github.com/zhouyu0/docker-note@v0.0.0-20190722021225-b8d3825084db/client/hijack.go (about)

     1  package client // import "github.com/docker/docker/client"
     2  
     3  import (
     4  	"bufio"
     5  	"context"
     6  	"crypto/tls"
     7  	"fmt"
     8  	"net"
     9  	"net/http"
    10  	"net/http/httputil"
    11  	"net/url"
    12  	"time"
    13  
    14  	"github.com/docker/docker/api/types"
    15  	"github.com/docker/go-connections/sockets"
    16  	"github.com/pkg/errors"
    17  )
    18  
    19  // postHijacked sends a POST request and hijacks the connection.
    20  func (cli *Client) postHijacked(ctx context.Context, path string, query url.Values, body interface{}, headers map[string][]string) (types.HijackedResponse, error) {
    21  	bodyEncoded, err := encodeData(body)
    22  	if err != nil {
    23  		return types.HijackedResponse{}, err
    24  	}
    25  
    26  	apiPath := cli.getAPIPath(path, query)
    27  	req, err := http.NewRequest("POST", apiPath, bodyEncoded)
    28  	if err != nil {
    29  		return types.HijackedResponse{}, err
    30  	}
    31  	req = cli.addHeaders(req, headers)
    32  
    33  	conn, err := cli.setupHijackConn(ctx, req, "tcp")
    34  	if err != nil {
    35  		return types.HijackedResponse{}, err
    36  	}
    37  
    38  	return types.HijackedResponse{Conn: conn, Reader: bufio.NewReader(conn)}, err
    39  }
    40  
    41  // fallbackDial is used when WithDialer() was not called.
    42  // See cli.Dialer().
    43  func fallbackDial(proto, addr string, tlsConfig *tls.Config) (net.Conn, error) {
    44  	if tlsConfig != nil && proto != "unix" && proto != "npipe" {
    45  		return tls.Dial(proto, addr, tlsConfig)
    46  	}
    47  	if proto == "npipe" {
    48  		return sockets.DialPipe(addr, 32*time.Second)
    49  	}
    50  	return net.Dial(proto, addr)
    51  }
    52  
    53  func (cli *Client) setupHijackConn(ctx context.Context, req *http.Request, proto string) (net.Conn, error) {
    54  	req.Host = cli.addr
    55  	req.Header.Set("Connection", "Upgrade")
    56  	req.Header.Set("Upgrade", proto)
    57  
    58  	dialer := cli.Dialer()
    59  	conn, err := dialer(ctx)
    60  	if err != nil {
    61  		return nil, errors.Wrap(err, "cannot connect to the Docker daemon. Is 'docker daemon' running on this host?")
    62  	}
    63  
    64  	// When we set up a TCP connection for hijack, there could be long periods
    65  	// of inactivity (a long running command with no output) that in certain
    66  	// network setups may cause ECONNTIMEOUT, leaving the client in an unknown
    67  	// state. Setting TCP KeepAlive on the socket connection will prohibit
    68  	// ECONNTIMEOUT unless the socket connection truly is broken
    69  	if tcpConn, ok := conn.(*net.TCPConn); ok {
    70  		tcpConn.SetKeepAlive(true)
    71  		tcpConn.SetKeepAlivePeriod(30 * time.Second)
    72  	}
    73  
    74  	clientconn := httputil.NewClientConn(conn, nil)
    75  	defer clientconn.Close()
    76  
    77  	// Server hijacks the connection, error 'connection closed' expected
    78  	resp, err := clientconn.Do(req)
    79  	if err != httputil.ErrPersistEOF {
    80  		if err != nil {
    81  			return nil, err
    82  		}
    83  		if resp.StatusCode != http.StatusSwitchingProtocols {
    84  			resp.Body.Close()
    85  			return nil, fmt.Errorf("unable to upgrade to %s, received %d", proto, resp.StatusCode)
    86  		}
    87  	}
    88  
    89  	c, br := clientconn.Hijack()
    90  	if br.Buffered() > 0 {
    91  		// If there is buffered content, wrap the connection.  We return an
    92  		// object that implements CloseWrite iff the underlying connection
    93  		// implements it.
    94  		if _, ok := c.(types.CloseWriter); ok {
    95  			c = &hijackedConnCloseWriter{&hijackedConn{c, br}}
    96  		} else {
    97  			c = &hijackedConn{c, br}
    98  		}
    99  	} else {
   100  		br.Reset(nil)
   101  	}
   102  
   103  	return c, nil
   104  }
   105  
   106  // hijackedConn wraps a net.Conn and is returned by setupHijackConn in the case
   107  // that a) there was already buffered data in the http layer when Hijack() was
   108  // called, and b) the underlying net.Conn does *not* implement CloseWrite().
   109  // hijackedConn does not implement CloseWrite() either.
   110  type hijackedConn struct {
   111  	net.Conn
   112  	r *bufio.Reader
   113  }
   114  
   115  func (c *hijackedConn) Read(b []byte) (int, error) {
   116  	return c.r.Read(b)
   117  }
   118  
   119  // hijackedConnCloseWriter is a hijackedConn which additionally implements
   120  // CloseWrite().  It is returned by setupHijackConn in the case that a) there
   121  // was already buffered data in the http layer when Hijack() was called, and b)
   122  // the underlying net.Conn *does* implement CloseWrite().
   123  type hijackedConnCloseWriter struct {
   124  	*hijackedConn
   125  }
   126  
   127  var _ types.CloseWriter = &hijackedConnCloseWriter{}
   128  
   129  func (c *hijackedConnCloseWriter) CloseWrite() error {
   130  	conn := c.Conn.(types.CloseWriter)
   131  	return conn.CloseWrite()
   132  }