNamedPipe defines the default named pipe used by docker on Windows
	defaultNamedPipe = `//./pipe/docker_engine`
	// hostGatewayName defines a special string which users can append to --add-host
	// to add an extra entry in /etc/hosts that maps host.docker.internal to the host IP
	// TODO Consider moving the hostGatewayName constant defined in docker at
	// github.com/docker/docker/daemon/network/constants.go outside of the "daemon"
	// package, so that the CLI can consume it.
	hostGatewayName = "host-gateway"
	)

	// ParseHost and set defaults for a Daemon host string
	func ParseHost(defaultToTLS bool, val string) (string, error) {
	host := strings.TrimSpace(val)
	if host == "" {
	if defaultToTLS {
	host = defaultTLSHost
	} else {
	host = defaultHost
	}
	} else {
	var err error
	host, err = parseDockerDaemonHost(host)
	if err != nil {
	return val, err
	}
	}
	return host, nil
	}

	// parseDockerDaemonHost parses the specified address and returns an address that will be used as the host.
	// Depending of the address specified, this may return one of the global Default* strings defined in hosts.go.
	func parseDockerDaemonHost(addr string) (string, error) {
	proto, host, hasProto := strings.Cut(addr, "://")
	if !hasProto && proto != "" {
	host = proto
	proto = "tcp"
	}

	switch proto {
	case "tcp":
	return ParseTCPAddr(host, defaultTCPHost)
	case "unix":
	return parseSimpleProtoAddr(proto, host, defaultUnixSocket)
	case "npipe":
	return parseSimpleProtoAddr(proto, host, defaultNamedPipe)
	case "fd":
	return addr, nil
	case "ssh":
	return addr, nil
	default:
	return "", fmt.Errorf("invalid bind address format: %s", addr)
	}
	}

	// parseSimpleProtoAddr parses and validates that the specified address is a valid
	// socket address for simple protocols like unix and npipe. It returns a formatted
	// socket address, either using the address parsed from addr, or the contents of
	// defaultAddr if addr is a blank string.
	func parseSimpleProtoAddr(proto, addr, defaultAddr string) (string, error) {
	addr = strings.TrimPrefix(addr, proto+"://")
	if strings.Contains(addr, "://") {
	return "", fmt.Errorf("invalid proto, expected %s: %s", proto, addr)
	}
	if addr == "" {
	addr = defaultAddr
	}
	return fmt.Sprintf("%s://%s", proto, addr), nil
	}

	// ParseTCPAddr parses and validates that the specified address is a valid TCP
	// address. It returns a formatted TCP address, either using the address parsed
	// from tryAddr, or the contents of defaultAddr if tryAddr is a blank string.
	// tryAddr is expected to have already been Trim()'d
	// defaultAddr must be in the full `tcp://host:port` form
	func ParseTCPAddr(tryAddr string, defaultAddr string) (string, error) {
	if tryAddr == "" \|\| tryAddr == "tcp://" {
	return defaultAddr, nil
	}
	addr := strings.TrimPrefix(tryAddr, "tcp://")
	if strings.Contains(addr, "://") \|\| addr == "" {
	return "", fmt.Errorf("invalid proto, expected tcp: %s", tryAddr)
	}

	defaultAddr = strings.TrimPrefix(defaultAddr, "tcp://")
	defaultHost, defaultPort, err := net.SplitHostPort(defaultAddr)
	if err != nil {
	return "", err
	}
	// url.Parse fails for trailing colon on IPv6 brackets on Go 1.5, but
	// not 1.4. See https://github.com/golang/go/issues/12200 and
	// https://github.com/golang/go/issues/6530.
	if strings.HasSuffix(addr, "]:") {
	addr += defaultPort
	}

	u, err := url.Parse("tcp://" + addr)
	if err != nil {
	return "", err
	}
	host, port, err := net.SplitHostPort(u.Host)
	if err != nil {
	// try port addition once
	host, port, err = net.SplitHostPort(net.JoinHostPort(u.Host, defaultPort))
	}
	if err != nil {
	return "", fmt.Errorf("invalid bind address format: %s", tryAddr)
	}

	if host == "" {
	host = defaultHost
	}
	if port == "" {
	port = defaultPort
	}
	p, err := strconv.Atoi(port)
	if err != nil && p == 0 {
	return "", fmt.Errorf("invalid bind address format: %s", tryAddr)
	}

	return fmt.Sprintf("tcp://%s%s", net.JoinHostPort(host, port), u.Path), nil
	}

	// ValidateExtraHost validates that the specified string is a valid extrahost and
	// returns it. ExtraHost is in the form of name:ip or name=ip, where the ip has
	// to be a valid ip (IPv4 or IPv6). The address may be enclosed in square
	// brackets.
	//
	// For example:
	//
	// my-hostname:127.0.0.1
	// my-hostname:::1
	// my-hostname=::1
	// my-hostname:[::1]
	//
	// For compatibility with the API server, this function normalises the given
	// argument to use the ':' separator and strip square brackets enclosing the
	// address.
	func ValidateExtraHost(val string) (string, error) {
	k, v, ok := strings.Cut(val, "=")
	if !ok {
	// allow for IPv6 addresses in extra hosts by only splitting on first ":"
	k, v, ok = strings.Cut(val, ":")
	}
	// Check that a hostname was given, and that it doesn't contain a ":". (Colon
	// isn't allowed in a hostname, along with many other characters. It's
	// special-cased here because the API server doesn't know about '=' separators in
	// '--add-host'. So, it'll split at the first colon and generate a strange error
	// message.)
	if !ok \|\| k == "" \|\| strings.Contains(k, ":") {
	return "", fmt.Errorf("bad format for add-host: %q", val)
	}
	// Skip IPaddr validation for "host-gateway" string
	if v != hostGatewayName {
	// If the address is enclosed in square brackets, extract it (for IPv6, but
	// permit it for IPv4 as well; we don't know the address family here, but it's
	// unambiguous).
	if len(v) > 2 && v[0] == '[' && v[len(v)-1] == ']' {
	v = v[1 : len(v)-1]
	}
	// ValidateIPAddress returns the address in canonical form (for example,
	// 0:0:0:0:0:0:0:1 -> ::1). But, stick with the original form, to avoid
	// surprising a user who's expecting to see the address they supplied in the
	// output of 'docker inspect' or '/etc/hosts'.
	if _, err := ValidateIPAddress(v); err != nil {
	return "", fmt.Errorf("invalid IP address in add-host: %q", v)
	}
	}
	// This result is passed directly to the API, the daemon doesn't accept the '='
	// separator or an address enclosed in brackets. So, construct something it can
	// understand.
	return k + ":" + v, nil
	}