501a898e0e
Now that listeners is no longer an internal of the client, make it less Docker-specific (despite there still being some open questions as how to deal with some of the warnings that listeners has to emit). We should move as much of the Docker-specific stuff (especially the port allocation) to docker/ where it belongs (or maybe pass a check function). Signed-off-by: Aleksa Sarai <asarai@suse.de>
57 lines
1.4 KiB
Go
57 lines
1.4 KiB
Go
package listeners
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"fmt"
|
|
"net"
|
|
"strings"
|
|
|
|
"github.com/Microsoft/go-winio"
|
|
)
|
|
|
|
// Init creates new listeners for the server.
|
|
func Init(proto, addr, socketGroup string, tlsConfig *tls.Config) (ls []net.Listener, err error) {
|
|
switch proto {
|
|
case "tcp":
|
|
l, err := initTCPSocket(addr, tlsConfig)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
ls = append(ls, l)
|
|
|
|
case "npipe":
|
|
// allow Administrators and SYSTEM, plus whatever additional users or groups were specified
|
|
sddl := "D:P(A;;GA;;;BA)(A;;GA;;;SY)"
|
|
if socketGroup != "" {
|
|
for _, g := range strings.Split(socketGroup, ",") {
|
|
sid, err := winio.LookupSidByName(g)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
sddl += fmt.Sprintf("(A;;GRGW;;;%s)", sid)
|
|
}
|
|
}
|
|
c := winio.PipeConfig{
|
|
SecurityDescriptor: sddl,
|
|
MessageMode: true, // Use message mode so that CloseWrite() is supported
|
|
InputBufferSize: 65536, // Use 64KB buffers to improve performance
|
|
OutputBufferSize: 65536,
|
|
}
|
|
l, err := winio.ListenPipe(addr, &c)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
ls = append(ls, l)
|
|
|
|
default:
|
|
return nil, fmt.Errorf("invalid protocol format: windows only supports tcp and npipe")
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
// allocateDaemonPort ensures that there are no containers
|
|
// that try to use any port allocated for the docker server.
|
|
func allocateDaemonPort(addr string) error {
|
|
return nil
|
|
}
|