| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This represents a major change in the HTTP code base, consisting
of a complete revamp of the HTTP API. The changes here are too
numerous to mention, but the end result should be a vastly
simpler API for both server and client applications.
Many needless allocations were removed by providing fixed buffers
for various parameters and headers when possible.
A few bugs were fixed. Most especially we have fixed some bugs
around very large URIs and headers, and we have also addressed
conformance bugs to more closely conform to RFCs 9110 and 9112.
As part of this work, the APIs for WebSockets changed slightly
as well. In particular the properties available for accessing
headers have changed.
There is still documentation conversion work to do, and additional
functionality (such as proper support for chunked transfers), but
this is a big step in the right direction.
|
| |
|
|
|
|
|
|
|
|
| |
This simplified API lets callbacks obtain the response from the
connection objection directly, and does not require the aio to carry
it as a parameter. Further, the request and response are both
stored inline in the connection, reducing allocations.
This is at present only for the server; the client will get a similar
set of changes.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
This is just the part of the tree that will be matched when looking
up a handler. Requests may come in with very much longer URIs, and
be matched to the handler as a "subdirectory".
This approach makes it possible to avoid a dynamic allocation on the
handler, at the cost of pre-allocating 1KB with the handler object.
This size can be overridden using a NNG_HTTP_MAX_URI at compile time.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
This also makes `nng_http_handler_set_host` never fail (API break).
|
| | |
|
| |
|
|
|
|
|
|
|
| |
We limit HTTP method lengths to 32.. there are no currently defined
HTTP methods that need more than 19 bytes (including trailing zero.)
Generally most servers will not have vast numbers of handlers, so the
cost of allocating some storage up front to avoid the dynamic allocation
is worth while.
|
| |
|
|
| |
Fewer failure paths, fewer allocations.
|
| |
|
|
| |
Also properly stop it when doing http_server_stop.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This allows us to explicitly stop streams, dialers, and listeners,
before we start tearing down things. This hopefully will be useful
in resolving use-after-free bugs in http, tls, and websockets.
The new functions are not yet documented, but they are
nng_stream_stop, nng_stream_dialer_stop, and nng_stream_listener_stop.
They should be called after close, and before free. The close
functions now close without blocking, but the stop function is
allowed to block.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Because it is typically associated with insecure code, use of sprintf
is discouraged. Note that our usage was actually quite careful and
not insecure, but its mere presence raises concern especially by parties
who are unwilling or unable to assess the actual code for correctness.
A better choice here would be strlcat, but strlcat is not universally
available.
|
| | |
|
| |
|
|
|
| |
While TCP and UDP port numbers are 16-bits, ZT uses a larger (24-bit)
port number.
|
| |
|
|
| |
the separation of nni_url and nng_url.
|
| |
|
|
|
|
|
|
|
|
|
| |
The idea here is to reduce the dynamic allocations used for
URLs, and also the back and forth with parsing begin strings
and port numbers. We always resolve to a port number, and
this is easier for everyone.
The real goal in the long term is to eliminate dynamic allocation
of the URL fields altogether, but that requires a little more
work. This is a step in the right direction.
|
| |
|
|
| |
This is simpler, and more reliable than using socket options.
|
| |
|
|
| |
fixes #1733 deadlock in websocket listener close
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
None of these changes are actual security bugs, but GitHub's
scanner reports false positives at Critical severity for them.
(There are a number of complaints from that scanner, many of
which we do not necessarily agree with.)
|
| | |
|
| |
|
|
|
|
| |
This eliminates some run-time initialization, moving it to compile time.
Additional follow up work will expand on this to simplify initialization
and reduce the need for certain locks.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
This also properly reenables the wssfile_test.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a sweeping cleanup of the transport logic around options,
and also harmonizes the names used when setting or getting options.
Additionally, legacy methods are now moved into a separate file and
can be elided via CMake or a preprocessor define.
Fundamentally, the ability to set to transport options via the socket
is deprecated; there are numerous problems with this and my earlier
approaches to deal with this have been somewhat misguided. Further
these approaches will not work with future protocol work that is
planned (were some options need to be negotiated with peers at the
time of connection establishment.)
Documentation has been updated to reflect this. The test suites still
make rather broad use of the older APIs, and will be converted later.
|
| | |
|
| |
|
|
| |
fixes #1277 FreeBSD errors due to bad v4 vs. v6 assumptions
|
| |
|
|
|
|
|
|
|
|
| |
fixes #1224 wss fails on IPV6 address
This fixes bugs and inconsistencies in the way addresses are
handled for HTTP (and consequently websocket). The Host:
address line needs to look at numeric IPs and treat wildcards
as if they are not specified, and needs to understand the IPv6
address format using brackets (e.g. [::1]:80).
|
| |
|
|
|
|
|
|
| |
This introduces support for an external wolfSSL plugin, and generally
creates the framework for pluggable TLS implementations.
The wolfSSL engine is provided via an external module (git submodule),
available either under a GPLv3 license or a commercial license.
|
| | |
|
| |
|
|
| |
- Default tree handler behavior is now non-exclusive
- Add 'longest uri first' ordering for http handlers
|
| |
|
| |
- Fixes #751
|
| |
|
|
|
| |
This only does it for rep, but it also has changes that should increase
the overall test coverage for the REP protocol
|
| |
|
|
|
| |
This also introduces a new atomic boolean type, so we can use that
to trigger whether we've added the HTTP handler or not.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
This is a major change, and includes changes to use a polymorphic
stream API for all transports. There have been related bugs fixed
along the way. Additionally the man pages have changed.
The old non-polymorphic APIs are removed now. This is a breaking
change, but the old APIs were never part of any released public API.
|
| |
|
|
|
|
|
|
|
|
| |
This change makes embedding nng + nggpp (or other projects depending on
nng) in cmake easier. The header files are moved to a separate include
directory. This also makes installation of the headers easier, and
allows clearer identification of private vs public heade files.
Some additional cleanups were performed by @gedamore, but the main
credit for this change belongs with @gregorburger.
|
| |
|
|
| |
fixes #776 Configuration of mbedTLS should warn about license
|
| | |
|
