Merge pull request #3150 from spinframework/block-networks

Add runtime config for blocking outbound connections by CIDR

Author: lann

Cargo.lock

@@ -150,8 +150,7 @@ rusqlite = "0.34"
 # In `rustls` turn off the `aws_lc_rs` default feature and turn on `ring`.
 # If both `aws_lc_rs` and `ring` are enabled, a panic at runtime will occur.
 rustls = { version = "0.23", default-features = false, features = ["ring", "std", "logging", "tls12"] }
-rustls-pemfile = "2.2"
-rustls-pki-types = "1.8"
+rustls-pki-types = "1.12"
 semver = "1"
 serde = { version = "1", features = ["derive", "rc"] }
 serde_json = "1.0"
@@ -168,9 +167,6 @@ toml_edit = "0.22"
 tracing = { version = "0.1", features = ["log"] }
 url = "2"
 walkdir = "2"
-wasi-common-preview1 = { version = "33.0.0", package = "wasi-common", features = [
-  "tokio",
-] }
 wasm-encoder = "0.230"
 wasm-metadata = "0.230"
 wasm-pkg-client = "0.10"

Cargo.toml

@@ -9,7 +9,6 @@ anyhow = { workspace = true }
 http = { workspace = true }
 http-body-util = { workspace = true }
 hyper = { workspace = true }
-ip_network = "0.4"
 reqwest = { workspace = true, features = ["gzip"] }
 rustls = { workspace = true }
 spin-factor-outbound-networking = { path = "../factor-outbound-networking" }

crates/factor-outbound-http/Cargo.toml

@@ -13,7 +13,7 @@ use http::{
 };
 use intercept::OutboundHttpInterceptor;
 use spin_factor_outbound_networking::{
-    ComponentTlsConfigs, OutboundAllowedHosts, OutboundNetworkingFactor,
+    BlockedNetworks, ComponentTlsClientConfigs, OutboundAllowedHosts, OutboundNetworkingFactor,
 };
 use spin_factors::{
     anyhow, ConfigureAppContext, Factor, PrepareContext, RuntimeFactors, SelfInstanceBuilder,
@@ -26,25 +26,9 @@ pub use wasmtime_wasi_http::{
     HttpResult,
 };
 
+#[derive(Default)]
 pub struct OutboundHttpFactor {
-    allow_private_ips: bool,
-}
-
-impl OutboundHttpFactor {
-    /// Create a new OutboundHttpFactor.
-    ///
-    /// If `allow_private_ips` is true, requests to private IP addresses will be allowed.
-    pub fn new(allow_private_ips: bool) -> Self {
-        Self { allow_private_ips }
-    }
-}
-
-impl Default for OutboundHttpFactor {
-    fn default() -> Self {
-        Self {
-            allow_private_ips: true,
-        }
-    }
+    _priv: (),
 }
 
 impl Factor for OutboundHttpFactor {
@@ -71,11 +55,12 @@ impl Factor for OutboundHttpFactor {
     ) -> anyhow::Result<Self::InstanceBuilder> {
         let outbound_networking = ctx.instance_builder::<OutboundNetworkingFactor>()?;
         let allowed_hosts = outbound_networking.allowed_hosts();
-        let component_tls_configs = outbound_networking.component_tls_configs().clone();
+        let blocked_networks = outbound_networking.blocked_networks();
+        let component_tls_configs = outbound_networking.component_tls_configs();
         Ok(InstanceState {
             wasi_http_ctx: WasiHttpCtx::new(),
             allowed_hosts,
-            allow_private_ips: self.allow_private_ips,
+            blocked_networks,
             component_tls_configs,
             self_request_origin: None,
             request_interceptor: None,
@@ -87,8 +72,8 @@ impl Factor for OutboundHttpFactor {
 pub struct InstanceState {
     wasi_http_ctx: WasiHttpCtx,
     allowed_hosts: OutboundAllowedHosts,
-    allow_private_ips: bool,
-    component_tls_configs: ComponentTlsConfigs,
+    blocked_networks: BlockedNetworks,
+    component_tls_configs: ComponentTlsClientConfigs,
     self_request_origin: Option<SelfRequestOrigin>,
     request_interceptor: Option<Arc<dyn OutboundHttpInterceptor>>,
     // Connection-pooling client for 'fermyon:spin/http' interface

crates/factor-outbound-http/src/lib.rs

@@ -1,11 +1,11 @@
-use std::{error::Error, net::IpAddr, sync::Arc};
+use std::{error::Error, sync::Arc};
 
 use anyhow::Context;
 use http::{header::HOST, Request};
 use http_body_util::BodyExt;
-use ip_network::IpNetwork;
-use rustls::ClientConfig;
-use spin_factor_outbound_networking::{ComponentTlsConfigs, OutboundAllowedHosts};
+use spin_factor_outbound_networking::{
+    BlockedNetworks, ComponentTlsClientConfigs, OutboundAllowedHosts, TlsClientConfig,
+};
 use spin_factors::{wasmtime::component::ResourceTable, RuntimeFactorsInstanceState};
 use tokio::{net::TcpStream, time::timeout};
 use tracing::{field::Empty, instrument, Instrument};
@@ -97,7 +97,7 @@ impl WasiHttpView for WasiHttpImplInner<'_> {
                     self.state.component_tls_configs.clone(),
                     self.state.request_interceptor.clone(),
                     self.state.self_request_origin.clone(),
-                    self.state.allow_private_ips,
+                    self.state.blocked_networks.clone(),
                 )
                 .in_current_span(),
             ),
@@ -109,10 +109,10 @@ async fn send_request_impl(
     mut request: Request<wasmtime_wasi_http::body::HyperOutgoingBody>,
     mut config: wasmtime_wasi_http::types::OutgoingRequestConfig,
     outbound_allowed_hosts: OutboundAllowedHosts,
-    component_tls_configs: ComponentTlsConfigs,
+    component_tls_configs: ComponentTlsClientConfigs,
     request_interceptor: Option<Arc<dyn OutboundHttpInterceptor>>,
     self_request_origin: Option<SelfRequestOrigin>,
-    allow_private_ips: bool,
+    blocked_networks: BlockedNetworks,
 ) -> anyhow::Result<Result<IncomingResponse, ErrorCode>> {
     // wasmtime-wasi-http fills in scheme and authority for relative URLs
     // (e.g. https://:443/<path>), which makes them hard to reason about.
@@ -196,7 +196,7 @@ async fn send_request_impl(
         span.record("server.port", port.as_u16());
     }
 
-    Ok(send_request_handler(request, config, tls_client_config, allow_private_ips).await)
+    Ok(send_request_handler(request, config, tls_client_config, blocked_networks).await)
 }
 
 /// This is a fork of wasmtime_wasi_http::default_send_request_handler function
@@ -210,8 +210,8 @@ async fn send_request_handler(
         first_byte_timeout,
         between_bytes_timeout,
     }: wasmtime_wasi_http::types::OutgoingRequestConfig,
-    tls_client_config: Arc<ClientConfig>,
-    allow_private_ips: bool,
+    tls_client_config: TlsClientConfig,
+    blocked_networks: BlockedNetworks,
 ) -> Result<wasmtime_wasi_http::types::IncomingResponse, ErrorCode> {
     let authority_str = if let Some(authority) = request.uri().authority() {
         if authority.port().is_some() {
@@ -230,12 +230,15 @@ async fn send_request_handler(
         .map_err(|_| dns_error("address not available".into(), 0))?
         .collect::<Vec<_>>();
 
-    // Potentially filter out private IPs
-    if !allow_private_ips && !socket_addrs.is_empty() {
-        socket_addrs.retain(|addr| !is_private_ip(addr.ip()));
-        if socket_addrs.is_empty() {
-            return Err(ErrorCode::DestinationIpProhibited);
-        }
+    // Remove blocked IPs
+    let blocked_addrs = blocked_networks.remove_blocked(&mut socket_addrs);
+    if socket_addrs.is_empty() && !blocked_addrs.is_empty() {
+        tracing::error!(
+            "error.type" = "destination_ip_prohibited",
+            ?blocked_addrs,
+            "all destination IP(s) prohibited by runtime config"
+        );
+        return Err(ErrorCode::DestinationIpProhibited);
     }
 
     let tcp_stream = timeout(connect_timeout, TcpStream::connect(socket_addrs.as_slice()))
@@ -257,7 +260,7 @@ async fn send_request_handler(
         #[cfg(not(any(target_arch = "riscv64", target_arch = "s390x")))]
         {
             use rustls::pki_types::ServerName;
-            let connector = tokio_rustls::TlsConnector::from(tls_client_config);
+            let connector = tokio_rustls::TlsConnector::from(tls_client_config.inner());
             let mut parts = authority_str.split(':');
             let host = parts.next().unwrap_or(&authority_str);
             let domain = ServerName::try_from(host)
@@ -362,8 +365,3 @@ fn dns_error(rcode: String, info_code: u16) -> ErrorCode {
         info_code: Some(info_code),
     })
 }
-
-/// Returns true if the IP is a private IP address.
-fn is_private_ip(ip: IpAddr) -> bool {
-    !IpNetwork::from(ip).is_global()
-}

crates/factor-outbound-http/src/wasi.rs

@@ -111,13 +111,23 @@ async fn test_instance_state(
     let factors = TestFactors {
         variables: VariablesFactor::default(),
         networking: OutboundNetworkingFactor::new(),
-        http: OutboundHttpFactor::new(allow_private_ips),
+        http: OutboundHttpFactor::default(),
     };
-    let env = TestEnvironment::new(factors).extend_manifest(toml! {
-        [component.test-component]
-        source = "does-not-exist.wasm"
-        allowed_outbound_hosts = [allowed_outbound_hosts]
-    });
+    let env = TestEnvironment::new(factors)
+        .extend_manifest(toml! {
+            [component.test-component]
+            source = "does-not-exist.wasm"
+            allowed_outbound_hosts = [allowed_outbound_hosts]
+        })
+        .runtime_config(TestFactorsRuntimeConfig {
+            networking: Some(
+                spin_factor_outbound_networking::runtime_config::RuntimeConfig {
+                    block_private_networks: !allow_private_ips,
+                    ..Default::default()
+                },
+            ),
+            ..Default::default()
+        })?;
     env.build_instance_state().await
 }
 

crates/factor-outbound-http/tests/factor_test.rs

@@ -8,9 +8,9 @@ edition = { workspace = true }
 anyhow = { workspace = true }
 futures-util = { workspace = true }
 http = { workspace = true }
-ipnet = "2"
+ip_network = "0.4.1"
+ip_network_table = "0.2.0"
 rustls = { workspace = true }
-rustls-pemfile = { workspace = true, optional = true }
 rustls-pki-types = { workspace = true }
 serde = { workspace = true }
 spin-expressions = { path = "../expressions" }
@@ -35,8 +35,6 @@ wasmtime-wasi = { workspace = true }
 [features]
 default = ["spin-cli"]
 # Includes the runtime configuration handling used by the Spin CLI
-spin-cli = [
-  "dep:rustls-pemfile",
-]
+spin-cli = []
 [lints]
 workspace = true

crates/factor-outbound-networking/Cargo.toml

@@ -190,7 +190,7 @@ pub enum HostConfig {
     AnySubdomain(String),
     ToSelf,
     List(Vec<String>),
-    Cidr(ipnet::IpNet),
+    Cidr(ip_network::IpNetwork),
 }
 
 impl HostConfig {
@@ -209,7 +209,7 @@ impl HostConfig {
             bail!("host lists are not yet supported")
         }
 
-        if let Ok(net) = host.parse::<ipnet::IpNet>() {
+        if let Ok(net) = ip_network::IpNetwork::from_str_truncate(host) {
             return Ok(Self::Cidr(net));
         }
 
@@ -244,7 +244,7 @@ impl HostConfig {
                 let Ok(ip) = host.parse::<std::net::IpAddr>() else {
                     return false;
                 };
-                c.contains(&ip)
+                c.contains(ip)
             }
         }
     }
@@ -566,6 +566,8 @@ mod test {
         spin_expressions::PreparedResolver::default()
     }
 
+    use ip_network::{IpNetwork, Ipv4Network, Ipv6Network};
+
     use super::*;
     use std::net::{Ipv4Addr, Ipv6Addr};
 
@@ -762,8 +764,8 @@ mod test {
         assert_eq!(
             AllowedHostConfig::new(
                 SchemeConfig::Any,
-                HostConfig::Cidr(ipnet::IpNet::V4(
-                    ipnet::Ipv4Net::new(Ipv4Addr::new(127, 0, 0, 0), 24).unwrap()
+                HostConfig::Cidr(IpNetwork::V4(
+                    Ipv4Network::new(Ipv4Addr::new(127, 0, 0, 0), 24).unwrap()
                 )),
                 PortConfig::new(80)
             ),
@@ -773,8 +775,8 @@ mod test {
         assert_eq!(
             AllowedHostConfig::new(
                 SchemeConfig::Any,
-                HostConfig::Cidr(ipnet::IpNet::V6(
-                    ipnet::Ipv6Net::new(Ipv6Addr::new(0xff00, 0, 0, 0, 0, 0, 0, 0), 8).unwrap()
+                HostConfig::Cidr(IpNetwork::V6(
+                    Ipv6Network::new(Ipv6Addr::new(0xff00, 0, 0, 0, 0, 0, 0, 0), 8).unwrap()
                 )),
                 PortConfig::new(80)
             ),