From b083bbd57f94d74f27b811dfb998b90beb474aca Mon Sep 17 00:00:00 2001 From: Brooks Townsend Date: Wed, 22 May 2024 12:32:58 -0400 Subject: [PATCH] chore(wasm): add wasip2 component example Signed-off-by: Brooks Townsend --- examples/wasm_component/Cargo.toml | 14 + examples/wasm_component/README.md | 37 + examples/wasm_component/src/lib.rs | 28 + .../wasi_snapshot_preview1.reactor.wasm | Bin 0 -> 81114 bytes examples/wasm_component/wit/deps.lock | 29 + examples/wasm_component/wit/deps.toml | 1 + .../wasm_component/wit/deps/cli/command.wit | 7 + .../wit/deps/cli/environment.wit | 18 + examples/wasm_component/wit/deps/cli/exit.wit | 4 + .../wasm_component/wit/deps/cli/imports.wit | 20 + examples/wasm_component/wit/deps/cli/run.wit | 4 + .../wasm_component/wit/deps/cli/stdio.wit | 17 + .../wasm_component/wit/deps/cli/terminal.wit | 49 ++ .../wit/deps/clocks/monotonic-clock.wit | 45 ++ .../wit/deps/clocks/wall-clock.wit | 42 ++ .../wasm_component/wit/deps/clocks/world.wit | 6 + .../wit/deps/filesystem/preopens.wit | 8 + .../wit/deps/filesystem/types.wit | 634 ++++++++++++++++++ .../wit/deps/filesystem/world.wit | 6 + .../wasm_component/wit/deps/http/handler.wit | 43 ++ .../wasm_component/wit/deps/http/proxy.wit | 32 + .../wasm_component/wit/deps/http/types.wit | 570 ++++++++++++++++ examples/wasm_component/wit/deps/io/error.wit | 34 + examples/wasm_component/wit/deps/io/poll.wit | 41 ++ .../wasm_component/wit/deps/io/streams.wit | 262 ++++++++ examples/wasm_component/wit/deps/io/world.wit | 6 + .../wit/deps/random/insecure-seed.wit | 25 + .../wit/deps/random/insecure.wit | 22 + .../wasm_component/wit/deps/random/random.wit | 26 + .../wasm_component/wit/deps/random/world.wit | 7 + .../wit/deps/sockets/instance-network.wit | 9 + .../wit/deps/sockets/ip-name-lookup.wit | 51 ++ .../wit/deps/sockets/network.wit | 145 ++++ .../wit/deps/sockets/tcp-create-socket.wit | 27 + .../wasm_component/wit/deps/sockets/tcp.wit | 353 ++++++++++ .../wit/deps/sockets/udp-create-socket.wit | 27 + .../wasm_component/wit/deps/sockets/udp.wit | 266 ++++++++ .../wasm_component/wit/deps/sockets/world.wit | 11 + examples/wasm_component/wit/world.wit | 5 + 39 files changed, 2931 insertions(+) create mode 100644 examples/wasm_component/Cargo.toml create mode 100644 examples/wasm_component/README.md create mode 100644 examples/wasm_component/src/lib.rs create mode 100644 examples/wasm_component/wasi_snapshot_preview1.reactor.wasm create mode 100644 examples/wasm_component/wit/deps.lock create mode 100644 examples/wasm_component/wit/deps.toml create mode 100644 examples/wasm_component/wit/deps/cli/command.wit create mode 100644 examples/wasm_component/wit/deps/cli/environment.wit create mode 100644 examples/wasm_component/wit/deps/cli/exit.wit create mode 100644 examples/wasm_component/wit/deps/cli/imports.wit create mode 100644 examples/wasm_component/wit/deps/cli/run.wit create mode 100644 examples/wasm_component/wit/deps/cli/stdio.wit create mode 100644 examples/wasm_component/wit/deps/cli/terminal.wit create mode 100644 examples/wasm_component/wit/deps/clocks/monotonic-clock.wit create mode 100644 examples/wasm_component/wit/deps/clocks/wall-clock.wit create mode 100644 examples/wasm_component/wit/deps/clocks/world.wit create mode 100644 examples/wasm_component/wit/deps/filesystem/preopens.wit create mode 100644 examples/wasm_component/wit/deps/filesystem/types.wit create mode 100644 examples/wasm_component/wit/deps/filesystem/world.wit create mode 100644 examples/wasm_component/wit/deps/http/handler.wit create mode 100644 examples/wasm_component/wit/deps/http/proxy.wit create mode 100644 examples/wasm_component/wit/deps/http/types.wit create mode 100644 examples/wasm_component/wit/deps/io/error.wit create mode 100644 examples/wasm_component/wit/deps/io/poll.wit create mode 100644 examples/wasm_component/wit/deps/io/streams.wit create mode 100644 examples/wasm_component/wit/deps/io/world.wit create mode 100644 examples/wasm_component/wit/deps/random/insecure-seed.wit create mode 100644 examples/wasm_component/wit/deps/random/insecure.wit create mode 100644 examples/wasm_component/wit/deps/random/random.wit create mode 100644 examples/wasm_component/wit/deps/random/world.wit create mode 100644 examples/wasm_component/wit/deps/sockets/instance-network.wit create mode 100644 examples/wasm_component/wit/deps/sockets/ip-name-lookup.wit create mode 100644 examples/wasm_component/wit/deps/sockets/network.wit create mode 100644 examples/wasm_component/wit/deps/sockets/tcp-create-socket.wit create mode 100644 examples/wasm_component/wit/deps/sockets/tcp.wit create mode 100644 examples/wasm_component/wit/deps/sockets/udp-create-socket.wit create mode 100644 examples/wasm_component/wit/deps/sockets/udp.wit create mode 100644 examples/wasm_component/wit/deps/sockets/world.wit create mode 100644 examples/wasm_component/wit/world.wit diff --git a/examples/wasm_component/Cargo.toml b/examples/wasm_component/Cargo.toml new file mode 100644 index 000000000..82ac769ed --- /dev/null +++ b/examples/wasm_component/Cargo.toml @@ -0,0 +1,14 @@ +[package] +name = "http-reqwest" +edition = "2021" +version = "0.1.0" + +[workspace] + +[lib] +crate-type = ["cdylib"] + +[dependencies] +futures = "0.3.30" +reqwest = { version = "0.12.4", path = "../../", features = [ "wasm-component" ] } +wit-bindgen = { version = "0.24", features = ["default"] } \ No newline at end of file diff --git a/examples/wasm_component/README.md b/examples/wasm_component/README.md new file mode 100644 index 000000000..cfb3be0b6 --- /dev/null +++ b/examples/wasm_component/README.md @@ -0,0 +1,37 @@ +# HTTP Reqwest + +This is a simple Rust Wasm example that sends an outgoing http request using the `reqwest` library to [https://example.com](https://example.com). + +## Prerequisites + +- `cargo` 1.75+ +- [wasm-tools](https://github.com/bytecodealliance/wasm-tools) +- [wasmtime](https://github.com/bytecodealliance/wasmtime) >=20.0.0 +- `wasi_snapshot_preview1.reactor.wasm` adapter, downloaded from [wasmtime release](https://github.com/bytecodealliance/wasmtime/releases/tag/v20.0.0) + +## Building + +```bash +# Build Wasm module +cargo build --release --target wasm32-wasi +# Create a Wasm component from the Wasm module by using the adapter +wasm-tools component new ./target/wasm32-wasi/release/http_reqwest.wasm -o ./component.wasm --adapt ./wasi_snapshot_preview1.reactor.wasm +``` + +## Running with wasmtime + +```bash +wasmtime serve -Scommon ./component.wasm +``` + +Then send a request to `localhost:8080` + +```bash +> curl localhost:8080 + + + + + Example Domain +.... +``` diff --git a/examples/wasm_component/src/lib.rs b/examples/wasm_component/src/lib.rs new file mode 100644 index 000000000..ffea1e5a1 --- /dev/null +++ b/examples/wasm_component/src/lib.rs @@ -0,0 +1,28 @@ +wit_bindgen::generate!(); + +use exports::wasi::http::incoming_handler::Guest; +use wasi::http::types::*; + +struct ReqwestComponent; + +impl Guest for ReqwestComponent { + fn handle(_request: IncomingRequest, response_out: ResponseOutparam) { + let response = OutgoingResponse::new(Fields::new()); + response.set_status_code(200).unwrap(); + let response_body = response.body().unwrap(); + ResponseOutparam::set(response_out, Ok(response)); + + let exampledotcom = reqwest::Client::new().get("http://example.com").send(); + let response = futures::executor::block_on(exampledotcom).expect("should get response"); + let bytes = futures::executor::block_on(response.bytes()).expect("should get bytes"); + + response_body + .write() + .unwrap() + .blocking_write_and_flush(&bytes) + .unwrap(); + OutgoingBody::finish(response_body, None).expect("failed to finish response body"); + } +} + +export!(ReqwestComponent); diff --git a/examples/wasm_component/wasi_snapshot_preview1.reactor.wasm b/examples/wasm_component/wasi_snapshot_preview1.reactor.wasm new file mode 100644 index 0000000000000000000000000000000000000000..34c4917f8d2f239effe59638f294bca2f932c5e6 GIT binary patch literal 81114 zcmeIb37lM4c_(^r-Ri39u3k!NNtP|!+%DNf!gQ~ z=iGbGt*$OfwhG5@jA_+f&hmZdeCONGxkjzGVH$>Ez9)439p*XX4#T|nj)`;k-g^$$ zA^u~XyBGgXoIB_J@@W|N_=)j{|1<80$_rdY4-J$t*!?*+08m6T_wq-Sm$&R8bdLW@2<2N*m=DB-fDAq0oeLx`C&g#8s10C5xA>O>fxFPxt~y~ko2Mfi&PJzuHe?vro~iZP$6M`nr+2p3cQ%e~b)C+Z zv)Mb5TFNY?=1w~O#b&$fH2R%x+vyp`)uKXUz0)|=J9ehFzP>1~W$~%5)9b8n_uHLK z!&uNuZge&~{my2)v0HI-WW&~G=gh^lD9V|K29fHY-EtI0SH5(^>92O0FKarzMz_5M zyq0Rs)9s#Pghti7{-wliyW4OUo88XV%iKXZyXb88yJr`B{jO8nFpN=cTs@@k-r3E@ zVzbt-8P=s%<=nK^YbSf7s~#HCE30x)M%T25)Wqo32=3x)t+zV5`mm0B=(yK@xnqP! zVS8{$$7j0jzGF;`s^eqg53X|US z7RcGr<8gRM{lIW8*7`E710f^bM-)-&URm~G-@QT7y>FO zbu@xc9a5`-5$a>jC?0Z_I7UZxebtag*4vw>STQ!L;*|sF`U`yYv|c-;Lr$yP=}2gY zq1**?J$)%C59146XS2595b4QLNMADq_}412D1Pj0h5 zg!U*ZNV>!8ua_mk)lRo-E`u4#tcS5R!K@cAwuS44fKc0l7Shz4xMcZAS<`QCVB8a< z24EPk;{X_YF0~fOxIdah4r6Yt#kCe0)t$Epv{~}-W9_}8Y7gs{THXcOOV*nikALgx zjwBSHw~Kd%CD$X#xYut&uu2M^B2mf*#=I2Cg3|A5D-sVoxHOD?-XcKZ_NJ^nsVcWO zjrlQv3!nEj5eKng$dR zr9TI2$~w{EfG)XI6s+SxD!Bz1DAd_)XqCG(j3|M#X;-J>FEOpt~_wn!9xf3ADWv! zWF5GA`oLUd|25Y>#a`IIaLxWXV|xAoE)LA^Pg;?MNy~~F#`J-i8PqeT@jv76VJm7G zmNh*yGZT&CpLt{6*pL5Rw|{?l!rU@VGji3$IkRHKwSNrW@}KDMM)G^1xo-jA6|Vi2 zdac=N8qb<{AHt67IqK>1Jggn3zv8|lk8+IfofqP&y|LBl_C2ZfZ28o=EAaH@801fH z1*^umWma5L?UxUp7gvHzyng;3_s%czf*D~|q7PZ)`)B1n*}16n!pT+>&N%e|1Hw<|`ii zHrji{^8lJ_R|KE=7@e9FZ>TRC>++g(Wo*od=Y&?g+myXYtyt@=6IbN~wp-KUPU)`3 zoe6O()lo6;2K^WN%qzu7snX}n@;MG(;nURqXs zWo6Z=ZDF1C94kEat)H^G|2}M5=MJC8|BTAR#;K%vowyF22%Shg%%{oFk&sdO$KQPa z8$vhF7&h+ysBEk9$RpOBb0}G{j~hAseCv09 z^<$BOk+RL@KmEdwzxqFY;@!V$7mXvh{l{;<HJ(l#7fpWq z;di~^op1W%PkmiA`KN#W<&S;jC;#iG|Hf}}k6uT0W6EcSF=jN*@B1#Hv0$3#KrSEQ zm?e!FBk?bSaE!zQd=j^f_!}%U`C&_UelB$VK5jf7$n5|@Pj(jEH{iABBCCVs4)|Mlq3 zKk`_YJVsSt_4~N$#r$9RK`F$GxaUuhjY z-!QPO4-YKsLulyG?#o)e4lHXnsV{3bsV{3)C$Oy5Gi`PScN!NOgUfnsXuKk@tgB?$ z%SMsQNwR+~DNJ7>^tta?;+6FfFUa`cm%{J#8jG{c7ap!!cDUkl89M|%6DFTIh95=KH`rmF&m6|B#%B)UR_8PGe68^rwiowl`ZK2D z@nP~A^-`n6v3Bms$*`1@s(W`q36O}7zMzPYzMxbccR@WKXm|_iiH*hwLLMmyt!3D3 zkPQFv&)@MuXiPV7BK`n6&>R2ob9T`n8GikXZ~5=9`ucmRKyljs=9{m4y9BWd z+RK0U@O^Ll{V)CTLsO)0Yxx@w-}m?b^roNr^fv^3V+g+Wj<@~K-~8&Y{DUA4f$l*? z9K(lTyy(2?0_ar!<_qumU4wKD;!sOd(zO76dNk;v1f<`2OcI4wOe4?u--iPv9}vBl zB6iUz76wNOLjh!ac37H?Npme3t{BG+ zEC(_xu8Q#50?E}}TOikpQQMn<|07Pj(WT)EX*eXw$TK5vumfh~VcZ7PyPz34&({G? z9@06vM@Au+lZ)3bCl|)$Av6)xumFJOi6Ds37+noZ)KSlTZa!W#JPm8yXnc9VwAJV+ zbON*i_rRyWVRCsOSQo=;#7oq2mhp;plu?Bd4I(>e9H9;6(6(hvJMV`)P|Fu%v zMTk83=RA@3@S_xY9~v(5&>RR0VoiuVbo8XiyAf%nHJCqO!G?oKR9y1$>@V)&I5ft+$(@(7DjP z%ExbeF~JJLMI<%;XB)F2!xTIPS~p1VJgCJE9kmk6#`5{M|J7HmWh3zkL6Xk^9pFW5 z*?2Lv^rM!Mgj$^s9lSdU8v2nLb2=1HyoxO>Od#%RPZTXdRODB-7haC@2RdqP2VpMWX?NbHD&3PA+RhbkQZtDqjLTr!ob z7bes=S(OQR8`T1wfOz+VA-D@Hz_2}$_-z4mnAUIv3k)U-t_`fC&l`yka5z=7VHu~# z%W0u9aP^Avi656OEE=&H=no4M7+o8sr*MU(8(uUf6K`ch9PEf4Aw(jYPiKI;Cb3{u zG+(%4o{m>uC^irxvEh8y44#AZMQhRg1Yc_g4}6V4X=gNFx%bs;*WeM}AvUSo&}>q- zp;aB%h8A_yGtKxJD;l2qI&L)nkBim+*U{l}GKldd3jFEl&VM27Cr$*t>}s)d;kt_* z9*V$XhxCPuOD=Y0C(xjjzAvM4wZGPFORV(D@dXNU-c2nq#v}NGT)E&#-oizSj7-A; zm*UWPVT>d2MQgf`joZM&4Tdoid>vT01aIfURsMW>sqxxfxWXrY5KROZE&$M+U#gC~ za77*UOk22PMZ;UT<3{6GCqmJ4rYlh&RWcU@8ZtX1#V{`?2}(Ghf*TAs`xYi31tXyo z6-bK2Pm;SQqjva(aI{)>w31qv**ed`{e&%Kkl^@`;-Ly+`h05}B85!k10*LP4Hshe z1YB>HVaFbzPcF7>zwUwLMCF`lCGi?c8D>d=Xtgx6X{d#;XAxckAYQgf2yh|W#5lA7 zQL00L`hEsk#3kLa=4g0+Ta`gJwj2%Mh86gPPc`|yAe%F#(nT#qu{qcX8k@tNrqh5F zbfOhWh@==02q;cxbD%}$BZ1KHPO3C0n0T#FW=vO^F{sSQ^d&MwJa?5D(BeQM(@vHs zCgkau7f+W7WG33oQSvhrnTZ(GWrCTBF+u!0S)!sV_1a~LA~TUq23cY-g-O+MS)!<; zo@p#`tY~;FaolKpClZ?Qjf|iRSL(PPh0*Kk3sT$#D2(|+k}Z-FlTdZR7AJ)1x&W!P z5Yd<-_}>eW4g}MdOfku5c*VR~BnTn55eyVBj;<{l$dn>GH1eU?viX{1bopW9K0At+ z3G&KA3sET6h8;=#j8LQ_)36GtNQ0eDttDP3Xg0KH#AyWBxR@dXolt6bWExD+Fa3JI zG^`>~HU!l`s_2nvDCr^cktO^nvVEEz@M0u!tC8(hxYfyaFJEhtd`bYhlWdjaUcGk7 zRyg0;q)xVMQkUeaj!U+pj(Vn%?O4(9$adUlR4hRz;mRZCofQj2vi!&+fAR>VfkoIz(?foo9f7|Xv*(<19 zBx;9z1yM@b_&T%;JP=yO3XvJ!{T5iPdn7?{%Ao2R? z=nOt-tLGA3GM+M_$c~E@0o}mrVUzmmVJt*nJ*rM%^{8iqt7lwj46dHBq4A4Bs#6}E z5a{jFZ6^3@1gnpb(2+X;GK+>z1jsBx4R}J5nOF=rBi~>ly1Vrh1;JQkx5s?L=?2&_ z0fGq_PRv%)*)3Ckbau=3w4_jvV0KA_Vm=p}3=&Mxa8gaW1oL<#KzRf+ZZy6egO)Js z8cz3{o-dL#qtT7do?!G0stA=5Olx0DDCr#Prr}xw>~l#to|Zsw_Ao8MQv-xTC~YQF z{g5Fi$dK{wAQP>Rs6=b33?j7vTEru+3UC5S1^lD0Gof*WUPNbUKJ+dVmKYws*<6_9 z{dsc%vh}ES*8&Lrbpcx;j#{@Y>~ZxC7+Z;-U~f_{ zIf3ON3hZ4r7Upfkl}xzXhZ1wQ@;yY6Jv->sT|Q^e;189tH{+<4f^YZG-N`w7&YrpL z(89hrYER4B2iNTQklItSHui2DwQN~?#-6dKPnqF2rLAKl4Q^g`a&zz-!uxq6KB&-cz)ok&7w9&t4%&mrd#C6*?W% zv0FS%O!&IN8kzt`X<~QS0a!>{is4QX7-LZBx!-id2TJStgP<`R+F{IIfRE@* zB+RgeaDPzqA2en|(wK!w;`--l&c4B2>C!hZ%vqF#M^6xWz?>bxWv4kCk{&*f8nF^} zL1mNNbaOUHjThJ@e(PAj%%~mAR&$ojo*w| z7R*_1XUtcyVKeNLSLlTQ-;h`kw3GpnWx*hT)UcrPRv`!?*#Bb6xY~ILhs5h36rvAM ztiZYu;kJA4d0=63IkaF-gHeq&+~JYNxWgUeMZ+VFv7-@zo%i4Zq*&OFJ<~i6w4S*p z{Hf0{X$4IdAnn3-_^1xhvGEi z=qHO*EUnwU==Ol#ZKM!FY|XZAG!ar`w}_g-NudQG8R7o|(!^B+QV&YN%W{iKGQivK zL%|fvk;Q$7EG`Lt3;X!`=MZ?sp2ap|)O#LHHr)wKaz!?}Tr5DH0gU*sO#4~K^p{WQ zYsn5lHLzf#GAUH8c97<|vuu{V? z<0qic317O;`fV5_2f0yACUyZbl)akj8>?UnWk#tnqXY+L01KZYBxXk*glzeLrFbCV zmNDmlJGK zmlLXvD{>9y1Gy;tzCh+TDG;cJ-G<^LXfB()me&Lt7FJ29K zTZ<+-#2yK~ks|xe;!uRdPtdz7yMt)3o=e#+;-Qs$5OJtXuX6{p zcsBjqLrH_70TTsdYx$6|Y`+HEvcb5i!)XzIMbBz*VcsV7kw5UD>dRqxG6O?B1^}oZ*J0Ss;d!)`C3yW;N;Y|zIYU;9E$3-OL4-- z$tHC*f=vb~PBiIKoT#JP(J0Q66gM6;Jc=7P8XubQ&jv#5bXV;-8M&~2Of?#AwgKgs z5B;Dk?gBwqD5SbN3{98h3Q7fQ^HLS5567eyESw-wL~5{C4YPR^MogaX)j1$ho{3*CThe-nXeHaM1Fwy5`3)@UrYe8s}8GPyTs=zLIL7q zlRELKIxg{vI_jB5d}Bq!BR-`|j1djGtmu`cWHa3K(Fs4usATaU&V(Ytw5MHMA~a-t zlMb2UyBT$sYt%`ijSR8mOai45E28P1?M6#B85Ln8Si7{!CLyU!l0Jp9N}WQo69Y$# z_YaLvF3`Ay^+%SPcrV30;D=><5S3ip56Qc<{i4$Lg9&KE+JpT+1IzJ2dho@15t;R< zjPWuNYelouYv^|>@ea01pP={ToqR$)fW{&F1Angw^N^VexJy)LFgk!uj*&fSPkNKX zXakGbk(*}(;`@>?8J|BhiG~(q31o}#SKWjk&qNJm8K;;=?8}xTxYcEg&DYxUhFgQd z7Wcp>PqrvWk9zGcZ;>&~CUx1uCiUg5>bT3>%}i!D+VUPN8s74LVx!@is3XuwVgi+k zifIU#sA6Va6ZLVK2G>L#0YB+AXrhJ(OjI1`b}jKHsoj9NB13T&9=dDfSys54Q(8?3K~6ASkxdJ^!wLvj!VXY2 zUMT*lI3fz>z0+=%&esOLpp;s{|CBTodpf*hA#tZkL-=E5j&D@v_(t6vUqqLg;=2$7 zd!ND|;fn;bgC`*)BbBcpVVDxadQmcdXkjXj{9weOCtylQ*D;j9Frv{DjJZpNF!4bp zBcTtLAZPIOCP>C9_(4UAaY@+pqDJDUtrfCoR0Aqco0o;9fmu zojw{1N9ra9;VPi$ZlVRTlG)zf2IK=ee zAl29wq8*sGS?E*Hnz$ssW33@ug0ut5LBd36A-a>6Xr+_{oe2s`?j;Rjz}9HL@4-J< z7tEL!k6;h&L0j%4dylxXS@TDcp8@>~742x{AphVAnwO@yJ-=q}g$_7>DmjmI3jE=n z+7Z665BKIN+G_S(<-9QDQGoV*3WAd!DwvK}0# zDp^m2hZkTkfLh>UWe}A}~T>fUzr z6!ct1BKF~AE+~Z2>J0ayVabTK#zlndBcX%IISJLA3)O6O0ooxFLp)8E49^z%v~$3E zn&nM<+AR-dwAyu_9{ zW#PQldjrSzDhDJc+{BP2t!4A>WEf*9SvLmS{J|M{u_k#q)pwdju?h}sq<@r3I_`z-9YO_}`okpSgN!QT*LH1e zq5BKl3Z0ubnr`QkT|#c{BdMF@#`}D@RDU?9fa^yG&on6kxt4%%5Z z>A!|_1(nnC6jv@qp)@E!ggynq`V3rzo31V`CjQ&m~r4wRmIfn+W69!s5ojwQTL%h$qL$Z%l3U$6#|e`VTC z*jfOk1~bS!aKN7czjqq4pvQ5=Ej)+CxZ@UbS&a(~PuUwc8vh*FO7yp|lLp+3ie4Z! zG?zB+0(KFzSL_KzFL0K{k`du3#EuP!0kOjpI-}+!jJ^;Kx6fni2XwBWr;sbc+sS}H z4vJ{I87w5|#7M^Oe|BirGK~-tH;^{`5)`#5Et8WrG=(X9@+CdU4ftDG&7N8|et0Gd zWlG$c%jbRwcTk_gq;}>ft8C&hvVdg{v1k*wHrhgirakqN9>l+B0NaaHJ80DsUP9mT z9urPJGOnEOnWJk%lUMYcY4VD0GhJT6ix7}k$TR|+p1kr1UHMYfYuBm~eh@aP%PTgi z%PUpKl~xbn9ye@2@kQS0&DANn?ePA`j= zQ2XTmP%PPTZFBW#ecby)Kck8N;O@|ilm2?X#$c+pewK<5{IqR^wvY8CDPJaJtHTxs zl!7NyvBjrbU=;+I{RJ}0J<3t)0Agaa*IZ`rYM23L|EMy`UlaAWHttXcg4sXdh{3oc zI3Ivo05JrUNiD%ZnGPne;L$Z1o`bCjr=ly!6=m|_?xAy`XSmUGp=W3T$>{|Q3PioG zXCN2}dlF1v4@P2pl9c%HbH0yyEKorRlAmiqoBJ5kL=B;YBx4m3-V+rd32p|h!*))5 zQ}9kv$rPfWqS@T>5)Lw`7st%KD(d&7LcmnXk$R0s>SI?3+_~m#yK!7G^J4!nh=Ix^ zcMwAlP%&K@RUWP_nxec-Z4qqHjs8Lr5X2t#bwiLod>Ni%K>gF#3{>?0^Om2Zf*8rf zb)YxWDc}>I`UuOwyL8&4Ij+6)w)h7w&q(6O6Blv=p zZ@`Tm&_LJ539eyMGirt15HwKcf@LZAwpa>3;_D(z>;7rkj{uB)N&ga7A*%s((G)di z0FFd?{?R2X23K|}oJ(X5XpU$k-sLxmN^BGweu%C;cKGgH-+EZ^=;3KNE2XPT;sKB= zrVo`+0)=;lI7vT?kM!um1O$8zaJfSi92&lMLs9X8O;eUXkBZ-c2sM6(yMSESa=}xbWg{%{9&g5mm;MaN`3EIGf7{kMQxo)bY2 z^L}uV1ozWUa5wJUkbSVT*awTsNBEE0jhnC&_AK_n?kD4#k+tDgpB_>h=T)#G0%hR* zau@BaJ!{9+US8CXsol6St~rtHH#MZ4N!boE&%}|7+>IN<=9Wpc15*;|PerSQA8f-- z;b%X0MIcKRk%sM3A!>Z>Ar%0_kP1RK?z6K*BfJ0U8$4>kA1 zcv11z^LGW6W9G8l&g$;Vg>=?W=)gGp`*P)Rb@Bgu$nMFgFJ~kx2rz_LK<3~sAaf$z zJvoWsrQAI^iA`BycmLcJ_s_-QIzfRj{Au3q$!YALW0(-}SRo^#E@2(P9!rg|Y}{&u zh4^iNuo8T&#b~fmlXi~FTs@yxRBo73uU)c=a>Epx)X9oX>SU$rxKt(TsAn2cjTH@# zrpAuOq}V+PMJH;+4V*fl6df@7 zFnqO9v3pW*eNEG`VeZMjlMzaU@AD-BPU>Sq04%y!QWzyC{Y{jviW4FGMFY=c$Q-Pd zt3aLJ8r3#Ys_pJS9?TNgR+Q4*Mz5kF2*E{8eBhhbFyaKr?e2It4e?1FkoFmt>Ye+N zr)_D-Dm4$8JQC-32sJMnQ1j5N+8dAO?ihfd=$NDSPBm|=wEyH1_P!u=QJm;KQQr{c zzWB*O&aS9&D!|im7vSm0)Luhov`jKXYV$Oh_@r22xIuu$w_TjG(!FpzydI_m-Y* zNH`MmC^r;*uE?Il1=cy<9a)nJ8k0itM7!b?t4ZVsY`Wltz zT;Y}_Z9Iixco0i#O2w%FPFNoYRzwU)e9u`70}l_ta6Auss}3`5%eYGZU_1e7G!YEp zJGllKPLfqYvS?EBqxNfqkC@q!Ih`YLu z*b#ko*|^nK*FoIss|!0m0;@|-$WCQ6;wqyYPR}PFk;-T!u)5f!zPePC?&=bC)H7{$ zMaGGSx4OoU1{D$!a33o|UPjUgg!Y2;MMjdC5G^A~4ZfR^^teojn~^jEep0TUkwntf z_wf@gJtIk>?X0d)a25Rp#i^nRo zJXL)J(`Eq^_VlUe$3`RZ&Mh(^S>5qT#8k z<3{80mYnZ>QgVv$wZ1=mtiflGvc?^?{SSx2)8eR0?-Ox6mpLri7jPE-D`^RbpUY!v z^#7!Z{IKy{Tuk(lN2;6C>5U&j(k7{8C&MWNb!46JiVbVIm)^sT4wGH!rEjbG= zv}hoK!!SeejLpKGhfmqSiMKGvVt61v3c=6e!KpS2=M{5q6L>SnJyYVm1NA97acV@u z4Mpr>p3RASn6GsUj!sV4d%S2wa`ySjy${|q7-6kE1D-f0=O9E2ZwRgqCikFA5yHYL z&Gz0y_S~rl?@pqv+hzbwBJn;hLu_S*Tfqa3fJN}`XVg0s3^T4ASFRfX^mN3q1>}V8 zh>K(5Lt?U!40Zy3MTR28xsO`CoL(>G)%&nlk0Wv<^lV6}#Lvp^vB`0cf=+}n80SUv z%a~lYu1fygu#yPW={4cqs$xvc%H8;ohsBAB*ptj~!R|D%%i2ub&t~WayBkDRorz8J zoAKTdftI*4k)$$-v80m;djr?7A#9Q#fu6)RM5&4z6}P$`d<$P|VZsw~yghmM_SxWueD}R8@I<0J8`T9K8`XU?ZY5XZiAwH6P2`Oi z6^}EibT}7)Cm<@Gj{C$%<#XRv0z>=)nK%;&kqU+n<{MYLIm6`DJW(~ySS}o*NV$nq zl@)sgO*&8!DM`Gaix)5G(K&UU|!<==(mX2nTd5ay^22awL>>m4pz*d*R=S_PrNh=;UV-(E@zmHf(u|3CEIBK;I1&B|OayfR5)N6Q4<4DyH=4^8 zQy#$|hJ3*hPwUuj`)uM2r0nR8rs^&676Oo*6`UN?v24nbfe7$Es1#zfNMs>vpzM>N zBrZ273XqTjWR@Vy{>RC+|Kh?k!L&4rV!2U^6v$*VrkWwsi#NAol_3!smIS9k`XNT^r$A@d5K_`QxJdF z$NsYq8#j8(>j@~me)a!9sCavxM+su8V0wsw>XIH}pt_`o7!)t7xG{#uM_uxw45Ltc z9>`rpe}u}XMSolz-0;sXIJ_lfdfzHQ+}Bjrn}O{iiMI<`Vv?sUVR5Qe^)&2G)zsT0 zZZ-AxD%|So?Owjt)LZO5#d`O&+xH}t#8TVH)N6N5nU(kNyHRxhjlccy2crdpo!|e3 z4}b8_|N8ZxwTlKj|HfB;`wgG}#2@|2w{ZqEd;f=rKlE3x`N=>2)L-MCy?^t+effj0 z{m{EV_m{X=%|BHggdjewsGj*!@-61jAra$n%pZpv(6%-XhjFWo13o7j7zdo!5*P<; z8PdN8^#OkzAi32`AEYqmBmT3Ke)>#sC!DKx1UEG)i&)#SUm!M(yJ~>NU*vj;YLMWk|-2hLGpN@_3vEPG6F54q5BUW)qcwXzNz*H zfj>ZgjO#mkUvZJMXz@TlBvbVXW&k7=+=J~VK=N{FZa_3jV@ii{t1+cRxYb44JYQ=f z4G|HYmH&wglE_R@FLwoLLJ3?EY&ZtPN=expf-#fBxD9|5jG4^ybpWIZ9i+c@K@yP; z253f&l6z2T)Z{<7Ac-YGIS~NqRoEuy9(V{@XUI{4m-nO8Nh+b6;rX=^KQC?| z8!J4)32DZZOV~9VmTw?(;cdV+J(;IQPo4>J$A`Rv*!tXeEK$gMh!;Fa>wWklS%;Lf)n1-4S^QE{;e5w!@05*tyH&jd;YNz;HQ)+QbwGBBFr5PdEOx z9eBB1N#TV=p4VWK<}X<>WTQ-08y*m z8QAJ0b#69`(7HDTyb_<)LRbO>_X)2jZkfP2|C|Z#zW|v_%Et5QCUM{i+7 ze8hnV+@g(pFab9LB+uCmo#5kX|M6SdCVO`$CteTqzLVde@5HaMmKYfDlrR`rNNmmq zIN&zIm5t{-Z(%rBxh2qrDXBs^26G?ff&}>6rc$$%5x0d08tvyq8^Ju{2KQQ zR>DT#VGwg%+y!LB2f$QBg6ZW5hNLj|EYKV5fCb9$)dV!F(10)wp0ubm6*n8j19P|< zgU&rL&G;vSqiMNQZIeK)ajMB4n8Vd%l7p0r!rHeypr42!KNK8gjb;(9$3TPWb2oub zKv3CCIsD@x=ARl(%pVCtJV?Gi1-br|aVg~5z5wo<}A_Wz*qKp&gE-nh;TS>cIDG&VUEpPreWOYGS@zi*P$EDS#X=#HS(Zi=ImU&62)H(e^dBN;BOv(`|x)Fe^=t~ zD*PS7-_`iL27gb%pN+pH{tn~sdi>phzo+AG34ba4W${f6u_* zv+(yY9JH0+;6I<|KVRfO|HYuq6^j3k=?|MP`73zq51K+g7Pc%ajI5|IP=W1+1GdBX zK{I1zs^8kvj96H0mE4ff8r-b6)cRH=wZ7 z9N?rXG=^h99|Uzv2$PBlN0hwAjzf@$jHdV&#aq}_oF$;AE9qlY#CMVWLdxvW&WdGA z2Sw7F_h}HZB{v@b0FJ$a55hZH9>nX-8F16iHK*+^WZeSO7HJ8YfWt)RytM#0IzeJb zh%?2E2nOew+XD1G)00QAh>*`mh=_D%hy%ZH5H1;kAQaIHHAfHyzU(H`L}-!84`cAe z264K#`1Y0bh$nuE<_i{@AzC<;cpdN6ap9N&L0-b3^dJ;o8cd8jZ(IQ`92!g+&`9iS zqs9nOSuW&o%(&bP*n8u|867fCBFz*pY!0BndBk`I6yUh(_JRN_p||ep=MI(R>KMcKAW}qZ|pm#peJLZzk2)n2`zthfBc{ry)#u{qPCsqJ$p+T9bDlS1^5) zFj+^9hf+o3MZ7#>-k&O%b(H$351a6|;On7Q<-7@BGyQ88{cA34uQzcGUn{VCI&ooKm7JWa^DZ2KQHDU z^7sCf_(lq@K9oud4jsdXcNg&Kk%f?Tf^v%=LY1>1Pi=sxekcW5O=t8cQ;9bTwuB>0 zFy<0hIRE5yoQEd&2LPG(U*RB59yh+kU*s!(fv8}}A4+jWz&pqzl9Le(9`os7U*Bl{ z0*i3=-@`7jq{WdgBIJ(r;&pebQ|iO4vRw`hS~GE!Bgcyioel}`H2N=b2n}ab9~-mM zUlRu-Qt@~f4wZn;0s#2&BoHz|!Pc60`JGh0=31Na_l9vOn|beHj3wY3_?)d==;Yn^ zrO0=fKA42_9Qc_KE5MHn(?yM+2^0fiR$iA9Vhta|U==wU;B&JW0O77gPz4Bz>_TQ# zQem>gH=5Ic6z<43a;%bYs~O-H^wNUSg=IHFPJBTG4sZ2ux4BopPg8ab@+$hboa z2c0Yw#)#esaF`D&#Edu{QY=2n*2kPFg>u{^Nk*>zA9y8p>*IGk{InZ-R(m$oYd5ANyf)87-+%LUe6Rf`wDt8be)+v0`NVrZ^ABJGIo#j>`A`1y zFMs0QpR$Vv0sHnhzx?Wd|Lym_`A_khkbUcSkOOnySAT^$Fa+&eU;N8g{@Itl`l)Z= zo}m5ZAN~42|MIuL`sqKzz3Mxwa%4o`>X{!K`Xw_o;S-0?BRP$g7=@CYU_0~zk_Sh9 z9Sn-=P2|>tJA|?B&7+tdoDN}CB3(GOBWsnXxswy&A#oIC_@)c_En4A&C!07Wox}$cRQRDsoa>Kr zSj$tSJ(ekizyn=0RTJnQkRbI@fMlYW97`VAl*9*+P>o}W#>7}MH42npjH;5s`N4t#lFOP%E;MB6mW3M$QGM1QX)V z#oJBv;{G>`TByL{Lr5WL1Dc{5yc0&I_lX4oHolDnA;vi%H&tBy}lb639GGnldfI3uhem58DyhIR}rz((tFi*%B!opHQCj!cR^F@sU z$Mj*(4rmQ)0xKKB0c6jkbi=2T(aPO-CUGLSI}u@Q-9ejd3g7*^1zLv{-0yP9B5i;<#}oL$LCF?+$3)>^0=ACy z{{<7Uf@7i1@X}nOfQY?gw;D)_BSH9}*8*{YDHLCUDb_gq3Sw%+KR%&`Pz)nLI%S7A zl9+yAZX5gwvsrh5C#Wiifh@Nn;DSnq{4AW<$-sKtx)ej_VIE`-UZo(wS0eBn2!;J& z#u>_D;Lrqn0asnaxXVGt+}r|2hTA^4niym;B~#pI#X*jVLAK-|v%?8yZG++1R$q=Z zEWgugq*(`?hEog-7!H+FXhXT=JHNU=-g+HOOpwxKs1smFO0y)TS(4JA2go7Nu*dk5 zS%cCf7>d#?cL>BlV-PS&1A_qNapxc?O4~UIz~7}bj>Hg3;{*sw6N7-*?MO;f(?!|` zrQx^%j22Wt9`6N9UD6rw4bqv0rx8F2AwYZUWFvWL@> zwFZ~l&c2NJEQo|FD)DhDlkrV6axWfO%a7oHbFT))n(k%fUK|W;;e<)-KgBfr|ZuR&Mj@=o)t94Iq^F_}Lo2SH^iLeoGZ?^mG+WKPSOw){5 z=2d5Ez4r0Odi$8x)CoYnl$tQiWy@ScXD7@^uV3qL_W*3z2s?MR`yeE9-mi-%s*-6g zhr`B%)9rS;mT9iCcDU!Pw@jlKHm-T;hSOi|G+!p(FZDZ%O{cznapluh;79&Op28!o~r&UAM?m*QqtnVocoL3Hi=a_4Q8U6j0eR&8@R2 z8)|O?c;Lu(I6iv?jsS-b6f{=IGC~qVTv;Ai=JFA^u}mL*!{9xd^NOIN**48PL;Kfj zz5Zfn%jwqo?at<6tJYq3nwZu|W4+UJng+m~#;7>8jYT<@1Z%pzxwYNrXyLhq(ledy zzW&5qjhb8cm}};g88J_U#K2El>(1sGBOW%cbVo^VMvN4^iAHkhTQNeIn?(*NRIoMk z%#NmKc5AwKs=Z~-Ua)Cd%xqikY)u+-VdL7N@btFpy+*fPcg%#j8gnb`F#yAYTOlwg zON~{hacc2Qx7~Nly`X0w{5`QoXS2^GGG)w%jYGrh%bNSb#?tWj-Ux|;i?z+>VrzZ7 zw`%V5q1(N6S#*Ecxb6b2tAc);7^0^Puj7x=0hb8&NFo3n-ZTeCNdo_Jr`vIQ<`rQh zKfLJyWMz2`=PS$;mY}*lRxUQc`g2QK=6-ic%4N_~ zt1^PM7!E8Db9sX6FFLqxz|pVx7P+>99>HJ`)C}yJ9A(#f{Y0qQmg0r@37yk6^HJ5?hpu{lD zGf)KDn-Ia9eF_lV#+utwaDXz^U|O3U!I=#Tim9&C>#T26w3tyr?PmDQs325UjYSBo#wkS(^B`uk8;bTE zaMot;OnkGp32`QF&Jyfe-|4qE98!W*V+7b(h&sej1FqKlI#XMR!lHGvk1NuXz_VVn z=5lwJ70<^*Rx3YAV}kiAeZ_zSHDn$L02&eF-GX@TwO#%irwYk>UJgUM#Q>ooeE?%8mw-RjKr&TiB@;CGAb?afouUFYQXdab+2mLok3 zq0pLeQ(9SOQ&Tcm5F{-tJXZyO&o!d^Y z?=+?469p3++fd`2MISCBp>^0=ubu4SqrK*)ISW_`k{LavDtv*u$H#HfxvK%O*FNpU`rYl#2412XG#n^5vRZ;8IVGBHbhb&$d(Bf(vl|IhZH{Yi z=EEH8$^8PcTBG6gdW$3*5bMU)zC+^iMyJ_swb2dLC;#OYQd3>TWNe;vv=_m_Whu+p zZ{BH5Zgx~*sLq&F!ME} zk$}g~bhg)(7em?sqzi zAeEEO{`UI1a}tcbeiqZ%;}mZ;9O(3mTiwn{toa_UL4e)uEzCT4#_8I6yBTVCrrSMj z*4I0otywm@QQJH#sIfN*k8h*7Em}%WGlDMq{j;<9 z>1{VwT?kmT1&S0+LVMn5_fa^!)!uR@IkbzN&Goa;0tDh1A?Fli&|Q78$`(1y(~WKi z)FcrCIbyJ|)@YSk#vyYff_}Rjwe=}ExHOd_U8r=Ojma|@{KZYjX-+nwHHs?^NY~l! zfzl(jCYgX`Tm$l$0EABW%mk3ZPuQ4;)l(BxyISk5E&{l1lza-h_lbb&{DA>N@-%&O zb%9)b&AiUM+EwWeM>?%m&*@JZ*K1mx-=I+J7f-iqsulC8)Uemg?-|y_k+5;t)xfkS zq*kc4an#j64;!fB>8x6n8gPaRtkroMm2Q9?7K)(PLaTrY5^KuLxSH|d;cV^TD7JQx%@4(y8WcIBnWf>^3FXcKlRPnzdiY^) zm|bcqgpDhPOf^@JSw!VYy>cDP+v(;!QY(dxgF`9{Ix)*;JBbF4>*IK%W|wKhBG#%$ z?dDCxVd9KpGL<2FI7}hb<4`vy@(b1BYY0 z_r`G;NiA{`X&ynY_l zJfq(SS@1CzsGEn+eHWtVw5Hg|xpz6v#g4|X1=e+hFa*@Mc;w-?7aUE`yQKl|DpF|R zxx<&j_NG8iNP3idhBqt|o&KuRJ#4_g<+(PrmLbx6l+&I18njIFc^Fh%C-wh=;k1X4 zY(N&7-{)bqlW+|-F-$B3n&4Q!z+6q5r>+7Bza_{;^4;GwjIW@DtOrC;O;U16$|;W* zNDae$k-0iyo+1mkAfkWAFn$*;?dKr%&O)tKUNIrK&D$*Vkgym0*T<+*x~_pMU@pvQ zqSjoFQqPCiL3>D(1R}N*3c<+=PZT_G(CoL~Pr+BYvEQ{9W|S`5bT->gQ|K_B!jo{77T0e}kHcc8rPQh@S3REWgDutA?t&~E zXMz1@3kF4BC{nr>sOg+DZo6bvPJ+u{S{qROpgrxYHJel%7paTUYfVLL)_sUJq227| z@`A#-y$QAr#Tq5{qU%kN9hL8{(?X$UBJc=|N-tBZ3$1Q1#q-H7oSL3ayGN`qHVupQ zG~2!k(+efA);)`+`4AQr{iEAm=PIgvHQ{O>d^MoUVc0|A_SWef|AENc)81Niv1-*e z+UwBLEwdB82mhmk2qoS3mN8*=Vy{sDlP?SY%P8EpqGdB;h{nwrNOQ_>AMOd72-IU= z5mkLgpahCO)Yz-X_)@Fc4a=gF)N5hJwK`|rTCrHK0n%D*H(@-pe!-nPul|e&&9s7M z7SIse!Jg(^Z@+xeJEka9neJC%k?e7)R{5k3X>=@?hxD3(RzXcLJ)i{(DyL8Cuvmg_ z#1Mr9#iM zuqT|g!Yu@pVA7Ctm{*wXJ!X3^c<8|^AquV{3{u3;4-DOmfhqIC5n6N7rwcK*2EP@m zOF=SkU_L!rrWFq$WMY0jL8%oA&YF3x-zq#p!z!o&0@ER%FrNZo?$Lphgwytbvvt5nLeX;d|1dr-pvUdlqv!TOpe#6We6z|7#YNc zLgwJeO!46^f<_GPE~7SUZdg%8r!XWpo8date|R5ztJ??{oq>-N8m(m@!ZFov_@aVz zxjIRPAHNX8p9wI0zmbbz_*&s0!&hDgU&icU^k6$4=hm8$LPn{K=0P$Bc&9p{D``X= zA~G)PzglC`S_29Ww*}0DXD@4|WH;+@r8=7oYYqcNwd58O63n_*0P++a5U_nuWNBSc zr{C&>*VE^u!JQo5TTox=|JqPj@Y6mk+u3-S0bzeX%j^1ERh;EBm+Im z+Vq6pqjw8WsOK2by7jdj&lReuM`$_278?8Wt7Xv98NH+I@Sz;0oaA;N%3;MJF+E*I zLt%%0f@XIcryXVCP1p3({P02YrEtNUlpsgn!^!a+$2xF|@8dh_1M(Y%l;FD#f^WYj z4lbYkhW4km3+Z>U^4rH?r~Kx-Vea)lgN-Ru-h56Pam{Ttye5=N;hTU7jQEmbs7R24AXD6Tl1WLPw(k~qS+BHomV64C zrQz0&0g{B!c3rb=PKFr`IFc0y;)5L6%m=a%XQp}r=Q5}%?&8hERkxFM{T6EksCUZ#A7 z?8q4tnHDlv6aGNs=1Ig=o7)Yi+cT$e$v`wB>h-gsnLx&76bX~5^inFJrG74Uw|o7F z%>Oigt0N}S_~F|L-U>X1r`yh%^op1Bxq|Q@VzymS6;cQ~-6eH@yjH7a%Z++5U2CMu zwS2nNaB}%Vwq8iLoOCMFXw?dZY&PqdpW6JSX>6?g$oFS5qL1EYZL7E1>3f}})4ub# zmrg(13qSYLS^6(oQ1~&^Wz3Fuw<5!r((I4O=WY|U&l?!%P zt2NT)mQ!pxt#Y=J&Q+~D9t&bwWDyJ?lq;4pg+`{7Ze?>Nr&OwjolEXv5TPO6l=ErO zMJ->?HdBRqHeH?Ayy$MyDc_}?7vA%9%BPV6!`nSjTwtEEja<1_Y}K<_5NN7cu10>% zM2G2odgZ$ByGZ@Vtn>~^-qKcMG^Q*<(|R4!d}GR;ykU5(y( znMSM3z~u_<{DA>0Wm?U04r{wvDwoQ+LN#{Ty5yP_@wb648`*rTm3A7%Of#KvT7~N5 z)@8!7#4b5s13hMn<#aYz1n%i{rr1hVr%qp{9@AMj^0dN4ih+KM0GOo ztIl*E!@y?J{<>QcX)q8+%|R41`EotwG*h))s+0kjtj>N&Eb&a~l9qV8v$Q1oSX!zw z*yje0Xz&X=omXCA}Q=$tQ|W3IxA8w5N%FegqXm9Ie{=QG7jp;oU| z6K5}1$Ati~uhjYjU6)Gra=uWjl?n}~(QK8gdp<6vCR@1VsgcTPZ)xed++Z*sb_)*c zG}Ez8R}a}*B)lUXh_ z^7U5P$v2T3SSaMH`|iF>y`{_2=JH8+Cn?o)&3wI3uQ}O#Gn*;ZtNS~bsrMq28+LYB z%C%ChaxvX1Wy<+xDqTJBNkI&`$F4bedhO-rF{NTDm9J;Apon52Un^9v=wGHmN~g(V zhL2RCS<65b&bMmWVj){DR1aQ0!l0Y+v@?n@@`XYx+bY!yjY76oOqZ%xUN(hAX4dQ^ zjaIo_s-Rqm3PN{61ot@?~&2lZB&NeW@`I=L!9=d$;LnipFP}=V7 zI8|@fn^{m+t&wY#pb=iZebLyuM%AEYkS=*%g%vk}e}LT-%P@BunOr&zlcWf-b#qsVjbcdA-8aclr@@e?ck-q3OT~Ey37< zQCB^D^N6nUFJUHB7MW0Kj6uD<0_KZd4h@)unRKa{ZDcYqp-ZVoAy>Wb$1d1VI#1}d z?X#K8zysg0QBGybrF6ZRN;g|gcyFrLzwm^r1L`WMIQHxTy_IvUPw1erE7q8LI$iklc|>q zMd(%aT)q1A%cgj;x1I7fo5^MK#YQWaE)0KJsTmBCiA)SXf)3lWxi*(Eic2e|D`;Z7G<1I?2r${>EooLZsP z$W^nKJ~BuE@UCy+sg~!q< zsclE6f&>GD+bZT$C1`uiGQ7vBbgEixT{LysIsg^IETj@Op^z?LEoW!s)%(Iy>k6(OfY1a;i`cTWIW~PByVWSR3u~Dj3Z@hSOde@#ZId3$j>Vh4EaK_^hh=GC4 z(!es-h;bq?`gmHVSTomwPLdf*BjKed<#LLXM9GwS}x6l3vPhu zjJxu&F5xI#TDna=c%itz+_p+FpJ~>znS2UC&qfhe`7?i6f_`Zp&LHUGPy`=xVccDA zz*BWt^Qn41-zYbl5c}0*{lE8PPyG{ag`>uL$Fe41aZ{ z#`c7v=D>qkPqiRsS}nxxZkF&lcX8W=3*Rj(oKigv7hmX#B6q$t#yKRPR~+-6=z5b#FaBTloz{Ffi&$ZSb&9K|Io z-Z5&PGHGe%s!&+J!;8%h=BZprr3%ed8H#%|UC5NGwJFsgI;+23aHRC;AckLlFtq(# zu+$n7K6DP$=yaW>C7f5(1;_2y+I<9Oc*k-G(YQ4j&t~!w7j~-Ig2$qaY>7I8b;W9f zQ--y&y-|0%O%4F}!aL#uli1=#-&tQj$x#)fwEDdx=qH_722q?sI>!qTB2R^QB{}BijCjgfU>YjS*ygAuCsp`@-2Q{RhR>qSGoi8g-|Us-^O& ze5?9O^Wt5Zqlaq1X;54(Ws13GE(OnII-PISGu2mJK8##X0q4F6U7%cmLI~v$3dO6< zS3HJsyCm-b)tM$@*7;@zc|%a^O4a+!n@03r*r@T)j{FwR2;`*KOZ7&&mW4Yyk0p}L zSAX1mbOuqtJQ<Z?sC;>TAqV;#NVNPB{YRmF;W>a2HF++{++$ zFAM)u83FLunxkB6!y3u^4blg^j#iOnQ!2ol55In{Rjg&IOY7^WHh2UMPNAgE+u|+YOck35Z>8X>uGh1LT&eo{#}%AhwgsyqovlItDZm9&{fWmF90bFf#X6G0 z8u?PASgeD8JD zF%eL@SZqS~Kz>)FQEN6D)i*uA^Seei1b~YYkCT^AKdfyAJ-&@u#Wv$5M z-Su`Iw%jJI6Q?P%`!+iw)wYGc$@iT`AysNX0+w^>MygSLoB8`AQ7XuY`5001)0%HX z_Ugsq^&FU~%yrdKYrx%{X7~zPE)qvd)wi3^A2C@$?QYi^v-(rs{=a1B@Y$$o9L< zN9WiNG{3`3i=_eoPd_m*50zA+X=7{;c_eiv=^VgGMBiz;Z7)kPKcx zj%yu`)?BmtbLRIys`hd;)i80~mym_0vxGbkPG9wYb5z1e0Nnt9dEv-Ii|{z6^LZy% zgwm2tBmVJz^Tm$}#FFb>LZfia=L^V|Ei~aC%Od;w1Lmmox!u8(VK>guig5SB1=pbi zJOu-%*+4WK`LWGXv#5-mAq4zE^F@yeog$n%OoT*d*sRlZn5Kj57GzhKs~;N4h(}-} zGJ}FEgBDq%P)}uk?V(j85>Af z-)L-|B{^WaYS~(fCz`@Dn6G}!EbLydhnbN)d$T8TE)vxn6VWEKLBL*7sWF`_>dV@T}Ded7;J?o!qP?K;>q<+y|&)FA=Yc3 K++2ji_x}TZ&P#a! literal 0 HcmV?d00001 diff --git a/examples/wasm_component/wit/deps.lock b/examples/wasm_component/wit/deps.lock new file mode 100644 index 000000000..5bd958bd5 --- /dev/null +++ b/examples/wasm_component/wit/deps.lock @@ -0,0 +1,29 @@ +[cli] +sha256 = "285865a31d777181b075f39e92bcfe59c89cd6bacce660be1b9a627646956258" +sha512 = "da2622210a9e3eea82b99f1a5b8a44ce5443d009cb943f7bca0bf9cf4360829b289913d7ee727c011f0f72994ea7dc8e661ebcc0a6b34b587297d80cd9b3f7e8" + +[clocks] +sha256 = "468b4d12892fe926b8eb5d398dbf579d566c93231fa44f415440572c695b7613" +sha512 = "e6b53a07221f1413953c9797c68f08b815fdaebf66419bbc1ea3e8b7dece73731062693634731f311a03957b268cf9cc509c518bd15e513c318aa04a8459b93a" + +[filesystem] +sha256 = "498c465cfd04587db40f970fff2185daa597d074c20b68a8bcbae558f261499b" +sha512 = "ead452f9b7bfb88593a502ec00d76d4228003d51c40fd0408aebc32d35c94673551b00230d730873361567cc209ec218c41fb4e95bad194268592c49e7964347" + +[http] +url = "https://github.com/WebAssembly/wasi-http/archive/v0.2.0.tar.gz" +sha256 = "8f44402bde16c48e28c47dc53eab0b26af5b3b3482a1852cf77673e0880ba1c1" +sha512 = "760695f9a25c25bf75a25b731cb21c3bda9e288e450edda823324ecbc73d5d798bbb5de2edad999566980836f037463ee9e57d61789d04b3f3e381475b1a9a0f" +deps = ["cli", "clocks", "filesystem", "io", "random", "sockets"] + +[io] +sha256 = "7210e5653539a15478f894d4da24cc69d61924cbcba21d2804d69314a88e5a4c" +sha512 = "49184a1b0945a889abd52d25271172ed3dc2db6968fcdddb1bab7ee0081f4a3eeee0977ad2291126a37631c0d86eeea75d822fa8af224c422134500bf9f0f2bb" + +[random] +sha256 = "7371d03c037d924caba2587fb2e7c5773a0d3c5fcecbf7971e0e0ba57973c53d" +sha512 = "964c4e8925a53078e4d94ba907b54f89a0b7e154f46823a505391471466c17f53c8692682e5c85771712acd88b348686173fc07c53a3cfe3d301b8cd8ddd0de4" + +[sockets] +sha256 = "622bd28bbeb43736375dc02bd003fd3a016ff8ee91e14bab488325c6b38bf966" +sha512 = "5a63c1f36de0c4548e1d2297bdbededb28721cbad94ef7825c469eae29d7451c97e00b4c1d6730ee1ec0c4a5aac922961a2795762d4a0c3bb54e30a391a84bae" diff --git a/examples/wasm_component/wit/deps.toml b/examples/wasm_component/wit/deps.toml new file mode 100644 index 000000000..1b375eef8 --- /dev/null +++ b/examples/wasm_component/wit/deps.toml @@ -0,0 +1 @@ +http = "https://github.com/WebAssembly/wasi-http/archive/v0.2.0.tar.gz" diff --git a/examples/wasm_component/wit/deps/cli/command.wit b/examples/wasm_component/wit/deps/cli/command.wit new file mode 100644 index 000000000..d8005bd38 --- /dev/null +++ b/examples/wasm_component/wit/deps/cli/command.wit @@ -0,0 +1,7 @@ +package wasi:cli@0.2.0; + +world command { + include imports; + + export run; +} diff --git a/examples/wasm_component/wit/deps/cli/environment.wit b/examples/wasm_component/wit/deps/cli/environment.wit new file mode 100644 index 000000000..70065233e --- /dev/null +++ b/examples/wasm_component/wit/deps/cli/environment.wit @@ -0,0 +1,18 @@ +interface environment { + /// Get the POSIX-style environment variables. + /// + /// Each environment variable is provided as a pair of string variable names + /// and string value. + /// + /// Morally, these are a value import, but until value imports are available + /// in the component model, this import function should return the same + /// values each time it is called. + get-environment: func() -> list>; + + /// Get the POSIX-style arguments to the program. + get-arguments: func() -> list; + + /// Return a path that programs should use as their initial current working + /// directory, interpreting `.` as shorthand for this. + initial-cwd: func() -> option; +} diff --git a/examples/wasm_component/wit/deps/cli/exit.wit b/examples/wasm_component/wit/deps/cli/exit.wit new file mode 100644 index 000000000..d0c2b82ae --- /dev/null +++ b/examples/wasm_component/wit/deps/cli/exit.wit @@ -0,0 +1,4 @@ +interface exit { + /// Exit the current instance and any linked instances. + exit: func(status: result); +} diff --git a/examples/wasm_component/wit/deps/cli/imports.wit b/examples/wasm_component/wit/deps/cli/imports.wit new file mode 100644 index 000000000..083b84a03 --- /dev/null +++ b/examples/wasm_component/wit/deps/cli/imports.wit @@ -0,0 +1,20 @@ +package wasi:cli@0.2.0; + +world imports { + include wasi:clocks/imports@0.2.0; + include wasi:filesystem/imports@0.2.0; + include wasi:sockets/imports@0.2.0; + include wasi:random/imports@0.2.0; + include wasi:io/imports@0.2.0; + + import environment; + import exit; + import stdin; + import stdout; + import stderr; + import terminal-input; + import terminal-output; + import terminal-stdin; + import terminal-stdout; + import terminal-stderr; +} diff --git a/examples/wasm_component/wit/deps/cli/run.wit b/examples/wasm_component/wit/deps/cli/run.wit new file mode 100644 index 000000000..a70ee8c03 --- /dev/null +++ b/examples/wasm_component/wit/deps/cli/run.wit @@ -0,0 +1,4 @@ +interface run { + /// Run the program. + run: func() -> result; +} diff --git a/examples/wasm_component/wit/deps/cli/stdio.wit b/examples/wasm_component/wit/deps/cli/stdio.wit new file mode 100644 index 000000000..31ef35b5a --- /dev/null +++ b/examples/wasm_component/wit/deps/cli/stdio.wit @@ -0,0 +1,17 @@ +interface stdin { + use wasi:io/streams@0.2.0.{input-stream}; + + get-stdin: func() -> input-stream; +} + +interface stdout { + use wasi:io/streams@0.2.0.{output-stream}; + + get-stdout: func() -> output-stream; +} + +interface stderr { + use wasi:io/streams@0.2.0.{output-stream}; + + get-stderr: func() -> output-stream; +} diff --git a/examples/wasm_component/wit/deps/cli/terminal.wit b/examples/wasm_component/wit/deps/cli/terminal.wit new file mode 100644 index 000000000..38c724efc --- /dev/null +++ b/examples/wasm_component/wit/deps/cli/terminal.wit @@ -0,0 +1,49 @@ +/// Terminal input. +/// +/// In the future, this may include functions for disabling echoing, +/// disabling input buffering so that keyboard events are sent through +/// immediately, querying supported features, and so on. +interface terminal-input { + /// The input side of a terminal. + resource terminal-input; +} + +/// Terminal output. +/// +/// In the future, this may include functions for querying the terminal +/// size, being notified of terminal size changes, querying supported +/// features, and so on. +interface terminal-output { + /// The output side of a terminal. + resource terminal-output; +} + +/// An interface providing an optional `terminal-input` for stdin as a +/// link-time authority. +interface terminal-stdin { + use terminal-input.{terminal-input}; + + /// If stdin is connected to a terminal, return a `terminal-input` handle + /// allowing further interaction with it. + get-terminal-stdin: func() -> option; +} + +/// An interface providing an optional `terminal-output` for stdout as a +/// link-time authority. +interface terminal-stdout { + use terminal-output.{terminal-output}; + + /// If stdout is connected to a terminal, return a `terminal-output` handle + /// allowing further interaction with it. + get-terminal-stdout: func() -> option; +} + +/// An interface providing an optional `terminal-output` for stderr as a +/// link-time authority. +interface terminal-stderr { + use terminal-output.{terminal-output}; + + /// If stderr is connected to a terminal, return a `terminal-output` handle + /// allowing further interaction with it. + get-terminal-stderr: func() -> option; +} diff --git a/examples/wasm_component/wit/deps/clocks/monotonic-clock.wit b/examples/wasm_component/wit/deps/clocks/monotonic-clock.wit new file mode 100644 index 000000000..4e4dc3a19 --- /dev/null +++ b/examples/wasm_component/wit/deps/clocks/monotonic-clock.wit @@ -0,0 +1,45 @@ +package wasi:clocks@0.2.0; +/// WASI Monotonic Clock is a clock API intended to let users measure elapsed +/// time. +/// +/// It is intended to be portable at least between Unix-family platforms and +/// Windows. +/// +/// A monotonic clock is a clock which has an unspecified initial value, and +/// successive reads of the clock will produce non-decreasing values. +/// +/// It is intended for measuring elapsed time. +interface monotonic-clock { + use wasi:io/poll@0.2.0.{pollable}; + + /// An instant in time, in nanoseconds. An instant is relative to an + /// unspecified initial value, and can only be compared to instances from + /// the same monotonic-clock. + type instant = u64; + + /// A duration of time, in nanoseconds. + type duration = u64; + + /// Read the current value of the clock. + /// + /// The clock is monotonic, therefore calling this function repeatedly will + /// produce a sequence of non-decreasing values. + now: func() -> instant; + + /// Query the resolution of the clock. Returns the duration of time + /// corresponding to a clock tick. + resolution: func() -> duration; + + /// Create a `pollable` which will resolve once the specified instant + /// occured. + subscribe-instant: func( + when: instant, + ) -> pollable; + + /// Create a `pollable` which will resolve once the given duration has + /// elapsed, starting at the time at which this function was called. + /// occured. + subscribe-duration: func( + when: duration, + ) -> pollable; +} diff --git a/examples/wasm_component/wit/deps/clocks/wall-clock.wit b/examples/wasm_component/wit/deps/clocks/wall-clock.wit new file mode 100644 index 000000000..440ca0f33 --- /dev/null +++ b/examples/wasm_component/wit/deps/clocks/wall-clock.wit @@ -0,0 +1,42 @@ +package wasi:clocks@0.2.0; +/// WASI Wall Clock is a clock API intended to let users query the current +/// time. The name "wall" makes an analogy to a "clock on the wall", which +/// is not necessarily monotonic as it may be reset. +/// +/// It is intended to be portable at least between Unix-family platforms and +/// Windows. +/// +/// A wall clock is a clock which measures the date and time according to +/// some external reference. +/// +/// External references may be reset, so this clock is not necessarily +/// monotonic, making it unsuitable for measuring elapsed time. +/// +/// It is intended for reporting the current date and time for humans. +interface wall-clock { + /// A time and date in seconds plus nanoseconds. + record datetime { + seconds: u64, + nanoseconds: u32, + } + + /// Read the current value of the clock. + /// + /// This clock is not monotonic, therefore calling this function repeatedly + /// will not necessarily produce a sequence of non-decreasing values. + /// + /// The returned timestamps represent the number of seconds since + /// 1970-01-01T00:00:00Z, also known as [POSIX's Seconds Since the Epoch], + /// also known as [Unix Time]. + /// + /// The nanoseconds field of the output is always less than 1000000000. + /// + /// [POSIX's Seconds Since the Epoch]: https://pubs.opengroup.org/onlinepubs/9699919799/xrat/V4_xbd_chap04.html#tag_21_04_16 + /// [Unix Time]: https://en.wikipedia.org/wiki/Unix_time + now: func() -> datetime; + + /// Query the resolution of the clock. + /// + /// The nanoseconds field of the output is always less than 1000000000. + resolution: func() -> datetime; +} diff --git a/examples/wasm_component/wit/deps/clocks/world.wit b/examples/wasm_component/wit/deps/clocks/world.wit new file mode 100644 index 000000000..c0224572a --- /dev/null +++ b/examples/wasm_component/wit/deps/clocks/world.wit @@ -0,0 +1,6 @@ +package wasi:clocks@0.2.0; + +world imports { + import monotonic-clock; + import wall-clock; +} diff --git a/examples/wasm_component/wit/deps/filesystem/preopens.wit b/examples/wasm_component/wit/deps/filesystem/preopens.wit new file mode 100644 index 000000000..da801f6d6 --- /dev/null +++ b/examples/wasm_component/wit/deps/filesystem/preopens.wit @@ -0,0 +1,8 @@ +package wasi:filesystem@0.2.0; + +interface preopens { + use types.{descriptor}; + + /// Return the set of preopened directories, and their path. + get-directories: func() -> list>; +} diff --git a/examples/wasm_component/wit/deps/filesystem/types.wit b/examples/wasm_component/wit/deps/filesystem/types.wit new file mode 100644 index 000000000..11108fcda --- /dev/null +++ b/examples/wasm_component/wit/deps/filesystem/types.wit @@ -0,0 +1,634 @@ +package wasi:filesystem@0.2.0; +/// WASI filesystem is a filesystem API primarily intended to let users run WASI +/// programs that access their files on their existing filesystems, without +/// significant overhead. +/// +/// It is intended to be roughly portable between Unix-family platforms and +/// Windows, though it does not hide many of the major differences. +/// +/// Paths are passed as interface-type `string`s, meaning they must consist of +/// a sequence of Unicode Scalar Values (USVs). Some filesystems may contain +/// paths which are not accessible by this API. +/// +/// The directory separator in WASI is always the forward-slash (`/`). +/// +/// All paths in WASI are relative paths, and are interpreted relative to a +/// `descriptor` referring to a base directory. If a `path` argument to any WASI +/// function starts with `/`, or if any step of resolving a `path`, including +/// `..` and symbolic link steps, reaches a directory outside of the base +/// directory, or reaches a symlink to an absolute or rooted path in the +/// underlying filesystem, the function fails with `error-code::not-permitted`. +/// +/// For more information about WASI path resolution and sandboxing, see +/// [WASI filesystem path resolution]. +/// +/// [WASI filesystem path resolution]: https://github.com/WebAssembly/wasi-filesystem/blob/main/path-resolution.md +interface types { + use wasi:io/streams@0.2.0.{input-stream, output-stream, error}; + use wasi:clocks/wall-clock@0.2.0.{datetime}; + + /// File size or length of a region within a file. + type filesize = u64; + + /// The type of a filesystem object referenced by a descriptor. + /// + /// Note: This was called `filetype` in earlier versions of WASI. + enum descriptor-type { + /// The type of the descriptor or file is unknown or is different from + /// any of the other types specified. + unknown, + /// The descriptor refers to a block device inode. + block-device, + /// The descriptor refers to a character device inode. + character-device, + /// The descriptor refers to a directory inode. + directory, + /// The descriptor refers to a named pipe. + fifo, + /// The file refers to a symbolic link inode. + symbolic-link, + /// The descriptor refers to a regular file inode. + regular-file, + /// The descriptor refers to a socket. + socket, + } + + /// Descriptor flags. + /// + /// Note: This was called `fdflags` in earlier versions of WASI. + flags descriptor-flags { + /// Read mode: Data can be read. + read, + /// Write mode: Data can be written to. + write, + /// Request that writes be performed according to synchronized I/O file + /// integrity completion. The data stored in the file and the file's + /// metadata are synchronized. This is similar to `O_SYNC` in POSIX. + /// + /// The precise semantics of this operation have not yet been defined for + /// WASI. At this time, it should be interpreted as a request, and not a + /// requirement. + file-integrity-sync, + /// Request that writes be performed according to synchronized I/O data + /// integrity completion. Only the data stored in the file is + /// synchronized. This is similar to `O_DSYNC` in POSIX. + /// + /// The precise semantics of this operation have not yet been defined for + /// WASI. At this time, it should be interpreted as a request, and not a + /// requirement. + data-integrity-sync, + /// Requests that reads be performed at the same level of integrety + /// requested for writes. This is similar to `O_RSYNC` in POSIX. + /// + /// The precise semantics of this operation have not yet been defined for + /// WASI. At this time, it should be interpreted as a request, and not a + /// requirement. + requested-write-sync, + /// Mutating directories mode: Directory contents may be mutated. + /// + /// When this flag is unset on a descriptor, operations using the + /// descriptor which would create, rename, delete, modify the data or + /// metadata of filesystem objects, or obtain another handle which + /// would permit any of those, shall fail with `error-code::read-only` if + /// they would otherwise succeed. + /// + /// This may only be set on directories. + mutate-directory, + } + + /// File attributes. + /// + /// Note: This was called `filestat` in earlier versions of WASI. + record descriptor-stat { + /// File type. + %type: descriptor-type, + /// Number of hard links to the file. + link-count: link-count, + /// For regular files, the file size in bytes. For symbolic links, the + /// length in bytes of the pathname contained in the symbolic link. + size: filesize, + /// Last data access timestamp. + /// + /// If the `option` is none, the platform doesn't maintain an access + /// timestamp for this file. + data-access-timestamp: option, + /// Last data modification timestamp. + /// + /// If the `option` is none, the platform doesn't maintain a + /// modification timestamp for this file. + data-modification-timestamp: option, + /// Last file status-change timestamp. + /// + /// If the `option` is none, the platform doesn't maintain a + /// status-change timestamp for this file. + status-change-timestamp: option, + } + + /// Flags determining the method of how paths are resolved. + flags path-flags { + /// As long as the resolved path corresponds to a symbolic link, it is + /// expanded. + symlink-follow, + } + + /// Open flags used by `open-at`. + flags open-flags { + /// Create file if it does not exist, similar to `O_CREAT` in POSIX. + create, + /// Fail if not a directory, similar to `O_DIRECTORY` in POSIX. + directory, + /// Fail if file already exists, similar to `O_EXCL` in POSIX. + exclusive, + /// Truncate file to size 0, similar to `O_TRUNC` in POSIX. + truncate, + } + + /// Number of hard links to an inode. + type link-count = u64; + + /// When setting a timestamp, this gives the value to set it to. + variant new-timestamp { + /// Leave the timestamp set to its previous value. + no-change, + /// Set the timestamp to the current time of the system clock associated + /// with the filesystem. + now, + /// Set the timestamp to the given value. + timestamp(datetime), + } + + /// A directory entry. + record directory-entry { + /// The type of the file referred to by this directory entry. + %type: descriptor-type, + + /// The name of the object. + name: string, + } + + /// Error codes returned by functions, similar to `errno` in POSIX. + /// Not all of these error codes are returned by the functions provided by this + /// API; some are used in higher-level library layers, and others are provided + /// merely for alignment with POSIX. + enum error-code { + /// Permission denied, similar to `EACCES` in POSIX. + access, + /// Resource unavailable, or operation would block, similar to `EAGAIN` and `EWOULDBLOCK` in POSIX. + would-block, + /// Connection already in progress, similar to `EALREADY` in POSIX. + already, + /// Bad descriptor, similar to `EBADF` in POSIX. + bad-descriptor, + /// Device or resource busy, similar to `EBUSY` in POSIX. + busy, + /// Resource deadlock would occur, similar to `EDEADLK` in POSIX. + deadlock, + /// Storage quota exceeded, similar to `EDQUOT` in POSIX. + quota, + /// File exists, similar to `EEXIST` in POSIX. + exist, + /// File too large, similar to `EFBIG` in POSIX. + file-too-large, + /// Illegal byte sequence, similar to `EILSEQ` in POSIX. + illegal-byte-sequence, + /// Operation in progress, similar to `EINPROGRESS` in POSIX. + in-progress, + /// Interrupted function, similar to `EINTR` in POSIX. + interrupted, + /// Invalid argument, similar to `EINVAL` in POSIX. + invalid, + /// I/O error, similar to `EIO` in POSIX. + io, + /// Is a directory, similar to `EISDIR` in POSIX. + is-directory, + /// Too many levels of symbolic links, similar to `ELOOP` in POSIX. + loop, + /// Too many links, similar to `EMLINK` in POSIX. + too-many-links, + /// Message too large, similar to `EMSGSIZE` in POSIX. + message-size, + /// Filename too long, similar to `ENAMETOOLONG` in POSIX. + name-too-long, + /// No such device, similar to `ENODEV` in POSIX. + no-device, + /// No such file or directory, similar to `ENOENT` in POSIX. + no-entry, + /// No locks available, similar to `ENOLCK` in POSIX. + no-lock, + /// Not enough space, similar to `ENOMEM` in POSIX. + insufficient-memory, + /// No space left on device, similar to `ENOSPC` in POSIX. + insufficient-space, + /// Not a directory or a symbolic link to a directory, similar to `ENOTDIR` in POSIX. + not-directory, + /// Directory not empty, similar to `ENOTEMPTY` in POSIX. + not-empty, + /// State not recoverable, similar to `ENOTRECOVERABLE` in POSIX. + not-recoverable, + /// Not supported, similar to `ENOTSUP` and `ENOSYS` in POSIX. + unsupported, + /// Inappropriate I/O control operation, similar to `ENOTTY` in POSIX. + no-tty, + /// No such device or address, similar to `ENXIO` in POSIX. + no-such-device, + /// Value too large to be stored in data type, similar to `EOVERFLOW` in POSIX. + overflow, + /// Operation not permitted, similar to `EPERM` in POSIX. + not-permitted, + /// Broken pipe, similar to `EPIPE` in POSIX. + pipe, + /// Read-only file system, similar to `EROFS` in POSIX. + read-only, + /// Invalid seek, similar to `ESPIPE` in POSIX. + invalid-seek, + /// Text file busy, similar to `ETXTBSY` in POSIX. + text-file-busy, + /// Cross-device link, similar to `EXDEV` in POSIX. + cross-device, + } + + /// File or memory access pattern advisory information. + enum advice { + /// The application has no advice to give on its behavior with respect + /// to the specified data. + normal, + /// The application expects to access the specified data sequentially + /// from lower offsets to higher offsets. + sequential, + /// The application expects to access the specified data in a random + /// order. + random, + /// The application expects to access the specified data in the near + /// future. + will-need, + /// The application expects that it will not access the specified data + /// in the near future. + dont-need, + /// The application expects to access the specified data once and then + /// not reuse it thereafter. + no-reuse, + } + + /// A 128-bit hash value, split into parts because wasm doesn't have a + /// 128-bit integer type. + record metadata-hash-value { + /// 64 bits of a 128-bit hash value. + lower: u64, + /// Another 64 bits of a 128-bit hash value. + upper: u64, + } + + /// A descriptor is a reference to a filesystem object, which may be a file, + /// directory, named pipe, special file, or other object on which filesystem + /// calls may be made. + resource descriptor { + /// Return a stream for reading from a file, if available. + /// + /// May fail with an error-code describing why the file cannot be read. + /// + /// Multiple read, write, and append streams may be active on the same open + /// file and they do not interfere with each other. + /// + /// Note: This allows using `read-stream`, which is similar to `read` in POSIX. + read-via-stream: func( + /// The offset within the file at which to start reading. + offset: filesize, + ) -> result; + + /// Return a stream for writing to a file, if available. + /// + /// May fail with an error-code describing why the file cannot be written. + /// + /// Note: This allows using `write-stream`, which is similar to `write` in + /// POSIX. + write-via-stream: func( + /// The offset within the file at which to start writing. + offset: filesize, + ) -> result; + + /// Return a stream for appending to a file, if available. + /// + /// May fail with an error-code describing why the file cannot be appended. + /// + /// Note: This allows using `write-stream`, which is similar to `write` with + /// `O_APPEND` in in POSIX. + append-via-stream: func() -> result; + + /// Provide file advisory information on a descriptor. + /// + /// This is similar to `posix_fadvise` in POSIX. + advise: func( + /// The offset within the file to which the advisory applies. + offset: filesize, + /// The length of the region to which the advisory applies. + length: filesize, + /// The advice. + advice: advice + ) -> result<_, error-code>; + + /// Synchronize the data of a file to disk. + /// + /// This function succeeds with no effect if the file descriptor is not + /// opened for writing. + /// + /// Note: This is similar to `fdatasync` in POSIX. + sync-data: func() -> result<_, error-code>; + + /// Get flags associated with a descriptor. + /// + /// Note: This returns similar flags to `fcntl(fd, F_GETFL)` in POSIX. + /// + /// Note: This returns the value that was the `fs_flags` value returned + /// from `fdstat_get` in earlier versions of WASI. + get-flags: func() -> result; + + /// Get the dynamic type of a descriptor. + /// + /// Note: This returns the same value as the `type` field of the `fd-stat` + /// returned by `stat`, `stat-at` and similar. + /// + /// Note: This returns similar flags to the `st_mode & S_IFMT` value provided + /// by `fstat` in POSIX. + /// + /// Note: This returns the value that was the `fs_filetype` value returned + /// from `fdstat_get` in earlier versions of WASI. + get-type: func() -> result; + + /// Adjust the size of an open file. If this increases the file's size, the + /// extra bytes are filled with zeros. + /// + /// Note: This was called `fd_filestat_set_size` in earlier versions of WASI. + set-size: func(size: filesize) -> result<_, error-code>; + + /// Adjust the timestamps of an open file or directory. + /// + /// Note: This is similar to `futimens` in POSIX. + /// + /// Note: This was called `fd_filestat_set_times` in earlier versions of WASI. + set-times: func( + /// The desired values of the data access timestamp. + data-access-timestamp: new-timestamp, + /// The desired values of the data modification timestamp. + data-modification-timestamp: new-timestamp, + ) -> result<_, error-code>; + + /// Read from a descriptor, without using and updating the descriptor's offset. + /// + /// This function returns a list of bytes containing the data that was + /// read, along with a bool which, when true, indicates that the end of the + /// file was reached. The returned list will contain up to `length` bytes; it + /// may return fewer than requested, if the end of the file is reached or + /// if the I/O operation is interrupted. + /// + /// In the future, this may change to return a `stream`. + /// + /// Note: This is similar to `pread` in POSIX. + read: func( + /// The maximum number of bytes to read. + length: filesize, + /// The offset within the file at which to read. + offset: filesize, + ) -> result, bool>, error-code>; + + /// Write to a descriptor, without using and updating the descriptor's offset. + /// + /// It is valid to write past the end of a file; the file is extended to the + /// extent of the write, with bytes between the previous end and the start of + /// the write set to zero. + /// + /// In the future, this may change to take a `stream`. + /// + /// Note: This is similar to `pwrite` in POSIX. + write: func( + /// Data to write + buffer: list, + /// The offset within the file at which to write. + offset: filesize, + ) -> result; + + /// Read directory entries from a directory. + /// + /// On filesystems where directories contain entries referring to themselves + /// and their parents, often named `.` and `..` respectively, these entries + /// are omitted. + /// + /// This always returns a new stream which starts at the beginning of the + /// directory. Multiple streams may be active on the same directory, and they + /// do not interfere with each other. + read-directory: func() -> result; + + /// Synchronize the data and metadata of a file to disk. + /// + /// This function succeeds with no effect if the file descriptor is not + /// opened for writing. + /// + /// Note: This is similar to `fsync` in POSIX. + sync: func() -> result<_, error-code>; + + /// Create a directory. + /// + /// Note: This is similar to `mkdirat` in POSIX. + create-directory-at: func( + /// The relative path at which to create the directory. + path: string, + ) -> result<_, error-code>; + + /// Return the attributes of an open file or directory. + /// + /// Note: This is similar to `fstat` in POSIX, except that it does not return + /// device and inode information. For testing whether two descriptors refer to + /// the same underlying filesystem object, use `is-same-object`. To obtain + /// additional data that can be used do determine whether a file has been + /// modified, use `metadata-hash`. + /// + /// Note: This was called `fd_filestat_get` in earlier versions of WASI. + stat: func() -> result; + + /// Return the attributes of a file or directory. + /// + /// Note: This is similar to `fstatat` in POSIX, except that it does not + /// return device and inode information. See the `stat` description for a + /// discussion of alternatives. + /// + /// Note: This was called `path_filestat_get` in earlier versions of WASI. + stat-at: func( + /// Flags determining the method of how the path is resolved. + path-flags: path-flags, + /// The relative path of the file or directory to inspect. + path: string, + ) -> result; + + /// Adjust the timestamps of a file or directory. + /// + /// Note: This is similar to `utimensat` in POSIX. + /// + /// Note: This was called `path_filestat_set_times` in earlier versions of + /// WASI. + set-times-at: func( + /// Flags determining the method of how the path is resolved. + path-flags: path-flags, + /// The relative path of the file or directory to operate on. + path: string, + /// The desired values of the data access timestamp. + data-access-timestamp: new-timestamp, + /// The desired values of the data modification timestamp. + data-modification-timestamp: new-timestamp, + ) -> result<_, error-code>; + + /// Create a hard link. + /// + /// Note: This is similar to `linkat` in POSIX. + link-at: func( + /// Flags determining the method of how the path is resolved. + old-path-flags: path-flags, + /// The relative source path from which to link. + old-path: string, + /// The base directory for `new-path`. + new-descriptor: borrow, + /// The relative destination path at which to create the hard link. + new-path: string, + ) -> result<_, error-code>; + + /// Open a file or directory. + /// + /// The returned descriptor is not guaranteed to be the lowest-numbered + /// descriptor not currently open/ it is randomized to prevent applications + /// from depending on making assumptions about indexes, since this is + /// error-prone in multi-threaded contexts. The returned descriptor is + /// guaranteed to be less than 2**31. + /// + /// If `flags` contains `descriptor-flags::mutate-directory`, and the base + /// descriptor doesn't have `descriptor-flags::mutate-directory` set, + /// `open-at` fails with `error-code::read-only`. + /// + /// If `flags` contains `write` or `mutate-directory`, or `open-flags` + /// contains `truncate` or `create`, and the base descriptor doesn't have + /// `descriptor-flags::mutate-directory` set, `open-at` fails with + /// `error-code::read-only`. + /// + /// Note: This is similar to `openat` in POSIX. + open-at: func( + /// Flags determining the method of how the path is resolved. + path-flags: path-flags, + /// The relative path of the object to open. + path: string, + /// The method by which to open the file. + open-flags: open-flags, + /// Flags to use for the resulting descriptor. + %flags: descriptor-flags, + ) -> result; + + /// Read the contents of a symbolic link. + /// + /// If the contents contain an absolute or rooted path in the underlying + /// filesystem, this function fails with `error-code::not-permitted`. + /// + /// Note: This is similar to `readlinkat` in POSIX. + readlink-at: func( + /// The relative path of the symbolic link from which to read. + path: string, + ) -> result; + + /// Remove a directory. + /// + /// Return `error-code::not-empty` if the directory is not empty. + /// + /// Note: This is similar to `unlinkat(fd, path, AT_REMOVEDIR)` in POSIX. + remove-directory-at: func( + /// The relative path to a directory to remove. + path: string, + ) -> result<_, error-code>; + + /// Rename a filesystem object. + /// + /// Note: This is similar to `renameat` in POSIX. + rename-at: func( + /// The relative source path of the file or directory to rename. + old-path: string, + /// The base directory for `new-path`. + new-descriptor: borrow, + /// The relative destination path to which to rename the file or directory. + new-path: string, + ) -> result<_, error-code>; + + /// Create a symbolic link (also known as a "symlink"). + /// + /// If `old-path` starts with `/`, the function fails with + /// `error-code::not-permitted`. + /// + /// Note: This is similar to `symlinkat` in POSIX. + symlink-at: func( + /// The contents of the symbolic link. + old-path: string, + /// The relative destination path at which to create the symbolic link. + new-path: string, + ) -> result<_, error-code>; + + /// Unlink a filesystem object that is not a directory. + /// + /// Return `error-code::is-directory` if the path refers to a directory. + /// Note: This is similar to `unlinkat(fd, path, 0)` in POSIX. + unlink-file-at: func( + /// The relative path to a file to unlink. + path: string, + ) -> result<_, error-code>; + + /// Test whether two descriptors refer to the same filesystem object. + /// + /// In POSIX, this corresponds to testing whether the two descriptors have the + /// same device (`st_dev`) and inode (`st_ino` or `d_ino`) numbers. + /// wasi-filesystem does not expose device and inode numbers, so this function + /// may be used instead. + is-same-object: func(other: borrow) -> bool; + + /// Return a hash of the metadata associated with a filesystem object referred + /// to by a descriptor. + /// + /// This returns a hash of the last-modification timestamp and file size, and + /// may also include the inode number, device number, birth timestamp, and + /// other metadata fields that may change when the file is modified or + /// replaced. It may also include a secret value chosen by the + /// implementation and not otherwise exposed. + /// + /// Implementations are encourated to provide the following properties: + /// + /// - If the file is not modified or replaced, the computed hash value should + /// usually not change. + /// - If the object is modified or replaced, the computed hash value should + /// usually change. + /// - The inputs to the hash should not be easily computable from the + /// computed hash. + /// + /// However, none of these is required. + metadata-hash: func() -> result; + + /// Return a hash of the metadata associated with a filesystem object referred + /// to by a directory descriptor and a relative path. + /// + /// This performs the same hash computation as `metadata-hash`. + metadata-hash-at: func( + /// Flags determining the method of how the path is resolved. + path-flags: path-flags, + /// The relative path of the file or directory to inspect. + path: string, + ) -> result; + } + + /// A stream of directory entries. + resource directory-entry-stream { + /// Read a single directory entry from a `directory-entry-stream`. + read-directory-entry: func() -> result, error-code>; + } + + /// Attempts to extract a filesystem-related `error-code` from the stream + /// `error` provided. + /// + /// Stream operations which return `stream-error::last-operation-failed` + /// have a payload with more information about the operation that failed. + /// This payload can be passed through to this function to see if there's + /// filesystem-related information about the error to return. + /// + /// Note that this function is fallible because not all stream-related + /// errors are filesystem-related errors. + filesystem-error-code: func(err: borrow) -> option; +} diff --git a/examples/wasm_component/wit/deps/filesystem/world.wit b/examples/wasm_component/wit/deps/filesystem/world.wit new file mode 100644 index 000000000..663f57920 --- /dev/null +++ b/examples/wasm_component/wit/deps/filesystem/world.wit @@ -0,0 +1,6 @@ +package wasi:filesystem@0.2.0; + +world imports { + import types; + import preopens; +} diff --git a/examples/wasm_component/wit/deps/http/handler.wit b/examples/wasm_component/wit/deps/http/handler.wit new file mode 100644 index 000000000..a34a0649d --- /dev/null +++ b/examples/wasm_component/wit/deps/http/handler.wit @@ -0,0 +1,43 @@ +/// This interface defines a handler of incoming HTTP Requests. It should +/// be exported by components which can respond to HTTP Requests. +interface incoming-handler { + use types.{incoming-request, response-outparam}; + + /// This function is invoked with an incoming HTTP Request, and a resource + /// `response-outparam` which provides the capability to reply with an HTTP + /// Response. The response is sent by calling the `response-outparam.set` + /// method, which allows execution to continue after the response has been + /// sent. This enables both streaming to the response body, and performing other + /// work. + /// + /// The implementor of this function must write a response to the + /// `response-outparam` before returning, or else the caller will respond + /// with an error on its behalf. + handle: func( + request: incoming-request, + response-out: response-outparam + ); +} + +/// This interface defines a handler of outgoing HTTP Requests. It should be +/// imported by components which wish to make HTTP Requests. +interface outgoing-handler { + use types.{ + outgoing-request, request-options, future-incoming-response, error-code + }; + + /// This function is invoked with an outgoing HTTP Request, and it returns + /// a resource `future-incoming-response` which represents an HTTP Response + /// which may arrive in the future. + /// + /// The `options` argument accepts optional parameters for the HTTP + /// protocol's transport layer. + /// + /// This function may return an error if the `outgoing-request` is invalid + /// or not allowed to be made. Otherwise, protocol errors are reported + /// through the `future-incoming-response`. + handle: func( + request: outgoing-request, + options: option + ) -> result; +} diff --git a/examples/wasm_component/wit/deps/http/proxy.wit b/examples/wasm_component/wit/deps/http/proxy.wit new file mode 100644 index 000000000..687c24d23 --- /dev/null +++ b/examples/wasm_component/wit/deps/http/proxy.wit @@ -0,0 +1,32 @@ +package wasi:http@0.2.0; + +/// The `wasi:http/proxy` world captures a widely-implementable intersection of +/// hosts that includes HTTP forward and reverse proxies. Components targeting +/// this world may concurrently stream in and out any number of incoming and +/// outgoing HTTP requests. +world proxy { + /// HTTP proxies have access to time and randomness. + include wasi:clocks/imports@0.2.0; + import wasi:random/random@0.2.0; + + /// Proxies have standard output and error streams which are expected to + /// terminate in a developer-facing console provided by the host. + import wasi:cli/stdout@0.2.0; + import wasi:cli/stderr@0.2.0; + + /// TODO: this is a temporary workaround until component tooling is able to + /// gracefully handle the absence of stdin. Hosts must return an eof stream + /// for this import, which is what wasi-libc + tooling will do automatically + /// when this import is properly removed. + import wasi:cli/stdin@0.2.0; + + /// This is the default handler to use when user code simply wants to make an + /// HTTP request (e.g., via `fetch()`). + import outgoing-handler; + + /// The host delivers incoming HTTP requests to a component by calling the + /// `handle` function of this exported interface. A host may arbitrarily reuse + /// or not reuse component instance when delivering incoming HTTP requests and + /// thus a component must be able to handle 0..N calls to `handle`. + export incoming-handler; +} diff --git a/examples/wasm_component/wit/deps/http/types.wit b/examples/wasm_component/wit/deps/http/types.wit new file mode 100644 index 000000000..755ac6a6b --- /dev/null +++ b/examples/wasm_component/wit/deps/http/types.wit @@ -0,0 +1,570 @@ +/// This interface defines all of the types and methods for implementing +/// HTTP Requests and Responses, both incoming and outgoing, as well as +/// their headers, trailers, and bodies. +interface types { + use wasi:clocks/monotonic-clock@0.2.0.{duration}; + use wasi:io/streams@0.2.0.{input-stream, output-stream}; + use wasi:io/error@0.2.0.{error as io-error}; + use wasi:io/poll@0.2.0.{pollable}; + + /// This type corresponds to HTTP standard Methods. + variant method { + get, + head, + post, + put, + delete, + connect, + options, + trace, + patch, + other(string) + } + + /// This type corresponds to HTTP standard Related Schemes. + variant scheme { + HTTP, + HTTPS, + other(string) + } + + /// These cases are inspired by the IANA HTTP Proxy Error Types: + /// https://www.iana.org/assignments/http-proxy-status/http-proxy-status.xhtml#table-http-proxy-error-types + variant error-code { + DNS-timeout, + DNS-error(DNS-error-payload), + destination-not-found, + destination-unavailable, + destination-IP-prohibited, + destination-IP-unroutable, + connection-refused, + connection-terminated, + connection-timeout, + connection-read-timeout, + connection-write-timeout, + connection-limit-reached, + TLS-protocol-error, + TLS-certificate-error, + TLS-alert-received(TLS-alert-received-payload), + HTTP-request-denied, + HTTP-request-length-required, + HTTP-request-body-size(option), + HTTP-request-method-invalid, + HTTP-request-URI-invalid, + HTTP-request-URI-too-long, + HTTP-request-header-section-size(option), + HTTP-request-header-size(option), + HTTP-request-trailer-section-size(option), + HTTP-request-trailer-size(field-size-payload), + HTTP-response-incomplete, + HTTP-response-header-section-size(option), + HTTP-response-header-size(field-size-payload), + HTTP-response-body-size(option), + HTTP-response-trailer-section-size(option), + HTTP-response-trailer-size(field-size-payload), + HTTP-response-transfer-coding(option), + HTTP-response-content-coding(option), + HTTP-response-timeout, + HTTP-upgrade-failed, + HTTP-protocol-error, + loop-detected, + configuration-error, + /// This is a catch-all error for anything that doesn't fit cleanly into a + /// more specific case. It also includes an optional string for an + /// unstructured description of the error. Users should not depend on the + /// string for diagnosing errors, as it's not required to be consistent + /// between implementations. + internal-error(option) + } + + /// Defines the case payload type for `DNS-error` above: + record DNS-error-payload { + rcode: option, + info-code: option + } + + /// Defines the case payload type for `TLS-alert-received` above: + record TLS-alert-received-payload { + alert-id: option, + alert-message: option + } + + /// Defines the case payload type for `HTTP-response-{header,trailer}-size` above: + record field-size-payload { + field-name: option, + field-size: option + } + + /// Attempts to extract a http-related `error` from the wasi:io `error` + /// provided. + /// + /// Stream operations which return + /// `wasi:io/stream/stream-error::last-operation-failed` have a payload of + /// type `wasi:io/error/error` with more information about the operation + /// that failed. This payload can be passed through to this function to see + /// if there's http-related information about the error to return. + /// + /// Note that this function is fallible because not all io-errors are + /// http-related errors. + http-error-code: func(err: borrow) -> option; + + /// This type enumerates the different kinds of errors that may occur when + /// setting or appending to a `fields` resource. + variant header-error { + /// This error indicates that a `field-key` or `field-value` was + /// syntactically invalid when used with an operation that sets headers in a + /// `fields`. + invalid-syntax, + + /// This error indicates that a forbidden `field-key` was used when trying + /// to set a header in a `fields`. + forbidden, + + /// This error indicates that the operation on the `fields` was not + /// permitted because the fields are immutable. + immutable, + } + + /// Field keys are always strings. + type field-key = string; + + /// Field values should always be ASCII strings. However, in + /// reality, HTTP implementations often have to interpret malformed values, + /// so they are provided as a list of bytes. + type field-value = list; + + /// This following block defines the `fields` resource which corresponds to + /// HTTP standard Fields. Fields are a common representation used for both + /// Headers and Trailers. + /// + /// A `fields` may be mutable or immutable. A `fields` created using the + /// constructor, `from-list`, or `clone` will be mutable, but a `fields` + /// resource given by other means (including, but not limited to, + /// `incoming-request.headers`, `outgoing-request.headers`) might be be + /// immutable. In an immutable fields, the `set`, `append`, and `delete` + /// operations will fail with `header-error.immutable`. + resource fields { + + /// Construct an empty HTTP Fields. + /// + /// The resulting `fields` is mutable. + constructor(); + + /// Construct an HTTP Fields. + /// + /// The resulting `fields` is mutable. + /// + /// The list represents each key-value pair in the Fields. Keys + /// which have multiple values are represented by multiple entries in this + /// list with the same key. + /// + /// The tuple is a pair of the field key, represented as a string, and + /// Value, represented as a list of bytes. In a valid Fields, all keys + /// and values are valid UTF-8 strings. However, values are not always + /// well-formed, so they are represented as a raw list of bytes. + /// + /// An error result will be returned if any header or value was + /// syntactically invalid, or if a header was forbidden. + from-list: static func( + entries: list> + ) -> result; + + /// Get all of the values corresponding to a key. If the key is not present + /// in this `fields`, an empty list is returned. However, if the key is + /// present but empty, this is represented by a list with one or more + /// empty field-values present. + get: func(name: field-key) -> list; + + /// Returns `true` when the key is present in this `fields`. If the key is + /// syntactically invalid, `false` is returned. + has: func(name: field-key) -> bool; + + /// Set all of the values for a key. Clears any existing values for that + /// key, if they have been set. + /// + /// Fails with `header-error.immutable` if the `fields` are immutable. + set: func(name: field-key, value: list) -> result<_, header-error>; + + /// Delete all values for a key. Does nothing if no values for the key + /// exist. + /// + /// Fails with `header-error.immutable` if the `fields` are immutable. + delete: func(name: field-key) -> result<_, header-error>; + + /// Append a value for a key. Does not change or delete any existing + /// values for that key. + /// + /// Fails with `header-error.immutable` if the `fields` are immutable. + append: func(name: field-key, value: field-value) -> result<_, header-error>; + + /// Retrieve the full set of keys and values in the Fields. Like the + /// constructor, the list represents each key-value pair. + /// + /// The outer list represents each key-value pair in the Fields. Keys + /// which have multiple values are represented by multiple entries in this + /// list with the same key. + entries: func() -> list>; + + /// Make a deep copy of the Fields. Equivelant in behavior to calling the + /// `fields` constructor on the return value of `entries`. The resulting + /// `fields` is mutable. + clone: func() -> fields; + } + + /// Headers is an alias for Fields. + type headers = fields; + + /// Trailers is an alias for Fields. + type trailers = fields; + + /// Represents an incoming HTTP Request. + resource incoming-request { + + /// Returns the method of the incoming request. + method: func() -> method; + + /// Returns the path with query parameters from the request, as a string. + path-with-query: func() -> option; + + /// Returns the protocol scheme from the request. + scheme: func() -> option; + + /// Returns the authority from the request, if it was present. + authority: func() -> option; + + /// Get the `headers` associated with the request. + /// + /// The returned `headers` resource is immutable: `set`, `append`, and + /// `delete` operations will fail with `header-error.immutable`. + /// + /// The `headers` returned are a child resource: it must be dropped before + /// the parent `incoming-request` is dropped. Dropping this + /// `incoming-request` before all children are dropped will trap. + headers: func() -> headers; + + /// Gives the `incoming-body` associated with this request. Will only + /// return success at most once, and subsequent calls will return error. + consume: func() -> result; + } + + /// Represents an outgoing HTTP Request. + resource outgoing-request { + + /// Construct a new `outgoing-request` with a default `method` of `GET`, and + /// `none` values for `path-with-query`, `scheme`, and `authority`. + /// + /// * `headers` is the HTTP Headers for the Request. + /// + /// It is possible to construct, or manipulate with the accessor functions + /// below, an `outgoing-request` with an invalid combination of `scheme` + /// and `authority`, or `headers` which are not permitted to be sent. + /// It is the obligation of the `outgoing-handler.handle` implementation + /// to reject invalid constructions of `outgoing-request`. + constructor( + headers: headers + ); + + /// Returns the resource corresponding to the outgoing Body for this + /// Request. + /// + /// Returns success on the first call: the `outgoing-body` resource for + /// this `outgoing-request` can be retrieved at most once. Subsequent + /// calls will return error. + body: func() -> result; + + /// Get the Method for the Request. + method: func() -> method; + /// Set the Method for the Request. Fails if the string present in a + /// `method.other` argument is not a syntactically valid method. + set-method: func(method: method) -> result; + + /// Get the combination of the HTTP Path and Query for the Request. + /// When `none`, this represents an empty Path and empty Query. + path-with-query: func() -> option; + /// Set the combination of the HTTP Path and Query for the Request. + /// When `none`, this represents an empty Path and empty Query. Fails is the + /// string given is not a syntactically valid path and query uri component. + set-path-with-query: func(path-with-query: option) -> result; + + /// Get the HTTP Related Scheme for the Request. When `none`, the + /// implementation may choose an appropriate default scheme. + scheme: func() -> option; + /// Set the HTTP Related Scheme for the Request. When `none`, the + /// implementation may choose an appropriate default scheme. Fails if the + /// string given is not a syntactically valid uri scheme. + set-scheme: func(scheme: option) -> result; + + /// Get the HTTP Authority for the Request. A value of `none` may be used + /// with Related Schemes which do not require an Authority. The HTTP and + /// HTTPS schemes always require an authority. + authority: func() -> option; + /// Set the HTTP Authority for the Request. A value of `none` may be used + /// with Related Schemes which do not require an Authority. The HTTP and + /// HTTPS schemes always require an authority. Fails if the string given is + /// not a syntactically valid uri authority. + set-authority: func(authority: option) -> result; + + /// Get the headers associated with the Request. + /// + /// The returned `headers` resource is immutable: `set`, `append`, and + /// `delete` operations will fail with `header-error.immutable`. + /// + /// This headers resource is a child: it must be dropped before the parent + /// `outgoing-request` is dropped, or its ownership is transfered to + /// another component by e.g. `outgoing-handler.handle`. + headers: func() -> headers; + } + + /// Parameters for making an HTTP Request. Each of these parameters is + /// currently an optional timeout applicable to the transport layer of the + /// HTTP protocol. + /// + /// These timeouts are separate from any the user may use to bound a + /// blocking call to `wasi:io/poll.poll`. + resource request-options { + /// Construct a default `request-options` value. + constructor(); + + /// The timeout for the initial connect to the HTTP Server. + connect-timeout: func() -> option; + + /// Set the timeout for the initial connect to the HTTP Server. An error + /// return value indicates that this timeout is not supported. + set-connect-timeout: func(duration: option) -> result; + + /// The timeout for receiving the first byte of the Response body. + first-byte-timeout: func() -> option; + + /// Set the timeout for receiving the first byte of the Response body. An + /// error return value indicates that this timeout is not supported. + set-first-byte-timeout: func(duration: option) -> result; + + /// The timeout for receiving subsequent chunks of bytes in the Response + /// body stream. + between-bytes-timeout: func() -> option; + + /// Set the timeout for receiving subsequent chunks of bytes in the Response + /// body stream. An error return value indicates that this timeout is not + /// supported. + set-between-bytes-timeout: func(duration: option) -> result; + } + + /// Represents the ability to send an HTTP Response. + /// + /// This resource is used by the `wasi:http/incoming-handler` interface to + /// allow a Response to be sent corresponding to the Request provided as the + /// other argument to `incoming-handler.handle`. + resource response-outparam { + + /// Set the value of the `response-outparam` to either send a response, + /// or indicate an error. + /// + /// This method consumes the `response-outparam` to ensure that it is + /// called at most once. If it is never called, the implementation + /// will respond with an error. + /// + /// The user may provide an `error` to `response` to allow the + /// implementation determine how to respond with an HTTP error response. + set: static func( + param: response-outparam, + response: result, + ); + } + + /// This type corresponds to the HTTP standard Status Code. + type status-code = u16; + + /// Represents an incoming HTTP Response. + resource incoming-response { + + /// Returns the status code from the incoming response. + status: func() -> status-code; + + /// Returns the headers from the incoming response. + /// + /// The returned `headers` resource is immutable: `set`, `append`, and + /// `delete` operations will fail with `header-error.immutable`. + /// + /// This headers resource is a child: it must be dropped before the parent + /// `incoming-response` is dropped. + headers: func() -> headers; + + /// Returns the incoming body. May be called at most once. Returns error + /// if called additional times. + consume: func() -> result; + } + + /// Represents an incoming HTTP Request or Response's Body. + /// + /// A body has both its contents - a stream of bytes - and a (possibly + /// empty) set of trailers, indicating that the full contents of the + /// body have been received. This resource represents the contents as + /// an `input-stream` and the delivery of trailers as a `future-trailers`, + /// and ensures that the user of this interface may only be consuming either + /// the body contents or waiting on trailers at any given time. + resource incoming-body { + + /// Returns the contents of the body, as a stream of bytes. + /// + /// Returns success on first call: the stream representing the contents + /// can be retrieved at most once. Subsequent calls will return error. + /// + /// The returned `input-stream` resource is a child: it must be dropped + /// before the parent `incoming-body` is dropped, or consumed by + /// `incoming-body.finish`. + /// + /// This invariant ensures that the implementation can determine whether + /// the user is consuming the contents of the body, waiting on the + /// `future-trailers` to be ready, or neither. This allows for network + /// backpressure is to be applied when the user is consuming the body, + /// and for that backpressure to not inhibit delivery of the trailers if + /// the user does not read the entire body. + %stream: func() -> result; + + /// Takes ownership of `incoming-body`, and returns a `future-trailers`. + /// This function will trap if the `input-stream` child is still alive. + finish: static func(this: incoming-body) -> future-trailers; + } + + /// Represents a future which may eventaully return trailers, or an error. + /// + /// In the case that the incoming HTTP Request or Response did not have any + /// trailers, this future will resolve to the empty set of trailers once the + /// complete Request or Response body has been received. + resource future-trailers { + + /// Returns a pollable which becomes ready when either the trailers have + /// been received, or an error has occured. When this pollable is ready, + /// the `get` method will return `some`. + subscribe: func() -> pollable; + + /// Returns the contents of the trailers, or an error which occured, + /// once the future is ready. + /// + /// The outer `option` represents future readiness. Users can wait on this + /// `option` to become `some` using the `subscribe` method. + /// + /// The outer `result` is used to retrieve the trailers or error at most + /// once. It will be success on the first call in which the outer option + /// is `some`, and error on subsequent calls. + /// + /// The inner `result` represents that either the HTTP Request or Response + /// body, as well as any trailers, were received successfully, or that an + /// error occured receiving them. The optional `trailers` indicates whether + /// or not trailers were present in the body. + /// + /// When some `trailers` are returned by this method, the `trailers` + /// resource is immutable, and a child. Use of the `set`, `append`, or + /// `delete` methods will return an error, and the resource must be + /// dropped before the parent `future-trailers` is dropped. + get: func() -> option, error-code>>>; + } + + /// Represents an outgoing HTTP Response. + resource outgoing-response { + + /// Construct an `outgoing-response`, with a default `status-code` of `200`. + /// If a different `status-code` is needed, it must be set via the + /// `set-status-code` method. + /// + /// * `headers` is the HTTP Headers for the Response. + constructor(headers: headers); + + /// Get the HTTP Status Code for the Response. + status-code: func() -> status-code; + + /// Set the HTTP Status Code for the Response. Fails if the status-code + /// given is not a valid http status code. + set-status-code: func(status-code: status-code) -> result; + + /// Get the headers associated with the Request. + /// + /// The returned `headers` resource is immutable: `set`, `append`, and + /// `delete` operations will fail with `header-error.immutable`. + /// + /// This headers resource is a child: it must be dropped before the parent + /// `outgoing-request` is dropped, or its ownership is transfered to + /// another component by e.g. `outgoing-handler.handle`. + headers: func() -> headers; + + /// Returns the resource corresponding to the outgoing Body for this Response. + /// + /// Returns success on the first call: the `outgoing-body` resource for + /// this `outgoing-response` can be retrieved at most once. Subsequent + /// calls will return error. + body: func() -> result; + } + + /// Represents an outgoing HTTP Request or Response's Body. + /// + /// A body has both its contents - a stream of bytes - and a (possibly + /// empty) set of trailers, inducating the full contents of the body + /// have been sent. This resource represents the contents as an + /// `output-stream` child resource, and the completion of the body (with + /// optional trailers) with a static function that consumes the + /// `outgoing-body` resource, and ensures that the user of this interface + /// may not write to the body contents after the body has been finished. + /// + /// If the user code drops this resource, as opposed to calling the static + /// method `finish`, the implementation should treat the body as incomplete, + /// and that an error has occured. The implementation should propogate this + /// error to the HTTP protocol by whatever means it has available, + /// including: corrupting the body on the wire, aborting the associated + /// Request, or sending a late status code for the Response. + resource outgoing-body { + + /// Returns a stream for writing the body contents. + /// + /// The returned `output-stream` is a child resource: it must be dropped + /// before the parent `outgoing-body` resource is dropped (or finished), + /// otherwise the `outgoing-body` drop or `finish` will trap. + /// + /// Returns success on the first call: the `output-stream` resource for + /// this `outgoing-body` may be retrieved at most once. Subsequent calls + /// will return error. + write: func() -> result; + + /// Finalize an outgoing body, optionally providing trailers. This must be + /// called to signal that the response is complete. If the `outgoing-body` + /// is dropped without calling `outgoing-body.finalize`, the implementation + /// should treat the body as corrupted. + /// + /// Fails if the body's `outgoing-request` or `outgoing-response` was + /// constructed with a Content-Length header, and the contents written + /// to the body (via `write`) does not match the value given in the + /// Content-Length. + finish: static func( + this: outgoing-body, + trailers: option + ) -> result<_, error-code>; + } + + /// Represents a future which may eventaully return an incoming HTTP + /// Response, or an error. + /// + /// This resource is returned by the `wasi:http/outgoing-handler` interface to + /// provide the HTTP Response corresponding to the sent Request. + resource future-incoming-response { + /// Returns a pollable which becomes ready when either the Response has + /// been received, or an error has occured. When this pollable is ready, + /// the `get` method will return `some`. + subscribe: func() -> pollable; + + /// Returns the incoming HTTP Response, or an error, once one is ready. + /// + /// The outer `option` represents future readiness. Users can wait on this + /// `option` to become `some` using the `subscribe` method. + /// + /// The outer `result` is used to retrieve the response or error at most + /// once. It will be success on the first call in which the outer option + /// is `some`, and error on subsequent calls. + /// + /// The inner `result` represents that either the incoming HTTP Response + /// status and headers have recieved successfully, or that an error + /// occured. Errors may also occur while consuming the response body, + /// but those will be reported by the `incoming-body` and its + /// `output-stream` child. + get: func() -> option>>; + + } +} diff --git a/examples/wasm_component/wit/deps/io/error.wit b/examples/wasm_component/wit/deps/io/error.wit new file mode 100644 index 000000000..22e5b6489 --- /dev/null +++ b/examples/wasm_component/wit/deps/io/error.wit @@ -0,0 +1,34 @@ +package wasi:io@0.2.0; + + +interface error { + /// A resource which represents some error information. + /// + /// The only method provided by this resource is `to-debug-string`, + /// which provides some human-readable information about the error. + /// + /// In the `wasi:io` package, this resource is returned through the + /// `wasi:io/streams/stream-error` type. + /// + /// To provide more specific error information, other interfaces may + /// provide functions to further "downcast" this error into more specific + /// error information. For example, `error`s returned in streams derived + /// from filesystem types to be described using the filesystem's own + /// error-code type, using the function + /// `wasi:filesystem/types/filesystem-error-code`, which takes a parameter + /// `borrow` and returns + /// `option`. + /// + /// The set of functions which can "downcast" an `error` into a more + /// concrete type is open. + resource error { + /// Returns a string that is suitable to assist humans in debugging + /// this error. + /// + /// WARNING: The returned string should not be consumed mechanically! + /// It may change across platforms, hosts, or other implementation + /// details. Parsing this string is a major platform-compatibility + /// hazard. + to-debug-string: func() -> string; + } +} diff --git a/examples/wasm_component/wit/deps/io/poll.wit b/examples/wasm_component/wit/deps/io/poll.wit new file mode 100644 index 000000000..ddc67f8b7 --- /dev/null +++ b/examples/wasm_component/wit/deps/io/poll.wit @@ -0,0 +1,41 @@ +package wasi:io@0.2.0; + +/// A poll API intended to let users wait for I/O events on multiple handles +/// at once. +interface poll { + /// `pollable` represents a single I/O event which may be ready, or not. + resource pollable { + + /// Return the readiness of a pollable. This function never blocks. + /// + /// Returns `true` when the pollable is ready, and `false` otherwise. + ready: func() -> bool; + + /// `block` returns immediately if the pollable is ready, and otherwise + /// blocks until ready. + /// + /// This function is equivalent to calling `poll.poll` on a list + /// containing only this pollable. + block: func(); + } + + /// Poll for completion on a set of pollables. + /// + /// This function takes a list of pollables, which identify I/O sources of + /// interest, and waits until one or more of the events is ready for I/O. + /// + /// The result `list` contains one or more indices of handles in the + /// argument list that is ready for I/O. + /// + /// If the list contains more elements than can be indexed with a `u32` + /// value, this function traps. + /// + /// A timeout can be implemented by adding a pollable from the + /// wasi-clocks API to the list. + /// + /// This function does not return a `result`; polling in itself does not + /// do any I/O so it doesn't fail. If any of the I/O sources identified by + /// the pollables has an error, it is indicated by marking the source as + /// being reaedy for I/O. + poll: func(in: list>) -> list; +} diff --git a/examples/wasm_component/wit/deps/io/streams.wit b/examples/wasm_component/wit/deps/io/streams.wit new file mode 100644 index 000000000..6d2f871e3 --- /dev/null +++ b/examples/wasm_component/wit/deps/io/streams.wit @@ -0,0 +1,262 @@ +package wasi:io@0.2.0; + +/// WASI I/O is an I/O abstraction API which is currently focused on providing +/// stream types. +/// +/// In the future, the component model is expected to add built-in stream types; +/// when it does, they are expected to subsume this API. +interface streams { + use error.{error}; + use poll.{pollable}; + + /// An error for input-stream and output-stream operations. + variant stream-error { + /// The last operation (a write or flush) failed before completion. + /// + /// More information is available in the `error` payload. + last-operation-failed(error), + /// The stream is closed: no more input will be accepted by the + /// stream. A closed output-stream will return this error on all + /// future operations. + closed + } + + /// An input bytestream. + /// + /// `input-stream`s are *non-blocking* to the extent practical on underlying + /// platforms. I/O operations always return promptly; if fewer bytes are + /// promptly available than requested, they return the number of bytes promptly + /// available, which could even be zero. To wait for data to be available, + /// use the `subscribe` function to obtain a `pollable` which can be polled + /// for using `wasi:io/poll`. + resource input-stream { + /// Perform a non-blocking read from the stream. + /// + /// When the source of a `read` is binary data, the bytes from the source + /// are returned verbatim. When the source of a `read` is known to the + /// implementation to be text, bytes containing the UTF-8 encoding of the + /// text are returned. + /// + /// This function returns a list of bytes containing the read data, + /// when successful. The returned list will contain up to `len` bytes; + /// it may return fewer than requested, but not more. The list is + /// empty when no bytes are available for reading at this time. The + /// pollable given by `subscribe` will be ready when more bytes are + /// available. + /// + /// This function fails with a `stream-error` when the operation + /// encounters an error, giving `last-operation-failed`, or when the + /// stream is closed, giving `closed`. + /// + /// When the caller gives a `len` of 0, it represents a request to + /// read 0 bytes. If the stream is still open, this call should + /// succeed and return an empty list, or otherwise fail with `closed`. + /// + /// The `len` parameter is a `u64`, which could represent a list of u8 which + /// is not possible to allocate in wasm32, or not desirable to allocate as + /// as a return value by the callee. The callee may return a list of bytes + /// less than `len` in size while more bytes are available for reading. + read: func( + /// The maximum number of bytes to read + len: u64 + ) -> result, stream-error>; + + /// Read bytes from a stream, after blocking until at least one byte can + /// be read. Except for blocking, behavior is identical to `read`. + blocking-read: func( + /// The maximum number of bytes to read + len: u64 + ) -> result, stream-error>; + + /// Skip bytes from a stream. Returns number of bytes skipped. + /// + /// Behaves identical to `read`, except instead of returning a list + /// of bytes, returns the number of bytes consumed from the stream. + skip: func( + /// The maximum number of bytes to skip. + len: u64, + ) -> result; + + /// Skip bytes from a stream, after blocking until at least one byte + /// can be skipped. Except for blocking behavior, identical to `skip`. + blocking-skip: func( + /// The maximum number of bytes to skip. + len: u64, + ) -> result; + + /// Create a `pollable` which will resolve once either the specified stream + /// has bytes available to read or the other end of the stream has been + /// closed. + /// The created `pollable` is a child resource of the `input-stream`. + /// Implementations may trap if the `input-stream` is dropped before + /// all derived `pollable`s created with this function are dropped. + subscribe: func() -> pollable; + } + + + /// An output bytestream. + /// + /// `output-stream`s are *non-blocking* to the extent practical on + /// underlying platforms. Except where specified otherwise, I/O operations also + /// always return promptly, after the number of bytes that can be written + /// promptly, which could even be zero. To wait for the stream to be ready to + /// accept data, the `subscribe` function to obtain a `pollable` which can be + /// polled for using `wasi:io/poll`. + resource output-stream { + /// Check readiness for writing. This function never blocks. + /// + /// Returns the number of bytes permitted for the next call to `write`, + /// or an error. Calling `write` with more bytes than this function has + /// permitted will trap. + /// + /// When this function returns 0 bytes, the `subscribe` pollable will + /// become ready when this function will report at least 1 byte, or an + /// error. + check-write: func() -> result; + + /// Perform a write. This function never blocks. + /// + /// When the destination of a `write` is binary data, the bytes from + /// `contents` are written verbatim. When the destination of a `write` is + /// known to the implementation to be text, the bytes of `contents` are + /// transcoded from UTF-8 into the encoding of the destination and then + /// written. + /// + /// Precondition: check-write gave permit of Ok(n) and contents has a + /// length of less than or equal to n. Otherwise, this function will trap. + /// + /// returns Err(closed) without writing if the stream has closed since + /// the last call to check-write provided a permit. + write: func( + contents: list + ) -> result<_, stream-error>; + + /// Perform a write of up to 4096 bytes, and then flush the stream. Block + /// until all of these operations are complete, or an error occurs. + /// + /// This is a convenience wrapper around the use of `check-write`, + /// `subscribe`, `write`, and `flush`, and is implemented with the + /// following pseudo-code: + /// + /// ```text + /// let pollable = this.subscribe(); + /// while !contents.is_empty() { + /// // Wait for the stream to become writable + /// pollable.block(); + /// let Ok(n) = this.check-write(); // eliding error handling + /// let len = min(n, contents.len()); + /// let (chunk, rest) = contents.split_at(len); + /// this.write(chunk ); // eliding error handling + /// contents = rest; + /// } + /// this.flush(); + /// // Wait for completion of `flush` + /// pollable.block(); + /// // Check for any errors that arose during `flush` + /// let _ = this.check-write(); // eliding error handling + /// ``` + blocking-write-and-flush: func( + contents: list + ) -> result<_, stream-error>; + + /// Request to flush buffered output. This function never blocks. + /// + /// This tells the output-stream that the caller intends any buffered + /// output to be flushed. the output which is expected to be flushed + /// is all that has been passed to `write` prior to this call. + /// + /// Upon calling this function, the `output-stream` will not accept any + /// writes (`check-write` will return `ok(0)`) until the flush has + /// completed. The `subscribe` pollable will become ready when the + /// flush has completed and the stream can accept more writes. + flush: func() -> result<_, stream-error>; + + /// Request to flush buffered output, and block until flush completes + /// and stream is ready for writing again. + blocking-flush: func() -> result<_, stream-error>; + + /// Create a `pollable` which will resolve once the output-stream + /// is ready for more writing, or an error has occured. When this + /// pollable is ready, `check-write` will return `ok(n)` with n>0, or an + /// error. + /// + /// If the stream is closed, this pollable is always ready immediately. + /// + /// The created `pollable` is a child resource of the `output-stream`. + /// Implementations may trap if the `output-stream` is dropped before + /// all derived `pollable`s created with this function are dropped. + subscribe: func() -> pollable; + + /// Write zeroes to a stream. + /// + /// This should be used precisely like `write` with the exact same + /// preconditions (must use check-write first), but instead of + /// passing a list of bytes, you simply pass the number of zero-bytes + /// that should be written. + write-zeroes: func( + /// The number of zero-bytes to write + len: u64 + ) -> result<_, stream-error>; + + /// Perform a write of up to 4096 zeroes, and then flush the stream. + /// Block until all of these operations are complete, or an error + /// occurs. + /// + /// This is a convenience wrapper around the use of `check-write`, + /// `subscribe`, `write-zeroes`, and `flush`, and is implemented with + /// the following pseudo-code: + /// + /// ```text + /// let pollable = this.subscribe(); + /// while num_zeroes != 0 { + /// // Wait for the stream to become writable + /// pollable.block(); + /// let Ok(n) = this.check-write(); // eliding error handling + /// let len = min(n, num_zeroes); + /// this.write-zeroes(len); // eliding error handling + /// num_zeroes -= len; + /// } + /// this.flush(); + /// // Wait for completion of `flush` + /// pollable.block(); + /// // Check for any errors that arose during `flush` + /// let _ = this.check-write(); // eliding error handling + /// ``` + blocking-write-zeroes-and-flush: func( + /// The number of zero-bytes to write + len: u64 + ) -> result<_, stream-error>; + + /// Read from one stream and write to another. + /// + /// The behavior of splice is equivelant to: + /// 1. calling `check-write` on the `output-stream` + /// 2. calling `read` on the `input-stream` with the smaller of the + /// `check-write` permitted length and the `len` provided to `splice` + /// 3. calling `write` on the `output-stream` with that read data. + /// + /// Any error reported by the call to `check-write`, `read`, or + /// `write` ends the splice and reports that error. + /// + /// This function returns the number of bytes transferred; it may be less + /// than `len`. + splice: func( + /// The stream to read from + src: borrow, + /// The number of bytes to splice + len: u64, + ) -> result; + + /// Read from one stream and write to another, with blocking. + /// + /// This is similar to `splice`, except that it blocks until the + /// `output-stream` is ready for writing, and the `input-stream` + /// is ready for reading, before performing the `splice`. + blocking-splice: func( + /// The stream to read from + src: borrow, + /// The number of bytes to splice + len: u64, + ) -> result; + } +} diff --git a/examples/wasm_component/wit/deps/io/world.wit b/examples/wasm_component/wit/deps/io/world.wit new file mode 100644 index 000000000..5f0b43fe5 --- /dev/null +++ b/examples/wasm_component/wit/deps/io/world.wit @@ -0,0 +1,6 @@ +package wasi:io@0.2.0; + +world imports { + import streams; + import poll; +} diff --git a/examples/wasm_component/wit/deps/random/insecure-seed.wit b/examples/wasm_component/wit/deps/random/insecure-seed.wit new file mode 100644 index 000000000..47210ac6b --- /dev/null +++ b/examples/wasm_component/wit/deps/random/insecure-seed.wit @@ -0,0 +1,25 @@ +package wasi:random@0.2.0; +/// The insecure-seed interface for seeding hash-map DoS resistance. +/// +/// It is intended to be portable at least between Unix-family platforms and +/// Windows. +interface insecure-seed { + /// Return a 128-bit value that may contain a pseudo-random value. + /// + /// The returned value is not required to be computed from a CSPRNG, and may + /// even be entirely deterministic. Host implementations are encouraged to + /// provide pseudo-random values to any program exposed to + /// attacker-controlled content, to enable DoS protection built into many + /// languages' hash-map implementations. + /// + /// This function is intended to only be called once, by a source language + /// to initialize Denial Of Service (DoS) protection in its hash-map + /// implementation. + /// + /// # Expected future evolution + /// + /// This will likely be changed to a value import, to prevent it from being + /// called multiple times and potentially used for purposes other than DoS + /// protection. + insecure-seed: func() -> tuple; +} diff --git a/examples/wasm_component/wit/deps/random/insecure.wit b/examples/wasm_component/wit/deps/random/insecure.wit new file mode 100644 index 000000000..c58f4ee85 --- /dev/null +++ b/examples/wasm_component/wit/deps/random/insecure.wit @@ -0,0 +1,22 @@ +package wasi:random@0.2.0; +/// The insecure interface for insecure pseudo-random numbers. +/// +/// It is intended to be portable at least between Unix-family platforms and +/// Windows. +interface insecure { + /// Return `len` insecure pseudo-random bytes. + /// + /// This function is not cryptographically secure. Do not use it for + /// anything related to security. + /// + /// There are no requirements on the values of the returned bytes, however + /// implementations are encouraged to return evenly distributed values with + /// a long period. + get-insecure-random-bytes: func(len: u64) -> list; + + /// Return an insecure pseudo-random `u64` value. + /// + /// This function returns the same type of pseudo-random data as + /// `get-insecure-random-bytes`, represented as a `u64`. + get-insecure-random-u64: func() -> u64; +} diff --git a/examples/wasm_component/wit/deps/random/random.wit b/examples/wasm_component/wit/deps/random/random.wit new file mode 100644 index 000000000..0c017f093 --- /dev/null +++ b/examples/wasm_component/wit/deps/random/random.wit @@ -0,0 +1,26 @@ +package wasi:random@0.2.0; +/// WASI Random is a random data API. +/// +/// It is intended to be portable at least between Unix-family platforms and +/// Windows. +interface random { + /// Return `len` cryptographically-secure random or pseudo-random bytes. + /// + /// This function must produce data at least as cryptographically secure and + /// fast as an adequately seeded cryptographically-secure pseudo-random + /// number generator (CSPRNG). It must not block, from the perspective of + /// the calling program, under any circumstances, including on the first + /// request and on requests for numbers of bytes. The returned data must + /// always be unpredictable. + /// + /// This function must always return fresh data. Deterministic environments + /// must omit this function, rather than implementing it with deterministic + /// data. + get-random-bytes: func(len: u64) -> list; + + /// Return a cryptographically-secure random or pseudo-random `u64` value. + /// + /// This function returns the same type of data as `get-random-bytes`, + /// represented as a `u64`. + get-random-u64: func() -> u64; +} diff --git a/examples/wasm_component/wit/deps/random/world.wit b/examples/wasm_component/wit/deps/random/world.wit new file mode 100644 index 000000000..3da34914a --- /dev/null +++ b/examples/wasm_component/wit/deps/random/world.wit @@ -0,0 +1,7 @@ +package wasi:random@0.2.0; + +world imports { + import random; + import insecure; + import insecure-seed; +} diff --git a/examples/wasm_component/wit/deps/sockets/instance-network.wit b/examples/wasm_component/wit/deps/sockets/instance-network.wit new file mode 100644 index 000000000..e455d0ff7 --- /dev/null +++ b/examples/wasm_component/wit/deps/sockets/instance-network.wit @@ -0,0 +1,9 @@ + +/// This interface provides a value-export of the default network handle.. +interface instance-network { + use network.{network}; + + /// Get a handle to the default network. + instance-network: func() -> network; + +} diff --git a/examples/wasm_component/wit/deps/sockets/ip-name-lookup.wit b/examples/wasm_component/wit/deps/sockets/ip-name-lookup.wit new file mode 100644 index 000000000..8e639ec59 --- /dev/null +++ b/examples/wasm_component/wit/deps/sockets/ip-name-lookup.wit @@ -0,0 +1,51 @@ + +interface ip-name-lookup { + use wasi:io/poll@0.2.0.{pollable}; + use network.{network, error-code, ip-address}; + + + /// Resolve an internet host name to a list of IP addresses. + /// + /// Unicode domain names are automatically converted to ASCII using IDNA encoding. + /// If the input is an IP address string, the address is parsed and returned + /// as-is without making any external requests. + /// + /// See the wasi-socket proposal README.md for a comparison with getaddrinfo. + /// + /// This function never blocks. It either immediately fails or immediately + /// returns successfully with a `resolve-address-stream` that can be used + /// to (asynchronously) fetch the results. + /// + /// # Typical errors + /// - `invalid-argument`: `name` is a syntactically invalid domain name or IP address. + /// + /// # References: + /// - + /// - + /// - + /// - + resolve-addresses: func(network: borrow, name: string) -> result; + + resource resolve-address-stream { + /// Returns the next address from the resolver. + /// + /// This function should be called multiple times. On each call, it will + /// return the next address in connection order preference. If all + /// addresses have been exhausted, this function returns `none`. + /// + /// This function never returns IPv4-mapped IPv6 addresses. + /// + /// # Typical errors + /// - `name-unresolvable`: Name does not exist or has no suitable associated IP addresses. (EAI_NONAME, EAI_NODATA, EAI_ADDRFAMILY) + /// - `temporary-resolver-failure`: A temporary failure in name resolution occurred. (EAI_AGAIN) + /// - `permanent-resolver-failure`: A permanent failure in name resolution occurred. (EAI_FAIL) + /// - `would-block`: A result is not available yet. (EWOULDBLOCK, EAGAIN) + resolve-next-address: func() -> result, error-code>; + + /// Create a `pollable` which will resolve once the stream is ready for I/O. + /// + /// Note: this function is here for WASI Preview2 only. + /// It's planned to be removed when `future` is natively supported in Preview3. + subscribe: func() -> pollable; + } +} diff --git a/examples/wasm_component/wit/deps/sockets/network.wit b/examples/wasm_component/wit/deps/sockets/network.wit new file mode 100644 index 000000000..9cadf0650 --- /dev/null +++ b/examples/wasm_component/wit/deps/sockets/network.wit @@ -0,0 +1,145 @@ + +interface network { + /// An opaque resource that represents access to (a subset of) the network. + /// This enables context-based security for networking. + /// There is no need for this to map 1:1 to a physical network interface. + resource network; + + /// Error codes. + /// + /// In theory, every API can return any error code. + /// In practice, API's typically only return the errors documented per API + /// combined with a couple of errors that are always possible: + /// - `unknown` + /// - `access-denied` + /// - `not-supported` + /// - `out-of-memory` + /// - `concurrency-conflict` + /// + /// See each individual API for what the POSIX equivalents are. They sometimes differ per API. + enum error-code { + /// Unknown error + unknown, + + /// Access denied. + /// + /// POSIX equivalent: EACCES, EPERM + access-denied, + + /// The operation is not supported. + /// + /// POSIX equivalent: EOPNOTSUPP + not-supported, + + /// One of the arguments is invalid. + /// + /// POSIX equivalent: EINVAL + invalid-argument, + + /// Not enough memory to complete the operation. + /// + /// POSIX equivalent: ENOMEM, ENOBUFS, EAI_MEMORY + out-of-memory, + + /// The operation timed out before it could finish completely. + timeout, + + /// This operation is incompatible with another asynchronous operation that is already in progress. + /// + /// POSIX equivalent: EALREADY + concurrency-conflict, + + /// Trying to finish an asynchronous operation that: + /// - has not been started yet, or: + /// - was already finished by a previous `finish-*` call. + /// + /// Note: this is scheduled to be removed when `future`s are natively supported. + not-in-progress, + + /// The operation has been aborted because it could not be completed immediately. + /// + /// Note: this is scheduled to be removed when `future`s are natively supported. + would-block, + + + /// The operation is not valid in the socket's current state. + invalid-state, + + /// A new socket resource could not be created because of a system limit. + new-socket-limit, + + /// A bind operation failed because the provided address is not an address that the `network` can bind to. + address-not-bindable, + + /// A bind operation failed because the provided address is already in use or because there are no ephemeral ports available. + address-in-use, + + /// The remote address is not reachable + remote-unreachable, + + + /// The TCP connection was forcefully rejected + connection-refused, + + /// The TCP connection was reset. + connection-reset, + + /// A TCP connection was aborted. + connection-aborted, + + + /// The size of a datagram sent to a UDP socket exceeded the maximum + /// supported size. + datagram-too-large, + + + /// Name does not exist or has no suitable associated IP addresses. + name-unresolvable, + + /// A temporary failure in name resolution occurred. + temporary-resolver-failure, + + /// A permanent failure in name resolution occurred. + permanent-resolver-failure, + } + + enum ip-address-family { + /// Similar to `AF_INET` in POSIX. + ipv4, + + /// Similar to `AF_INET6` in POSIX. + ipv6, + } + + type ipv4-address = tuple; + type ipv6-address = tuple; + + variant ip-address { + ipv4(ipv4-address), + ipv6(ipv6-address), + } + + record ipv4-socket-address { + /// sin_port + port: u16, + /// sin_addr + address: ipv4-address, + } + + record ipv6-socket-address { + /// sin6_port + port: u16, + /// sin6_flowinfo + flow-info: u32, + /// sin6_addr + address: ipv6-address, + /// sin6_scope_id + scope-id: u32, + } + + variant ip-socket-address { + ipv4(ipv4-socket-address), + ipv6(ipv6-socket-address), + } + +} diff --git a/examples/wasm_component/wit/deps/sockets/tcp-create-socket.wit b/examples/wasm_component/wit/deps/sockets/tcp-create-socket.wit new file mode 100644 index 000000000..c7ddf1f22 --- /dev/null +++ b/examples/wasm_component/wit/deps/sockets/tcp-create-socket.wit @@ -0,0 +1,27 @@ + +interface tcp-create-socket { + use network.{network, error-code, ip-address-family}; + use tcp.{tcp-socket}; + + /// Create a new TCP socket. + /// + /// Similar to `socket(AF_INET or AF_INET6, SOCK_STREAM, IPPROTO_TCP)` in POSIX. + /// On IPv6 sockets, IPV6_V6ONLY is enabled by default and can't be configured otherwise. + /// + /// This function does not require a network capability handle. This is considered to be safe because + /// at time of creation, the socket is not bound to any `network` yet. Up to the moment `bind`/`connect` + /// is called, the socket is effectively an in-memory configuration object, unable to communicate with the outside world. + /// + /// All sockets are non-blocking. Use the wasi-poll interface to block on asynchronous operations. + /// + /// # Typical errors + /// - `not-supported`: The specified `address-family` is not supported. (EAFNOSUPPORT) + /// - `new-socket-limit`: The new socket resource could not be created because of a system limit. (EMFILE, ENFILE) + /// + /// # References + /// - + /// - + /// - + /// - + create-tcp-socket: func(address-family: ip-address-family) -> result; +} diff --git a/examples/wasm_component/wit/deps/sockets/tcp.wit b/examples/wasm_component/wit/deps/sockets/tcp.wit new file mode 100644 index 000000000..5902b9ee0 --- /dev/null +++ b/examples/wasm_component/wit/deps/sockets/tcp.wit @@ -0,0 +1,353 @@ + +interface tcp { + use wasi:io/streams@0.2.0.{input-stream, output-stream}; + use wasi:io/poll@0.2.0.{pollable}; + use wasi:clocks/monotonic-clock@0.2.0.{duration}; + use network.{network, error-code, ip-socket-address, ip-address-family}; + + enum shutdown-type { + /// Similar to `SHUT_RD` in POSIX. + receive, + + /// Similar to `SHUT_WR` in POSIX. + send, + + /// Similar to `SHUT_RDWR` in POSIX. + both, + } + + /// A TCP socket resource. + /// + /// The socket can be in one of the following states: + /// - `unbound` + /// - `bind-in-progress` + /// - `bound` (See note below) + /// - `listen-in-progress` + /// - `listening` + /// - `connect-in-progress` + /// - `connected` + /// - `closed` + /// See + /// for a more information. + /// + /// Note: Except where explicitly mentioned, whenever this documentation uses + /// the term "bound" without backticks it actually means: in the `bound` state *or higher*. + /// (i.e. `bound`, `listen-in-progress`, `listening`, `connect-in-progress` or `connected`) + /// + /// In addition to the general error codes documented on the + /// `network::error-code` type, TCP socket methods may always return + /// `error(invalid-state)` when in the `closed` state. + resource tcp-socket { + /// Bind the socket to a specific network on the provided IP address and port. + /// + /// If the IP address is zero (`0.0.0.0` in IPv4, `::` in IPv6), it is left to the implementation to decide which + /// network interface(s) to bind to. + /// If the TCP/UDP port is zero, the socket will be bound to a random free port. + /// + /// Bind can be attempted multiple times on the same socket, even with + /// different arguments on each iteration. But never concurrently and + /// only as long as the previous bind failed. Once a bind succeeds, the + /// binding can't be changed anymore. + /// + /// # Typical errors + /// - `invalid-argument`: The `local-address` has the wrong address family. (EAFNOSUPPORT, EFAULT on Windows) + /// - `invalid-argument`: `local-address` is not a unicast address. (EINVAL) + /// - `invalid-argument`: `local-address` is an IPv4-mapped IPv6 address. (EINVAL) + /// - `invalid-state`: The socket is already bound. (EINVAL) + /// - `address-in-use`: No ephemeral ports available. (EADDRINUSE, ENOBUFS on Windows) + /// - `address-in-use`: Address is already in use. (EADDRINUSE) + /// - `address-not-bindable`: `local-address` is not an address that the `network` can bind to. (EADDRNOTAVAIL) + /// - `not-in-progress`: A `bind` operation is not in progress. + /// - `would-block`: Can't finish the operation, it is still in progress. (EWOULDBLOCK, EAGAIN) + /// + /// # Implementors note + /// When binding to a non-zero port, this bind operation shouldn't be affected by the TIME_WAIT + /// state of a recently closed socket on the same local address. In practice this means that the SO_REUSEADDR + /// socket option should be set implicitly on all platforms, except on Windows where this is the default behavior + /// and SO_REUSEADDR performs something different entirely. + /// + /// Unlike in POSIX, in WASI the bind operation is async. This enables + /// interactive WASI hosts to inject permission prompts. Runtimes that + /// don't want to make use of this ability can simply call the native + /// `bind` as part of either `start-bind` or `finish-bind`. + /// + /// # References + /// - + /// - + /// - + /// - + start-bind: func(network: borrow, local-address: ip-socket-address) -> result<_, error-code>; + finish-bind: func() -> result<_, error-code>; + + /// Connect to a remote endpoint. + /// + /// On success: + /// - the socket is transitioned into the `connection` state. + /// - a pair of streams is returned that can be used to read & write to the connection + /// + /// After a failed connection attempt, the socket will be in the `closed` + /// state and the only valid action left is to `drop` the socket. A single + /// socket can not be used to connect more than once. + /// + /// # Typical errors + /// - `invalid-argument`: The `remote-address` has the wrong address family. (EAFNOSUPPORT) + /// - `invalid-argument`: `remote-address` is not a unicast address. (EINVAL, ENETUNREACH on Linux, EAFNOSUPPORT on MacOS) + /// - `invalid-argument`: `remote-address` is an IPv4-mapped IPv6 address. (EINVAL, EADDRNOTAVAIL on Illumos) + /// - `invalid-argument`: The IP address in `remote-address` is set to INADDR_ANY (`0.0.0.0` / `::`). (EADDRNOTAVAIL on Windows) + /// - `invalid-argument`: The port in `remote-address` is set to 0. (EADDRNOTAVAIL on Windows) + /// - `invalid-argument`: The socket is already attached to a different network. The `network` passed to `connect` must be identical to the one passed to `bind`. + /// - `invalid-state`: The socket is already in the `connected` state. (EISCONN) + /// - `invalid-state`: The socket is already in the `listening` state. (EOPNOTSUPP, EINVAL on Windows) + /// - `timeout`: Connection timed out. (ETIMEDOUT) + /// - `connection-refused`: The connection was forcefully rejected. (ECONNREFUSED) + /// - `connection-reset`: The connection was reset. (ECONNRESET) + /// - `connection-aborted`: The connection was aborted. (ECONNABORTED) + /// - `remote-unreachable`: The remote address is not reachable. (EHOSTUNREACH, EHOSTDOWN, ENETUNREACH, ENETDOWN, ENONET) + /// - `address-in-use`: Tried to perform an implicit bind, but there were no ephemeral ports available. (EADDRINUSE, EADDRNOTAVAIL on Linux, EAGAIN on BSD) + /// - `not-in-progress`: A connect operation is not in progress. + /// - `would-block`: Can't finish the operation, it is still in progress. (EWOULDBLOCK, EAGAIN) + /// + /// # Implementors note + /// The POSIX equivalent of `start-connect` is the regular `connect` syscall. + /// Because all WASI sockets are non-blocking this is expected to return + /// EINPROGRESS, which should be translated to `ok()` in WASI. + /// + /// The POSIX equivalent of `finish-connect` is a `poll` for event `POLLOUT` + /// with a timeout of 0 on the socket descriptor. Followed by a check for + /// the `SO_ERROR` socket option, in case the poll signaled readiness. + /// + /// # References + /// - + /// - + /// - + /// - + start-connect: func(network: borrow, remote-address: ip-socket-address) -> result<_, error-code>; + finish-connect: func() -> result, error-code>; + + /// Start listening for new connections. + /// + /// Transitions the socket into the `listening` state. + /// + /// Unlike POSIX, the socket must already be explicitly bound. + /// + /// # Typical errors + /// - `invalid-state`: The socket is not bound to any local address. (EDESTADDRREQ) + /// - `invalid-state`: The socket is already in the `connected` state. (EISCONN, EINVAL on BSD) + /// - `invalid-state`: The socket is already in the `listening` state. + /// - `address-in-use`: Tried to perform an implicit bind, but there were no ephemeral ports available. (EADDRINUSE) + /// - `not-in-progress`: A listen operation is not in progress. + /// - `would-block`: Can't finish the operation, it is still in progress. (EWOULDBLOCK, EAGAIN) + /// + /// # Implementors note + /// Unlike in POSIX, in WASI the listen operation is async. This enables + /// interactive WASI hosts to inject permission prompts. Runtimes that + /// don't want to make use of this ability can simply call the native + /// `listen` as part of either `start-listen` or `finish-listen`. + /// + /// # References + /// - + /// - + /// - + /// - + start-listen: func() -> result<_, error-code>; + finish-listen: func() -> result<_, error-code>; + + /// Accept a new client socket. + /// + /// The returned socket is bound and in the `connected` state. The following properties are inherited from the listener socket: + /// - `address-family` + /// - `keep-alive-enabled` + /// - `keep-alive-idle-time` + /// - `keep-alive-interval` + /// - `keep-alive-count` + /// - `hop-limit` + /// - `receive-buffer-size` + /// - `send-buffer-size` + /// + /// On success, this function returns the newly accepted client socket along with + /// a pair of streams that can be used to read & write to the connection. + /// + /// # Typical errors + /// - `invalid-state`: Socket is not in the `listening` state. (EINVAL) + /// - `would-block`: No pending connections at the moment. (EWOULDBLOCK, EAGAIN) + /// - `connection-aborted`: An incoming connection was pending, but was terminated by the client before this listener could accept it. (ECONNABORTED) + /// - `new-socket-limit`: The new socket resource could not be created because of a system limit. (EMFILE, ENFILE) + /// + /// # References + /// - + /// - + /// - + /// - + accept: func() -> result, error-code>; + + /// Get the bound local address. + /// + /// POSIX mentions: + /// > If the socket has not been bound to a local name, the value + /// > stored in the object pointed to by `address` is unspecified. + /// + /// WASI is stricter and requires `local-address` to return `invalid-state` when the socket hasn't been bound yet. + /// + /// # Typical errors + /// - `invalid-state`: The socket is not bound to any local address. + /// + /// # References + /// - + /// - + /// - + /// - + local-address: func() -> result; + + /// Get the remote address. + /// + /// # Typical errors + /// - `invalid-state`: The socket is not connected to a remote address. (ENOTCONN) + /// + /// # References + /// - + /// - + /// - + /// - + remote-address: func() -> result; + + /// Whether the socket is in the `listening` state. + /// + /// Equivalent to the SO_ACCEPTCONN socket option. + is-listening: func() -> bool; + + /// Whether this is a IPv4 or IPv6 socket. + /// + /// Equivalent to the SO_DOMAIN socket option. + address-family: func() -> ip-address-family; + + /// Hints the desired listen queue size. Implementations are free to ignore this. + /// + /// If the provided value is 0, an `invalid-argument` error is returned. + /// Any other value will never cause an error, but it might be silently clamped and/or rounded. + /// + /// # Typical errors + /// - `not-supported`: (set) The platform does not support changing the backlog size after the initial listen. + /// - `invalid-argument`: (set) The provided value was 0. + /// - `invalid-state`: (set) The socket is in the `connect-in-progress` or `connected` state. + set-listen-backlog-size: func(value: u64) -> result<_, error-code>; + + /// Enables or disables keepalive. + /// + /// The keepalive behavior can be adjusted using: + /// - `keep-alive-idle-time` + /// - `keep-alive-interval` + /// - `keep-alive-count` + /// These properties can be configured while `keep-alive-enabled` is false, but only come into effect when `keep-alive-enabled` is true. + /// + /// Equivalent to the SO_KEEPALIVE socket option. + keep-alive-enabled: func() -> result; + set-keep-alive-enabled: func(value: bool) -> result<_, error-code>; + + /// Amount of time the connection has to be idle before TCP starts sending keepalive packets. + /// + /// If the provided value is 0, an `invalid-argument` error is returned. + /// Any other value will never cause an error, but it might be silently clamped and/or rounded. + /// I.e. after setting a value, reading the same setting back may return a different value. + /// + /// Equivalent to the TCP_KEEPIDLE socket option. (TCP_KEEPALIVE on MacOS) + /// + /// # Typical errors + /// - `invalid-argument`: (set) The provided value was 0. + keep-alive-idle-time: func() -> result; + set-keep-alive-idle-time: func(value: duration) -> result<_, error-code>; + + /// The time between keepalive packets. + /// + /// If the provided value is 0, an `invalid-argument` error is returned. + /// Any other value will never cause an error, but it might be silently clamped and/or rounded. + /// I.e. after setting a value, reading the same setting back may return a different value. + /// + /// Equivalent to the TCP_KEEPINTVL socket option. + /// + /// # Typical errors + /// - `invalid-argument`: (set) The provided value was 0. + keep-alive-interval: func() -> result; + set-keep-alive-interval: func(value: duration) -> result<_, error-code>; + + /// The maximum amount of keepalive packets TCP should send before aborting the connection. + /// + /// If the provided value is 0, an `invalid-argument` error is returned. + /// Any other value will never cause an error, but it might be silently clamped and/or rounded. + /// I.e. after setting a value, reading the same setting back may return a different value. + /// + /// Equivalent to the TCP_KEEPCNT socket option. + /// + /// # Typical errors + /// - `invalid-argument`: (set) The provided value was 0. + keep-alive-count: func() -> result; + set-keep-alive-count: func(value: u32) -> result<_, error-code>; + + /// Equivalent to the IP_TTL & IPV6_UNICAST_HOPS socket options. + /// + /// If the provided value is 0, an `invalid-argument` error is returned. + /// + /// # Typical errors + /// - `invalid-argument`: (set) The TTL value must be 1 or higher. + hop-limit: func() -> result; + set-hop-limit: func(value: u8) -> result<_, error-code>; + + /// The kernel buffer space reserved for sends/receives on this socket. + /// + /// If the provided value is 0, an `invalid-argument` error is returned. + /// Any other value will never cause an error, but it might be silently clamped and/or rounded. + /// I.e. after setting a value, reading the same setting back may return a different value. + /// + /// Equivalent to the SO_RCVBUF and SO_SNDBUF socket options. + /// + /// # Typical errors + /// - `invalid-argument`: (set) The provided value was 0. + receive-buffer-size: func() -> result; + set-receive-buffer-size: func(value: u64) -> result<_, error-code>; + send-buffer-size: func() -> result; + set-send-buffer-size: func(value: u64) -> result<_, error-code>; + + /// Create a `pollable` which can be used to poll for, or block on, + /// completion of any of the asynchronous operations of this socket. + /// + /// When `finish-bind`, `finish-listen`, `finish-connect` or `accept` + /// return `error(would-block)`, this pollable can be used to wait for + /// their success or failure, after which the method can be retried. + /// + /// The pollable is not limited to the async operation that happens to be + /// in progress at the time of calling `subscribe` (if any). Theoretically, + /// `subscribe` only has to be called once per socket and can then be + /// (re)used for the remainder of the socket's lifetime. + /// + /// See + /// for a more information. + /// + /// Note: this function is here for WASI Preview2 only. + /// It's planned to be removed when `future` is natively supported in Preview3. + subscribe: func() -> pollable; + + /// Initiate a graceful shutdown. + /// + /// - `receive`: The socket is not expecting to receive any data from + /// the peer. The `input-stream` associated with this socket will be + /// closed. Any data still in the receive queue at time of calling + /// this method will be discarded. + /// - `send`: The socket has no more data to send to the peer. The `output-stream` + /// associated with this socket will be closed and a FIN packet will be sent. + /// - `both`: Same effect as `receive` & `send` combined. + /// + /// This function is idempotent. Shutting a down a direction more than once + /// has no effect and returns `ok`. + /// + /// The shutdown function does not close (drop) the socket. + /// + /// # Typical errors + /// - `invalid-state`: The socket is not in the `connected` state. (ENOTCONN) + /// + /// # References + /// - + /// - + /// - + /// - + shutdown: func(shutdown-type: shutdown-type) -> result<_, error-code>; + } +} diff --git a/examples/wasm_component/wit/deps/sockets/udp-create-socket.wit b/examples/wasm_component/wit/deps/sockets/udp-create-socket.wit new file mode 100644 index 000000000..0482d1fe7 --- /dev/null +++ b/examples/wasm_component/wit/deps/sockets/udp-create-socket.wit @@ -0,0 +1,27 @@ + +interface udp-create-socket { + use network.{network, error-code, ip-address-family}; + use udp.{udp-socket}; + + /// Create a new UDP socket. + /// + /// Similar to `socket(AF_INET or AF_INET6, SOCK_DGRAM, IPPROTO_UDP)` in POSIX. + /// On IPv6 sockets, IPV6_V6ONLY is enabled by default and can't be configured otherwise. + /// + /// This function does not require a network capability handle. This is considered to be safe because + /// at time of creation, the socket is not bound to any `network` yet. Up to the moment `bind` is called, + /// the socket is effectively an in-memory configuration object, unable to communicate with the outside world. + /// + /// All sockets are non-blocking. Use the wasi-poll interface to block on asynchronous operations. + /// + /// # Typical errors + /// - `not-supported`: The specified `address-family` is not supported. (EAFNOSUPPORT) + /// - `new-socket-limit`: The new socket resource could not be created because of a system limit. (EMFILE, ENFILE) + /// + /// # References: + /// - + /// - + /// - + /// - + create-udp-socket: func(address-family: ip-address-family) -> result; +} diff --git a/examples/wasm_component/wit/deps/sockets/udp.wit b/examples/wasm_component/wit/deps/sockets/udp.wit new file mode 100644 index 000000000..d987a0a90 --- /dev/null +++ b/examples/wasm_component/wit/deps/sockets/udp.wit @@ -0,0 +1,266 @@ + +interface udp { + use wasi:io/poll@0.2.0.{pollable}; + use network.{network, error-code, ip-socket-address, ip-address-family}; + + /// A received datagram. + record incoming-datagram { + /// The payload. + /// + /// Theoretical max size: ~64 KiB. In practice, typically less than 1500 bytes. + data: list, + + /// The source address. + /// + /// This field is guaranteed to match the remote address the stream was initialized with, if any. + /// + /// Equivalent to the `src_addr` out parameter of `recvfrom`. + remote-address: ip-socket-address, + } + + /// A datagram to be sent out. + record outgoing-datagram { + /// The payload. + data: list, + + /// The destination address. + /// + /// The requirements on this field depend on how the stream was initialized: + /// - with a remote address: this field must be None or match the stream's remote address exactly. + /// - without a remote address: this field is required. + /// + /// If this value is None, the send operation is equivalent to `send` in POSIX. Otherwise it is equivalent to `sendto`. + remote-address: option, + } + + + + /// A UDP socket handle. + resource udp-socket { + /// Bind the socket to a specific network on the provided IP address and port. + /// + /// If the IP address is zero (`0.0.0.0` in IPv4, `::` in IPv6), it is left to the implementation to decide which + /// network interface(s) to bind to. + /// If the port is zero, the socket will be bound to a random free port. + /// + /// # Typical errors + /// - `invalid-argument`: The `local-address` has the wrong address family. (EAFNOSUPPORT, EFAULT on Windows) + /// - `invalid-state`: The socket is already bound. (EINVAL) + /// - `address-in-use`: No ephemeral ports available. (EADDRINUSE, ENOBUFS on Windows) + /// - `address-in-use`: Address is already in use. (EADDRINUSE) + /// - `address-not-bindable`: `local-address` is not an address that the `network` can bind to. (EADDRNOTAVAIL) + /// - `not-in-progress`: A `bind` operation is not in progress. + /// - `would-block`: Can't finish the operation, it is still in progress. (EWOULDBLOCK, EAGAIN) + /// + /// # Implementors note + /// Unlike in POSIX, in WASI the bind operation is async. This enables + /// interactive WASI hosts to inject permission prompts. Runtimes that + /// don't want to make use of this ability can simply call the native + /// `bind` as part of either `start-bind` or `finish-bind`. + /// + /// # References + /// - + /// - + /// - + /// - + start-bind: func(network: borrow, local-address: ip-socket-address) -> result<_, error-code>; + finish-bind: func() -> result<_, error-code>; + + /// Set up inbound & outbound communication channels, optionally to a specific peer. + /// + /// This function only changes the local socket configuration and does not generate any network traffic. + /// On success, the `remote-address` of the socket is updated. The `local-address` may be updated as well, + /// based on the best network path to `remote-address`. + /// + /// When a `remote-address` is provided, the returned streams are limited to communicating with that specific peer: + /// - `send` can only be used to send to this destination. + /// - `receive` will only return datagrams sent from the provided `remote-address`. + /// + /// This method may be called multiple times on the same socket to change its association, but + /// only the most recently returned pair of streams will be operational. Implementations may trap if + /// the streams returned by a previous invocation haven't been dropped yet before calling `stream` again. + /// + /// The POSIX equivalent in pseudo-code is: + /// ```text + /// if (was previously connected) { + /// connect(s, AF_UNSPEC) + /// } + /// if (remote_address is Some) { + /// connect(s, remote_address) + /// } + /// ``` + /// + /// Unlike in POSIX, the socket must already be explicitly bound. + /// + /// # Typical errors + /// - `invalid-argument`: The `remote-address` has the wrong address family. (EAFNOSUPPORT) + /// - `invalid-argument`: The IP address in `remote-address` is set to INADDR_ANY (`0.0.0.0` / `::`). (EDESTADDRREQ, EADDRNOTAVAIL) + /// - `invalid-argument`: The port in `remote-address` is set to 0. (EDESTADDRREQ, EADDRNOTAVAIL) + /// - `invalid-state`: The socket is not bound. + /// - `address-in-use`: Tried to perform an implicit bind, but there were no ephemeral ports available. (EADDRINUSE, EADDRNOTAVAIL on Linux, EAGAIN on BSD) + /// - `remote-unreachable`: The remote address is not reachable. (ECONNRESET, ENETRESET, EHOSTUNREACH, EHOSTDOWN, ENETUNREACH, ENETDOWN, ENONET) + /// - `connection-refused`: The connection was refused. (ECONNREFUSED) + /// + /// # References + /// - + /// - + /// - + /// - + %stream: func(remote-address: option) -> result, error-code>; + + /// Get the current bound address. + /// + /// POSIX mentions: + /// > If the socket has not been bound to a local name, the value + /// > stored in the object pointed to by `address` is unspecified. + /// + /// WASI is stricter and requires `local-address` to return `invalid-state` when the socket hasn't been bound yet. + /// + /// # Typical errors + /// - `invalid-state`: The socket is not bound to any local address. + /// + /// # References + /// - + /// - + /// - + /// - + local-address: func() -> result; + + /// Get the address the socket is currently streaming to. + /// + /// # Typical errors + /// - `invalid-state`: The socket is not streaming to a specific remote address. (ENOTCONN) + /// + /// # References + /// - + /// - + /// - + /// - + remote-address: func() -> result; + + /// Whether this is a IPv4 or IPv6 socket. + /// + /// Equivalent to the SO_DOMAIN socket option. + address-family: func() -> ip-address-family; + + /// Equivalent to the IP_TTL & IPV6_UNICAST_HOPS socket options. + /// + /// If the provided value is 0, an `invalid-argument` error is returned. + /// + /// # Typical errors + /// - `invalid-argument`: (set) The TTL value must be 1 or higher. + unicast-hop-limit: func() -> result; + set-unicast-hop-limit: func(value: u8) -> result<_, error-code>; + + /// The kernel buffer space reserved for sends/receives on this socket. + /// + /// If the provided value is 0, an `invalid-argument` error is returned. + /// Any other value will never cause an error, but it might be silently clamped and/or rounded. + /// I.e. after setting a value, reading the same setting back may return a different value. + /// + /// Equivalent to the SO_RCVBUF and SO_SNDBUF socket options. + /// + /// # Typical errors + /// - `invalid-argument`: (set) The provided value was 0. + receive-buffer-size: func() -> result; + set-receive-buffer-size: func(value: u64) -> result<_, error-code>; + send-buffer-size: func() -> result; + set-send-buffer-size: func(value: u64) -> result<_, error-code>; + + /// Create a `pollable` which will resolve once the socket is ready for I/O. + /// + /// Note: this function is here for WASI Preview2 only. + /// It's planned to be removed when `future` is natively supported in Preview3. + subscribe: func() -> pollable; + } + + resource incoming-datagram-stream { + /// Receive messages on the socket. + /// + /// This function attempts to receive up to `max-results` datagrams on the socket without blocking. + /// The returned list may contain fewer elements than requested, but never more. + /// + /// This function returns successfully with an empty list when either: + /// - `max-results` is 0, or: + /// - `max-results` is greater than 0, but no results are immediately available. + /// This function never returns `error(would-block)`. + /// + /// # Typical errors + /// - `remote-unreachable`: The remote address is not reachable. (ECONNRESET, ENETRESET on Windows, EHOSTUNREACH, EHOSTDOWN, ENETUNREACH, ENETDOWN, ENONET) + /// - `connection-refused`: The connection was refused. (ECONNREFUSED) + /// + /// # References + /// - + /// - + /// - + /// - + /// - + /// - + /// - + /// - + receive: func(max-results: u64) -> result, error-code>; + + /// Create a `pollable` which will resolve once the stream is ready to receive again. + /// + /// Note: this function is here for WASI Preview2 only. + /// It's planned to be removed when `future` is natively supported in Preview3. + subscribe: func() -> pollable; + } + + resource outgoing-datagram-stream { + /// Check readiness for sending. This function never blocks. + /// + /// Returns the number of datagrams permitted for the next call to `send`, + /// or an error. Calling `send` with more datagrams than this function has + /// permitted will trap. + /// + /// When this function returns ok(0), the `subscribe` pollable will + /// become ready when this function will report at least ok(1), or an + /// error. + /// + /// Never returns `would-block`. + check-send: func() -> result; + + /// Send messages on the socket. + /// + /// This function attempts to send all provided `datagrams` on the socket without blocking and + /// returns how many messages were actually sent (or queued for sending). This function never + /// returns `error(would-block)`. If none of the datagrams were able to be sent, `ok(0)` is returned. + /// + /// This function semantically behaves the same as iterating the `datagrams` list and sequentially + /// sending each individual datagram until either the end of the list has been reached or the first error occurred. + /// If at least one datagram has been sent successfully, this function never returns an error. + /// + /// If the input list is empty, the function returns `ok(0)`. + /// + /// Each call to `send` must be permitted by a preceding `check-send`. Implementations must trap if + /// either `check-send` was not called or `datagrams` contains more items than `check-send` permitted. + /// + /// # Typical errors + /// - `invalid-argument`: The `remote-address` has the wrong address family. (EAFNOSUPPORT) + /// - `invalid-argument`: The IP address in `remote-address` is set to INADDR_ANY (`0.0.0.0` / `::`). (EDESTADDRREQ, EADDRNOTAVAIL) + /// - `invalid-argument`: The port in `remote-address` is set to 0. (EDESTADDRREQ, EADDRNOTAVAIL) + /// - `invalid-argument`: The socket is in "connected" mode and `remote-address` is `some` value that does not match the address passed to `stream`. (EISCONN) + /// - `invalid-argument`: The socket is not "connected" and no value for `remote-address` was provided. (EDESTADDRREQ) + /// - `remote-unreachable`: The remote address is not reachable. (ECONNRESET, ENETRESET on Windows, EHOSTUNREACH, EHOSTDOWN, ENETUNREACH, ENETDOWN, ENONET) + /// - `connection-refused`: The connection was refused. (ECONNREFUSED) + /// - `datagram-too-large`: The datagram is too large. (EMSGSIZE) + /// + /// # References + /// - + /// - + /// - + /// - + /// - + /// - + /// - + /// - + send: func(datagrams: list) -> result; + + /// Create a `pollable` which will resolve once the stream is ready to send again. + /// + /// Note: this function is here for WASI Preview2 only. + /// It's planned to be removed when `future` is natively supported in Preview3. + subscribe: func() -> pollable; + } +} diff --git a/examples/wasm_component/wit/deps/sockets/world.wit b/examples/wasm_component/wit/deps/sockets/world.wit new file mode 100644 index 000000000..f8bb92ae0 --- /dev/null +++ b/examples/wasm_component/wit/deps/sockets/world.wit @@ -0,0 +1,11 @@ +package wasi:sockets@0.2.0; + +world imports { + import instance-network; + import network; + import udp; + import udp-create-socket; + import tcp; + import tcp-create-socket; + import ip-name-lookup; +} diff --git a/examples/wasm_component/wit/world.wit b/examples/wasm_component/wit/world.wit new file mode 100644 index 000000000..7afcbdacb --- /dev/null +++ b/examples/wasm_component/wit/world.wit @@ -0,0 +1,5 @@ +package example:http; + +world test { + export wasi:http/incoming-handler@0.2.0; +}