From 37319dec1771aaa9764c81359f439e862f45d8e1 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Thu, 21 Jan 2021 15:03:16 +0100 Subject: vendor: update rootlesskit to v0.12.0 Signed-off-by: Giuseppe Scrivano --- .../rootlesskit/pkg/port/builtin/child/child.go | 16 +++++++- .../rootlesskit/pkg/port/builtin/msg/msg.go | 2 + .../rootlesskit/pkg/port/port.go | 6 +++ .../rootlesskit/pkg/port/portutil/portutil.go | 46 +++++++++++++++++----- 4 files changed, 59 insertions(+), 11 deletions(-) (limited to 'vendor/github.com/rootless-containers/rootlesskit') diff --git a/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/child/child.go b/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/child/child.go index 112a926c3..fc249c2d9 100644 --- a/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/child/child.go +++ b/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/child/child.go @@ -106,7 +106,21 @@ func (d *childDriver) handleConnectRequest(c *net.UnixConn, req *msg.Request) er return errors.Errorf("unknown proto: %q", req.Proto) } var dialer net.Dialer - targetConn, err := dialer.Dial(req.Proto, fmt.Sprintf("127.0.0.1:%d", req.Port)) + ip := req.IP + if ip == "" { + ip = "127.0.0.1" + } else { + p := net.ParseIP(ip) + if p == nil { + return errors.Errorf("invalid IP: %q", ip) + } + p = p.To4() + if p == nil { + return errors.Errorf("unsupported IP (v6?): %s", ip) + } + ip = p.String() + } + targetConn, err := dialer.Dial(req.Proto, fmt.Sprintf("%s:%d", ip, req.Port)) if err != nil { return err } diff --git a/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/msg/msg.go b/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/msg/msg.go index e95b62191..a8c8e0385 100644 --- a/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/msg/msg.go +++ b/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/msg/msg.go @@ -20,6 +20,7 @@ const ( type Request struct { Type string // "init" or "connect" Proto string // "tcp" or "udp" + IP string Port int } @@ -53,6 +54,7 @@ func ConnectToChild(c *net.UnixConn, spec port.Spec) (int, error) { Type: RequestTypeConnect, Proto: spec.Proto, Port: spec.ChildPort, + IP: spec.ChildIP, } if _, err := msgutil.MarshalToWriter(c, &req); err != nil { return 0, err diff --git a/vendor/github.com/rootless-containers/rootlesskit/pkg/port/port.go b/vendor/github.com/rootless-containers/rootlesskit/pkg/port/port.go index 9ef46f549..41ec33487 100644 --- a/vendor/github.com/rootless-containers/rootlesskit/pkg/port/port.go +++ b/vendor/github.com/rootless-containers/rootlesskit/pkg/port/port.go @@ -10,6 +10,12 @@ type Spec struct { ParentIP string `json:"parentIP,omitempty"` // IPv4 address. can be empty (0.0.0.0). ParentPort int `json:"parentPort,omitempty"` ChildPort int `json:"childPort,omitempty"` + // ChildIP is an IPv4 address. + // Default values: + // - builtin driver: 127.0.0.1 + // - socat driver: 127.0.0.1 + // - slirp4netns driver: slirp4netns's child IP, e.g., 10.0.2.100 + ChildIP string `json:"childIP,omitempty"` } type Status struct { diff --git a/vendor/github.com/rootless-containers/rootlesskit/pkg/port/portutil/portutil.go b/vendor/github.com/rootless-containers/rootlesskit/pkg/port/portutil/portutil.go index 4fc081d43..1c531cac8 100644 --- a/vendor/github.com/rootless-containers/rootlesskit/pkg/port/portutil/portutil.go +++ b/vendor/github.com/rootless-containers/rootlesskit/pkg/port/portutil/portutil.go @@ -2,8 +2,8 @@ package portutil import ( "net" - "regexp" "strconv" + "strings" "github.com/pkg/errors" @@ -11,28 +11,54 @@ import ( ) // ParsePortSpec parses a Docker-like representation of PortSpec. -// e.g. "127.0.0.1:8080:80/tcp" +// e.g. "127.0.0.1:8080:80/tcp", or "127.0.0.1:8080:10.0.2.100:80/tcp" func ParsePortSpec(s string) (*port.Spec, error) { - r := regexp.MustCompile("^([0-9a-f\\.]+):([0-9]+):([0-9]+)/([a-z]+)$") - g := r.FindStringSubmatch(s) - if len(g) != 5 { + splitBySlash := strings.SplitN(s, "/", 2) + if len(splitBySlash) != 2 { return nil, errors.Errorf("unexpected PortSpec string: %q", s) } - parentIP := g[1] - parentPort, err := strconv.Atoi(g[2]) + proto := splitBySlash[1] + switch proto { + case "tcp", "udp", "sctp": + default: + return nil, errors.Errorf("unexpected Proto in PortSpec string: %q", s) + } + + splitByColon := strings.SplitN(splitBySlash[0], ":", 4) + switch len(splitByColon) { + case 3, 4: + default: + return nil, errors.Errorf("unexpected PortSpec string: %q", s) + } + + parentIP := splitByColon[0] + if net.IP(parentIP) == nil { + return nil, errors.Errorf("unexpected ParentIP in PortSpec string: %q", s) + } + + parentPort, err := strconv.Atoi(splitByColon[1]) if err != nil { return nil, errors.Wrapf(err, "unexpected ParentPort in PortSpec string: %q", s) } - childPort, err := strconv.Atoi(g[3]) + + var childIP string + if len(splitByColon) == 4 { + childIP = splitByColon[2] + if net.IP(childIP) == nil { + return nil, errors.Errorf("unexpected ChildIP in PortSpec string: %q", s) + } + } + + childPort, err := strconv.Atoi(splitByColon[len(splitByColon)-1]) if err != nil { return nil, errors.Wrapf(err, "unexpected ChildPort in PortSpec string: %q", s) } - proto := g[4] - // validation is up to the caller (as json.Unmarshal doesn't validate values) + return &port.Spec{ Proto: proto, ParentIP: parentIP, ParentPort: parentPort, + ChildIP: childIP, ChildPort: childPort, }, nil } -- cgit v1.2.3-54-g00ecf