Allow overriding DNS resolution

Introduce a new `resolve_cb` configuration parameter for controlling DNS
resolution. When provided, librdkafka invokes the callback when
resolving the address of a Kafka broker instead of calling `getaddrinfo`
directly.  The callback is expected to function exactly as
`getaddrinfo`, except that it is additional provided with the `opaque`
value.

The callback will enable tunneling to a Kafka broker (e.g., via SSH or
AWS PrivateLink). The broker addresses returned by the bootstrap
protocol will not be directly routable from the client; the address
resolution callback allows the end user to rewrite the broker addresses
as appropriate for the tunnel.

CHANGELOG.md

@@ -45,7 +45,7 @@ configuration property.
  * Added `rd_kafka_sasl_set_credentials()` API to update SASL credentials.
  * Setting `allow.auto.create.topics` will no longer give a warning if used by a producer, since that is an expected use case.
  Improvement in documentation for this property.
-
+ * Added a `resolve_cb` configuration setting that permits using custom DNS resolution logic.
 
 ## Fixes
 

CONFIGURATION.md

@@ -50,6 +50,7 @@ socket_cb | * | |
 connect_cb | * | | | low | Socket connect callback <br>*Type: see dedicated API*
 closesocket_cb | * | | | low | Socket close callback <br>*Type: see dedicated API*
 open_cb | * | | | low | File open callback to provide race-free CLOEXEC <br>*Type: see dedicated API*
+resolve_cb | * | | | low | Address resolution callback (set with rd_kafka_conf_set_resolve_cb()). <br>*Type: see dedicated API*
 opaque | * | | | low | Application opaque (set with rd_kafka_conf_set_opaque()) <br>*Type: see dedicated API*
 default_topic_conf | * | | | low | Default topic configuration for automatically subscribed topics <br>*Type: see dedicated API*
 internal.termination.signal | * | 0 .. 128 | 0 | low | Signal that librdkafka will use to quickly terminate on rd_kafka_destroy(). If this signal is not set then there will be a delay before rd_kafka_wait_destroyed() returns true as internal threads are timing out their system calls. If this signal is set however the delay will be minimal. The application should mask this signal as an internal signal handler is installed. <br>*Type: integer*

src/rdaddr.c

@@ -154,13 +154,20 @@ const char *rd_addrinfo_prepare(const char *nodesvc, char **node, char **svc) {
 
 
 
-rd_sockaddr_list_t *rd_getaddrinfo(const char *nodesvc,
- const char *defsvc,
- int flags,
- int family,
- int socktype,
- int protocol,
- const char **errstr) {
+rd_sockaddr_list_t *
+rd_getaddrinfo(const char *nodesvc,
+ const char *defsvc,
+ int flags,
+ int family,
+ int socktype,
+ int protocol,
+ int (*resolve_cb)(const char *node,
+ const char *service,
+ const struct addrinfo *hints,
+ struct addrinfo **res,
+ void *opaque),
+ void *opaque,
+ const char **errstr) {
  struct addrinfo hints;
  memset(&hints, 0, sizeof(hints));
  hints.ai_family = family;
@@ -182,7 +189,13 @@ rd_sockaddr_list_t *rd_getaddrinfo(const char *nodesvc,
  if (*svc)
  defsvc = svc;
 
- if ((r = getaddrinfo(node, defsvc, &hints, &ais))) {
+ if (resolve_cb) {
+ r = resolve_cb(node, defsvc, &hints, &ais, opaque);
+ } else {
+ r = getaddrinfo(node, defsvc, &hints, &ais);
+ }
+
+ if (r) {
 #ifdef EAI_SYSTEM
  if (r == EAI_SYSTEM)
 #else
@@ -206,7 +219,10 @@ rd_sockaddr_list_t *rd_getaddrinfo(const char *nodesvc,
 
  if (cnt == 0) {
  /* unlikely? */
- freeaddrinfo(ais);
+ if (resolve_cb)
+ resolve_cb(NULL, NULL, NULL, &ais, opaque);
+ else
+ freeaddrinfo(ais);
  errno = ENOENT;
  *errstr = "No addresses";
  return NULL;
@@ -219,7 +235,10 @@ rd_sockaddr_list_t *rd_getaddrinfo(const char *nodesvc,
  memcpy(&rsal->rsal_addr[rsal->rsal_cnt++], ai->ai_addr,
  ai->ai_addrlen);
 
- freeaddrinfo(ais);
+ if (resolve_cb)
+ resolve_cb(NULL, NULL, NULL, &ais, opaque);
+ else
+ freeaddrinfo(ais);
 
  /* Shuffle address list for proper round-robin */
  if (!(flags & RD_AI_NOSHUFFLE))

src/rdaddr.h

@@ -157,13 +157,22 @@ rd_sockaddr_list_next(rd_sockaddr_list_t *rsal) {
  * FIXME: Guessing non-used bits like this \
  * is a bad idea. */
 
-rd_sockaddr_list_t *rd_getaddrinfo(const char *nodesvc,
- const char *defsvc,
- int flags,
- int family,
- int socktype,
- int protocol,
- const char **errstr);
+struct addrinfo;
+
+rd_sockaddr_list_t *
+rd_getaddrinfo(const char *nodesvc,
+ const char *defsvc,
+ int flags,
+ int family,
+ int socktype,
+ int protocol,
+ int (*resolve_cb)(const char *node,
+ const char *service,
+ const struct addrinfo *hints,
+ struct addrinfo **res,
+ void *opaque),
+ void *opaque,
+ const char **errstr);
 
 
 

src/rdkafka.h

@@ -2244,6 +2244,35 @@ void rd_kafka_conf_set_open_cb(
  int (*open_cb)(const char *pathname, int flags, mode_t mode, void *opaque));
 #endif
 
+/** Forward declaration to avoid netdb.h or winsock includes */
+struct addrinfo;
+
+/**
+ * @brief Set address resolution callback.
+ *
+ * The callback is responsible for resolving the hostname \p node and the
+ * service \p service into a list of socket addresses as \c getaddrinfo(3)
+ * would. The \p hints and \p res parameters function as they do for
+ * \c getaddrinfo(3). The callback's \p opaque argument is the opaque set with
+ * rd_kafka_conf_set_opaque().
+ *
+ * If the callback is invoked with a NULL \p node, \p service, and \p hints, the
+ * callback should instead free the addrinfo struct specified in \p res. In this
+ * case the callback must succeed; the return value will not be checked by the
+ * caller.
+ *
+ * The callback's return value is interpreted as the return value of \p
+ * \c getaddrinfo(3).
+ *
+ * @remark The callback will be called from an internal librdkafka thread.
+ */
+RD_EXPORT void
+rd_kafka_conf_set_resolve_cb(rd_kafka_conf_t *conf,
+ int (*resolve_cb)(const char *node,
+ const char *service,
+ const struct addrinfo *hints,
+ struct addrinfo **res,
+ void *opaque));
 
 /**
  * @brief Sets the verification callback of the broker certificate

src/rdkafka_broker.c

@@ -987,10 +987,11 @@ static int rd_kafka_broker_resolve(rd_kafka_broker_t *rkb,
 
  if (!rkb->rkb_rsal) {
  /* Resolve */
- rkb->rkb_rsal =
- rd_getaddrinfo(nodename, RD_KAFKA_PORT_STR, AI_ADDRCONFIG,
- rkb->rkb_rk->rk_conf.broker_addr_family,
- SOCK_STREAM, IPPROTO_TCP, &errstr);
+ rkb->rkb_rsal = rd_getaddrinfo(
+ nodename, RD_KAFKA_PORT_STR, AI_ADDRCONFIG,
+ rkb->rkb_rk->rk_conf.broker_addr_family, SOCK_STREAM,
+ IPPROTO_TCP, rkb->rkb_rk->rk_conf.resolve_cb,
+ rkb->rkb_rk->rk_conf.opaque, &errstr);
 
  if (!rkb->rkb_rsal) {
  rd_kafka_broker_fail(

src/rdkafka_conf.c

@@ -683,6 +683,8 @@ static const struct rd_kafka_property rd_kafka_properties[] = {
  rd_kafka_open_cb_generic
 #endif
  },
+ {_RK_GLOBAL, "resolve_cb", _RK_C_PTR, _RK(resolve_cb),
+ "Address resolution callback (set with rd_kafka_conf_set_resolve_cb())."},
  {_RK_GLOBAL, "opaque", _RK_C_PTR, _RK(opaque),
  "Application opaque (set with rd_kafka_conf_set_opaque())"},
  {_RK_GLOBAL, "default_topic_conf", _RK_C_PTR, _RK(topic_conf),
@@ -2788,6 +2790,16 @@ void rd_kafka_conf_set_open_cb(rd_kafka_conf_t *conf,
 }
 #endif
 
+void rd_kafka_conf_set_resolve_cb(
+ rd_kafka_conf_t *conf,
+ int (*resolve_cb)(const char *node,
+ const char *service,
+ const struct addrinfo *hints,
+ struct addrinfo **res,
+ void *opaque)) {
+ rd_kafka_anyconf_set_internal(_RK_GLOBAL, conf, "resolve_cb",
+ resolve_cb);
+}
 
 rd_kafka_conf_res_t rd_kafka_conf_set_ssl_cert_verify_cb(
  rd_kafka_conf_t *conf,

src/rdkafka_conf.h

@@ -504,6 +504,13 @@ struct rd_kafka_conf_s {
  mode_t mode,
  void *opaque);
 
+ /* Address resolution callback */
+ int (*resolve_cb)(const char *node,
+ const char *service,
+ const struct addrinfo *hints,
+ struct addrinfo **res,
+ void *opaque);
+
  /* Background queue event callback */
  void (*background_event_cb)(rd_kafka_t *rk,
  rd_kafka_event_t *rkev,

tests/0136-resolve_cb.c

@@ -0,0 +1,181 @@
+/*
+ * librdkafka - Apache Kafka C library
+ *
+ * Copyright (c) 2022, Magnus Edenhill
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "test.h"
+
+#include "rdkafka.h"
+
+#ifndef _WIN32
+#include <netdb.h>
+#else
+#define WIN32_MEAN_AND_LEAN
+#include <winsock2.h>
+#include <ws2ipdef.h>
+#include <ws2tcpip.h>
+#endif
+
+/**
+ * @name Test a custom address resolution callback.
+ *
+ * The test sets bogus bootstrap.servers, uses the resolution callback to
+ * resolve to a bogus address, and then verifies that the address is passed
+ * to the connect callback. If the resolution callback is not invoked, or if the
+ * connect callback is not invoked with the output of the resolution callback,
+ * the test will fail.
+ */
+
+/**
+ * Stage of the test:
+ * 0: expecting resolve_cb to be invoked with TESTING_RESOLVE_CB:1234
+ * 1: expecting resolve_cb to be invoked with NULL, NULL
+ * 2: expecting connect_cb to invoked with socket address 127.1.2.3:57616
+ * 3: done
+ */
+static rd_atomic32_t stage;
+
+/** Exposes current test struct (in TLS) to callbacks. */
+static struct test *this_test;
+
+static int resolve_cb(const char *node,
+ const char *service,
+ const struct addrinfo *hints,
+ struct addrinfo **res,
+ void *opaque) {
+
+ int32_t cnt;
+
+ test_curr = this_test;
+
+ cnt = rd_atomic32_get(&stage);
+
+ TEST_SAY("resolve_cb invoked: node=%s service=%s stage=%d\n", node,
+ service, cnt);
+
+ if (cnt == 0) {
+ /* Stage 0: return a bogus address. */
+
+ struct sockaddr_in *addr;
+
+ TEST_ASSERT(node != NULL);
+ TEST_ASSERT(strcmp(node, "TESTING_RESOLVE_CB") == 0,
+ "unexpected node: %s", node);
+ TEST_ASSERT(service != NULL);
+ TEST_ASSERT(strcmp(service, "1234") == 0,
+ "unexpected service: %s", service);
+
+ addr = calloc(1, sizeof(struct sockaddr_in));
+ addr->sin_family = AF_INET;
+ addr->sin_port = htons(4321);
+ addr->sin_addr.s_addr = htonl(0x7f010203) /* 127.1.2.3 */;
+
+ *res = calloc(1, sizeof(struct addrinfo));
+ (*res)->ai_family = AF_INET;
+ (*res)->ai_socktype = SOCK_STREAM;
+ (*res)->ai_protocol = IPPROTO_TCP;
+ (*res)->ai_addrlen = sizeof(struct sockaddr_in);
+ (*res)->ai_addr = (struct sockaddr *)addr;
+ } else if (cnt == 1) {
+ /* Stage 1: free the bogus address returned in stage 0. */
+
+ TEST_ASSERT(node == NULL);
+ TEST_ASSERT(service == NULL);
+ TEST_ASSERT(hints == NULL);
+ free((*res)->ai_addr);
+ free(*res);
+ } else {
+ /* Stage 2+: irrelevant, simply fail to resolve. */
+
+ return -1;
+ }
+
+ rd_atomic32_add(&stage, 1);
+ return 0;
+}
+
+static int connect_cb(int s,
+ const struct sockaddr *addr,
+ int addrlen,
+ const char *id,
+ void *opaque) {
+ /* Stage 3: assert address is expected bogus. */
+
+ int32_t cnt;
+ struct sockaddr_in *addr_in;
+
+ test_curr = this_test;
+
+ cnt = rd_atomic32_get(&stage);
+
+ TEST_SAY("connect_cb invoked: stage=%d\n", cnt);
+
+ TEST_ASSERT(cnt == 2, "connect_cb invoked in unexpected stage: %d",
+ cnt);
+
+ TEST_ASSERT(addr->sa_family == AF_INET,
+ "address has unexpected type: %d", addr->sa_family);
+
+ addr_in = (struct sockaddr_in *)(void *)addr;
+
+ TEST_ASSERT(addr_in->sin_port == htons(4321),
+ "address has unexpected port: %d",
+ ntohs(addr_in->sin_port));
+ TEST_ASSERT(addr_in->sin_addr.s_addr == htonl(0x7f010203),
+ "address has unexpected host: 0x%x",
+ ntohl(addr_in->sin_addr.s_addr));
+
+ rd_atomic32_add(&stage, 1);
+
+ /* The test has succeeded. Just report the connection as faile
+ * for simplicity. */
+ return -1;
+}
+
+int main_0136_resolve_cb(int argc, char **argv) {
+ rd_kafka_conf_t *conf;
+ rd_kafka_t *rk;
+
+ this_test = test_curr;
+
+ rd_atomic32_init(&stage, 0);
+
+ test_conf_init(&conf, NULL, 0);
+ rd_kafka_conf_set_resolve_cb(conf, resolve_cb);
+ rd_kafka_conf_set_connect_cb(conf, connect_cb);
+
+ TEST_SAY("Setting bogus broker list\n");
+ test_conf_set(conf, "bootstrap.servers", "TESTING_RESOLVE_CB:1234");
+
+ rk = test_create_handle(RD_KAFKA_PRODUCER, conf);
+
+ while (rd_atomic32_get(&stage) != 3)
+ rd_sleep(1);
+
+ rd_kafka_destroy(rk);
+
+ return 0;
+}

tests/CMakeLists.txt

@@ -126,6 +126,7 @@ set(
  0133-ssl_keys.c
  0134-ssl_provider.c
  0135-sasl_credentials.cpp
+ 0136-resolve_cb.c
  8000-idle.cpp
  test.c
  testcpp.cpp