update go-connection in vendor

api/client/trust.go

@@ -114,7 +114,7 @@ func (cli *DockerCli) getNotaryRepository(repoInfo *registry.RepositoryInfo, aut
 		return nil, err
 	}
 
-	var cfg = tlsconfig.ClientDefault
+	var cfg = tlsconfig.ClientDefault()
 	cfg.InsecureSkipVerify = !repoInfo.Index.Secure
 
 	// Get certificate base directory
@@ -124,7 +124,7 @@ func (cli *DockerCli) getNotaryRepository(repoInfo *registry.RepositoryInfo, aut
 	}
 	logrus.Debugf("reading certificate directory: %s", certDir)
 
-	if err := registry.ReadCertsDirectory(&cfg, certDir); err != nil {
+	if err := registry.ReadCertsDirectory(cfg, certDir); err != nil {
 		return nil, err
 	}
 
@@ -136,7 +136,7 @@ func (cli *DockerCli) getNotaryRepository(repoInfo *registry.RepositoryInfo, aut
 			DualStack: true,
 		}).Dial,
 		TLSHandshakeTimeout: 10 * time.Second,
-		TLSClientConfig:     &cfg,
+		TLSClientConfig:     cfg,
 		DisableKeepAlives:   true,
 	}
 

registry/registry.go

@@ -38,19 +38,19 @@ func init() {
 
 func newTLSConfig(hostname string, isSecure bool) (*tls.Config, error) {
 	// PreferredServerCipherSuites should have no effect
-	tlsConfig := tlsconfig.ServerDefault
+	tlsConfig := tlsconfig.ServerDefault()
 
 	tlsConfig.InsecureSkipVerify = !isSecure
 
 	if isSecure && CertsDir != "" {
 		hostDir := filepath.Join(CertsDir, cleanPath(hostname))
 		logrus.Debugf("hostDir: %s", hostDir)
-		if err := ReadCertsDirectory(&tlsConfig, hostDir); err != nil {
+		if err := ReadCertsDirectory(tlsConfig, hostDir); err != nil {
 			return nil, err
 		}
 	}
 
-	return &tlsConfig, nil
+	return tlsConfig, nil
 }
 
 func hasFile(files []os.FileInfo, name string) bool {
@@ -218,8 +218,8 @@ func ContinueOnError(err error) bool {
 // default TLS configuration.
 func NewTransport(tlsConfig *tls.Config) *http.Transport {
 	if tlsConfig == nil {
-		var cfg = tlsconfig.ServerDefault
-		tlsConfig = &cfg
+		var cfg = tlsconfig.ServerDefault()
+		tlsConfig = cfg
 	}
 	return &http.Transport{
 		Proxy: http.ProxyFromEnvironment,

registry/service_v1.go

@@ -9,8 +9,8 @@ import (
 )
 
 func (s *Service) lookupV1Endpoints(repoName reference.Named) (endpoints []APIEndpoint, err error) {
-	var cfg = tlsconfig.ServerDefault
-	tlsConfig := &cfg
+	var cfg = tlsconfig.ServerDefault()
+	tlsConfig := cfg
 	nameString := repoName.FullName()
 	if strings.HasPrefix(nameString, DefaultNamespace+"/") {
 		endpoints = append(endpoints, APIEndpoint{

registry/service_v2.go

@@ -9,8 +9,8 @@ import (
 )
 
 func (s *Service) lookupV2Endpoints(repoName reference.Named) (endpoints []APIEndpoint, err error) {
-	var cfg = tlsconfig.ServerDefault
-	tlsConfig := &cfg
+	var cfg = tlsconfig.ServerDefault()
+	tlsConfig := cfg
 	nameString := repoName.FullName()
 	if strings.HasPrefix(nameString, DefaultNamespace+"/") {
 		// v2 mirrors

vendor/src/github.com/docker/go-connections/CONTRIBUTING.md

@@ -0,0 +1,55 @@
+# Contributing to Docker
+
+### Sign your work
+
+The sign-off is a simple line at the end of the explanation for the patch. Your
+signature certifies that you wrote the patch or otherwise have the right to pass
+it on as an open-source patch. The rules are pretty simple: if you can certify
+the below (from [developercertificate.org](http://developercertificate.org/)):
+
+```
+Developer Certificate of Origin
+Version 1.1
+
+Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
+660 York Street, Suite 102,
+San Francisco, CA 94110 USA
+
+Everyone is permitted to copy and distribute verbatim copies of this
+license document, but changing it is not allowed.
+
+Developer's Certificate of Origin 1.1
+
+By making a contribution to this project, I certify that:
+
+(a) The contribution was created in whole or in part by me and I
+    have the right to submit it under the open source license
+    indicated in the file; or
+
+(b) The contribution is based upon previous work that, to the best
+    of my knowledge, is covered under an appropriate open source
+    license and I have the right under that license to submit that
+    work with modifications, whether created in whole or in part
+    by me, under the same open source license (unless I am
+    permitted to submit under a different license), as indicated
+    in the file; or
+
+(c) The contribution was provided directly to me by some other
+    person who certified (a), (b) or (c) and I have not modified
+    it.
+
+(d) I understand and agree that this project and the contribution
+    are public and that a record of the contribution (including all
+    personal information I submit with it, including my sign-off) is
+    maintained indefinitely and may be redistributed consistent with
+    this project or the open source license(s) involved.
+```
+
+Then you just add a line to every git commit message:
+
+    Signed-off-by: Joe Smith <joe.smith@email.com>
+
+Use your real name (sorry, no pseudonyms or anonymous contributions.)
+
+If you set your `user.name` and `user.email` git configs, you can sign your
+commit automatically with `git commit -s`.

vendor/src/github.com/docker/go-connections/MAINTAINERS

@@ -0,0 +1,27 @@
+# go-connections maintainers file
+#
+# This file describes who runs the docker/go-connections project and how.
+# This is a living document - if you see something out of date or missing, speak up!
+#
+# It is structured to be consumable by both humans and programs.
+# To extract its contents programmatically, use any TOML-compliant parser.
+#
+# This file is compiled into the MAINTAINERS file in docker/opensource.
+#
+[Org]
+	[Org."Core maintainers"]
+		people = [
+			"calavera",
+		]
+
+[people]
+
+# A reference list of all people associated with the project.
+# All other sections should refer to people by their canonical key
+# in the people section.
+
+	# ADD YOURSELF HERE IN ALPHABETICAL ORDER
+	[people.calavera]
+	Name = "David Calavera"
+	Email = "david.calavera@gmail.com"
+	GitHub = "calavera"

vendor/src/github.com/docker/go-connections/README.md

@@ -0,0 +1,13 @@
+[![GoDoc](https://godoc.org/github.com/docker/go-connections?status.svg)](https://godoc.org/github.com/docker/go-connections)
+
+# Introduction
+
+go-connections provides common package to work with network connections.
+
+## Usage
+
+See the [docs in godoc](https://godoc.org/github.com/docker/go-connections) for examples and documentation.
+
+## License
+
+go-connections is licensed under the Apache License, Version 2.0. See [LICENSE](LICENSE) for the full license text.

vendor/src/github.com/docker/go-connections/doc.go

@@ -0,0 +1,3 @@
+// Package connections provides libraries to work with network connections.
+// This library is divided in several components for specific usage.
+package connections

vendor/src/github.com/docker/go-connections/nat/nat.go

@@ -85,14 +85,10 @@ func (p Port) Port() string {
 // Int returns the port number of a Port as an int
 func (p Port) Int() int {
 	portStr := p.Port()
-	if len(portStr) == 0 {
-		return 0
-	}
-
 	// We don't need to check for an error because we're going to
 	// assume that any error would have been found, and reported, in NewPort()
-	port, _ := strconv.ParseUint(portStr, 10, 16)
-	return int(port)
+	port, _ := ParsePort(portStr)
+	return port
 }
 
 // Range returns the start/end port numbers of a Port range as ints
@@ -132,92 +128,115 @@ func ParsePortSpecs(ports []string) (map[Port]struct{}, map[Port][]PortBinding,
 		exposedPorts = make(map[Port]struct{}, len(ports))
 		bindings     = make(map[Port][]PortBinding)
 	)
-
 	for _, rawPort := range ports {
-		proto := "tcp"
-
-		if i := strings.LastIndex(rawPort, "/"); i != -1 {
-			proto = rawPort[i+1:]
-			rawPort = rawPort[:i]
-		}
-		if !strings.Contains(rawPort, ":") {
-			rawPort = fmt.Sprintf("::%s", rawPort)
-		} else if len(strings.Split(rawPort, ":")) == 2 {
-			rawPort = fmt.Sprintf(":%s", rawPort)
-		}
-
-		parts, err := PartParser(portSpecTemplate, rawPort)
+		portMappings, err := ParsePortSpec(rawPort)
 		if err != nil {
 			return nil, nil, err
 		}
 
-		var (
-			containerPort = parts["containerPort"]
-			rawIP         = parts["ip"]
-			hostPort      = parts["hostPort"]
-		)
-
-		if rawIP != "" && net.ParseIP(rawIP) == nil {
-			return nil, nil, fmt.Errorf("Invalid ip address: %s", rawIP)
-		}
-		if containerPort == "" {
-			return nil, nil, fmt.Errorf("No port specified: %s<empty>", rawPort)
+		for _, portMapping := range portMappings {
+			port := portMapping.Port
+			if _, exists := exposedPorts[port]; !exists {
+				exposedPorts[port] = struct{}{}
+			}
+			bslice, exists := bindings[port]
+			if !exists {
+				bslice = []PortBinding{}
+			}
+			bindings[port] = append(bslice, portMapping.Binding)
 		}
+	}
+	return exposedPorts, bindings, nil
+}
+
+// PortMapping is a data object mapping a Port to a PortBinding
+type PortMapping struct {
+	Port    Port
+	Binding PortBinding
+}
+
+func splitParts(rawport string) (string, string, string) {
+	parts := strings.Split(rawport, ":")
+	n := len(parts)
+	containerport := parts[n-1]
+
+	switch n {
+	case 1:
+		return "", "", containerport
+	case 2:
+		return "", parts[0], containerport
+	case 3:
+		return parts[0], parts[1], containerport
+	default:
+		return strings.Join(parts[:n-2], ":"), parts[n-2], containerport
+	}
+}
+
+// ParsePortSpec parses a port specification string into a slice of PortMappings
+func ParsePortSpec(rawPort string) ([]PortMapping, error) {
+	var proto string
+	rawIP, hostPort, containerPort := splitParts(rawPort)
+	proto, containerPort = SplitProtoPort(containerPort)
+
+	// Strip [] from IPV6 addresses
+	ip, _, err := net.SplitHostPort(rawIP + ":")
+	if err != nil {
+		return nil, fmt.Errorf("Invalid ip address %v: %s", rawIP, err)
+	}
+	if ip != "" && net.ParseIP(ip) == nil {
+		return nil, fmt.Errorf("Invalid ip address: %s", ip)
+	}
+	if containerPort == "" {
+		return nil, fmt.Errorf("No port specified: %s<empty>", rawPort)
+	}
+
+	startPort, endPort, err := ParsePortRange(containerPort)
+	if err != nil {
+		return nil, fmt.Errorf("Invalid containerPort: %s", containerPort)
+	}
 
-		startPort, endPort, err := ParsePortRange(containerPort)
+	var startHostPort, endHostPort uint64 = 0, 0
+	if len(hostPort) > 0 {
+		startHostPort, endHostPort, err = ParsePortRange(hostPort)
 		if err != nil {
-			return nil, nil, fmt.Errorf("Invalid containerPort: %s", containerPort)
+			return nil, fmt.Errorf("Invalid hostPort: %s", hostPort)
 		}
+	}
 
-		var startHostPort, endHostPort uint64 = 0, 0
-		if len(hostPort) > 0 {
-			startHostPort, endHostPort, err = ParsePortRange(hostPort)
-			if err != nil {
-				return nil, nil, fmt.Errorf("Invalid hostPort: %s", hostPort)
-			}
+	if hostPort != "" && (endPort-startPort) != (endHostPort-startHostPort) {
+		// Allow host port range iff containerPort is not a range.
+		// In this case, use the host port range as the dynamic
+		// host port range to allocate into.
+		if endPort != startPort {
+			return nil, fmt.Errorf("Invalid ranges specified for container and host Ports: %s and %s", containerPort, hostPort)
 		}
+	}
 
-		if hostPort != "" && (endPort-startPort) != (endHostPort-startHostPort) {
-			// Allow host port range iff containerPort is not a range.
-			// In this case, use the host port range as the dynamic
-			// host port range to allocate into.
-			if endPort != startPort {
-				return nil, nil, fmt.Errorf("Invalid ranges specified for container and host Ports: %s and %s", containerPort, hostPort)
-			}
-		}
+	if !validateProto(strings.ToLower(proto)) {
+		return nil, fmt.Errorf("Invalid proto: %s", proto)
+	}
 
-		if !validateProto(strings.ToLower(proto)) {
-			return nil, nil, fmt.Errorf("Invalid proto: %s", proto)
+	ports := []PortMapping{}
+	for i := uint64(0); i <= (endPort - startPort); i++ {
+		containerPort = strconv.FormatUint(startPort+i, 10)
+		if len(hostPort) > 0 {
+			hostPort = strconv.FormatUint(startHostPort+i, 10)
+		}
+		// Set hostPort to a range only if there is a single container port
+		// and a dynamic host port.
+		if startPort == endPort && startHostPort != endHostPort {
+			hostPort = fmt.Sprintf("%s-%s", hostPort, strconv.FormatUint(endHostPort, 10))
+		}
+		port, err := NewPort(strings.ToLower(proto), containerPort)
+		if err != nil {
+			return nil, err
 		}
 
-		for i := uint64(0); i <= (endPort - startPort); i++ {
-			containerPort = strconv.FormatUint(startPort+i, 10)
-			if len(hostPort) > 0 {
-				hostPort = strconv.FormatUint(startHostPort+i, 10)
-			}
-			// Set hostPort to a range only if there is a single container port
-			// and a dynamic host port.
-			if startPort == endPort && startHostPort != endHostPort {
-				hostPort = fmt.Sprintf("%s-%s", hostPort, strconv.FormatUint(endHostPort, 10))
-			}
-			port, err := NewPort(strings.ToLower(proto), containerPort)
-			if err != nil {
-				return nil, nil, err
-			}
-			if _, exists := exposedPorts[port]; !exists {
-				exposedPorts[port] = struct{}{}
-			}
-
-			binding := PortBinding{
-				HostIP:   rawIP,
-				HostPort: hostPort,
-			}
-			bslice, exists := bindings[port]
-			if !exists {
-				bslice = []PortBinding{}
-			}
-			bindings[port] = append(bslice, binding)
+		binding := PortBinding{
+			HostIP:   ip,
+			HostPort: hostPort,
 		}
+		ports = append(ports, PortMapping{Port: port, Binding: binding})
 	}
-	return exposedPorts, bindings, nil
+	return ports, nil
 }