mirror of
https://github.com/oauth2-proxy/oauth2-proxy.git
synced 2025-06-08 23:56:36 +02:00
fix: systemd socket support build handling for windows
This commit is contained in:
parent
ae5b5dc45f
commit
8dd2cbec4d
@ -33,6 +33,7 @@
|
||||
- [#2800](https://github.com/oauth2-proxy/oauth2-proxy/pull/2800) doc: add some opencontainer labels to docker image (@halkeye)
|
||||
- [#2755](https://github.com/oauth2-proxy/oauth2-proxy/pull/2755) feat: add X-Envoy-External-Address as supported header (@bjencks)
|
||||
- [#1985](https://github.com/oauth2-proxy/oauth2-proxy/pull/1985) feat: add support for systemd socket (@isodude)
|
||||
- [#2916](https://github.com/oauth2-proxy/oauth2-proxy/pull/2916) fix: systemd socket support build handling for windows (@tuunit)
|
||||
- [#2300](https://github.com/oauth2-proxy/oauth2-proxy/pull/2300) fix: add fix for websocket path rewrite (@rekup)
|
||||
- [#2821](https://github.com/oauth2-proxy/oauth2-proxy/pull/2821) feat: add CF-Connecting-IP as supported real ip header (@ondrejsika)
|
||||
- [#2620](https://github.com/oauth2-proxy/oauth2-proxy/pull/2620) fix: update code_verifier to use recommended method (@vishvananda)
|
||||
|
@ -8,24 +8,14 @@ import (
|
||||
"net"
|
||||
"net/http"
|
||||
"os"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/coreos/go-systemd/activation"
|
||||
"golang.org/x/sync/errgroup"
|
||||
|
||||
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/options"
|
||||
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/options/util"
|
||||
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/logger"
|
||||
"golang.org/x/sync/errgroup"
|
||||
)
|
||||
|
||||
// listenFdsStart corresponds to `SD_LISTEN_FDS_START`.
|
||||
// Since the 3 first file descriptors in every linux process is
|
||||
// stdin, stdout and stderr. The first usable file descriptor is 3.
|
||||
// systemd-socket-activate will always assume that the first socket will be
|
||||
// 3 and the rest follow.
|
||||
const (
|
||||
listenFdsStart = 3
|
||||
)
|
||||
|
||||
// Server represents an HTTP or HTTPS server.
|
||||
@ -83,27 +73,6 @@ type server struct {
|
||||
fdFiles []*os.File
|
||||
}
|
||||
|
||||
// convert a string filedescriptor to an actual listener
|
||||
func (s *server) fdToListener(bindAddress string) (net.Listener, error) {
|
||||
fd, err := strconv.Atoi(bindAddress)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("listen failed: fd with name is not implemented yet")
|
||||
}
|
||||
fdIndex := fd - listenFdsStart
|
||||
|
||||
if len(s.fdFiles) == 0 {
|
||||
s.fdFiles = activation.Files(true)
|
||||
}
|
||||
|
||||
l := len(s.fdFiles)
|
||||
|
||||
if fdIndex < 0 || fdIndex >= l || l == 0 {
|
||||
return nil, fmt.Errorf("listen failed: fd outside of range of available file descriptors")
|
||||
}
|
||||
|
||||
return net.FileListener(s.fdFiles[fdIndex])
|
||||
}
|
||||
|
||||
// setupListener sets the server listener if the HTTP server is enabled.
|
||||
// The HTTP server can be disabled by setting the BindAddress to "-" or by
|
||||
// leaving it empty.
|
||||
@ -120,13 +89,7 @@ func (s *server) setupListener(opts Opts) error {
|
||||
// to the program is indeed a net.Listener and starts using it
|
||||
// without setting up a new listener.
|
||||
if strings.HasPrefix(strings.ToLower(opts.BindAddress), "fd:") {
|
||||
listenAddr := opts.BindAddress[3:]
|
||||
listener, err := s.fdToListener(listenAddr)
|
||||
if err != nil {
|
||||
err = fmt.Errorf("listen (%s, %s) failed: %v", "file", listenAddr, err)
|
||||
}
|
||||
s.listener = listener
|
||||
return err
|
||||
return s.checkSystemdSocketSupport(opts)
|
||||
}
|
||||
|
||||
networkType := getNetworkScheme(opts.BindAddress)
|
||||
@ -134,7 +97,7 @@ func (s *server) setupListener(opts Opts) error {
|
||||
|
||||
listener, err := net.Listen(networkType, listenAddr)
|
||||
if err != nil {
|
||||
return fmt.Errorf("listen (%s, %s) failed: %v", networkType, listenAddr, err)
|
||||
return fmt.Errorf("listen (%s, %s) failed: %w", networkType, listenAddr, err)
|
||||
}
|
||||
s.listener = listener
|
||||
|
||||
|
55
pkg/http/systemd_socket.go
Normal file
55
pkg/http/systemd_socket.go
Normal file
@ -0,0 +1,55 @@
|
||||
//go:build !windows
|
||||
// +build !windows
|
||||
|
||||
package http
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"net"
|
||||
"strconv"
|
||||
|
||||
"github.com/coreos/go-systemd/activation"
|
||||
)
|
||||
|
||||
// listenFdsStart corresponds to `SD_LISTEN_FDS_START`.
|
||||
// Since the 3 first file descriptors in every linux process is
|
||||
// stdin, stdout and stderr. The first usable file descriptor is 3.
|
||||
// systemd-socket-activate will always assume that the first socket will be
|
||||
// 3 and the rest follow.
|
||||
const (
|
||||
listenFdsStart = 3
|
||||
)
|
||||
|
||||
// convert a string filedescriptor to an actual listener
|
||||
func (s *server) fdToListener(bindAddress string) (net.Listener, error) {
|
||||
fd, err := strconv.Atoi(bindAddress)
|
||||
if err != nil {
|
||||
return nil, errors.New("listen failed: fd with name is not implemented yet")
|
||||
}
|
||||
fdIndex := fd - listenFdsStart
|
||||
|
||||
if len(s.fdFiles) == 0 {
|
||||
s.fdFiles = activation.Files(true)
|
||||
}
|
||||
|
||||
l := len(s.fdFiles)
|
||||
|
||||
if fdIndex < 0 || fdIndex >= l || l == 0 {
|
||||
return nil, errors.New("listen failed: fd outside of range of available file descriptors")
|
||||
}
|
||||
|
||||
return net.FileListener(s.fdFiles[fdIndex])
|
||||
}
|
||||
|
||||
func (s *server) checkSystemdSocketSupport(opts Opts) error {
|
||||
listenAddr := opts.BindAddress[3:]
|
||||
listener, err := s.fdToListener(listenAddr)
|
||||
if err != nil {
|
||||
err = fmt.Errorf("listen (file, %s) failed: %w", listenAddr, err)
|
||||
return err
|
||||
}
|
||||
|
||||
s.listener = listener
|
||||
return nil
|
||||
}
|
17
pkg/http/systemd_unsupported.go
Normal file
17
pkg/http/systemd_unsupported.go
Normal file
@ -0,0 +1,17 @@
|
||||
//go:build windows
|
||||
// +build windows
|
||||
|
||||
package http
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
)
|
||||
|
||||
func (s *server) checkSystemdSocketSupport(opts Opts) error {
|
||||
if strings.HasPrefix(strings.ToLower(opts.BindAddress), "fd:") {
|
||||
listenAddr := opts.BindAddress[3:]
|
||||
return fmt.Errorf("listen (file, %s) failed: systemd sockets are not supported on windows", listenAddr)
|
||||
}
|
||||
return nil
|
||||
}
|
Loading…
x
Reference in New Issue
Block a user