Skip to content

Instantly share code, notes, and snippets.

@cpuspellcaster
Created January 8, 2017 02:20
Show Gist options
  • Save cpuspellcaster/bf70fd5fea78d947980b7fde09c7e5d6 to your computer and use it in GitHub Desktop.
Save cpuspellcaster/bf70fd5fea78d947980b7fde09c7e5d6 to your computer and use it in GitHub Desktop.
Docker Hijack Protocol
Stream details:
When using the TTY setting is enabled in POST, the stream is the raw data from the process PTY and client’s stdin. When the TTY is disabled, then the stream is multiplexed to separate stdout and stderr.
The format is a Header and a Payload (frame).
HEADER
The header contains the information which the stream writes (stdout or stderr). It also contains the size of the associated frame encoded in the last four bytes (uint32).
It is encoded on the first eight bytes like this:
header := [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4}
STREAM_TYPE can be:
0: stdin (is written on stdout)
1: stdout
2: stderr
SIZE1, SIZE2, SIZE3, SIZE4 are the four bytes of the uint32 size encoded as big endian.
PAYLOAD
The payload is the raw stream.
IMPLEMENTATION
The simplest way to implement the Attach protocol is the following:
1. Read eight bytes.
2. Choose `stdout` or `stderr` depending on the first byte.
3. Extract the frame size from the last four bytes.
4. Read the extracted size and output it on the correct output.
5. Goto 1.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment