Docker Hijack Protocol

8/7/2018 - 1:53 PM

Stream details:

When using the TTY setting is enabled in POST, the stream is the raw data from the process PTY and client’s stdin. When the TTY is disabled, then the stream is multiplexed to separate stdout and stderr.

The format is a Header and a Payload (frame).

HEADER

The header contains the information which the stream writes (stdout or stderr). It also contains the size of the associated frame encoded in the last four bytes (uint32).

It is encoded on the first eight bytes like this:

header := [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4}
STREAM_TYPE can be:

0: stdin (is written on stdout)
1: stdout
2: stderr
SIZE1, SIZE2, SIZE3, SIZE4 are the four bytes of the uint32 size encoded as big endian.

PAYLOAD

The payload is the raw stream.

IMPLEMENTATION

The simplest way to implement the Attach protocol is the following:

1.  Read eight bytes.
2.  Choose `stdout` or `stderr` depending on the first byte.
3.  Extract the frame size from the last four bytes.
4.  Read the extracted size and output it on the correct output.
5.  Goto 1.

Cacher is the code snippet organizer for pro developers

We empower you and your team to get more done, faster

Docker Hijack Protocol