| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds support for configuration of TLS websockets using the files
for keys, certificates, and CRLs. Significant changes to the websocket,
TLS, and HTTP layers were made here. We now expect TLS configuration to
be tied to the HTTP layer, and the HTTP code creates default configuration
objects based on the URL supplied. (HTTP dialers and listeners are now
created with a URL rather than a sockaddr, giving them access to the scheme
as well.)
We fixed several bugs affecting TLS validation, and added a test suite
that confirms that validation works as it should. We also fixed an orphaned
socket during HTTP negotiation, responsible for an occasional assertion
error if the http handshake does not complete successfully. Finally several
use-after-free races were closed.
TLS layer changes include reporting of handshake failures using newly
created "standard" error codes for peer authentication and cryptographic
failures.
The use of the '*' wild card in URLs at bind time is no longer supported
for websocket at least.
Documentation updates for all this are in place as well.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This introduces the wss:// scheme, which is available and works like
the ws:// scheme if TLS is enabled in the library.
The library modularization is refactored somewhat, to make it easier
to use. There is now a single NNG_ENABLE_TLS that enables TLS support
under the hood.
This also adds a new option for the TLS transport, NNG_OPT_TLS_CONFIG
(and a similar one for WSS, NNG_OPT_TLS_WSS_CONFIG) that offer access
to the underlying TLS configuration object, which now has a public API
to go with it as well.
Note that it is also possible to use pure HTTPS using the *private*
API, which will be exposed in a public form soon.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a rather large changeset -- it fundamentally adds websocket
transport, but as part of this changeset we added a generic framework
for both HTTP and websocket. We also made some supporting changes to
the core, such as changing the way timeouts work for AIOs and adding
additional state keeping for AIOs, and adding a common framework for
deferred finalization (to avoid certain kinds of circular deadlocks
during resource cleanup). We also invented a new initialization framework
so that we can avoid wiring in knowledge about them into the master
initialization framework.
The HTTP framework is not yet complete, but it is good enough for simple
static serving and building additional services on top of -- including
websocket. We expect both websocket and HTTP support to evolve
considerably, and so these are not part of the public API yet.
Property support for the websocket transport (in particular address
properties) is still missing, as is support for TLS.
The websocket transport here is a bit more robust than the original
nanomsg implementation, as it supports multiple sockets listening at
the same port sharing the same HTTP server instance, discriminating
between them based on URI (and possibly the virtual host).
Websocket is enabled by default at present, and work to conditionalize
HTTP and websocket further (to minimize bloat) is still pending.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This eliminates the separate threads used for devices, letting them
benefit from the new aio framework. It also eliminates the legacy
nni_sock_sendmsg and nni_sock_recvmsg internal APIs.
It would appear that there is an opportunity here to provide asynchronous
device support out to userland as well, exposing an aio to them. That
work is deferred to later.
|
| |
|
|
|
|
|
|
|
|
| |
While here we added a test for the aio stuff, and cleaned up some dead
code for the old fd notifications. There were a few improvements to
shorten & clean code elsewhere, such as short-circuiting task wait
when the task has no callback.
The legacy sendmsg() and recvmsg() APIs are still in the socket core
until we convert the device code to use the aios.
|
| |
|
|
|
|
|
|
|
| |
This eliminates the "quasi-functional" notify API altogether.
The aio framework will be coming soon to replace it.
As a bonus, apps (legacy apps) that use the notification FDs
will see improved performance, since we don't have to context
switch to give them a notification.
|
| | |
|
| |
|
|
|
|
| |
There is now a public nng_duration type. We have also updated the
zerotier work to work with the signed int64_t's that the latst ZeroTier
dev branch is using.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We allow some properties to be set on endpoints after they are
started; transports now responsible for checking that. (The new
values will only apply to new connections of course!)
We added short-hand functions for pipe properties, and also added
uint64_t shorthands across the board.
The zerotier documentation got some updates (corrections). We have
also added a separate header now for the ZT stuff.
Also, dialers and listeners do not intermix anymore -- we test that
only a dialer can be used with setting dialer options, and likewise
for listeners.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This makes the APIs use string keys, and largely eliminates the use of
integer option IDs altogether. The underlying registration for options
is also now a bit richer, letting protcols and transports declare the
actual options they use, rather than calling down into each entry point
carte blanche and relying on ENOTSUP.
This code may not be as fast as the integers was, but it is more intuitive,
easier to extend, and is not on any hot code paths. (If you're diddling
options on a hot code path you're doing something wrong.)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The ZeroTier transport is experimental at this point, and not enabled
by default. It does not work with Windows yet (the Windows platform
needs UDP support first.)
Configure with -DNNG_ENABLE_ZEROTIER=yes -DNNG_ZEROTIER_SOUCE=<path>
The <path> must point to a dev branch of the ZeroTierOne source tree,
checked out, and built with a libzerotiercore.a in the top directory,
and a ZeroTierOne.h header located at include. The build will add
-lc++ to the compile, as the ZeroTier core functionality is written in
C++ and needs some runtime support (e.g. new, delete, etc.)
|
| |
|
|
|
|
|
|
|
|
| |
This fleshes most of the pipe API out, making it available to end user
code. It also adds a URL option that is independent of the address
options (which would be sockaddrs.)
Also, we are now setting the pipe for req/rep. The other protocols need
to have the same logic added to set the receive pipe on the message. (Pair
is already done.)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This eliminates all the old #define's or enum values, making all
option IDs now totally dynamic, and providing well-known string
values for well-behaved applications.
We have added tests of some of these options, including lookups, and
so forth. We have also fixed a few problems; including at least
one crasher bug when the timeouts on reconnect were zero.
Protocol specific options are now handled in the protocol. We will
be moving the initialization for a few of those well known entities
to the protocol startup code, following the PAIRv1 pattern, later.
Applications must therefore not depend on the value of the integer IDs,
at least until the application has opened a socket of the appropriate
type.
|
| |
|
|
|
|
|
| |
This permits option numbers to be allocated based on string name.
Eventually all the option values will be replaced with option
names. This will facilitate transports (ZeroTier) that may need
further options.
|
| | |
|
| |
|
|
|
|
| |
This supports creating listeners and dialers, managing options
on them (though only a few options are supported at present),
starting them and closing them, all independently.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the underlying platform fails (FreeBSD is the only one I'm aware
of that does this!), we use a global lock or condition variable instead.
This means that our lock initializers never ever fail.
Probably we could eliminate most of this for Linux and Darwin, since
on those platforms, mutex and condvar initialization reasonably never
fails. Initial benchmarks show little difference either way -- so we
can revisit (optimize) later.
This removes a lot of otherwise untested code in error cases and so forth,
improving coverage and resilience in the face of allocation failures.
Platforms other than POSIX should follow a similar pattern if they need
this. (VxWorks, I'm thinking of you.) Most sane platforms won't have
an issue here, since normally these initializations do not need to allocate
memory. (Reportedly, even FreeBSD has plans to "fix" this in libthr2.)
While here, some bugs were fixed in initialization & teardown.
The fallback code is properly tested with dedicated test cases.
|
| |
|
|
|
| |
We enable a few flags, but now the details of the socket internals
are completely private to the socket.
|
| | |
|
| |
|
|
|
| |
Also enables creating endpoints that are idle (first part of
endpoint options API) and shutting down endpoints.
|
| |
|
|
|
|
|
|
|
|
|
| |
fixes #66 Make pipe and endpoint structures private
This changes a number of things, refactoring endpoints and supporting
code to keep their internals private, and making endpoint close
synchronous. This will allow us to add a consumer facing API for
nng_ep_close(), as well as property APIs, etc.
While here a bunch of convoluted and dead code was cleaned up.
|
| |
|
|
|
|
|
|
| |
This adds functions that know about option sizes and make them
easier to use. While here I added some validation of those, and
cleaned up a few tests slightly. Note that we do not need to
use the nng_impl.h for most tests. More of them need to be
cleaned up.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This makes the operations that work on headers start with
nni_msg_header or nng_msg_header. It also renames _trunc to
_chop (same strlen as _trim), and renames prepend to insert.
We add a shorthand for clearing message content, and make
better use of the endian safe 32-bit accessors too.
This also fixes a bug in inserting large headers into messages.
A test suite for message handling is included.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
fixes #38 Make protocols "pluggable", or at least optional
This is a breaking change, as we've done away with the central
registered list of protocols, and instead demand the user call
nng_xxx_open() where xxx is a protocol name. (We did keep a
table around in the compat framework though.)
There is a nice way for protocols to plug in via
an nni_proto_open(), where they can use a generic constructor
that they use to build a protocol specific constructor (passing
their ops vector in.)
|
| |
|
|
|
|
|
| |
Hop counts for REQ were busted (bad TTL), and imported the
compat_reqtll test. At the same time, added code to nn_term
to shut down completely, discarding sockets. (Note that some
things, such as globals, may still be left around; that's ok.)
|
| | |
|
| | |
|
| |
|
|
|
|
| |
This logic leaves a race condition in the dial side, which will
be fixed with a subsequent change to convert that to fully asynchronous
as well.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
This adds nn_device and nng_device. There were some internal changes
required to fix shutdown / close issues. Note that we shut down the
sockets when exiting from device -- this is required to make both threads
see the failure and bail, since we are not using a single event loop.
I also noticed that the bus protocol had a bug where it would send
messages back to the originator. This was specifically tested for in
the compat_device test, and we have fixed it.
|
| | |
|
| |
|
|
|
|
| |
Also, while here fixed a bug for the PAIR protocol in compat mode.
It should now be possible to import more of the nanomsg tests directly
with little or no modification.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The CMSG handling was completely borked. This is fixed now, and
we stash the SP header size (ugh) in the CMSG contents to match what
nanomsg does. We now pass the cmsg validation test.
We also fixed handling of certain endpoint-related options, so that
endpoints can get options from the socket at initialization time.
This required a minor change to the transport API for endpoints.
Finally, we fixed a critical fault in the REP handling of RAW sockets,
which caused them to always return NNG_ESTATE in all cases. It should
now honor the actual socket option.
|
| | |
|
| |
|
|
|
|
|
|
| |
I implemented the reqrep compatibility test, which uncovered a few
semantic issues I had in the REQ/REP protocol, which I've fixed.
There are still missing things. and at least one portion of the req/rep
test suite cannot be enabled until I add tuning of the reconnect timeout,
which is currently way too long (1 sec) for the test suite to work.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This does a few things. First it closes some preexisting leaks.
Second it tightens the overall close logic so that we automatically
discard idhash resources (while keeping numeric values for next id
etc. around) when the last socket is closed. This then eliminates
the need for applications to ever explicitly terminate resources.
It turns out platform-specific resources established at nni_init()
time might still be leaked, but it's also the case that we now no
longer dynamically allocate anything at platform initialization time.
(This presumes that the platform doesn't do so under the hood when
creating critical sections or mutexes for example.)
|
| | |
|
