| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| | |
|
| |
|
|
|
| |
While TCP and UDP port numbers are 16-bits, ZT uses a larger (24-bit)
port number.
|
| |
|
|
| |
the separation of nni_url and nng_url.
|
| |
|
|
|
|
|
| |
This eliminates most (but not all) of the dynamic allocations
associated with URL objects. A number of convenience fields
on the URL are removed, but we are able to use common buffer
for most of the details.
|
| |
|
|
|
|
|
|
|
|
|
| |
The idea here is to reduce the dynamic allocations used for
URLs, and also the back and forth with parsing begin strings
and port numbers. We always resolve to a port number, and
this is easier for everyone.
The real goal in the long term is to eliminate dynamic allocation
of the URL fields altogether, but that requires a little more
work. This is a step in the right direction.
|
| | |
|
| |
|
|
|
| |
Those old algorithms are not used anywhere, and are not recommended.
TLS 1.2 support has been prevalent for over a decade.
|
| |
|
|
|
|
|
|
|
| |
Applications must now call nng_init(), but they can supply
a set of parameters optionally. The code is now safe for
multiple libraries to do this concurrently, meaning nng_fini
no longer can race against another instance starting up.
The nni_init checks on all public APIs are removed now.
|
| |
|
|
| |
This also covers a few test cases that we were missing.
|
| |
|
|
| |
This is simpler, and more reliable than using socket options.
|
| |
|
|
| |
This was a crasher bug (found by test suite).
|
| |
|
|
|
|
|
|
| |
This also fixes a couple of minor bugs -- changing the socket name
could be incorrect as the termination was not applied properly,
and the ZeroTier code got a change -- note that it is only possible
in this revised version to pass a single moon ID for ZT orbit.
The ZT code is a bit stale, and untested anyway.
|
| |
|
|
|
| |
The underlying stream APIs have no need for untyped accessors.
Another step on the road to removal of NNI_TYPE_OPAQUE.
|
| |
|
|
| |
This is a step on the path to removing unsafe untyped option accesses.
|
| |
|
|
| |
This was not really used or useful.
|
| |
|
|
|
|
|
|
| |
This is a breaking change.
TLS configuration changes are to be made using TLS configuration
objects, and then set on a listener or dialer with NNG_OPT_TLS_CONFIG.
This should be a bit less racy, and allows for simpler code.
|
| |
|
|
|
|
| |
This also allows to remove most of the transport headers.
Only zerotier.h sticks around, and only for now. (We expect to
eject it into a separate module.)
|
| |
|
|
|
| |
This requires using a supporting version of Mbed TLS.
We have to use PSA crypto for TLS 1.3.
|
| |
|
|
|
|
| |
This allows an efficient way to iterate over the entries
stored in an ID hash. The iteration is fast, and requires no
additional storage. The order of iteration is not guaranteed.
|
| |
|
|
| |
as NNG and add PSK
|
| |
|
|
| |
This is in preparation for the wolfSSL integration.
|
| |
|
|
|
| |
Also, while here, prepare for PSK support to be conditional -- it is not
necessarily on by default in all future engines (e.g. WolfSSL.)
|
| | |
|
| |
|
|
|
|
| |
This also adds an SP layer transport test for TLS, based on the TCP
test but with some additions; this test does not cover all the edge
cases for TLS, but it does at least show how to use it.
|
| |
|
|
| |
This also deprecates supplemental/util/platform.h.
|
| | |
|
| |
|
|
|
| |
This isn't complete, but it should go much further in assisting
debugging TLS related errors.
|
| |
|
|
|
|
|
|
|
|
|
| |
Add the missing stub function implementation for `nng_tls_config_hold`.
Fixes an error when loading the library and expecting to have this
symbol available.
The availability of the symbol can be checked with nm:
```
nm -D cmake-build-release/libnng.so.1.7.3 | grep nng_tls_config_hold
```
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Try to use the Mbed TLS cmake configuration data if present, and
refactor our FindModule to adhere to the same basic API.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
We accidentally made idhash not public by not publishing its header
in the right place. This is really generic utility stuff, so we
have posted it in the nng/supplemental/util/ directory.
We've also removed the ability to remove this -- its a very small amount
of additional code, as its just a wrapper on top of mandatory functionality.
|
| |
|
|
|
|
|
|
|
| |
This includes a manual page documenting the entire set of
functions in one step. The hash is 64-bit based for now, to
be maximally flexible. An internal 32-bit convenience for the
common internal use is also provided (not public).
The public API includes a test suite.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This transport only listens, and creates connections when
the application calls setopt on the lister with NNG_OPT_SOCKET_FD,
to pass a file descriptor. The FD is turned into an nng_stream,
and utilized for SP. The protocol over the descriptor is identical
to the TCP protocol (not the IPC protocol).
The options for peer information are borrowed from the IPC transport,
as they may be useful for these purposes.
This includes a test suite and full documentation.
|
| |
|
|
|
|
| |
It's not absolutely clear that this fixes all of the possible
cases, but we're hopeful that this does -- and in any event the
bug does not seem to reproduce easily anymore.
|
| |
|
|
| |
fixes #1733 deadlock in websocket listener close
|
| |
|
|
|
|
| |
The aio for connections was meant to have an infinite sleep (no
timeout), but was getting an initial value of zero, so we were spinning
on accept.
|
| | |
|
| | |
|
| |
|
| |
Co-authored-by: Christian Fischbach <cfischbach@mac.com>
|
| |
|
|
| |
Signed-off-by: Andrey Vostrikov <andrey.vostrikov@cogentembedded.com>
Co-authored-by: Andrey Vostrikov <andrey.vostrikov@cogentembedded.com>
|
| |
|
|
|
|
|
| |
None of these changes are actual security bugs, but GitHub's
scanner reports false positives at Critical severity for them.
(There are a number of complaints from that scanner, many of
which we do not necessarily agree with.)
|
| | |
|
| |
|
|
|
|
| |
This takes one less parameter, and is simpler. It will let us
reclaim the aio_prov_extra data space as well, so that we can
use it for other purposes.
|
| |
|
|
|
|
| |
This eliminates some run-time initialization, moving it to compile time.
Additional follow up work will expand on this to simplify initialization
and reduce the need for certain locks.
|
| |
|
|
|
| |
This is initially used for TLS to make loading the engine pointer
faster, eliminating a much more expensive lock operation.
|
| | |
|
