| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| |
|
|
| |
The protocol here needs to know and respect message boundaries.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
There is no valid use for this, once we added the ability to
query the bound port.
|
| |
|
|
|
|
|
|
|
|
|
| |
More direct access methods are provided instead.
This results in much lower friction when using, and is a step on the path
to removing NNG_OPT_LOCADDR as well.
We need to figure a solution for NNG_OPT_LOCADDR for dialers; for
listeners there is little use in it either, and it will be removed.
(Dialers will probably get a new NNG_OPT_BIND_IP option.)
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This is easier and agnostic about the underlying L3 protocol.
We plan to remove direct NNG_OPT_LOCADDR support from listeners
(and probably both NNG_OPT_LOCADDR and NNG_OPT_REMADDR have numbered
days left in their lifetime. They will be replaced with more direct
typed access functions as has been done for pipes already.)
While here fixed some include for IWYU in the POSIX platform.
|
| |
|
|
| |
These functions can no longer fail.
|
| |
|
|
|
|
| |
The ops vector / protocol API/ABI were meant to support external
implementations, but we have moved away from having pluggable protocols,
and we aren't likely to support it any time soon.
|
| |
|
|
|
|
|
|
| |
This is going to be used to facilitate debugging, and eliminate some
inconveniences around these things. We plan to move the pipe functions
to use these directly, hopefully moving away from the pipe_getopt hack.
(The transport API will need to grow these. For now this is just the
streams.)
|
| |
|
|
| |
This test lets us observe failures in the transport, which we need resolve.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
We are *only* supporting 3.5 (or newer 3.x releases) as its the newest LTS version of OpenSSL.
This supports the full set of TLS features with NNG, including DTLS, PSK, TLS 1.3, etc.
Future work will explore making using of the QUIC support in OpenSSL.
Note that this OpenSSL work sits on top of NNG's TCP streams, so it cannot benefit from
Linux in-kernel TLS or other features such as TCP fast open at this time.
|
| |
|
|
|
|
| |
It turns out that somehow these values are not compatible. Noticed
with work in progress to use OpenSSL, which refuses to configure
if the key and certificate do not match.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
This changes the header files mostly in the protocols to include
directly rather than through the commmon nng_impl.h header. This
should lead to faster compiles, and by properly making all includes
relative should reduce friction with language servers and other tooling.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
This avoids needless allocations, and we offer for pipes (which need
this because they might be ephemeral) the get_strdup, get_strcpy,
and get_strlen forms. (Those do the copying or allocations while holding
the pipe reference.)
|
| | |
|
| |
|
|
|
|
| |
This will replace the NNG_OPT_TLS_PEER_ALTNAMES and NNG_OPT_TLS_PEER_CN
properties, and gives a bit more access to the certificate, as well as
direct access to the raw DER form, which should allow use in other APIs.
|
| |
|
|
|
|
| |
Also, some instances nni_aio are changed to nng_aio. We think we want to harmonize
some of these types going forward as it will reduce the need to include headers
hopefully letting us get away with just "defs.h" in more places.
|
| |
|
|
|
|
|
| |
This also provides an implementation for getting ALT names, although
nothing uses that yet. We plan to provide a new certificate API to
replace these with a nicer API, as obtaining the full list of certs
may be unreasonable.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* adds nng_dialer_start_aio
This change adds `nng_dialer_start_aio` (if you have a better name, I'm
happy to change it), whose docs read:
> `nng_dialer_start_aio` starts the endpoint dialing asynchronously.
> This is only possible if the dialer is not already dialing. Unlike
> `nng_dialer_start`, this accepts an AIO such that the caller can learn
> when the dialing eventually succeeds or fails. The supplied AIO must
> have been initialized, and is only triggered with the result of the
> first dial attempt.
This new function makes it possible for applications to perform a
non-blocking dial, but still later be notified of the result of that
dial. Arguably, this obviates the need for `NNG_FLAG_NONBLOCK` in
`dialer_start` altogether, but no need to break backwards compatibility.
There is technically a functional change here, which is that the
"Starting dialer for socket" message now gets printed _before_ the dial
is complete in the blocking case, rather than after. It's possible to
change this if we're willing to make the code slightly more complicated,
but given it says "Starting", not "Started", this change felt fine.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When running nng tests in CI under nix on Linux, I would see
`nng_dialer_start` fail with `NNG_EAGAIN` when invoked with `flags = 0`
and a URL of `tcp://999.888.777.666:8080` (this is in a test that is
supposed to check that dialing that gives you `NNG_EINVAL` or
`NNG_EADDRINVAL`).
This can happen if `nni_resolv_ip` in `posix_resolv_gai.c` gets
`EAI_AGAIN` from `getaddrinfo`, which the man pages suggest _can_ happen
due to "a temporary failure in name resolution". In the nix case, this
is due to the nix build sandbox, but it can also arise simply due to DNS
overload or misconfiguration.
In either case, nng should not bubble up `EAI_AGAIN` `as `NNG_EAGAIN`
from `nng_dialer_start`, as `NNG_EAGAIN` has a different semantic
meaning. `NNG_EAGAIN` is more equivalent to "would block", and should
only be generated through calls with the `NONBLOCK` flag. We don't have
a perfect mapping for `EAI_AGAIN`, but the closest is probably
`NNG_ADDRINVAL` to indicate that we failed to resolve the given address
(even if it's temporary). Another option would be to introduce another
error variant like `NNG_ENAMELOOKUP`, but that felt excessive to cover
this case.
|
| | |
|
| | |
|
| |
|
|
|
| |
This was responsible for breaking DTLS, and likely other things we
never noticed, if the pointer passed in was not already a uint8_t *.
|
| |
|
|
|
|
| |
Once a DTLS client is started and has reasonably resolved things, it
will restart message connections; this way we can restart after a
failed connection attempt (e.g. if the CERT was bad or something.)
|
| |
|
|
| |
This is occurs normally on socket close and the error messages were alarming.
|
| |
|
|
| |
Warning level was just too noisy.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
This simplifies the code to just use a precompiled static list.
This should be lighter weight, and provably free from leaks.
|
| |
|
|
| |
The ECONNREFUSED result was causing consternation for some consumers.
|
| | |
|
| | |
|
| | |
|
