feat(client): allow connecting to IPv6 link-local addresses #1937
Conversation
|
Note: requires hyperium/http#343 to work (patch in Cargo.toml) |
| @@ -22,7 +22,7 @@ use crate::common::{Future, Never, Pin, Poll, Unpin, task}; | |||
| /// Resolve a hostname to a set of IP addresses. | |||
| pub trait Resolve: Unpin { | |||
| /// The set of IP addresses to try to connect to. | |||
| type Addrs: Iterator<Item=IpAddr>; | |||
| type Addrs: Iterator<Item=SocketAddr>; | |||
There was a problem hiding this comment.
I think this is modifying a public trait, so it'd be really nice if this could be considered for 0.13 inclusion, otherwise we might need to wait for the next minor version to not break users.
|
Addressed the review comments, so this is ready for review again. Uploaded as a separate commit, I can of course squash/rebase if desired. |
|
I'm not up-to-speed on IPv6 zone IDs. It identifies a specific port? Or, why is this changing |
|
It returns a The only standard way I found that can turn a zone_id (on Linux, that's the interface name) into a scope_id (on Linux, the interface index) is getaddrinfo. Some relevant info I found in man pages while I was digging: http://man7.org/linux/man-pages/man7/ipv6.7.html
The interface index can also be found in /proc/net/if_inet6 (where it's the second column). I don't use that in this CL since I'd rather use standard APIs, and getaddrinfo seems to do the trick. |
| ); | ||
|
|
||
| assert_eq!(addr.map(|a| format!("{:?}", a)), None); | ||
| } |
There was a problem hiding this comment.
We'll need a test to make sure clients don't pass the scope to servers.
There was a problem hiding this comment.
Do you mean a test in this PR that hyper remembers to strip it somewhere?
There was a problem hiding this comment.
Yeah, at least in the HOST header (not sure if we need to do this elsewhere). Specifically in the HOST header (but anywhere else we might be sending the URL to a remote server). Otherwise, this could potentially open up some attack surfaces. I think rfc7404 speaks more about this.
There was a problem hiding this comment.
Sorry, wrong rfc. The right one is rfc6874, which states in section 4:
An HTTP client, proxy, or other intermediary MUST remove any ZoneID attached to an outgoing URI, as it has only local significance at the sending host.
I see, thanks for explaining! So, does this mean IPv6 addresses essentially allow encoding |
|
Since this has a breaking change, it'd need to be merged before 0.13 is released (target is early next week). I still don't have my head around it entirely, but it sounds like this extra info cannot exist in an |
seanmonstar
added
the
B-breaking-change
|
Is this change still on the table? Without it, it doesn't seem possible to use a link-local address with hyper with more than one link-local nic.
Per the rust implementation of SocketAddrV6, the scope id is only contained in there. It's not necessarily IP info but "connection setup" info which describes which interface to use for the connection, which is necessary when multiple link-local interfaces are present.
If there were an equivalent Ref: https://tools.ietf.org/html/rfc4007#section-11 |
I'm still open to the change, it was mentioned by contributors they wanted to add tests. Also, at this point, it'd be a breaking change to the "resolver" API, so either a way to provide it without breakage is needed, or this needs to wait till the next major version.
Thanks, I understand now. Sounds useful! |
The DNS resolver part of `HttpConnector` used to require resolving to `IpAddr`s, and this changes it so that they resolve to `SocketAddr`s. The main benefit here is allowing for resolvers to set the IPv6 zone ID when resolving, but it also just more closely matches `std::net::ToSocketAddrs`. Closes #1937 BREAKING CHANGE: Custom resolvers used with `HttpConnector` must change to resolving to an iterator of `SocketAddr`s instead of `IpAddr`s.
|
So, as part of the breaking changes in 0.14, I'm pulling part of this change in #2346: the resolvers should return |
The DNS resolver part of `HttpConnector` used to require resolving to `IpAddr`s, and this changes it so that they resolve to `SocketAddr`s. The main benefit here is allowing for resolvers to set the IPv6 zone ID when resolving, but it also just more closely matches `std::net::ToSocketAddrs`. Closes #1937 BREAKING CHANGE: Custom resolvers used with `HttpConnector` must change to resolving to an iterator of `SocketAddr`s instead of `IpAddr`s.
…#2346) The DNS resolver part of `HttpConnector` used to require resolving to `IpAddr`s, and this changes it so that they resolve to `SocketAddr`s. The main benefit here is allowing for resolvers to set the IPv6 zone ID when resolving, but it also just more closely matches `std::net::ToSocketAddrs`. Closes hyperium#1937 BREAKING CHANGE: Custom resolvers used with `HttpConnector` must change to resolving to an iterator of `SocketAddr`s instead of `IpAddr`s.
No description provided.