Browse code
disallow tcp:// from defaulting to 127.0.0.1:4243
This stops docker from accepting tcp:// as a valid bind address.
Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)
unclejack authored on 2014/02/13 10:26:35Showing 5 changed files
- api/api.go
- docs/sources/installation/mac.rst
- docs/sources/reference/commandline/cli.rst
- utils/utils.go
- utils/utils_test.go
| ... | ... |
@@ -31,12 +31,11 @@ import ( |
| 31 | 31 |
const ( |
| 32 | 32 |
APIVERSION = 1.9 |
| 33 | 33 |
DEFAULTHTTPHOST = "127.0.0.1" |
| 34 |
- DEFAULTHTTPPORT = 4243 |
|
| 35 | 34 |
DEFAULTUNIXSOCKET = "/var/run/docker.sock" |
| 36 | 35 |
) |
| 37 | 36 |
|
| 38 | 37 |
func ValidateHost(val string) (string, error) {
|
| 39 |
- host, err := utils.ParseHost(DEFAULTHTTPHOST, DEFAULTHTTPPORT, DEFAULTUNIXSOCKET, val) |
|
| 38 |
+ host, err := utils.ParseHost(DEFAULTHTTPHOST, DEFAULTUNIXSOCKET, val) |
|
| 40 | 39 |
if err != nil {
|
| 41 | 40 |
return val, err |
| 42 | 41 |
} |
| ... | ... |
@@ -72,7 +72,7 @@ Run the following commands to get it downloaded and set up: |
| 72 | 72 |
chmod +x docker |
| 73 | 73 |
|
| 74 | 74 |
# Set the environment variable for the docker daemon |
| 75 |
- export DOCKER_HOST=tcp:// |
|
| 75 |
+ export DOCKER_HOST=tcp://127.0.0.1:4243 |
|
| 76 | 76 |
|
| 77 | 77 |
# Copy the executable file |
| 78 | 78 |
sudo cp docker /usr/local/bin/ |
| ... | ... |
@@ -12,7 +12,7 @@ To list available commands, either run ``docker`` with no parameters or execute |
| 12 | 12 |
|
| 13 | 13 |
$ sudo docker |
| 14 | 14 |
Usage: docker [OPTIONS] COMMAND [arg...] |
| 15 |
- -H=[unix:///var/run/docker.sock]: tcp://[host[:port]] to bind/connect to or unix://[/path/to/socket] to use. When host=[0.0.0.0], port=[4243] or path=[/var/run/docker.sock] is omitted, default values are used. |
|
| 15 |
+ -H=[unix:///var/run/docker.sock]: tcp://[host]:port to bind/connect to or unix://[/path/to/socket] to use. When host=[127.0.0.1] is omitted for tcp or path=[/var/run/docker.sock] is omitted for unix sockets, default values are used. |
|
| 16 | 16 |
|
| 17 | 17 |
A self-sufficient runtime for linux containers. |
| 18 | 18 |
|
| ... | ... |
@@ -745,7 +745,7 @@ func GetNameserversAsCIDR(resolvConf []byte) []string {
|
| 745 | 745 |
} |
| 746 | 746 |
|
| 747 | 747 |
// FIXME: Change this not to receive default value as parameter |
| 748 |
-func ParseHost(defaultHost string, defaultPort int, defaultUnix, addr string) (string, error) {
|
|
| 748 |
+func ParseHost(defaultHost string, defaultUnix, addr string) (string, error) {
|
|
| 749 | 749 |
var ( |
| 750 | 750 |
proto string |
| 751 | 751 |
host string |
| ... | ... |
@@ -753,6 +753,8 @@ func ParseHost(defaultHost string, defaultPort int, defaultUnix, addr string) (s |
| 753 | 753 |
) |
| 754 | 754 |
addr = strings.TrimSpace(addr) |
| 755 | 755 |
switch {
|
| 756 |
+ case addr == "tcp://": |
|
| 757 |
+ return "", fmt.Errorf("Invalid bind address format: %s", addr)
|
|
| 756 | 758 |
case strings.HasPrefix(addr, "unix://"): |
| 757 | 759 |
proto = "unix" |
| 758 | 760 |
addr = strings.TrimPrefix(addr, "unix://") |
| ... | ... |
@@ -788,12 +790,13 @@ func ParseHost(defaultHost string, defaultPort int, defaultUnix, addr string) (s |
| 788 | 788 |
if p, err := strconv.Atoi(hostParts[1]); err == nil && p != 0 {
|
| 789 | 789 |
port = p |
| 790 | 790 |
} else {
|
| 791 |
- port = defaultPort |
|
| 791 |
+ return "", fmt.Errorf("Invalid bind address format: %s", addr)
|
|
| 792 | 792 |
} |
| 793 | 793 |
|
| 794 |
+ } else if proto == "tcp" && !strings.Contains(addr, ":") {
|
|
| 795 |
+ return "", fmt.Errorf("Invalid bind address format: %s", addr)
|
|
| 794 | 796 |
} else {
|
| 795 | 797 |
host = addr |
| 796 |
- port = defaultPort |
|
| 797 | 798 |
} |
| 798 | 799 |
if proto == "unix" {
|
| 799 | 800 |
return fmt.Sprintf("%s://%s", proto, host), nil
|
| ... | ... |
@@ -301,34 +301,36 @@ func assertRAMInBytes(t *testing.T, size string, expectError bool, expectedBytes |
| 301 | 301 |
func TestParseHost(t *testing.T) {
|
| 302 | 302 |
var ( |
| 303 | 303 |
defaultHttpHost = "127.0.0.1" |
| 304 |
- defaultHttpPort = 4243 |
|
| 305 | 304 |
defaultUnix = "/var/run/docker.sock" |
| 306 | 305 |
) |
| 307 |
- if addr, err := ParseHost(defaultHttpHost, defaultHttpPort, defaultUnix, "0.0.0.0"); err != nil || addr != "tcp://0.0.0.0:4243" {
|
|
| 308 |
- t.Errorf("0.0.0.0 -> expected tcp://0.0.0.0:4243, got %s", addr)
|
|
| 306 |
+ if addr, err := ParseHost(defaultHttpHost, defaultUnix, "0.0.0.0"); err == nil {
|
|
| 307 |
+ t.Errorf("tcp 0.0.0.0 address expected error return, but err == nil, got %s", addr)
|
|
| 309 | 308 |
} |
| 310 |
- if addr, err := ParseHost(defaultHttpHost, defaultHttpPort, defaultUnix, "0.0.0.1:5555"); err != nil || addr != "tcp://0.0.0.1:5555" {
|
|
| 309 |
+ if addr, err := ParseHost(defaultHttpHost, defaultUnix, "tcp://"); err == nil {
|
|
| 310 |
+ t.Errorf("default tcp:// address expected error return, but err == nil, got %s", addr)
|
|
| 311 |
+ } |
|
| 312 |
+ if addr, err := ParseHost(defaultHttpHost, defaultUnix, "0.0.0.1:5555"); err != nil || addr != "tcp://0.0.0.1:5555" {
|
|
| 311 | 313 |
t.Errorf("0.0.0.1:5555 -> expected tcp://0.0.0.1:5555, got %s", addr)
|
| 312 | 314 |
} |
| 313 |
- if addr, err := ParseHost(defaultHttpHost, defaultHttpPort, defaultUnix, ":6666"); err != nil || addr != "tcp://127.0.0.1:6666" {
|
|
| 315 |
+ if addr, err := ParseHost(defaultHttpHost, defaultUnix, ":6666"); err != nil || addr != "tcp://127.0.0.1:6666" {
|
|
| 314 | 316 |
t.Errorf(":6666 -> expected tcp://127.0.0.1:6666, got %s", addr)
|
| 315 | 317 |
} |
| 316 |
- if addr, err := ParseHost(defaultHttpHost, defaultHttpPort, defaultUnix, "tcp://:7777"); err != nil || addr != "tcp://127.0.0.1:7777" {
|
|
| 318 |
+ if addr, err := ParseHost(defaultHttpHost, defaultUnix, "tcp://:7777"); err != nil || addr != "tcp://127.0.0.1:7777" {
|
|
| 317 | 319 |
t.Errorf("tcp://:7777 -> expected tcp://127.0.0.1:7777, got %s", addr)
|
| 318 | 320 |
} |
| 319 |
- if addr, err := ParseHost(defaultHttpHost, defaultHttpPort, defaultUnix, ""); err != nil || addr != "unix:///var/run/docker.sock" {
|
|
| 321 |
+ if addr, err := ParseHost(defaultHttpHost, defaultUnix, ""); err != nil || addr != "unix:///var/run/docker.sock" {
|
|
| 320 | 322 |
t.Errorf("empty argument -> expected unix:///var/run/docker.sock, got %s", addr)
|
| 321 | 323 |
} |
| 322 |
- if addr, err := ParseHost(defaultHttpHost, defaultHttpPort, defaultUnix, "unix:///var/run/docker.sock"); err != nil || addr != "unix:///var/run/docker.sock" {
|
|
| 324 |
+ if addr, err := ParseHost(defaultHttpHost, defaultUnix, "unix:///var/run/docker.sock"); err != nil || addr != "unix:///var/run/docker.sock" {
|
|
| 323 | 325 |
t.Errorf("unix:///var/run/docker.sock -> expected unix:///var/run/docker.sock, got %s", addr)
|
| 324 | 326 |
} |
| 325 |
- if addr, err := ParseHost(defaultHttpHost, defaultHttpPort, defaultUnix, "unix://"); err != nil || addr != "unix:///var/run/docker.sock" {
|
|
| 327 |
+ if addr, err := ParseHost(defaultHttpHost, defaultUnix, "unix://"); err != nil || addr != "unix:///var/run/docker.sock" {
|
|
| 326 | 328 |
t.Errorf("unix:///var/run/docker.sock -> expected unix:///var/run/docker.sock, got %s", addr)
|
| 327 | 329 |
} |
| 328 |
- if addr, err := ParseHost(defaultHttpHost, defaultHttpPort, defaultUnix, "udp://127.0.0.1"); err == nil {
|
|
| 330 |
+ if addr, err := ParseHost(defaultHttpHost, defaultUnix, "udp://127.0.0.1"); err == nil {
|
|
| 329 | 331 |
t.Errorf("udp protocol address expected error return, but err == nil. Got %s", addr)
|
| 330 | 332 |
} |
| 331 |
- if addr, err := ParseHost(defaultHttpHost, defaultHttpPort, defaultUnix, "udp://127.0.0.1:4243"); err == nil {
|
|
| 333 |
+ if addr, err := ParseHost(defaultHttpHost, defaultUnix, "udp://127.0.0.1:4243"); err == nil {
|
|
| 332 | 334 |
t.Errorf("udp protocol address expected error return, but err == nil. Got %s", addr)
|
| 333 | 335 |
} |
| 334 | 336 |
} |