| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
| |
This also deprecates supplemental/util/platform.h.
|
| |
|
|
|
|
|
| |
None of these changes are actual security bugs, but GitHub's
scanner reports false positives at Critical severity for them.
(There are a number of complaints from that scanner, many of
which we do not necessarily agree with.)
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This change makes embedding nng + nggpp (or other projects depending on
nng) in cmake easier. The header files are moved to a separate include
directory. This also makes installation of the headers easier, and
allows clearer identification of private vs public heade files.
Some additional cleanups were performed by @gedamore, but the main
credit for this change belongs with @gregorburger.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fixes #485 Honor BUILD_SHARED_LIBS
fixes #483 Don't expose private symbols in shared library
fixes #481 Export CMake target
This is a "large" commit involving changes that don't affect the
code directly, but which have an impact on how we package and build
our project.
The most significant of these changes is that we now build only
either a shared or a static library, depending on the setting of
the BUILD_SHARED_LIBS option. We also suppress private symbols
from being exposed when the underlying toolchain lets us do so.
Minor updates to the way we version the ABI are used, and we now
have a nice exported CMake project.
To import this project in another, simply do find_package(nng)
and you can add target_link_libraries(nng::nng) to your targets.
CMake does the rest for you.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change converts the various integer types like nng_socket
in the public API to opaque structures that are passed by value.
Basically we just wrap the integer ID. This "hack" give us strong
type checks by the compiler (yay!), at the expense of not being able
to directly use these as numbers (so comparisions for example don't
work, and neither does initialization to zero using the normal
method.
Comparison of disassembly output shows that at least with the optimizer
enabled there is no difference in the compiler output between using
a structure or an integral value.
|
| | |
|
| |
|
|
|
|
|
| |
This introduces portable primitives for time, random numbers,
synchronization primitives, and threading. These are somewhat
primitive (least common denominiators), but they can help with writing
portable applications, especially our own demo apps.
|
| |
|
|
|
|
|
| |
We enabled verbose compiler warnings, and found a lot of issues.
Some of these were even real bugs. As a bonus, we actually save
some initialization steps in the compat layer, and avoid passing
some variables we don't need.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This introduces enough of the HTTP API to support fully server
applications, including creation of websocket style protocols,
pluggable handlers, and so forth.
We have also introduced scatter/gather I/O (rudimentary) for
aios, and made other enhancements to the AIO framework. The
internals of the AIOs themselves are now fully private, and we
have eliminated the aio->a_addr member, with plans to remove the
pipe and possibly message members as well.
A few other minor issues were found and fixed as well.
The HTTP API includes request, response, and connection objects,
which can be used with both servers and clients. It also defines
the HTTP server and handler objects, which support server applications.
Support for client applications will require a client object to be
exposed, and that should be happening shortly.
None of this is "documented" yet, bug again, we will follow up shortly.
|
| |
|
|
|
|
|
|
|
|
| |
This eliminates a bunch of redundant URL parsing, using the common
URL logic we already have in place.
While here I fixed a problem with the TLS and WSS test suites that
was failing on older Ubuntu -- apparently older versions of mbedTLS
were unhappy if selecting OPTIONAL verification without a validate
certificate chain.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds support for configuration of TLS websockets using the files
for keys, certificates, and CRLs. Significant changes to the websocket,
TLS, and HTTP layers were made here. We now expect TLS configuration to
be tied to the HTTP layer, and the HTTP code creates default configuration
objects based on the URL supplied. (HTTP dialers and listeners are now
created with a URL rather than a sockaddr, giving them access to the scheme
as well.)
We fixed several bugs affecting TLS validation, and added a test suite
that confirms that validation works as it should. We also fixed an orphaned
socket during HTTP negotiation, responsible for an occasional assertion
error if the http handshake does not complete successfully. Finally several
use-after-free races were closed.
TLS layer changes include reporting of handshake failures using newly
created "standard" error codes for peer authentication and cryptographic
failures.
The use of the '*' wild card in URLs at bind time is no longer supported
for websocket at least.
Documentation updates for all this are in place as well.
|
| |
|
|
|
|
|
|
|
| |
This refactor of the file API provides a simpler and easier to use
interface for our needs (and simpler to implement) in both the
ZeroTier transport and the HTTP/TLS file accesses. It also removes
some restrictions present on the old one, although it is still not
suitable for working with large files. (It will work, just be
very inefficient as the entire file must be loaded into memory.)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes a problem where the websocket would only send one message,
then no others, due to not clearing the "frame" busy flag on completion
of the frame transmit.
We have also added a test that tries to send 10 messages back and
forth to make sure that we catch this kind of problem in the future.
Finally we've fixed some problems that were found when testing edge
cases around the protocol, which were responsible for invalid memory
accesses.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This introduces the wss:// scheme, which is available and works like
the ws:// scheme if TLS is enabled in the library.
The library modularization is refactored somewhat, to make it easier
to use. There is now a single NNG_ENABLE_TLS that enables TLS support
under the hood.
This also adds a new option for the TLS transport, NNG_OPT_TLS_CONFIG
(and a similar one for WSS, NNG_OPT_TLS_WSS_CONFIG) that offer access
to the underlying TLS configuration object, which now has a public API
to go with it as well.
Note that it is also possible to use pure HTTPS using the *private*
API, which will be exposed in a public form soon.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a rather large changeset -- it fundamentally adds websocket
transport, but as part of this changeset we added a generic framework
for both HTTP and websocket. We also made some supporting changes to
the core, such as changing the way timeouts work for AIOs and adding
additional state keeping for AIOs, and adding a common framework for
deferred finalization (to avoid certain kinds of circular deadlocks
during resource cleanup). We also invented a new initialization framework
so that we can avoid wiring in knowledge about them into the master
initialization framework.
The HTTP framework is not yet complete, but it is good enough for simple
static serving and building additional services on top of -- including
websocket. We expect both websocket and HTTP support to evolve
considerably, and so these are not part of the public API yet.
Property support for the websocket transport (in particular address
properties) is still missing, as is support for TLS.
The websocket transport here is a bit more robust than the original
nanomsg implementation, as it supports multiple sockets listening at
the same port sharing the same HTTP server instance, discriminating
between them based on URI (and possibly the virtual host).
Websocket is enabled by default at present, and work to conditionalize
HTTP and websocket further (to minimize bloat) is still pending.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This introduces a new transport (compatible with the TLS
transport from mangos), using TLS v1.2.
To use the new transport, you must have the mbed TLS library
available on your system (Xenial libmbedtls-dev). You can use
version 2.x or newer -- 1.3.x and PolarSSL versions are not
supported.
You enable the TLS transport with -DNNG_TRANSPORT_TLS=ON in the CMake
configuration.
You must configure the server certificate by default, and this can only
be done using nng options. See the nng_tls man page for details.
This work is experimental, and was made possible by Capitar IT Group BV,
and Staysail Systems, Inc.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes all the protocols and transports optional. All
of them except ZeroTier are enabled by default, but you can
now disable them (remove from the build) with cmake options.
The test suite is modified so that tests still run as much
as they can, but skip over things caused by missing functionality
from the library (due to configuration).
Further, the constant definitions and prototypes for functions
that are specific to transports or protocols are moved into
appropriate headers, which should be included directly by
applications wishing to use these.
We have also added and improved documentation -- all of the
transports are documented, and several more man pages for
protocols have been added. (Req/Rep and Surveyor are still
missing.)
|
| |
|
|
|
|
| |
There is now a public nng_duration type. We have also updated the
zerotier work to work with the signed int64_t's that the latst ZeroTier
dev branch is using.
|
| |
|
|
|
|
|
|
|
| |
Added TCP socket address properties on pipes.
This adds the plumbing for the various platform specifics, and
includes both v4 and v6 handling.
We've included a TCPv6 test as well.
|
| |
|
|
| |
Also add a generic property test function to trantest.
|
| |
|
|
|
|
|
| |
This implements the basic UDP functionality for Windows (required
for ZeroTier for example). We have also introduced a UDP test suite
to validate that this actually works. While here a few Windows
compilation warnings / nits were fixed.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This makes the APIs use string keys, and largely eliminates the use of
integer option IDs altogether. The underlying registration for options
is also now a bit richer, letting protcols and transports declare the
actual options they use, rather than calling down into each entry point
carte blanche and relying on ENOTSUP.
This code may not be as fast as the integers was, but it is more intuitive,
easier to extend, and is not on any hot code paths. (If you're diddling
options on a hot code path you're doing something wrong.)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The ZeroTier transport is experimental at this point, and not enabled
by default. It does not work with Windows yet (the Windows platform
needs UDP support first.)
Configure with -DNNG_ENABLE_ZEROTIER=yes -DNNG_ZEROTIER_SOUCE=<path>
The <path> must point to a dev branch of the ZeroTierOne source tree,
checked out, and built with a libzerotiercore.a in the top directory,
and a ZeroTierOne.h header located at include. The build will add
-lc++ to the compile, as the ZeroTier core functionality is written in
C++ and needs some runtime support (e.g. new, delete, etc.)
|
| |
|
|
|
|
| |
We send and receive 128k at a time. This validates that fragmentation
and reassembly in the ZeroTier transport work as intended. It also
is larger than any single TCP segment.
|
| |
|
|
|
|
|
|
|
|
| |
This fleshes most of the pipe API out, making it available to end user
code. It also adds a URL option that is independent of the address
options (which would be sockaddrs.)
Also, we are now setting the pipe for req/rep. The other protocols need
to have the same logic added to set the receive pipe on the message. (Pair
is already done.)
|
| |
|
|
|
| |
Also enables creating endpoints that are idle (first part of
endpoint options API) and shutting down endpoints.
|
| |
|
|
|
|
|
|
|
|
|
| |
fixes #66 Make pipe and endpoint structures private
This changes a number of things, refactoring endpoints and supporting
code to keep their internals private, and making endpoint close
synchronous. This will allow us to add a consumer facing API for
nng_ep_close(), as well as property APIs, etc.
While here a bunch of convoluted and dead code was cleaned up.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
fixes #38 Make protocols "pluggable", or at least optional
This is a breaking change, as we've done away with the central
registered list of protocols, and instead demand the user call
nng_xxx_open() where xxx is a protocol name. (We did keep a
table around in the compat framework though.)
There is a nice way for protocols to plug in via
an nni_proto_open(), where they can use a generic constructor
that they use to build a protocol specific constructor (passing
their ops vector in.)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We automatically register inproc, TCP, and IPC. We can add more now
by just calling nni_tran_register(). (There is no unregister support.)
This requires transports to have access to the AIO framework (so that needs
to be something we consider), and a few nni_sock calls to get socket options.
Going forward we should version the ops vectors, and move to pushing down
transport options from the framework via setopt calls -- there is no reason
really that transports need to know all these.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
The use of a single function to get both size and length actually
turned out to be awkward to use; better to have separate functions
to get each. While here, disable some of the initialization/fork
checks, because it turns out they aren't needed.
|
| | |
|
| | |
|
| |
|
|
| |
There is an occasional use-after-free bug we need to fix still.
|
| | |
|
| |
|
