aboutsummaryrefslogtreecommitdiffstats
path: root/net/server_epoll.lua
Commit message (Collapse)AuthorAgeFilesLines
* net.server_epoll: Don't try to flush buffer on closed connectionsKim Alvefur8 days1-1/+2
| | | | | | | | | Attempt to fix a bug where connections are somehow closed twice, leading to bad things happening elsewhere. With LuaSec, closed connections are generally already too closed to write anything to anyway since it does not support unidirectional shutdown.
* net.server_epoll: Revert opportunistic_writes tweakKim Alvefur8 days1-3/+0
| | | | Added in f0b2c026e542 and not sure why
* net.server_epoll: Make running out of buffer space a fatal errorKim Alvefur2024-11-091-0/+6
| | | | | | | Prevent Bad Things from happening when the buffer gets full. This of course opens up the possibility of intentionally killing connections by sending much stuff, which need to be mitigated with rate limits elsewhere.
* net.server_epoll: Improve efficiency of sending much buffered dataKim Alvefur2024-11-091-34/+68
| | | | | | | | | | | | | | Problem: The string slice operations when a lot of data gets buffered ends up being expensive and memory-consuming. We have util.dbuffer for precisely this kind of thing. I want to keep the behavior of writebuffer being upgraded from nil to a string to full buffer since the last step involves three table allocations, where the previous buffer method only used one. Avoiding those allocations for simple writes like white space keep alive feels like it would keep memory churn down. This work was started in 2020
* net.server_epoll: Add support for systemd socket activationKim Alvefur2024-05-141-0/+40
| | | | | | | | | | Allows creating listening sockets and accepting client connections before Prosody starts. This is unlike normal Prosody dynamic resource management, where ports may added and removed at any time, and the ports defined by the config. Weird things happen if these are closed (e.g. due to reload) so here we prevent closing and ensure sockets are reused when opened again.
* net.server_epoll: Log creation of signalfd handles at noise levelKim Alvefur2024-03-011-0/+1
| | | | To aid in tracking down signalfd-related problems
* net.server_epoll: Log failure to hook signalsKim Alvefur2024-02-281-1/+6
| | | | To make any such failures noticeable
* util.signal: Wrap signalfd in an userdatum for gc handling etcKim Alvefur2024-02-241-1/+2
|
* net.server_epoll: Support hooking signals via signalfdKim Alvefur2024-02-241-0/+15
| | | | | | Handling signal events the same way as all other events makes sense and seems safer than the signal handling just jumping around in C and messing with Lua states.
* net.server_epoll: Prevent traceback when checking TLS after connection goneKim Alvefur2024-01-211-0/+5
| | | | Unclear why this would be done, but an error is not great.
* net.server_epoll: Avoid call to update socket watch flags when nothing changedKim Alvefur2023-11-211-0/+3
| | | | Should skip a syscall for each write when using epoll.
* net: Prefix module imports with prosody namespaceKim Alvefur2023-03-171-11/+11
|
* net.server_epoll: Remove delay on last main loop iteration when quittingKim Alvefur2023-01-061-7/+8
| | | | | | | Main difference is that timers are not checked unconditionally before each poll, only when running out of previous poll results (hidden by util.poll). This removes a final poll at shutdown that usually delays the 'not quitting' condition check by one second.
* net.server_epoll: Factor out single main loop step into its own functionKim Alvefur2023-01-061-1/+26
| | | | | This isn't actually used in Prosody, so no value in complicating the real main loop because of it
* mod_saslauth: Implement RFC 9266 'tls-exporter' channel binding (#1760)Kim Alvefur2022-06-011-0/+8
| | | | | | | | | | | | | Brings back SCRAM-SHA-*-PLUS from its hiatus brought on by the earlier channel binding method being undefined for TLS 1.3, and the increasing deployment of TLS 1.3. See 1bfd238e05ad and #1542 Requires future version of LuaSec, once support for this key material export method is merged. See https://github.com/brunoos/luasec/pull/187
* net.server: Fix multiple return valuesKim Alvefur2022-06-031-4/+8
| | | | | | | return foo and foo() crops multiple return values to a single one, so any second return values etc were last, mostly error details. Introduced in 7e9ebdc75ce4
* net.server_epoll: Add option to defer accept() until data availableKim Alvefur2022-05-151-0/+6
| | | | | | | | | | This is a Linux(?) socket option that delays the accept signal until there is data available to read. E.g. with HTTP this might mean that a whole request can be handled without going back trough another turn of the main loop, and an initial client <stream> can be responded to. This may have effects on latency and resource use, as the server does not need to allocate resources until really needed.
* net.server_epoll: Wrap LuaSocket object earlier to reuse option setting methodKim Alvefur2021-07-161-2/+2
| | | | | Since it provides some protection and error handling in the form of logging.
* net.server_epoll: Move call to refresh remote IP address out of wrapperKim Alvefur2021-07-161-1/+3
| | | | Reduces the side effects of wrapsocket()
* net.server_epoll: Add support for TCP Fast OpenKim Alvefur2021-07-081-0/+9
| | | | | | | | | | | | | Requires a patch to LuaSocket adding this socket option, https://github.com/lunarmodules/luasocket/pull/378 sysctl tweaks net.ipv4.tcp_fastopen=3 net.ipv4.tcp_fastopen_blackhole_timeout_sec = 0 net.ipv4.tcp_fastopen_key=$(</proc/sys/kernel/random/uuid) Disabled by default since it an advanced performance tweak unlikely to be needed by most servers.
* net: refactor sslconfig to not depend on LuaSecJonas Schäfer2022-04-021-0/+6
| | | | | | | | | | | This now requires that the network backend exposes a tls_builder function, which essentially wraps the former util.sslconfig.new() function, passing a factory to create the eventual SSL context. That allows a net.server backend to pick whatever it likes as SSL context factory, as long as it understands the config table passed by the SSL config builder. Heck, a backend could even mock and replace the entire SSL config builder API.
* net: isolate LuaSec-specificsJonas Schäfer2022-04-271-8/+27
| | | | | | | | | | | | | | For this, various accessor functions are now provided directly on the sockets, which reach down into the LuaSec implementation to obtain the information. While this may seem of little gain at first, it hides the implementation detail of the LuaSec+LuaSocket combination that the actual socket and the TLS layer are separate objects. The net gain here is that an alternative implementation does not have to emulate that specific implementation detail and "only" has to expose LuaSec-compatible data structures on the new functions.
* net.server_epoll: Disable verbose mode by defaultKim Alvefur2022-02-121-2/+1
|
* util.id: Adjust entropy levels, with rationalesKim Alvefur2021-12-021-1/+1
| | | | | Modules using ids for logging should not need the now pretty large medium one.
* net.server_epoll: Ensure calls to :write() return somethingKim Alvefur2021-12-061-1/+2
| | | | | | | | | | With opportunistic writes enabled, writes can return what :onwritable() returns, thus :onwritable() should return something sensible at each spot. Should prevent whatever caused > Error writing to connection: (nil) Tho this was probably harmless
* net.server_epoll: Prevent loop attempting to send last data after closeKim Alvefur2021-11-301-0/+1
| | | | | | | | | | | | | | If the connection is closed by the peer, any buffered data is given a last chance to be sent (see f27b9319e0da). If the connection is Really closed, no attempt to write will occur, instead epoll will raise the error flag and :onreadable() will be invoked again, where it will try to :close() again for the same reason, thus looping until the connection somehow gets destroyed. By clearing the _connected flag, the second time it passes :onreadable() it should go directly to :destroy(), breaking the loop. Thanks Link Mauve for reporting
* net.server_epoll: Fix streaming downloads (thanks Menel)Kim Alvefur2021-11-191-1/+1
| | | | | | | | | | ff4e34c448a4 broke the way net.http.server streams downloads from disk because it made writes from the ondrain callback no longer reset the want-write flag, causing the download to halt. Writes from the predrain handler still must not trigger anything but additions to the buffer, since it is about to do all the socket writing already.
* net.server_epoll: Try harder to avoid reentrant opportunistic writesKim Alvefur2021-11-181-1/+4
| | | | | | Opportunistic writes sure do complicate things. This is especially intended to avoid opportunistic_writes from within the onpredrain callback.
* net.server_epoll: Process all queued events from epoll before timersKim Alvefur2021-10-211-2/+4
| | | | | | | Should call timers less frequently when many sockets are waiting for processing. May help under heavy load. Requested by Ge0rG
* net.server_epoll: Prevent starttls on direct TLS connectionsKim Alvefur2021-10-051-0/+1
| | | | | | | | | | This is not a pretty way to signal this... but it is the current API interface:inittls() is a new code path which did not go past the point in interface:starttls() where it set starttls to false, leading mod_tls to offer starttls on direct TLS connections Thanks Martin for discovering.
* net.server_epoll: Separate handling of "closed" from other errorsKim Alvefur2021-09-221-7/+7
| | | | | | The intent is to ensure 'ondisconnect' only gets called once, while giving buffered outgoing data a last chance to be delivered via the :close() path in case the connection was only shutdown in one direction.
* net.server_epoll: Skip attempt to flush write buffer when not connectedKim Alvefur2021-09-221-1/+1
| | | | | | | | Before 22825cb5dcd8 connection attempts that failed (e.g. connection refused) would be immediately destroyed. After, it would schedule another write cycle and then report 'ondisconnect' again when failing. Thanks Martin for reporting
* Merge 0.11->trunkKim Alvefur2021-09-201-0/+18
|\
| * net.server_epoll: Add a hard deadline on shutdown to extra-fix #1670Kim Alvefur2021-09-201-0/+12
| | | | | | | | Should ensure shutdown even if sockets somehow take a very long to get closed.
| * net.server_epoll: Close sockets added after shutdown signal (fixes #1670)Kim Alvefur2021-09-201-0/+6
| | | | | | | | | | This should ensure that sockets get closed even if they are added after the quit signal. Otherwise they may keep the server alive.
* | net.server_epoll: Fix indentation messed up in last mergeKim Alvefur2021-09-171-27/+27
| | | | | | | | Seems to have happened in 6427e2642976, probably because of Meld
* | net.server_epoll: Don't immediately destroy upon getting closed on readKim Alvefur2021-09-151-1/+1
| | | | | | | | | | | | | | | | | | | | Instead try to write any remaining buffered data. If the write attempt also fails with "closed" then there's nothing we can do and the socket is gone. This reverts what appears to be a mistakenly included part of c8aa66595072 Thanks jonas’ for noticing
* | net.server_epoll: Try to make port number related methods saneKim Alvefur2021-09-121-7/+11
| | | | | | | | | | | | | | | | | | Previously it was unclear whether "client port" was the port that the client connected to, or from. I hereby declare that the client port is the source port and the server port is the destination port. Incoming and outgoing connections can be distinguished by looking at the_server reference, which only incoming connections have.
* | net.server_epoll: Prevent removed timers from being readdedKim Alvefur2021-08-311-2/+12
| | | | | | | | | | | | | | | | | | In a case like this the timer would not be readded: addtimer(1, function(t, id) stop(id) return 1 end);
* | Merge 0.11->trunkKim Alvefur2021-08-311-29/+29
|\|
| * net.server_epoll: Fix to preserve ids of readded timersKim Alvefur2021-08-311-2/+2
| | | | | | | | | | | | | | Likely affected rescheduling but have no reports of this. After readding a timer, it would have been issued a new id. Rescheduling would use the previous id, thus not working.
| * net.server_epoll: Fix off-by-one in 2c559953ad41Kim Alvefur2021-01-101-1/+1
| | | | | | | | Thanks tmolitor
* | net.server_epoll: Split, attempt to clarify dirty noise messageKim Alvefur2021-08-161-1/+2
| | | | | | | | | | | | Only relevant because a "dirty" connection (with incoming data in LuaSocket's buffer) does not count as "readable" according to epoll, so special care needs to be taken to keep on processing it.
* | net.server: Add a predrain callaback just before writesKim Alvefur2021-08-161-0/+1
| | | | | | | | | | | | | | | | | | | | Allows sneaking in things in the write buffer just before it's sent to the network stack. For example ack requests, compression flushes or other things that make sense to send after stanzas or other things. This ensures any additional trailing data sent is included in the same write, and possibly the same TCP packet. Other methods used such as timers or nextTick might not have the same effect as it depends on scheduling.
* | net.server_epoll: Improve efficiency of opportunistic writesKim Alvefur2021-08-141-1/+3
| | | | | | | | | | | | | | | | | | Should prevent further opportunistic write attempts after the kernel buffers are full and stops accepting writes. When combined with `keep_buffers = false` it should stop it from repeatedly recreating the buffer table and concatenating it back into a string when there's a lot to write.
* | net.server_epoll: Fix traceback-causing typoKim Alvefur2021-07-181-1/+1
| | | | | | | | | | | | | | Caused "attempt to index a string value (local 'data')", but only if keep_buffers is set to false, which is not the default. Introduced in 917eca7be82b
* | net.server_epoll: Ensure timeouts match epoll flagsKim Alvefur2021-07-171-0/+6
| | | | | | | | | | Read and write timeouts should usually match whether we want to read or write.
* | net.server_epoll: Skip reset of read timeout when not readingKim Alvefur2021-07-171-1/+2
| | | | | | | | Should avoid rare but needless timer interactions
* | net.server_epoll: Reduce timer churn during TLS handshakeKim Alvefur2021-07-171-1/+1
| | | | | | | | | | Instead of removing and readding the timer, keep it and adjust it instead. Should reduce garbage production a bit.
* | net.server_epoll: Use only fatal "write" timeout during TLS negotiationKim Alvefur2021-07-161-3/+3
| | | | | | | | | | | | | | Only real difference between the read and write timeouts is that the former has a callback that allows the higher levels to keep the connection alive, while hitting the later is immediately fatal. We want the later behavior for TLS negotiation.