When reading a value into an enum from getsockopt, we must validate it.
Failing to do so can lead to UB for example with SOCK_PACKET on Linux.
Perform the validation in GetSockOpt::get. Currently SockType is the
only type that requires validation.
Fixes#1819
1857: Add better support for unnamed unix socket addrs r=asomers a=stevenengler
This adds the following 2 functions/methods: `UnixAddr::new_unnamed` and `UnixAddr::is_unnamed`.
Closes#1585
unix(7) on Linux:
> unnamed: A stream socket that has not been bound to a pathname using bind(2) has no name. Likewise, the two sockets created by socketpair(2) are unnamed. When the address of an unnamed socket is returned, its length is `sizeof(sa_family_t)`, and `sun_path` should not be inspected.
**Edit:** This currently isn't working on BSD, but I see why. Will fix it shortly.
Co-authored-by: Steven Engler <opara@cs.georgetown.edu>
1853: Adds IP_TOS, IPV6_TCLASS and SO_PRIORITY sockopt wrappers for Linux r=asomers a=mzachar
Added socket option wrappers for DiffServ related parameters on Linux
Co-authored-by: mzachar <mzachar@users.noreply.github.com>
New implementation performs no allocations after all the necessary
structures are created, removes potentially unsound code that
was used by the old version (see below) and adds a bit more
documentation about bugs in how timeout is actually handled
```
let timeout = if let Some(mut t) = timeout {
t.as_mut() as *mut libc::timespec
} else {
ptr::null_mut()
};
```
Clippy is now smarter about detecting unnecessary casts and
useless conversions, which means we need to be more explicit
about when the conversions are needed for a subset of platforms.
Required changes found by repeatedly running the following command
against a list of the supported platforms.
`xargs -t -I {} sh -c "cargo clippy -Zbuild-std --target {} --all-targets -- -D warnings || exit 255"`
I removed the casts it complained about, and then restored them
with an `#[allow]` if a later target needed the cast.
1776: Add support for the IP_SENDSRCADDR control message r=rtzoeller a=matttpt
This control message is available on FreeBSD, NetBSD, and OpenBSD. When used with `sendmsg`, it sets the IPv4 source address. This adds support through a new `ControlMessage::Ipv4SendSrcAddr` variant that complements `ControlMessageOwned::Ipv4RecvDstAddr`.
A few notes:
* `IP_SENDSRCADDR` is actually just an alias for `IP_RECVDSTADDR` (though the code doesn't depend on this).
* On NetBSD, `IP_PKTINFO` can be used to accomplish the same thing and is already supported by nix. On FreeBSD and OpenBSD, though, `IP_SENDSRCADDR` is the only method I'm aware of.
* The accompanying test binds a UDP socket to all local interfaces (0.0.0.0). If this is not acceptable, please let me know; however, FreeBSD requires this to use `IP_SENDSRCADDR`.
I'll add a change-log entry once I see the PR number.
Thanks!
Co-authored-by: Matthew Ingwersen <matttpt@gmail.com>
This control message (actually just an alias for IP_RECVDSTADDR) sets
the IPv4 source address when used with sendmsg. It is available on
FreeBSD, NetBSD, OpenBSD, and DragonFlyBSD.
1739: ppoll: make sigmask parameter optional r=rtzoeller a=stefano-garzarella
ppoll(2) supports 'sigmask' as NULL. In that case no signal mask
manipulation is performed.
Let's make `sigmask` parameter of `nix::poll::ppoll` optional
to allow that behaviour.
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
Co-authored-by: Stefano Garzarella <sgarzare@redhat.com>
ppoll(2) supports 'sigmask' as NULL. In that case no signal mask
manipulation is performed.
Let's make `sigmask` parameter of `nix::poll::ppoll` optional
to allow that behaviour.
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
1735: Cleanup cfg blocks r=asomers a=rtzoeller
Remove obsolete references to target_env = wasi, target_os = nacl, target_os = osx, and a typo'd target_os = fushsia that didn't compile when fixed.
- target_env = wasi is dead: https://github.com/rust-lang/rust/pull/60117
- target_os = nacl is dead: https://github.com/rust-lang/rust/pull/45041
- target_os = osx is dead, but I can't find a link.
Found while exploring `--check-cfg`, as mentioned in #1734.
Co-authored-by: Ryan Zoeller <rtzoeller@rtzoeller.com>
It has never actually executed its command, so the only reason that it
ever worked is that on most systems there are usually processes starting
and exiting all the time.
The existing AIO implementation has some problems:
1) The in_progress field is checked at runtime, not compile time.
2) The mutable field is checked at runtime, not compile time.
3) A downstream lio_listio user must store extra state to track whether
the whole operation is partially, completely, or not at all
submitted.
4) Nix does heap allocation itself, rather than allowing the caller to
choose it. This can result in double (or triple, or quadruple)
boxing.
5) There's no easy way to use lio_listio to submit multiple operations with
a single syscall, but poll each individually.
6) The lio_listio usage is far from transparent and zero-cost.
7) No aio_readv or aio_writev support.
8) priority has type c_int; should be i32
9) aio_return should return a usize instead of an isize, since it only
uses negative values to indicate errors, which Rust represents via
the Result type.
This rewrite solves several problems:
1) Unsolved. I don't think it can be solved without something like
C++'s guaranteed type elision. It might require changing the
signature of Future::poll too.
2) Solved.
3) Solved, by the new in_progress method and by removing the complicated
lio_listio resubmit code.
4) Solved.
5) Solved.
6) Solved, by removing the lio_listo resubmit code. It can be
reimplemented downstream if necessary. Or even in Nix, but it
doesn't fit Nix's theme of zero-cost abstractions.
7) Solved.
8) Solved.
9) Solved.
The rewrite includes functions that don't work on FreeBSD, so add CI
testing for FreeBSD 14 too.
By default only enable tests that will pass on FreeBSD 12.3. But run a
CI job on FreeBSD 14 and set a flag that will enable such tests.
1643: Replace the IoVec struct with IoSlice and IoSliceMut from the standard library r=asomers a=notgull
As per discussion in #1637, the `IoVec<&[u8]>` and `IoVec<&mut [u8]>` types have been replaced with `std::io::IoSlice` and `IoSliceMut`, respectively. Notable changes made in this pull request include:
- The complete replacement of `IoVec` with `IoSlice*` types in both public API, private API, and tests.
- Replacing `IoVec` with `IoSlice` in docs.
- Replacing `&[IoVec<&mut [u8]>]` with `&mut [IoSliceMut]`, note that the slice requires a mutable reference now. This is how it's done in the standard library, and there might be a soundness issue in doing it the other way.
Resolves#1637
Co-authored-by: not_a_seagull <notaseagull048@gmail.com>
IP_DONTFRAG: iOS, macOS
IPV6_DONTFRAG: android, iOS, linux and macOS
Test: `cargo test --test test dontfrag_opts`
Some CI tests running ENOPROTOOPT are disabled (qemu-based).
This fixes several issues with the current `uname` bindings:
- Do not ignore `uname` errors; at least on glibc `uname` can fail,
so now it returns a `Result` instead of assuming that the call
will always succeed.
- Do not assume `uname` will initialize every member of `utsname`;
not every implementation initializes every field, so internally
the struct is now zero-initialized.
- Do not blindly assume strings returned by `uname` will always be valid UTF-8;
`UtsName`'s accessors will now return `&OsStr`s instead of `&str`s.
The SockAddr enum is quite large, and the user must allocate space for
the whole thing even though he usually knows what type he needs.
Furthermore, thanks to the sa_family field, the sockaddr types are
basically an enum even in C.
So replace the ungainly enum with a SockaddrLike trait implemented by
all sockaddr types and a SockaddrStorage union that has safe accessors.
Also, deprecate InetAddr, which only existed to support SockAddr.
Supplants #1504Fixes#1544
