std: make address resolution weirdness local to SGX #145327
Open
+275
−214
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rustbot
added
S-waiting-on-review
joboet
commented
Aug 12, 2025
There was a problem hiding this comment.
I've moved the whole platform-matching into this new file so there's a place to put each_addr.
| } | ||
| } | ||
|
|
||
| mod connection; |
There was a problem hiding this comment.
If you were wondering why this is its own module, it's to facilitate #135141, which has a different platform distribution.
This comment has been minimized.
This comment has been minimized.
joboet
force-pushed
the
net-addr-sgx-hack
branch
from
936d414 to
842d4de
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Currently, the implementations of
TcpStream::connectand its cousins take anio::Result<&SocketAddr>as argument, which is very weird, as most of them then?-try the result immediately to access the actual address. This weirdness is however necessitated by a peculiarity of the SGX networking implementation:SGX doesn't support DNS resolution but rather accepts hostnames in the same place as socket addresses. So, to make e.g.
work, the DNS lookup returns a special error (
NonIpSockAddr) instead, which contains the hostname being looked up. When.to_socket_addrs()fails, theeach_addrfunction used to select an address will pass the error to the innerTcpStream::connectimplementation, which in SGX's case will inspect the error and try recover the hostname from it. Ifthat succeeds, it continues with the found hostname.
This is pretty obviously a terrible hack and leads to buggy code (for instance, when users use the result of
.to_socket_addrs()in their ownToSocketAddrsimplementation to select from a list of possible URLs, the only URL used will be that of the last item tried). Still, without changes to the SGX usercall ABI, it cannot be avoided.Therefore, this PR aims to minimise the impact of that weirdness and remove it from all non-SGX platforms. The inner
TcpStream::connect, et al. functions now receive theToSocketAddrstype directly and calleach_addr(which is moved tosys::net::connection) themselves. On SGX, the implementation uses a specialeach_addrwhich contains the whole pass-hostname-through-error hack.As well as making the code cleaner, this also opens up the possibility of reusing newly created sockets even if a connection request fails – but I've left that for another PR.
CC @raoulstrackx