hostfuncs

package
v0.4.5-alpha Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 29, 2026 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Overview

Package hostfuncs provides host functions for WASM plugins

Index

Constants

View Source 
const MaxRequestSize = constants.MaxRequestSize

MaxRequestSize limits the size of incoming requests from guest memory (1MB). This prevents malicious WASM modules from triggering OOM by claiming huge request sizes. This is a NON-CONFIGURABLE security limit (same as constants.MaxRequestSize).

Variables

This section is empty.

Functions

func DNSLookup 

func DNSLookup(ctx context.Context, mod api.Module, stack []uint64, checker *CapabilityChecker)

DNSLookup performs DNS resolution on behalf of the plugin. It receives a packed uint64 (ptr+len) pointing to a JSON-encoded DNSRequestWire. It returns a packed uint64 (ptr+len) pointing to a JSON-encoded DNSResponseWire.

This handler: 1. Reads request from guest memory 2. Checks capability (network:outbound:53) 3. Delegates to SDK's PerformDNSLookup 4. Writes response to guest memory

func ExecCommand 

func ExecCommand(ctx context.Context, mod api.Module, stack []uint64, checker *CapabilityChecker)

ExecCommand executes a command on the host. It receives a packed uint64 (ptr+len) pointing to a JSON-encoded ExecRequestWire. It returns a packed uint64 (ptr+len) pointing to a JSON-encoded ExecResponseWire.

This handler: 1. Reads request from guest memory 2. Checks capability (exec:<command>) with shell/interpreter detection 3. Delegates to SDK's PerformSecureExecCommand for actual execution 4. Writes response to guest memory

func HTTPRequest 

func HTTPRequest(ctx context.Context, mod api.Module, stack []uint64, checker *CapabilityChecker, version build.Info)

HTTPRequest performs an HTTP request on behalf of the plugin.

func LogMessage 

func LogMessage(ctx context.Context, mod api.Module, stack []uint64)

LogMessage implements the `log_message` host function. It receives a packed uint64 (ptr+len) pointing to a JSON-encoded LogMessageWire. It does not return any value.

func PluginNameFromContext 

func PluginNameFromContext(ctx context.Context) (string, bool)

PluginNameFromContext retrieves the plugin name from the context

func RegisterHostFunctions 

func RegisterHostFunctions(ctx context.Context, runtime wazero.Runtime, version build.Info, caps map[string]*entities.GrantSet) error

RegisterHostFunctions registers all host functions with the wazero runtime.

The handlers perform: 1. Memory operations (read request from guest, write response to guest) 2. Capability checking using the CapabilityChecker 3. Delegation to SDK's PerformXXX functions for the actual work

func SMTPConnect 

func SMTPConnect(ctx context.Context, mod api.Module, stack []uint64, checker *CapabilityChecker)

SMTPConnect performs SMTP connection tests on behalf of the plugin. It receives a packed uint64 (ptr+len) pointing to a JSON-encoded SMTPRequestWire. It returns a packed uint64 (ptr+len) pointing to a JSON-encoded SMTPResponseWire.

func TCPConnect 

func TCPConnect(ctx context.Context, mod api.Module, stack []uint64, checker *CapabilityChecker)

TCPConnect performs TCP connection tests on behalf of the plugin. It receives a packed uint64 (ptr+len) pointing to a JSON-encoded TCPRequestWire. It returns a packed uint64 (ptr+len) pointing to a JSON-encoded TCPResponseWire.

func WithPluginName 

func WithPluginName(ctx context.Context, name string) context.Context

WithPluginName adds the plugin name to the context

Types

type CapabilityChecker 

type CapabilityChecker = hostfuncs.CapabilityChecker

CapabilityChecker is an alias to the SDK's CapabilityChecker. This allows Reglet to use the SDK's implementation while maintaining backward compatibility with existing code.

func NewCapabilityChecker 

func NewCapabilityChecker(caps map[string]*entities.GrantSet) *CapabilityChecker

NewCapabilityChecker creates a new capability checker using the SDK implementation.

type ContextWireFormat 

type ContextWireFormat = entities.ContextWire

ContextWireFormat is an alias for entities.ContextWire

type DNSRequestWire 

type DNSRequestWire = entities.DNSRequest

DNSRequestWire is an alias for entities.DNSRequest

type DNSResponseWire 

type DNSResponseWire = entities.DNSResponse

DNSResponseWire is an alias for entities.DNSResponse

type ErrorDetail 

type ErrorDetail = entities.ErrorDetail

ErrorDetail is an alias for entities.ErrorDetail

type ExecRequestWire 

type ExecRequestWire = entities.ExecRequest

ExecRequestWire is an alias for entities.ExecRequest

type ExecResponseWire 

type ExecResponseWire = entities.ExecResponse

ExecResponseWire is an alias for entities.ExecResponse

type HTTPRequestWire 

type HTTPRequestWire = entities.HTTPRequest

HTTPRequestWire is an alias for entities.HTTPRequest

type HTTPResponseWire 

type HTTPResponseWire = entities.HTTPResponse

HTTPResponseWire is an alias for entities.HTTPResponse

type LogAttrWire 

type LogAttrWire struct {
	Key   string `json:"key"`
	Type  string `json:"type"`  // "string", "int64", "bool", "float64", "time", "error", "any"
	Value string `json:"value"` // String representation of the value
}

LogAttrWire represents a single slog attribute.

type LogMessageWire 

type LogMessageWire struct {
	Timestamp time.Time         `json:"timestamp"`
	Level     string            `json:"level"`
	Message   string            `json:"message"`
	Attrs     []LogAttrWire     `json:"attrs,omitempty"`
	Context   ContextWireFormat `json:"context"`
}

LogMessageWire is the JSON wire format for a log message from Guest to Host.

type MXRecordWire 

type MXRecordWire = entities.MXRecord

MXRecordWire is an alias for entities.MXRecord

type SMTPRequestWire 

type SMTPRequestWire = entities.SMTPRequest

SMTPRequestWire is an alias for entities.SMTPRequest

type SMTPResponseWire 

type SMTPResponseWire = entities.SMTPResponse

SMTPResponseWire is an alias for entities.SMTPResponse

type TCPRequestWire 

type TCPRequestWire = entities.TCPRequest

TCPRequestWire is an alias for entities.TCPRequest

type TCPResponseWire 

type TCPResponseWire = entities.TCPResponse

TCPResponseWire is an alias for entities.TCPResponse

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.