1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2025-01-01 03:54:06 -05:00
denoland-deno/ext/net/ops.rs
Leo Kettmeir cf49599359
feat: permission stack traces in ops (#26938)
This commit improves permission prompts by adding an option
to print a full trace of where the permissions is being requested.

Due to big performance hint of stack trace collection, this is only
enabled when `DENO_TRACE_PERMISSIONS` env var is present.

Closes https://github.com/denoland/deno/issues/20756

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2024-11-20 21:24:04 +00:00

1161 lines
30 KiB
Rust

// Copyright 2018-2024 the Deno authors. All rights reserved. MIT license.
use crate::io::TcpStreamResource;
use crate::raw::NetworkListenerResource;
use crate::resolve_addr::resolve_addr;
use crate::resolve_addr::resolve_addr_sync;
use crate::tcp::TcpListener;
use crate::NetPermissions;
use deno_core::op2;
use deno_core::CancelFuture;
use deno_core::AsyncRefCell;
use deno_core::ByteString;
use deno_core::CancelHandle;
use deno_core::CancelTryFuture;
use deno_core::JsBuffer;
use deno_core::OpState;
use deno_core::RcRef;
use deno_core::Resource;
use deno_core::ResourceId;
use hickory_proto::rr::rdata::caa::Value;
use hickory_proto::rr::record_data::RData;
use hickory_proto::rr::record_type::RecordType;
use hickory_resolver::config::NameServerConfigGroup;
use hickory_resolver::config::ResolverConfig;
use hickory_resolver::config::ResolverOpts;
use hickory_resolver::error::ResolveError;
use hickory_resolver::error::ResolveErrorKind;
use hickory_resolver::system_conf;
use hickory_resolver::AsyncResolver;
use serde::Deserialize;
use serde::Serialize;
use socket2::Domain;
use socket2::Protocol;
use socket2::Socket;
use socket2::Type;
use std::borrow::Cow;
use std::cell::RefCell;
use std::net::Ipv4Addr;
use std::net::Ipv6Addr;
use std::net::SocketAddr;
use std::rc::Rc;
use std::str::FromStr;
use tokio::net::TcpStream;
use tokio::net::UdpSocket;
#[derive(Serialize, Clone, Debug)]
#[serde(rename_all = "camelCase")]
pub struct TlsHandshakeInfo {
pub alpn_protocol: Option<ByteString>,
}
#[derive(Debug, Deserialize, Serialize)]
pub struct IpAddr {
pub hostname: String,
pub port: u16,
}
impl From<SocketAddr> for IpAddr {
fn from(addr: SocketAddr) -> Self {
Self {
hostname: addr.ip().to_string(),
port: addr.port(),
}
}
}
#[derive(Debug, thiserror::Error)]
pub enum NetError {
#[error("Listener has been closed")]
ListenerClosed,
#[error("Listener already in use")]
ListenerBusy,
#[error("Socket has been closed")]
SocketClosed,
#[error("Socket has been closed")]
SocketClosedNotConnected,
#[error("Socket already in use")]
SocketBusy,
#[error("{0}")]
Io(#[from] std::io::Error),
#[error("Another accept task is ongoing")]
AcceptTaskOngoing,
#[error(transparent)]
Permission(#[from] deno_permissions::PermissionCheckError),
#[error("{0}")]
Resource(deno_core::error::AnyError),
#[error("No resolved address found")]
NoResolvedAddress,
#[error("{0}")]
AddrParse(#[from] std::net::AddrParseError),
#[error("{0}")]
Map(crate::io::MapError),
#[error("{0}")]
Canceled(#[from] deno_core::Canceled),
#[error("{0}")]
DnsNotFound(ResolveError),
#[error("{0}")]
DnsNotConnected(ResolveError),
#[error("{0}")]
DnsTimedOut(ResolveError),
#[error("{0}")]
Dns(#[from] ResolveError),
#[error("Provided record type is not supported")]
UnsupportedRecordType,
#[error("File name or path {0:?} is not valid UTF-8")]
InvalidUtf8(std::ffi::OsString),
#[error("unexpected key type")]
UnexpectedKeyType,
#[error("Invalid hostname: '{0}'")]
InvalidHostname(String), // TypeError
#[error("TCP stream is currently in use")]
TcpStreamBusy,
#[error("{0}")]
Rustls(#[from] deno_tls::rustls::Error),
#[error("{0}")]
Tls(#[from] deno_tls::TlsError),
#[error("Error creating TLS certificate: Deno.listenTls requires a key")]
ListenTlsRequiresKey, // InvalidData
#[error("{0}")]
RootCertStore(deno_core::anyhow::Error),
#[error("{0}")]
Reunite(tokio::net::tcp::ReuniteError),
}
pub(crate) fn accept_err(e: std::io::Error) -> NetError {
if let std::io::ErrorKind::Interrupted = e.kind() {
NetError::ListenerClosed
} else {
NetError::Io(e)
}
}
#[op2(async)]
#[serde]
pub async fn op_net_accept_tcp(
state: Rc<RefCell<OpState>>,
#[smi] rid: ResourceId,
) -> Result<(ResourceId, IpAddr, IpAddr), NetError> {
let resource = state
.borrow()
.resource_table
.get::<NetworkListenerResource<TcpListener>>(rid)
.map_err(|_| NetError::ListenerClosed)?;
let listener = RcRef::map(&resource, |r| &r.listener)
.try_borrow_mut()
.ok_or_else(|| NetError::AcceptTaskOngoing)?;
let cancel = RcRef::map(resource, |r| &r.cancel);
let (tcp_stream, _socket_addr) = listener
.accept()
.try_or_cancel(cancel)
.await
.map_err(accept_err)?;
let local_addr = tcp_stream.local_addr()?;
let remote_addr = tcp_stream.peer_addr()?;
let mut state = state.borrow_mut();
let rid = state
.resource_table
.add(TcpStreamResource::new(tcp_stream.into_split()));
Ok((rid, IpAddr::from(local_addr), IpAddr::from(remote_addr)))
}
#[op2(async)]
#[serde]
pub async fn op_net_recv_udp(
state: Rc<RefCell<OpState>>,
#[smi] rid: ResourceId,
#[buffer] mut buf: JsBuffer,
) -> Result<(usize, IpAddr), NetError> {
let resource = state
.borrow_mut()
.resource_table
.get::<UdpSocketResource>(rid)
.map_err(|_| NetError::SocketClosed)?;
let socket = RcRef::map(&resource, |r| &r.socket).borrow().await;
let cancel_handle = RcRef::map(&resource, |r| &r.cancel);
let (nread, remote_addr) = socket
.recv_from(&mut buf)
.try_or_cancel(cancel_handle)
.await?;
Ok((nread, IpAddr::from(remote_addr)))
}
#[op2(async, stack_trace)]
#[number]
pub async fn op_net_send_udp<NP>(
state: Rc<RefCell<OpState>>,
#[smi] rid: ResourceId,
#[serde] addr: IpAddr,
#[buffer] zero_copy: JsBuffer,
) -> Result<usize, NetError>
where
NP: NetPermissions + 'static,
{
{
let mut s = state.borrow_mut();
s.borrow_mut::<NP>().check_net(
&(&addr.hostname, Some(addr.port)),
"Deno.DatagramConn.send()",
)?;
}
let addr = resolve_addr(&addr.hostname, addr.port)
.await?
.next()
.ok_or(NetError::NoResolvedAddress)?;
let resource = state
.borrow_mut()
.resource_table
.get::<UdpSocketResource>(rid)
.map_err(|_| NetError::SocketClosed)?;
let socket = RcRef::map(&resource, |r| &r.socket).borrow().await;
let nwritten = socket.send_to(&zero_copy, &addr).await?;
Ok(nwritten)
}
#[op2(async)]
pub async fn op_net_join_multi_v4_udp(
state: Rc<RefCell<OpState>>,
#[smi] rid: ResourceId,
#[string] address: String,
#[string] multi_interface: String,
) -> Result<(), NetError> {
let resource = state
.borrow_mut()
.resource_table
.get::<UdpSocketResource>(rid)
.map_err(|_| NetError::SocketClosed)?;
let socket = RcRef::map(&resource, |r| &r.socket).borrow().await;
let addr = Ipv4Addr::from_str(address.as_str())?;
let interface_addr = Ipv4Addr::from_str(multi_interface.as_str())?;
socket.join_multicast_v4(addr, interface_addr)?;
Ok(())
}
#[op2(async)]
pub async fn op_net_join_multi_v6_udp(
state: Rc<RefCell<OpState>>,
#[smi] rid: ResourceId,
#[string] address: String,
#[smi] multi_interface: u32,
) -> Result<(), NetError> {
let resource = state
.borrow_mut()
.resource_table
.get::<UdpSocketResource>(rid)
.map_err(|_| NetError::SocketClosed)?;
let socket = RcRef::map(&resource, |r| &r.socket).borrow().await;
let addr = Ipv6Addr::from_str(address.as_str())?;
socket.join_multicast_v6(&addr, multi_interface)?;
Ok(())
}
#[op2(async)]
pub async fn op_net_leave_multi_v4_udp(
state: Rc<RefCell<OpState>>,
#[smi] rid: ResourceId,
#[string] address: String,
#[string] multi_interface: String,
) -> Result<(), NetError> {
let resource = state
.borrow_mut()
.resource_table
.get::<UdpSocketResource>(rid)
.map_err(|_| NetError::SocketClosed)?;
let socket = RcRef::map(&resource, |r| &r.socket).borrow().await;
let addr = Ipv4Addr::from_str(address.as_str())?;
let interface_addr = Ipv4Addr::from_str(multi_interface.as_str())?;
socket.leave_multicast_v4(addr, interface_addr)?;
Ok(())
}
#[op2(async)]
pub async fn op_net_leave_multi_v6_udp(
state: Rc<RefCell<OpState>>,
#[smi] rid: ResourceId,
#[string] address: String,
#[smi] multi_interface: u32,
) -> Result<(), NetError> {
let resource = state
.borrow_mut()
.resource_table
.get::<UdpSocketResource>(rid)
.map_err(|_| NetError::SocketClosed)?;
let socket = RcRef::map(&resource, |r| &r.socket).borrow().await;
let addr = Ipv6Addr::from_str(address.as_str())?;
socket.leave_multicast_v6(&addr, multi_interface)?;
Ok(())
}
#[op2(async)]
pub async fn op_net_set_multi_loopback_udp(
state: Rc<RefCell<OpState>>,
#[smi] rid: ResourceId,
is_v4_membership: bool,
loopback: bool,
) -> Result<(), NetError> {
let resource = state
.borrow_mut()
.resource_table
.get::<UdpSocketResource>(rid)
.map_err(|_| NetError::SocketClosed)?;
let socket = RcRef::map(&resource, |r| &r.socket).borrow().await;
if is_v4_membership {
socket.set_multicast_loop_v4(loopback)?;
} else {
socket.set_multicast_loop_v6(loopback)?;
}
Ok(())
}
#[op2(async)]
pub async fn op_net_set_multi_ttl_udp(
state: Rc<RefCell<OpState>>,
#[smi] rid: ResourceId,
#[smi] ttl: u32,
) -> Result<(), NetError> {
let resource = state
.borrow_mut()
.resource_table
.get::<UdpSocketResource>(rid)
.map_err(|_| NetError::SocketClosed)?;
let socket = RcRef::map(&resource, |r| &r.socket).borrow().await;
socket.set_multicast_ttl_v4(ttl)?;
Ok(())
}
#[op2(async, stack_trace)]
#[serde]
pub async fn op_net_connect_tcp<NP>(
state: Rc<RefCell<OpState>>,
#[serde] addr: IpAddr,
) -> Result<(ResourceId, IpAddr, IpAddr), NetError>
where
NP: NetPermissions + 'static,
{
op_net_connect_tcp_inner::<NP>(state, addr).await
}
#[inline]
pub async fn op_net_connect_tcp_inner<NP>(
state: Rc<RefCell<OpState>>,
addr: IpAddr,
) -> Result<(ResourceId, IpAddr, IpAddr), NetError>
where
NP: NetPermissions + 'static,
{
{
let mut state_ = state.borrow_mut();
state_
.borrow_mut::<NP>()
.check_net(&(&addr.hostname, Some(addr.port)), "Deno.connect()")?;
}
let addr = resolve_addr(&addr.hostname, addr.port)
.await?
.next()
.ok_or_else(|| NetError::NoResolvedAddress)?;
let tcp_stream = TcpStream::connect(&addr).await?;
let local_addr = tcp_stream.local_addr()?;
let remote_addr = tcp_stream.peer_addr()?;
let mut state_ = state.borrow_mut();
let rid = state_
.resource_table
.add(TcpStreamResource::new(tcp_stream.into_split()));
Ok((rid, IpAddr::from(local_addr), IpAddr::from(remote_addr)))
}
struct UdpSocketResource {
socket: AsyncRefCell<UdpSocket>,
cancel: CancelHandle,
}
impl Resource for UdpSocketResource {
fn name(&self) -> Cow<str> {
"udpSocket".into()
}
fn close(self: Rc<Self>) {
self.cancel.cancel()
}
}
#[op2(stack_trace)]
#[serde]
pub fn op_net_listen_tcp<NP>(
state: &mut OpState,
#[serde] addr: IpAddr,
reuse_port: bool,
load_balanced: bool,
) -> Result<(ResourceId, IpAddr), NetError>
where
NP: NetPermissions + 'static,
{
if reuse_port {
super::check_unstable(state, "Deno.listen({ reusePort: true })");
}
state
.borrow_mut::<NP>()
.check_net(&(&addr.hostname, Some(addr.port)), "Deno.listen()")?;
let addr = resolve_addr_sync(&addr.hostname, addr.port)?
.next()
.ok_or_else(|| NetError::NoResolvedAddress)?;
let listener = if load_balanced {
TcpListener::bind_load_balanced(addr)
} else {
TcpListener::bind_direct(addr, reuse_port)
}?;
let local_addr = listener.local_addr()?;
let listener_resource = NetworkListenerResource::new(listener);
let rid = state.resource_table.add(listener_resource);
Ok((rid, IpAddr::from(local_addr)))
}
fn net_listen_udp<NP>(
state: &mut OpState,
addr: IpAddr,
reuse_address: bool,
loopback: bool,
) -> Result<(ResourceId, IpAddr), NetError>
where
NP: NetPermissions + 'static,
{
state
.borrow_mut::<NP>()
.check_net(&(&addr.hostname, Some(addr.port)), "Deno.listenDatagram()")?;
let addr = resolve_addr_sync(&addr.hostname, addr.port)?
.next()
.ok_or_else(|| NetError::NoResolvedAddress)?;
let domain = if addr.is_ipv4() {
Domain::IPV4
} else {
Domain::IPV6
};
let socket_tmp = Socket::new(domain, Type::DGRAM, Some(Protocol::UDP))?;
if reuse_address {
// This logic is taken from libuv:
//
// On the BSDs, SO_REUSEPORT implies SO_REUSEADDR but with some additional
// refinements for programs that use multicast.
//
// Linux as of 3.9 has a SO_REUSEPORT socket option but with semantics that
// are different from the BSDs: it _shares_ the port rather than steal it
// from the current listener. While useful, it's not something we can
// emulate on other platforms so we don't enable it.
#[cfg(any(
target_os = "windows",
target_os = "android",
target_os = "linux"
))]
socket_tmp.set_reuse_address(true)?;
#[cfg(all(unix, not(target_os = "linux")))]
socket_tmp.set_reuse_port(true)?;
}
let socket_addr = socket2::SockAddr::from(addr);
socket_tmp.bind(&socket_addr)?;
socket_tmp.set_nonblocking(true)?;
// Enable messages to be sent to the broadcast address (255.255.255.255) by default
socket_tmp.set_broadcast(true)?;
if domain == Domain::IPV4 {
socket_tmp.set_multicast_loop_v4(loopback)?;
} else {
socket_tmp.set_multicast_loop_v6(loopback)?;
}
let std_socket: std::net::UdpSocket = socket_tmp.into();
let socket = UdpSocket::from_std(std_socket)?;
let local_addr = socket.local_addr()?;
let socket_resource = UdpSocketResource {
socket: AsyncRefCell::new(socket),
cancel: Default::default(),
};
let rid = state.resource_table.add(socket_resource);
Ok((rid, IpAddr::from(local_addr)))
}
#[op2(stack_trace)]
#[serde]
pub fn op_net_listen_udp<NP>(
state: &mut OpState,
#[serde] addr: IpAddr,
reuse_address: bool,
loopback: bool,
) -> Result<(ResourceId, IpAddr), NetError>
where
NP: NetPermissions + 'static,
{
super::check_unstable(state, "Deno.listenDatagram");
net_listen_udp::<NP>(state, addr, reuse_address, loopback)
}
#[op2(stack_trace)]
#[serde]
pub fn op_node_unstable_net_listen_udp<NP>(
state: &mut OpState,
#[serde] addr: IpAddr,
reuse_address: bool,
loopback: bool,
) -> Result<(ResourceId, IpAddr), NetError>
where
NP: NetPermissions + 'static,
{
net_listen_udp::<NP>(state, addr, reuse_address, loopback)
}
#[derive(Serialize, Eq, PartialEq, Debug)]
#[serde(untagged)]
pub enum DnsReturnRecord {
A(String),
Aaaa(String),
Aname(String),
Caa {
critical: bool,
tag: String,
value: String,
},
Cname(String),
Mx {
preference: u16,
exchange: String,
},
Naptr {
order: u16,
preference: u16,
flags: String,
services: String,
regexp: String,
replacement: String,
},
Ns(String),
Ptr(String),
Soa {
mname: String,
rname: String,
serial: u32,
refresh: i32,
retry: i32,
expire: i32,
minimum: u32,
},
Srv {
priority: u16,
weight: u16,
port: u16,
target: String,
},
Txt(Vec<String>),
}
#[derive(Deserialize)]
#[serde(rename_all = "camelCase")]
pub struct ResolveAddrArgs {
cancel_rid: Option<ResourceId>,
query: String,
record_type: RecordType,
options: Option<ResolveDnsOption>,
}
#[derive(Deserialize)]
#[serde(rename_all = "camelCase")]
pub struct ResolveDnsOption {
name_server: Option<NameServer>,
}
fn default_port() -> u16 {
53
}
#[derive(Deserialize)]
#[serde(rename_all = "camelCase")]
pub struct NameServer {
ip_addr: String,
#[serde(default = "default_port")]
port: u16,
}
#[op2(async, stack_trace)]
#[serde]
pub async fn op_dns_resolve<NP>(
state: Rc<RefCell<OpState>>,
#[serde] args: ResolveAddrArgs,
) -> Result<Vec<DnsReturnRecord>, NetError>
where
NP: NetPermissions + 'static,
{
let ResolveAddrArgs {
query,
record_type,
options,
cancel_rid,
} = args;
let (config, opts) = if let Some(name_server) =
options.as_ref().and_then(|o| o.name_server.as_ref())
{
let group = NameServerConfigGroup::from_ips_clear(
&[name_server.ip_addr.parse()?],
name_server.port,
true,
);
(
ResolverConfig::from_parts(None, vec![], group),
ResolverOpts::default(),
)
} else {
system_conf::read_system_conf()?
};
{
let mut s = state.borrow_mut();
let perm = s.borrow_mut::<NP>();
// Checks permission against the name servers which will be actually queried.
for ns in config.name_servers() {
let socker_addr = &ns.socket_addr;
let ip = socker_addr.ip().to_string();
let port = socker_addr.port();
perm.check_net(&(ip, Some(port)), "Deno.resolveDns()")?;
}
}
let resolver = AsyncResolver::tokio(config, opts);
let lookup_fut = resolver.lookup(query, record_type);
let cancel_handle = cancel_rid.and_then(|rid| {
state
.borrow_mut()
.resource_table
.get::<CancelHandle>(rid)
.ok()
});
let lookup = if let Some(cancel_handle) = cancel_handle {
let lookup_rv = lookup_fut.or_cancel(cancel_handle).await;
if let Some(cancel_rid) = cancel_rid {
if let Ok(res) = state.borrow_mut().resource_table.take_any(cancel_rid) {
res.close();
}
};
lookup_rv?
} else {
lookup_fut.await
};
lookup
.map_err(|e| match e.kind() {
ResolveErrorKind::NoRecordsFound { .. } => NetError::DnsNotFound(e),
ResolveErrorKind::Message("No connections available") => {
NetError::DnsNotConnected(e)
}
ResolveErrorKind::Timeout => NetError::DnsTimedOut(e),
_ => NetError::Dns(e),
})?
.iter()
.filter_map(|rdata| rdata_to_return_record(record_type)(rdata).transpose())
.collect::<Result<Vec<DnsReturnRecord>, NetError>>()
}
#[op2(fast)]
pub fn op_set_nodelay(
state: &mut OpState,
#[smi] rid: ResourceId,
nodelay: bool,
) -> Result<(), NetError> {
op_set_nodelay_inner(state, rid, nodelay)
}
#[inline]
pub fn op_set_nodelay_inner(
state: &mut OpState,
rid: ResourceId,
nodelay: bool,
) -> Result<(), NetError> {
let resource: Rc<TcpStreamResource> = state
.resource_table
.get::<TcpStreamResource>(rid)
.map_err(NetError::Resource)?;
resource.set_nodelay(nodelay).map_err(NetError::Map)
}
#[op2(fast)]
pub fn op_set_keepalive(
state: &mut OpState,
#[smi] rid: ResourceId,
keepalive: bool,
) -> Result<(), NetError> {
op_set_keepalive_inner(state, rid, keepalive)
}
#[inline]
pub fn op_set_keepalive_inner(
state: &mut OpState,
rid: ResourceId,
keepalive: bool,
) -> Result<(), NetError> {
let resource: Rc<TcpStreamResource> = state
.resource_table
.get::<TcpStreamResource>(rid)
.map_err(NetError::Resource)?;
resource.set_keepalive(keepalive).map_err(NetError::Map)
}
fn rdata_to_return_record(
ty: RecordType,
) -> impl Fn(&RData) -> Result<Option<DnsReturnRecord>, NetError> {
use RecordType::*;
move |r: &RData| -> Result<Option<DnsReturnRecord>, NetError> {
let record = match ty {
A => r.as_a().map(ToString::to_string).map(DnsReturnRecord::A),
AAAA => r
.as_aaaa()
.map(ToString::to_string)
.map(DnsReturnRecord::Aaaa),
ANAME => r
.as_aname()
.map(ToString::to_string)
.map(DnsReturnRecord::Aname),
CAA => r.as_caa().map(|caa| DnsReturnRecord::Caa {
critical: caa.issuer_critical(),
tag: caa.tag().to_string(),
value: match caa.value() {
Value::Issuer(name, key_values) => {
let mut s = String::new();
if let Some(name) = name {
s.push_str(&name.to_string());
} else if name.is_none() && key_values.is_empty() {
s.push(';');
}
for key_value in key_values {
s.push_str("; ");
s.push_str(&key_value.to_string());
}
s
}
Value::Url(url) => url.to_string(),
Value::Unknown(data) => String::from_utf8(data.to_vec()).unwrap(),
},
}),
CNAME => r
.as_cname()
.map(ToString::to_string)
.map(DnsReturnRecord::Cname),
MX => r.as_mx().map(|mx| DnsReturnRecord::Mx {
preference: mx.preference(),
exchange: mx.exchange().to_string(),
}),
NAPTR => r.as_naptr().map(|naptr| DnsReturnRecord::Naptr {
order: naptr.order(),
preference: naptr.preference(),
flags: String::from_utf8(naptr.flags().to_vec()).unwrap(),
services: String::from_utf8(naptr.services().to_vec()).unwrap(),
regexp: String::from_utf8(naptr.regexp().to_vec()).unwrap(),
replacement: naptr.replacement().to_string(),
}),
NS => r.as_ns().map(ToString::to_string).map(DnsReturnRecord::Ns),
PTR => r
.as_ptr()
.map(ToString::to_string)
.map(DnsReturnRecord::Ptr),
SOA => r.as_soa().map(|soa| DnsReturnRecord::Soa {
mname: soa.mname().to_string(),
rname: soa.rname().to_string(),
serial: soa.serial(),
refresh: soa.refresh(),
retry: soa.retry(),
expire: soa.expire(),
minimum: soa.minimum(),
}),
SRV => r.as_srv().map(|srv| DnsReturnRecord::Srv {
priority: srv.priority(),
weight: srv.weight(),
port: srv.port(),
target: srv.target().to_string(),
}),
TXT => r.as_txt().map(|txt| {
let texts: Vec<String> = txt
.iter()
.map(|bytes| {
// Tries to parse these bytes as Latin-1
bytes.iter().map(|&b| b as char).collect::<String>()
})
.collect();
DnsReturnRecord::Txt(texts)
}),
_ => return Err(NetError::UnsupportedRecordType),
};
Ok(record)
}
}
#[cfg(test)]
mod tests {
use super::*;
use deno_core::futures::FutureExt;
use deno_core::JsRuntime;
use deno_core::RuntimeOptions;
use deno_permissions::PermissionCheckError;
use hickory_proto::rr::rdata::a::A;
use hickory_proto::rr::rdata::aaaa::AAAA;
use hickory_proto::rr::rdata::caa::KeyValue;
use hickory_proto::rr::rdata::caa::CAA;
use hickory_proto::rr::rdata::mx::MX;
use hickory_proto::rr::rdata::name::ANAME;
use hickory_proto::rr::rdata::name::CNAME;
use hickory_proto::rr::rdata::name::NS;
use hickory_proto::rr::rdata::name::PTR;
use hickory_proto::rr::rdata::naptr::NAPTR;
use hickory_proto::rr::rdata::srv::SRV;
use hickory_proto::rr::rdata::txt::TXT;
use hickory_proto::rr::rdata::SOA;
use hickory_proto::rr::record_data::RData;
use hickory_proto::rr::Name;
use socket2::SockRef;
use std::net::Ipv4Addr;
use std::net::Ipv6Addr;
use std::net::ToSocketAddrs;
use std::path::Path;
use std::path::PathBuf;
use std::sync::Arc;
use std::sync::Mutex;
#[test]
fn rdata_to_return_record_a() {
let func = rdata_to_return_record(RecordType::A);
let rdata = RData::A(A(Ipv4Addr::new(127, 0, 0, 1)));
assert_eq!(
func(&rdata).unwrap(),
Some(DnsReturnRecord::A("127.0.0.1".to_string()))
);
}
#[test]
fn rdata_to_return_record_aaaa() {
let func = rdata_to_return_record(RecordType::AAAA);
let rdata = RData::AAAA(AAAA(Ipv6Addr::new(0, 0, 0, 0, 0, 0, 0, 1)));
assert_eq!(
func(&rdata).unwrap(),
Some(DnsReturnRecord::Aaaa("::1".to_string()))
);
}
#[test]
fn rdata_to_return_record_aname() {
let func = rdata_to_return_record(RecordType::ANAME);
let rdata = RData::ANAME(ANAME(Name::new()));
assert_eq!(
func(&rdata).unwrap(),
Some(DnsReturnRecord::Aname("".to_string()))
);
}
#[test]
fn rdata_to_return_record_caa() {
let func = rdata_to_return_record(RecordType::CAA);
let rdata = RData::CAA(CAA::new_issue(
false,
Some(Name::parse("example.com", None).unwrap()),
vec![KeyValue::new("account", "123456")],
));
assert_eq!(
func(&rdata).unwrap(),
Some(DnsReturnRecord::Caa {
critical: false,
tag: "issue".to_string(),
value: "example.com; account=123456".to_string(),
})
);
}
#[test]
fn rdata_to_return_record_cname() {
let func = rdata_to_return_record(RecordType::CNAME);
let rdata = RData::CNAME(CNAME(Name::new()));
assert_eq!(
func(&rdata).unwrap(),
Some(DnsReturnRecord::Cname("".to_string()))
);
}
#[test]
fn rdata_to_return_record_mx() {
let func = rdata_to_return_record(RecordType::MX);
let rdata = RData::MX(MX::new(10, Name::new()));
assert_eq!(
func(&rdata).unwrap(),
Some(DnsReturnRecord::Mx {
preference: 10,
exchange: "".to_string()
})
);
}
#[test]
fn rdata_to_return_record_naptr() {
let func = rdata_to_return_record(RecordType::NAPTR);
let rdata = RData::NAPTR(NAPTR::new(
1,
2,
<Box<[u8]>>::default(),
<Box<[u8]>>::default(),
<Box<[u8]>>::default(),
Name::new(),
));
assert_eq!(
func(&rdata).unwrap(),
Some(DnsReturnRecord::Naptr {
order: 1,
preference: 2,
flags: "".to_string(),
services: "".to_string(),
regexp: "".to_string(),
replacement: "".to_string()
})
);
}
#[test]
fn rdata_to_return_record_ns() {
let func = rdata_to_return_record(RecordType::NS);
let rdata = RData::NS(NS(Name::new()));
assert_eq!(
func(&rdata).unwrap(),
Some(DnsReturnRecord::Ns("".to_string()))
);
}
#[test]
fn rdata_to_return_record_ptr() {
let func = rdata_to_return_record(RecordType::PTR);
let rdata = RData::PTR(PTR(Name::new()));
assert_eq!(
func(&rdata).unwrap(),
Some(DnsReturnRecord::Ptr("".to_string()))
);
}
#[test]
fn rdata_to_return_record_soa() {
let func = rdata_to_return_record(RecordType::SOA);
let rdata = RData::SOA(SOA::new(
Name::new(),
Name::new(),
0,
i32::MAX,
i32::MAX,
i32::MAX,
0,
));
assert_eq!(
func(&rdata).unwrap(),
Some(DnsReturnRecord::Soa {
mname: "".to_string(),
rname: "".to_string(),
serial: 0,
refresh: i32::MAX,
retry: i32::MAX,
expire: i32::MAX,
minimum: 0,
})
);
}
#[test]
fn rdata_to_return_record_srv() {
let func = rdata_to_return_record(RecordType::SRV);
let rdata = RData::SRV(SRV::new(1, 2, 3, Name::new()));
assert_eq!(
func(&rdata).unwrap(),
Some(DnsReturnRecord::Srv {
priority: 1,
weight: 2,
port: 3,
target: "".to_string()
})
);
}
#[test]
fn rdata_to_return_record_txt() {
let func = rdata_to_return_record(RecordType::TXT);
let rdata = RData::TXT(TXT::from_bytes(vec![
"foo".as_bytes(),
"bar".as_bytes(),
&[0xa3], // "£" in Latin-1
&[0xe3, 0x81, 0x82], // "あ" in UTF-8
]));
assert_eq!(
func(&rdata).unwrap(),
Some(DnsReturnRecord::Txt(vec![
"foo".to_string(),
"bar".to_string(),
"£".to_string(),
"ã\u{81}\u{82}".to_string(),
]))
);
}
struct TestPermission {}
impl NetPermissions for TestPermission {
fn check_net<T: AsRef<str>>(
&mut self,
_host: &(T, Option<u16>),
_api_name: &str,
) -> Result<(), PermissionCheckError> {
Ok(())
}
fn check_read(
&mut self,
p: &str,
_api_name: &str,
) -> Result<PathBuf, PermissionCheckError> {
Ok(PathBuf::from(p))
}
fn check_write(
&mut self,
p: &str,
_api_name: &str,
) -> Result<PathBuf, PermissionCheckError> {
Ok(PathBuf::from(p))
}
fn check_write_path<'a>(
&mut self,
p: &'a Path,
_api_name: &str,
) -> Result<Cow<'a, Path>, PermissionCheckError> {
Ok(Cow::Borrowed(p))
}
}
#[tokio::test(flavor = "multi_thread", worker_threads = 1)]
async fn tcp_set_no_delay() {
let set_nodelay = Box::new(|state: &mut OpState, rid| {
op_set_nodelay_inner(state, rid, true).unwrap();
});
let test_fn = Box::new(|socket: SockRef| {
assert!(socket.nodelay().unwrap());
assert!(!socket.keepalive().unwrap());
});
check_sockopt(String::from("127.0.0.1:4145"), set_nodelay, test_fn).await;
}
#[tokio::test(flavor = "multi_thread", worker_threads = 1)]
async fn tcp_set_keepalive() {
let set_keepalive = Box::new(|state: &mut OpState, rid| {
op_set_keepalive_inner(state, rid, true).unwrap();
});
let test_fn = Box::new(|socket: SockRef| {
assert!(!socket.nodelay().unwrap());
assert!(socket.keepalive().unwrap());
});
check_sockopt(String::from("127.0.0.1:4146"), set_keepalive, test_fn).await;
}
#[allow(clippy::type_complexity)]
async fn check_sockopt(
addr: String,
set_sockopt_fn: Box<dyn Fn(&mut OpState, u32)>,
test_fn: Box<dyn FnOnce(SockRef)>,
) {
let sockets = Arc::new(Mutex::new(vec![]));
let clone_addr = addr.clone();
let addr = addr.to_socket_addrs().unwrap().next().unwrap();
let listener = TcpListener::bind_direct(addr, false).unwrap();
let accept_fut = listener.accept().boxed_local();
let store_fut = async move {
let socket = accept_fut.await.unwrap();
sockets.lock().unwrap().push(socket);
}
.boxed_local();
deno_core::extension!(
test_ext,
state = |state| {
state.put(TestPermission {});
}
);
let mut runtime = JsRuntime::new(RuntimeOptions {
extensions: vec![test_ext::init_ops()],
feature_checker: Some(Arc::new(Default::default())),
..Default::default()
});
let conn_state = runtime.op_state();
let server_addr: Vec<&str> = clone_addr.split(':').collect();
let ip_addr = IpAddr {
hostname: String::from(server_addr[0]),
port: server_addr[1].parse().unwrap(),
};
let mut connect_fut =
op_net_connect_tcp_inner::<TestPermission>(conn_state, ip_addr)
.boxed_local();
let mut rid = None;
tokio::select! {
_ = store_fut => {
let result = connect_fut.await;
let vals = result.unwrap();
rid = rid.or(Some(vals.0));
},
result = &mut connect_fut => {
let vals = result.unwrap();
rid = rid.or(Some(vals.0));
}
}
let rid = rid.unwrap();
let state = runtime.op_state();
set_sockopt_fn(&mut state.borrow_mut(), rid);
let resource = state
.borrow_mut()
.resource_table
.get::<TcpStreamResource>(rid)
.unwrap();
let wr = resource.wr_borrow_mut().await;
let stream = wr.as_ref().as_ref();
let socket = socket2::SockRef::from(stream);
test_fn(socket);
}
}