Adds DNS hostname to NetAddress

[wvanlint]

Supports Bolt 7 DNS hostnames specified by lightning/bolts#911.

[TheBlueMatt]

Should also check that all characters are in the printable range (and maybe no spaces? probably no special chars? Dunno what's valid in DNS, we should check). With that in mind, maybe we should name the type something in reference to DNS?

[wvanlint]

It seems DNS permits any sequence of bytes but has a preferred format. I implemented the preferred format based on RFC 3696 and others linked there.

[TheBlueMatt]

Should we just call it hostname? DNS is kinda obvious? Am I missing something?

[wvanlint]

Adjusted that, I was mainly mirroring the BOLT PR.

[TheBlueMatt]

Nice, thanks! Looks like this is failing CI.

[TheBlueMatt]

You should be able to avoid the collect here. In general, allocating a Vec via collect is not super trivial, and we should avoid it if at all possible, preferring to just keep and work with the generated iterator directly.

[wvanlint]

Fixed.

[TheBlueMatt]

Is this worth it? If its just a dummy type can we not just use () instead? It seems basically as clear either way?

[wvanlint]

I initially wanted to implement the Error trait for boxing purposes but I wasn't sure if it made sense to do this conditionally only when the standard library is used. Changed to () but let me know if you prefer a type with an Error trait instead.

[codecov-commenter]

Codecov Report

Merging #1553 (c30dcf1) into main (abf6564) will increase coverage by 0.03%.
The diff coverage is 80.00%.

@@            Coverage Diff             @@
##             main    #1553      +/-   ##
==========================================
+ Coverage   90.96%   91.00%   +0.03%     
==========================================
  Files          80       80              
  Lines       43610    44197     +587     
  Branches    43610    44197     +587     
==========================================
+ Hits        39670    40221     +551     
- Misses       3940     3976      +36     

Impacted Files	Coverage Δ
lightning/src/ln/msgs.rs	86.49% <75.00%> (-0.32%)	⬇️
lightning/src/util/ser.rs	90.96% <82.60%> (-0.32%)	⬇️
lightning/src/ln/channelmanager.rs	84.73% <100.00%> (+0.34%)	⬆️
lightning/src/util/chacha20poly1305rfc.rs	96.25% <0.00%> (-1.71%)	⬇️
lightning/src/chain/onchaintx.rs	93.98% <0.00%> (-0.93%)	⬇️
lightning/src/chain/channelmonitor.rs	90.91% <0.00%> (-0.33%)	⬇️
lightning/src/routing/scoring.rs	96.80% <0.00%> (-0.29%)	⬇️
lightning/src/ln/functional_tests.rs	96.81% <0.00%> (-0.25%)	⬇️
lightning-invoice/src/lib.rs	87.39% <0.00%> (ø)
lightning/src/ln/reorg_tests.rs	100.00% <0.00%> (ø)
... and 16 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update abf6564...c30dcf1. Read the comment docs.

[TheBlueMatt]

Instead of breaking out of the loop with a validity flag, the structure here would be more readable if we just returned the error directly if something is invalid.

[wvanlint]

Done.

[TheBlueMatt]

Suggested change

	let last_label;
	if let None = labels.peek() {
	last_label = true;
	} else {
	last_label = false;
	}
	let last_label = labels.peek().is_none();

[wvanlint]

Done.

[TheBlueMatt]

Suggested change

	let valid_labels = loop {
	let label;
	match labels.next() {
	Some(x) => label = x,
	None => break true,
	}
	while let Some(label) = labels.next() {

[wvanlint]

Done.

[TheBlueMatt]

Instead of tracking the idx explicitly, maybe just wrap labels with an .enumerate().

[wvanlint]

Done.

[TheBlueMatt]

This gives the (incorrect) impression that From<&str> is relatively efficient, but its not. Its maybe simpler to force the user to do the String::from() or .to_string() explicitly themselves to communicate what's really going on here.

[wvanlint]

That's true, removed this implementation.

[TheBlueMatt]

It looks like somehow your rebase ended up reverting several recent PRs.

[TheBlueMatt]

It looks like somehow your rebase ended up reverting several recent PRs.

Oops, sorry, it looks like the GitHub mobile app just...shows incorrect diffs sometimes?

This basically LGTM, lets get another reviewer on it.

[TheBlueMatt]

Basically LGTM.

[TheBlueMatt]

s/with an appropriate return type//?

[wvanlint]

Done.

[tnull]

Thank you for having a go at this! Generally looks good, only a few nits and questions.

[dunxen]

Think "port" should be "node" or "peer"?

Suggested change

	/// The hostname on which the port is listening.
	/// The hostname on which the node is listening.

[wvanlint]

Done.

[tnull]

Generally LGTM.

One note: it's easier for reviewers to follow the changes if you do not immediately squash them, but leave individual commits.

[TheBlueMatt]

Sorry for the delay, been a super busy week.

Generally, now that we have all the logic for it, and now that I think about it a bit more, do we really need to do this much verification of a hostname? Like, yea, the DNS won't resolve if the hostname is just one long string, but what happens if users start shoving non-hostname things in the hostname field (ie treating it as a second node alias, listing some policy info, etc) - should we outright drop their gossip, or simply fail to connect to the hostname and try the IP addresses instead? I do think we should ensure the strong is ASCII, is all in the printable range (ie no control chars) but do we need to care about label length?

[wvanlint]

@TheBlueMatt I agree, the concern of hostname validation can be left to DNS resolution and separated from the serialization concern here which was my original intent. I reverted back to the first approach with generic serialization prior to #1553 (comment).

Extending this rationale, I would also be open to relaxing validation further and allowing any UTF-8 string within the length constraint (although this is not included in the BOLT). Libraries are able to handle Punycode encoding e.g. "münchen.de:443".to_socket_addrs().unwrap(). I think the field could be misused no matter how strict the validation is.

Out of curiosity, are terminal escape sequence injections the main concern with control characters? I am unsure about their severity for modern terminals.

[TheBlueMatt]

Extending this rationale, I would also be open to relaxing validation further and allowing any UTF-8 string within the length constraint (although this is not included in the BOLT)

Hmm, there's two sides to this, though - we have to support reading hostnames in announcements and be kinda liberal there, but also want to be restrictive as to what users include as others may do strict validation. In theory we could split the two but I'm not sure it's really worth it - our users are developers, and can manage to just put a hostname.

Out of curiosity, are terminal escape sequence injections the main concern with control characters? I am unsure about their severity for modern terminals.

Yea, you never know, users of our devlopers' software will grep things and pass them to dig and...boom. With that in mind I'd suggest we also reject chars like $, ", ', backtick, etc. Probably easiest to just accept alphanumeric plus . and -. If its easy its best to be as conservative as possible but not bother doing strict hostname validation so much as just strict character set validation.

[TheBlueMatt]

Oooooooo-Kkkkkkkk. Thanks for sticking with me on this one, this LGTM as-is. Will let the other reviewers chime in, but feel free to squash down the fixups once they do.

[tnull]

LGTM. I just restarted the one stuck CI job.

[wvanlint]

Thanks for sticking with me on this one, this LGTM as-is. Will let the other reviewers chime in, but feel free to squash down the fixups once they do.

Thanks for the review as well! Squashed down the fixups.