@@ -1,6 +1,6 @@

 # the following lines are in sorted order, FYI

 github.com/Azure/go-ansiterm d6e3b3328b783f23731bc4d058875b0371ff8109

-github.com/Microsoft/hcsshim v0.6.5

+github.com/Microsoft/hcsshim v0.6.7

 github.com/Microsoft/go-winio v0.4.5

 github.com/davecgh/go-spew 346938d642f2ec3594ed81d874461961cd0faa76

 github.com/docker/libtrust 9cbd2a1374f46905c68a4eb3694a130610adc62a

@@ -72,6 +72,22 @@ var (

 	ErrPlatformNotSupported = errors.New("unsupported platform request")

 )

+type EndpointNotFoundError struct {

+	EndpointName string

+}

+

+func (e EndpointNotFoundError) Error() string {

+	return fmt.Sprintf("Endpoint %s not found", e.EndpointName)

+}

+

+type NetworkNotFoundError struct {

+	NetworkName string

+}

+

+func (e NetworkNotFoundError) Error() string {

+	return fmt.Sprintf("Network %s not found", e.NetworkName)

+}

+

 // ProcessError is an error encountered in HCS during an operation on a Process object

 type ProcessError struct {

 	Process   *process

@@ -174,6 +190,12 @@ func makeProcessError(process *process, operation string, extraInfo string, err

 // will currently return true when the error is ErrElementNotFound or ErrProcNotFound.

 func IsNotExist(err error) bool {

 	err = getInnerError(err)

+	if _, ok := err.(EndpointNotFoundError); ok {

+		return true

+	}

+	if _, ok := err.(NetworkNotFoundError); ok {

+		return true

+	}

 	return err == ErrComputeSystemDoesNotExist ||

 		err == ErrElementNotFound ||

 		err == ErrProcNotFound

@@ -2,7 +2,6 @@ package hcsshim

 import (

 	"encoding/json"

-	"fmt"

 	"net"

 	"github.com/sirupsen/logrus"

@@ -135,7 +134,7 @@ func GetHNSEndpointByName(endpointName string) (*HNSEndpoint, error) {

 			return &hnsEndpoint, nil

 		}

 	}

-	return nil, fmt.Errorf("Endpoint %v not found", endpointName)

+	return nil, EndpointNotFoundError{EndpointName: endpointName}

 }

 // Create Endpoint by sending EndpointRequest to HNS. TODO: Create a separate HNS interface to place all these methods

@@ -192,18 +191,24 @@ func (endpoint *HNSEndpoint) ContainerHotDetach(containerID string) error {

 	return modifyNetworkEndpoint(containerID, endpoint.Id, Remove)

 }

-// ApplyACLPolicy applies Acl Policy on the Endpoint

-func (endpoint *HNSEndpoint) ApplyACLPolicy(policy *ACLPolicy) error {

+// ApplyACLPolicy applies a set of ACL Policies on the Endpoint

+func (endpoint *HNSEndpoint) ApplyACLPolicy(policies ...*ACLPolicy) error {

 	operation := "ApplyACLPolicy"

 	title := "HCSShim::HNSEndpoint::" + operation

 	logrus.Debugf(title+" id=%s", endpoint.Id)

-	jsonString, err := json.Marshal(policy)

-	if err != nil {

-		return err

+	for _, policy := range policies {

+		if policy == nil {

+			continue

+		}

+		jsonString, err := json.Marshal(policy)

+		if err != nil {

+			return err

+		}

+		endpoint.Policies = append(endpoint.Policies, jsonString)

 	}

-	endpoint.Policies[0] = jsonString

-	_, err = endpoint.Update()

+

+	_, err := endpoint.Update()

 	return err

 }

@@ -2,7 +2,6 @@ package hcsshim

 import (

 	"encoding/json"

-	"fmt"

 	"net"

 	"github.com/sirupsen/logrus"

@@ -90,7 +89,7 @@ func GetHNSNetworkByName(networkName string) (*HNSNetwork, error) {

 			return &hnsnetwork, nil

 		}

 	}

-	return nil, fmt.Errorf("Network %v not found", networkName)

+	return nil, NetworkNotFoundError{NetworkName: networkName}

 }

 // Create Network by sending NetworkRequest to HNS.

@@ -75,19 +75,18 @@ const (

 )

 type ACLPolicy struct {

-	Type          PolicyType `json:"Type"`

-	Protocol      uint16

-	InternalPort  uint16

-	Action        ActionType

-	Direction     DirectionType

-	LocalAddress  string

-	RemoteAddress string

-	LocalPort     uint16

-	RemotePort    uint16

-	RuleType      RuleType `json:"RuleType,omitempty"`

-

-	Priority    uint16

-	ServiceName string

+	Type            PolicyType `json:"Type"`

+	Protocol        uint16

+	InternalPort    uint16

+	Action          ActionType

+	Direction       DirectionType

+	LocalAddresses  string

+	RemoteAddresses string

+	LocalPort       uint16

+	RemotePort      uint16

+	RuleType        RuleType `json:"RuleType,omitempty"`

+	Priority        uint16

+	ServiceName     string

 }

 type Policy struct {

@@ -472,15 +472,21 @@ func cloneTree(srcPath, destPath string, mutatedFiles map[string]bool) error {

 		}

 		destFilePath := filepath.Join(destPath, relPath)

+		fileAttributes := info.Sys().(*syscall.Win32FileAttributeData).FileAttributes

 		// Directories, reparse points, and files that will be mutated during

 		// utility VM import must be copied. All other files can be hard linked.

-		isReparsePoint := info.Sys().(*syscall.Win32FileAttributeData).FileAttributes&syscall.FILE_ATTRIBUTE_REPARSE_POINT != 0

-		if info.IsDir() || isReparsePoint || mutatedFiles[relPath] {

-			fi, err := copyFileWithMetadata(srcFilePath, destFilePath, info.IsDir())

+		isReparsePoint := fileAttributes&syscall.FILE_ATTRIBUTE_REPARSE_POINT != 0

+		// In go1.9, FileInfo.IsDir() returns false if the directory is also a symlink.

+		// See: https://github.com/golang/go/commit/1989921aef60c83e6f9127a8448fb5ede10e9acc

+		// Fixes the problem by checking syscall.FILE_ATTRIBUTE_DIRECTORY directly

+		isDir := fileAttributes&syscall.FILE_ATTRIBUTE_DIRECTORY != 0

+

+		if isDir || isReparsePoint || mutatedFiles[relPath] {

+			fi, err := copyFileWithMetadata(srcFilePath, destFilePath, isDir)

 			if err != nil {

 				return err

 			}

-			if info.IsDir() && !isReparsePoint {

+			if isDir && !isReparsePoint {

 				di = append(di, dirInfo{path: destFilePath, fileInfo: *fi})

 			}

 		} else {

@@ -490,8 +496,9 @@ func cloneTree(srcPath, destPath string, mutatedFiles map[string]bool) error {

 			}

 		}

-		// Don't recurse on reparse points.

-		if info.IsDir() && isReparsePoint {

+		// Don't recurse on reparse points in go1.8 and older. Filepath.Walk

+		// handles this in go1.9 and newer.

+		if isDir && isReparsePoint && shouldSkipDirectoryReparse {

 			return filepath.SkipDir

 		}

new file mode 100644

@@ -0,0 +1,7 @@

+// +build !go1.9

+

+package hcsshim

+

+// Due to a bug in go1.8 and before, directory reparse points need to be skipped

+// during filepath.Walk. This is fixed in go1.9

+var shouldSkipDirectoryReparse = true

new file mode 100644

@@ -0,0 +1,7 @@

+// +build go1.9

+

+package hcsshim

+

+// Due to a bug in go1.8 and before, directory reparse points need to be skipped

+// during filepath.Walk. This is fixed in go1.9

+var shouldSkipDirectoryReparse = false