From b8b4d2b3f721c88bf59e1c28bfd02bb697363f5f Mon Sep 17 00:00:00 2001
From: David Calavera <david.calavera@gmail.com>
Date: Fri, 16 Oct 2015 18:45:54 -0400
Subject: [PATCH] Return 404 for all network operations without network
 controller.

This will prevent the api from trying to serve network requests in
systems where libnetwork is not enabled, returning 404 responses in any
case.

Signed-off-by: David Calavera <david.calavera@gmail.com>
Upstream-commit: eb982e7c00192c8306f9c420fb469f087c7b161d
Component: engine
---
 .../api/server/router/network/network.go      | 28 +++++++++++++++----
 components/engine/api/server/server.go        |  1 +
 components/engine/daemon/network.go           |  6 ++++
 components/engine/errors/server.go            |  9 ++++++
 4 files changed, 38 insertions(+), 6 deletions(-)

diff --git a/components/engine/api/server/router/network/network.go b/components/engine/api/server/router/network/network.go
index 7645249b45..b301820f77 100644
--- a/components/engine/api/server/router/network/network.go
+++ b/components/engine/api/server/router/network/network.go
@@ -1,9 +1,14 @@
 package network
 
 import (
+	"net/http"
+
+	"github.com/docker/docker/api/server/httputils"
 	"github.com/docker/docker/api/server/router"
 	"github.com/docker/docker/api/server/router/local"
 	"github.com/docker/docker/daemon"
+	"github.com/docker/docker/errors"
+	"golang.org/x/net/context"
 )
 
 // networkRouter is a router to talk with the network controller
@@ -29,13 +34,24 @@ func (r *networkRouter) Routes() []router.Route {
 func (r *networkRouter) initRoutes() {
 	r.routes = []router.Route{
 		// GET
-		local.NewGetRoute("/networks", r.getNetworksList),
-		local.NewGetRoute("/networks/{id:.*}", r.getNetwork),
+		local.NewGetRoute("/networks", r.controllerEnabledMiddleware(r.getNetworksList)),
+		local.NewGetRoute("/networks/{id:.*}", r.controllerEnabledMiddleware(r.getNetwork)),
 		// POST
-		local.NewPostRoute("/networks/create", r.postNetworkCreate),
-		local.NewPostRoute("/networks/{id:.*}/connect", r.postNetworkConnect),
-		local.NewPostRoute("/networks/{id:.*}/disconnect", r.postNetworkDisconnect),
+		local.NewPostRoute("/networks/create", r.controllerEnabledMiddleware(r.postNetworkCreate)),
+		local.NewPostRoute("/networks/{id:.*}/connect", r.controllerEnabledMiddleware(r.postNetworkConnect)),
+		local.NewPostRoute("/networks/{id:.*}/disconnect", r.controllerEnabledMiddleware(r.postNetworkDisconnect)),
 		// DELETE
-		local.NewDeleteRoute("/networks/{id:.*}", r.deleteNetwork),
+		local.NewDeleteRoute("/networks/{id:.*}", r.controllerEnabledMiddleware(r.deleteNetwork)),
 	}
 }
+
+func (r *networkRouter) controllerEnabledMiddleware(handler httputils.APIFunc) httputils.APIFunc {
+	if r.daemon.NetworkControllerEnabled() {
+		return handler
+	}
+	return networkControllerDisabled
+}
+
+func networkControllerDisabled(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	return errors.ErrorNetworkControllerNotEnabled.WithArgs()
+}
diff --git a/components/engine/api/server/server.go b/components/engine/api/server/server.go
index 598fcfb2bb..7c9262c5be 100644
--- a/components/engine/api/server/server.go
+++ b/components/engine/api/server/server.go
@@ -170,6 +170,7 @@ func (s *Server) makeHTTPHandler(handler httputils.APIFunc) http.HandlerFunc {
 func (s *Server) InitRouters(d *daemon.Daemon) {
 	s.addRouter(local.NewRouter(d))
 	s.addRouter(network.NewRouter(d))
+
 	for _, srv := range s.servers {
 		srv.srv.Handler = s.CreateMux()
 	}
diff --git a/components/engine/daemon/network.go b/components/engine/daemon/network.go
index 3933c3bf98..0f2b42474d 100644
--- a/components/engine/daemon/network.go
+++ b/components/engine/daemon/network.go
@@ -17,6 +17,12 @@ const (
 	NetworkByName
 )
 
+// NetworkControllerEnabled checks if the networking stack is enabled.
+// This feature depends on OS primitives and it's dissabled in systems like Windows.
+func (daemon *Daemon) NetworkControllerEnabled() bool {
+	return daemon.netController != nil
+}
+
 // FindNetwork function finds a network for a given string that can represent network name or id
 func (daemon *Daemon) FindNetwork(idName string) (libnetwork.Network, error) {
 	// Find by Name
diff --git a/components/engine/errors/server.go b/components/engine/errors/server.go
index 9dfcc02b50..1a7af00a13 100644
--- a/components/engine/errors/server.go
+++ b/components/engine/errors/server.go
@@ -24,4 +24,13 @@ var (
 		Description:    "The client version is too old for the server",
 		HTTPStatusCode: http.StatusBadRequest,
 	})
+
+	// ErrorNetworkControllerNotEnabled is generated when the networking stack in not enabled
+	// for certain platforms, like windows.
+	ErrorNetworkControllerNotEnabled = errcode.Register(errGroup, errcode.ErrorDescriptor{
+		Value:          "NETWORK_CONTROLLER_NOT_ENABLED",
+		Message:        "the network controller is not enabled for this platform",
+		Description:    "Docker's networking stack is disabled for this platform",
+		HTTPStatusCode: http.StatusNotFound,
+	})
 )