foster/denoland-deno
1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2025-01-07 14:48:14 -05:00
Code Issues Packages 1 Wiki Activity
denoland-deno/ext/net/lib.rs
snek 65b647909d
feat(unstable): Implement QUIC (#21942) 
Implements a QUIC interface, loosely based on the WebTransport API (a
future change could add the WebTransport API, built on top of this one).

[quinn](https://docs.rs/quinn/latest/quinn/) is used for the underlying
QUIC implementation, for a few reasons:
- A cloneable "handle" api which fits quite nicely into deno resources.
- Good collaboration with the rust ecosystem, especially rustls.
- I like it.

<!--
Before submitting a PR, please read https://deno.com/manual/contributing

1. Give the PR a descriptive title.

  Examples of good title:
    - fix(std/http): Fix race condition in server
    - docs(console): Update docstrings
    - feat(doc): Handle nested reexports

  Examples of bad title:
    - fix #7123
    - update docs
    - fix bugs

2. Ensure there is a related issue and it is referenced in the PR text.
3. Ensure there are tests that cover the changes.
4. Ensure `cargo test` passes.
5. Ensure `./tools/format.js` passes without changing files.
6. Ensure `./tools/lint.js` passes.
7. Open as a draft PR if your work is still in progress. The CI won't
run
   all steps, but you can add '[ci]' to a commit message to force it to.
8. If you would like to run the benchmarks on the CI, add the 'ci-bench'
label.
-->
2024-12-20 13:48:48 +01:00

246 lines
7 KiB
Rust
Raw Blame History

// Copyright 2018-2024 the Deno authors. All rights reserved. MIT license.
pub mod io;
pub mod ops;
pub mod ops_tls;
#[cfg(unix)]
pub mod ops_unix;
mod quic;
pub mod raw;
pub mod resolve_addr;
pub mod tcp;
use deno_core::error::AnyError;
use deno_core::OpState;
use deno_permissions::PermissionCheckError;
use deno_tls::rustls::RootCertStore;
use deno_tls::RootCertStoreProvider;
use std::borrow::Cow;
use std::path::Path;
use std::path::PathBuf;
use std::sync::Arc;
pub const UNSTABLE_FEATURE_NAME: &str = "net";
pub trait NetPermissions {
fn check_net<T: AsRef<str>>(
&mut self,
host: &(T, Option<u16>),
api_name: &str,
) -> Result<(), PermissionCheckError>;
#[must_use = "the resolved return value to mitigate time-of-check to time-of-use issues"]
fn check_read(
&mut self,
p: &str,
api_name: &str,
) -> Result<PathBuf, PermissionCheckError>;
#[must_use = "the resolved return value to mitigate time-of-check to time-of-use issues"]
fn check_write(
&mut self,
p: &str,
api_name: &str,
) -> Result<PathBuf, PermissionCheckError>;
#[must_use = "the resolved return value to mitigate time-of-check to time-of-use issues"]
fn check_write_path<'a>(
&mut self,
p: &'a Path,
api_name: &str,
) -> Result<Cow<'a, Path>, PermissionCheckError>;
}
impl NetPermissions for deno_permissions::PermissionsContainer {
#[inline(always)]
fn check_net<T: AsRef<str>>(
&mut self,
host: &(T, Option<u16>),
api_name: &str,
) -> Result<(), PermissionCheckError> {
deno_permissions::PermissionsContainer::check_net(self, host, api_name)
}
#[inline(always)]
fn check_read(
&mut self,
path: &str,
api_name: &str,
) -> Result<PathBuf, PermissionCheckError> {
deno_permissions::PermissionsContainer::check_read(self, path, api_name)
}
#[inline(always)]
fn check_write(
&mut self,
path: &str,
api_name: &str,
) -> Result<PathBuf, PermissionCheckError> {
deno_permissions::PermissionsContainer::check_write(self, path, api_name)
}
#[inline(always)]
fn check_write_path<'a>(
&mut self,
path: &'a Path,
api_name: &str,
) -> Result<Cow<'a, Path>, PermissionCheckError> {
deno_permissions::PermissionsContainer::check_write_path(
self, path, api_name,
)
}
}
/// Helper for checking unstable features. Used for sync ops.
fn check_unstable(state: &OpState, api_name: &str) {
state
.feature_checker
.check_or_exit(UNSTABLE_FEATURE_NAME, api_name);
}
pub fn get_declaration() -> PathBuf {
PathBuf::from(env!("CARGO_MANIFEST_DIR")).join("lib.deno_net.d.ts")
}
#[derive(Clone)]
pub struct DefaultTlsOptions {
pub root_cert_store_provider: Option<Arc<dyn RootCertStoreProvider>>,
}
impl DefaultTlsOptions {
pub fn root_cert_store(&self) -> Result<Option<RootCertStore>, AnyError> {
Ok(match &self.root_cert_store_provider {
Some(provider) => Some(provider.get_or_try_init()?.clone()),
None => None,
})
}
}
/// `UnsafelyIgnoreCertificateErrors` is a wrapper struct so it can be placed inside `GothamState`;
/// using type alias for a `Option<Vec<String>>` could work, but there's a high chance
/// that there might be another type alias pointing to a `Option<Vec<String>>`, which
/// would override previously used alias.
pub struct UnsafelyIgnoreCertificateErrors(pub Option<Vec<String>>);
deno_core::extension!(deno_net,
deps = [ deno_web ],
parameters = [ P: NetPermissions ],
ops = [
ops::op_net_accept_tcp,
ops::op_net_connect_tcp<P>,
ops::op_net_listen_tcp<P>,
ops::op_net_listen_udp<P>,
ops::op_node_unstable_net_listen_udp<P>,
ops::op_net_recv_udp,
ops::op_net_send_udp<P>,
ops::op_net_join_multi_v4_udp,
ops::op_net_join_multi_v6_udp,
ops::op_net_leave_multi_v4_udp,
ops::op_net_leave_multi_v6_udp,
ops::op_net_set_multi_loopback_udp,
ops::op_net_set_multi_ttl_udp,
ops::op_dns_resolve<P>,
ops::op_set_nodelay,
ops::op_set_keepalive,
ops_tls::op_tls_key_null,
ops_tls::op_tls_key_static,
ops_tls::op_tls_cert_resolver_create,
ops_tls::op_tls_cert_resolver_poll,
ops_tls::op_tls_cert_resolver_resolve,
ops_tls::op_tls_cert_resolver_resolve_error,
ops_tls::op_tls_start<P>,
ops_tls::op_net_connect_tls<P>,
ops_tls::op_net_listen_tls<P>,
ops_tls::op_net_accept_tls,
ops_tls::op_tls_handshake,
ops_unix::op_net_accept_unix,
ops_unix::op_net_connect_unix<P>,
ops_unix::op_net_listen_unix<P>,
ops_unix::op_net_listen_unixpacket<P>,
ops_unix::op_node_unstable_net_listen_unixpacket<P>,
ops_unix::op_net_recv_unixpacket,
ops_unix::op_net_send_unixpacket<P>,
quic::op_quic_accept,
quic::op_quic_accept_bi,
quic::op_quic_accept_incoming,
quic::op_quic_accept_uni,
quic::op_quic_close_connection,
quic::op_quic_close_endpoint,
quic::op_quic_connection_closed,
quic::op_quic_connection_get_protocol,
quic::op_quic_connection_get_remote_addr,
quic::op_quic_connect<P>,
quic::op_quic_endpoint_get_addr,
quic::op_quic_get_send_stream_priority,
quic::op_quic_incoming_accept,
quic::op_quic_incoming_refuse,
quic::op_quic_incoming_ignore,
quic::op_quic_incoming_local_ip,
quic::op_quic_incoming_remote_addr,
quic::op_quic_incoming_remote_addr_validated,
quic::op_quic_listen<P>,
quic::op_quic_max_datagram_size,
quic::op_quic_open_bi,
quic::op_quic_open_uni,
quic::op_quic_read_datagram,
quic::op_quic_send_datagram,
quic::op_quic_set_send_stream_priority,
],
esm = [ "01_net.js", "02_tls.js", "03_quic.js" ],
options = {
root_cert_store_provider: Option<Arc<dyn RootCertStoreProvider>>,
unsafely_ignore_certificate_errors: Option<Vec<String>>,
},
state = |state, options| {
state.put(DefaultTlsOptions {
root_cert_store_provider: options.root_cert_store_provider,
});
state.put(UnsafelyIgnoreCertificateErrors(
options.unsafely_ignore_certificate_errors,
));
},
);
/// Stub ops for non-unix platforms.
#[cfg(not(unix))]
mod ops_unix {
use crate::NetPermissions;
use deno_core::op2;
macro_rules! stub_op {
($name:ident) => {
#[op2(fast)]
pub fn $name() -> Result<(), std::io::Error> {
let error_msg = format!(
"Operation `{:?}` not supported on non-unix platforms.",
stringify!($name)
);
Err(std::io::Error::new(
std::io::ErrorKind::Unsupported,
error_msg,
))
}
};
($name:ident<P>) => {
#[op2(fast)]
pub fn $name<P: NetPermissions>() -> Result<(), std::io::Error> {
let error_msg = format!(
"Operation `{:?}` not supported on non-unix platforms.",
stringify!($name)
);
Err(std::io::Error::new(
std::io::ErrorKind::Unsupported,
error_msg,
))
}
};
}
stub_op!(op_net_accept_unix);
stub_op!(op_net_connect_unix<P>);
stub_op!(op_net_listen_unix<P>);
stub_op!(op_net_listen_unixpacket<P>);
stub_op!(op_node_unstable_net_listen_unixpacket<P>);
stub_op!(op_net_recv_unixpacket);
stub_op!(op_net_send_unixpacket<P>);
}
View git blame Copy permalink