deno_net/
lib.rs

1// Copyright 2018-2026 the Deno authors. MIT license.
2
3pub mod io;
4pub mod ops;
5pub mod ops_tls;
6#[cfg(unix)]
7pub mod ops_unix;
8#[cfg(windows)]
9mod ops_win_pipe;
10mod quic;
11pub mod raw;
12pub mod resolve_addr;
13pub mod tcp;
14pub mod tunnel;
15#[cfg(windows)]
16pub mod win_pipe;
17
18use std::sync::Arc;
19
20use deno_core::OpState;
21use deno_features::FeatureChecker;
22use deno_tls::RootCertStoreProvider;
23use deno_tls::rustls::RootCertStore;
24pub use quic::QuicError;
25
26pub const UNSTABLE_FEATURE_NAME: &str = "net";
27
28/// Helper for checking unstable features. Used for sync ops.
29fn check_unstable(state: &OpState, api_name: &str) {
30  state
31    .borrow::<Arc<FeatureChecker>>()
32    .check_or_exit(UNSTABLE_FEATURE_NAME, api_name);
33}
34
35#[derive(Clone)]
36pub struct DefaultTlsOptions {
37  pub root_cert_store_provider: Option<Arc<dyn RootCertStoreProvider>>,
38}
39
40impl DefaultTlsOptions {
41  pub fn root_cert_store(
42    &self,
43  ) -> Result<Option<RootCertStore>, deno_error::JsErrorBox> {
44    Ok(match &self.root_cert_store_provider {
45      Some(provider) => Some(provider.get_or_try_init()?.clone()),
46      None => None,
47    })
48  }
49}
50
51/// `UnsafelyIgnoreCertificateErrors` is a wrapper struct so it can be placed inside `GothamState`;
52/// using type alias for a `Option<Vec<String>>` could work, but there's a high chance
53/// that there might be another type alias pointing to a `Option<Vec<String>>`, which
54/// would override previously used alias.
55pub struct UnsafelyIgnoreCertificateErrors(pub Option<Vec<String>>);
56
57deno_core::extension!(deno_net,
58  deps = [ deno_web ],
59  ops = [
60    ops::op_net_accept_tcp,
61    ops::op_net_get_ips_from_perm_token,
62    ops::op_net_connect_tcp,
63    ops::op_net_listen_tcp,
64    ops::op_net_listen_udp,
65    ops::op_node_unstable_net_listen_udp,
66    ops::op_net_recv_udp,
67    ops::op_net_send_udp,
68    ops::op_net_join_multi_v4_udp,
69    ops::op_net_join_multi_v6_udp,
70    ops::op_net_leave_multi_v4_udp,
71    ops::op_net_leave_multi_v6_udp,
72    ops::op_net_set_multi_loopback_udp,
73    ops::op_net_set_multi_ttl_udp,
74    ops::op_net_set_broadcast_udp,
75    ops::op_net_validate_multicast,
76    ops::op_dns_resolve,
77    ops::op_net_get_system_dns_servers,
78    ops::op_set_nodelay,
79    ops::op_set_keepalive,
80    ops::op_net_listen_vsock,
81    ops::op_net_accept_vsock,
82    ops::op_net_connect_vsock,
83    ops::op_net_listen_tunnel,
84    ops::op_net_accept_tunnel,
85
86    ops_tls::op_tls_key_null,
87    ops_tls::op_tls_key_static,
88    ops_tls::op_tls_cert_resolver_create,
89    ops_tls::op_tls_cert_resolver_poll,
90    ops_tls::op_tls_cert_resolver_resolve,
91    ops_tls::op_tls_cert_resolver_resolve_error,
92    ops_tls::op_tls_start,
93    ops_tls::op_net_connect_tls,
94    ops_tls::op_net_listen_tls,
95    ops_tls::op_net_accept_tls,
96    ops_tls::op_tls_handshake,
97
98    ops_unix::op_net_accept_unix,
99    ops_unix::op_net_connect_unix,
100    ops_unix::op_net_listen_unix,
101    ops_unix::op_net_listen_unixpacket,
102    ops_unix::op_node_unstable_net_listen_unixpacket,
103    ops_unix::op_net_recv_unixpacket,
104    ops_unix::op_net_send_unixpacket,
105    ops_unix::op_net_unix_stream_from_fd,
106
107    ops_win_pipe::op_pipe_open,
108    ops_win_pipe::op_pipe_connect,
109    ops_win_pipe::op_pipe_windows_wait,
110
111    quic::op_quic_connecting_0rtt,
112    quic::op_quic_connecting_1rtt,
113    quic::op_quic_connection_accept_bi,
114    quic::op_quic_connection_accept_uni,
115    quic::op_quic_connection_close,
116    quic::op_quic_connection_closed,
117    quic::op_quic_connection_get_protocol,
118    quic::op_quic_connection_get_remote_addr,
119    quic::op_quic_connection_get_server_name,
120    quic::op_quic_connection_handshake,
121    quic::op_quic_connection_open_bi,
122    quic::op_quic_connection_open_uni,
123    quic::op_quic_connection_get_max_datagram_size,
124    quic::op_quic_connection_read_datagram,
125    quic::op_quic_connection_send_datagram,
126    quic::op_quic_endpoint_close,
127    quic::op_quic_endpoint_connect,
128    quic::op_quic_endpoint_create,
129    quic::op_quic_endpoint_get_addr,
130    quic::op_quic_endpoint_listen,
131    quic::op_quic_incoming_accept,
132    quic::op_quic_incoming_accept_0rtt,
133    quic::op_quic_incoming_ignore,
134    quic::op_quic_incoming_local_ip,
135    quic::op_quic_incoming_refuse,
136    quic::op_quic_incoming_remote_addr,
137    quic::op_quic_incoming_remote_addr_validated,
138    quic::op_quic_listener_accept,
139    quic::op_quic_listener_stop,
140    quic::op_quic_recv_stream_get_id,
141    quic::op_quic_send_stream_get_id,
142    quic::op_quic_send_stream_get_priority,
143    quic::op_quic_send_stream_set_priority,
144    quic::webtransport::op_webtransport_accept,
145    quic::webtransport::op_webtransport_connect,
146  ],
147  esm = [ "01_net.js", "02_tls.js" ],
148  lazy_loaded_esm = [ "03_quic.js" ],
149  options = {
150    root_cert_store_provider: Option<Arc<dyn RootCertStoreProvider>>,
151    unsafely_ignore_certificate_errors: Option<Vec<String>>,
152  },
153  state = |state, options| {
154    state.put(DefaultTlsOptions {
155      root_cert_store_provider: options.root_cert_store_provider,
156    });
157    state.put(UnsafelyIgnoreCertificateErrors(
158      options.unsafely_ignore_certificate_errors,
159    ));
160  },
161);
162
163/// Stub ops for non-unix platforms.
164#[cfg(not(unix))]
165mod ops_unix {
166  use deno_core::op2;
167
168  macro_rules! stub_op {
169    ($name:ident) => {
170      #[op2(fast)]
171      pub fn $name() -> Result<(), std::io::Error> {
172        let error_msg = format!(
173          "Operation `{:?}` not supported on non-unix platforms.",
174          stringify!($name)
175        );
176        Err(std::io::Error::new(
177          std::io::ErrorKind::Unsupported,
178          error_msg,
179        ))
180      }
181    };
182  }
183
184  stub_op!(op_net_accept_unix);
185  stub_op!(op_net_connect_unix);
186  stub_op!(op_net_listen_unix);
187  stub_op!(op_net_listen_unixpacket);
188  stub_op!(op_node_unstable_net_listen_unixpacket);
189  stub_op!(op_net_recv_unixpacket);
190  stub_op!(op_net_send_unixpacket);
191  stub_op!(op_net_unix_stream_from_fd);
192}
193
194/// Stub ops for non-windows platforms.
195#[cfg(not(windows))]
196mod ops_win_pipe {
197  use deno_core::op2;
198
199  use crate::ops::NetError;
200
201  #[op2(fast)]
202  #[smi]
203  pub fn op_pipe_open() -> Result<u32, NetError> {
204    Err(NetError::Io(std::io::Error::new(
205      std::io::ErrorKind::Unsupported,
206      "Windows named pipes are not supported on this platform",
207    )))
208  }
209
210  #[op2(fast)]
211  #[smi]
212  pub fn op_pipe_connect() -> Result<u32, NetError> {
213    Err(NetError::Io(std::io::Error::new(
214      std::io::ErrorKind::Unsupported,
215      "Windows named pipes are not supported on this platform",
216    )))
217  }
218
219  #[op2(fast)]
220  pub fn op_pipe_windows_wait() -> Result<(), NetError> {
221    Err(NetError::Io(std::io::Error::new(
222      std::io::ErrorKind::Unsupported,
223      "Windows named pipes are not supported on this platform",
224    )))
225  }
226}
deno_net/lib.rs

deno_net/
lib.rs
