| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| |
|
|
|
| |
This is slightly less efficient, but it provides for better debugging
and type safety.
|
| |
|
|
|
|
| |
This replaces the int, and we will expand this further, as this
makes it clear that the int is actually an error code and helps in
debuggers that can provide symbolic values.
|
| |
|
|
| |
Also, nng_err is now a distinct type which might be nicer in debuggers.
|
| |
|
|
| |
The data is now passed directly to the handler function.
|
| |
|
|
|
|
|
| |
We want to consume the request properly on an error, so that
we can give a reasonable response. We were prematurely closing
the connection for certain failure modes. We still have to fix
overly long URIs and headers, but thats next!
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The body content not being consumed was leading to misparses, where
we consumed body data as if it were a request. When mixed with proxies
this could lead to a security problem where the following request
content submitted from a different client winds up as stolen request
body content.
This also ensures we actually deliver errors to clients without
prematurely closing the connection. (There are still problems
where the connection may be closed prematurely for an overlarge
header.)
|
| | |
|
| | |
|
| |
|
|
|
| |
Nothing really needs it -- we kept it in 1.0 to preserve semantics,
but there is no requirement for semantic preservation in 2.0.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This represents a major change in the HTTP code base, consisting
of a complete revamp of the HTTP API. The changes here are too
numerous to mention, but the end result should be a vastly
simpler API for both server and client applications.
Many needless allocations were removed by providing fixed buffers
for various parameters and headers when possible.
A few bugs were fixed. Most especially we have fixed some bugs
around very large URIs and headers, and we have also addressed
conformance bugs to more closely conform to RFCs 9110 and 9112.
As part of this work, the APIs for WebSockets changed slightly
as well. In particular the properties available for accessing
headers have changed.
There is still documentation conversion work to do, and additional
functionality (such as proper support for chunked transfers), but
this is a big step in the right direction.
|
| |
|
|
|
|
|
|
|
|
| |
This simplified API lets callbacks obtain the response from the
connection objection directly, and does not require the aio to carry
it as a parameter. Further, the request and response are both
stored inline in the connection, reducing allocations.
This is at present only for the server; the client will get a similar
set of changes.
|
| |
|
|
|
| |
This is a step towards simplifying this API and ultimately simplifying
the HTTP callback API used for the server side.
|
| | |
|
| |
|
|
|
| |
This is a recent regression that affects any server that does not
explicitly set an HTTP status code.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
This will replace nni_aio_schedule, and it includes finishing the
task if needed. It does so without dropping the lock and so is
more efficient and race free.
This includes some conversion of some subsystems to it.
|
| |
|
|
|
|
|
|
|
|
|
| |
This is just the part of the tree that will be matched when looking
up a handler. Requests may come in with very much longer URIs, and
be matched to the handler as a "subdirectory".
This approach makes it possible to avoid a dynamic allocation on the
handler, at the cost of pre-allocating 1KB with the handler object.
This size can be overridden using a NNG_HTTP_MAX_URI at compile time.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
This also makes `nng_http_handler_set_host` never fail (API break).
|
| | |
|
| |
|
|
|
| |
This saves yet another allocation. It also no longer returns a value
making this a breaking change.
|
| |
|
|
|
|
|
|
|
| |
We limit HTTP method lengths to 32.. there are no currently defined
HTTP methods that need more than 19 bytes (including trailing zero.)
Generally most servers will not have vast numbers of handlers, so the
cost of allocating some storage up front to avoid the dynamic allocation
is worth while.
|
| |
|
|
|
|
| |
There are only a few possible reasonable values, and we can intern
them to avoid any allocations for it. (We will probably do the same
for the HTTP method shortly as well.)
|
| |
|
|
| |
This should simplify debugging in some circumstances.
|
| |
|
|
| |
Fewer failure paths, fewer allocations.
|
| |
|
|
| |
Also properly stop it when doing http_server_stop.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This allows us to explicitly stop streams, dialers, and listeners,
before we start tearing down things. This hopefully will be useful
in resolving use-after-free bugs in http, tls, and websockets.
The new functions are not yet documented, but they are
nng_stream_stop, nng_stream_dialer_stop, and nng_stream_listener_stop.
They should be called after close, and before free. The close
functions now close without blocking, but the stop function is
allowed to block.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Because it is typically associated with insecure code, use of sprintf
is discouraged. Note that our usage was actually quite careful and
not insecure, but its mere presence raises concern especially by parties
who are unwilling or unable to assess the actual code for correctness.
A better choice here would be strlcat, but strlcat is not universally
available.
|
| | |
|
| | |
|
| |
|
|
|
| |
While TCP and UDP port numbers are 16-bits, ZT uses a larger (24-bit)
port number.
|
| |
|
|
| |
the separation of nni_url and nng_url.
|
| |
|
|
|
|
|
| |
This eliminates most (but not all) of the dynamic allocations
associated with URL objects. A number of convenience fields
on the URL are removed, but we are able to use common buffer
for most of the details.
|
| |
|
|
|
|
|
|
|
|
|
| |
The idea here is to reduce the dynamic allocations used for
URLs, and also the back and forth with parsing begin strings
and port numbers. We always resolve to a port number, and
this is easier for everyone.
The real goal in the long term is to eliminate dynamic allocation
of the URL fields altogether, but that requires a little more
work. This is a step in the right direction.
|
| |
|
|
|
|
|
|
|
| |
Applications must now call nng_init(), but they can supply
a set of parameters optionally. The code is now safe for
multiple libraries to do this concurrently, meaning nng_fini
no longer can race against another instance starting up.
The nni_init checks on all public APIs are removed now.
|
| |
|
|
| |
This is simpler, and more reliable than using socket options.
|
