aboutsummaryrefslogtreecommitdiffstats
path: root/net
Commit message (Collapse)AuthorAgeFilesLines
* net.resolvers.chain: A resolver for combining other resolversKim Alvefur2022-01-211-0/+38
| | | | Say if you wanted to try both _xmpp and _xmpps services
* net.resolvers: Report DNSSEC validation errors instead of NoErrorKim Alvefur2021-12-282-3/+13
| | | | Thanks Martin bringing this case to attention
* util.id: Adjust entropy levels, with rationalesKim Alvefur2021-12-022-2/+2
| | | | | Modules using ids for logging should not need the now pretty large medium one.
* net.resolvers: Report when hostname fails IDNAKim Alvefur2021-12-072-2/+2
| | | | | Not a particularly user-friendly error message, but better than "unable to resolve service" and having no clue where it came from.
* net.server_epoll: Ensure calls to :write() return somethingKim Alvefur2021-12-061-1/+2
| | | | | | | | | | With opportunistic writes enabled, writes can return what :onwritable() returns, thus :onwritable() should return something sensible at each spot. Should prevent whatever caused > Error writing to connection: (nil) Tho this was probably harmless
* net.server_epoll: Prevent loop attempting to send last data after closeKim Alvefur2021-11-301-0/+1
| | | | | | | | | | | | | | If the connection is closed by the peer, any buffered data is given a last chance to be sent (see f27b9319e0da). If the connection is Really closed, no attempt to write will occur, instead epoll will raise the error flag and :onreadable() will be invoked again, where it will try to :close() again for the same reason, thus looping until the connection somehow gets destroyed. By clearing the _connected flag, the second time it passes :onreadable() it should go directly to :destroy(), breaking the loop. Thanks Link Mauve for reporting
* net.server_epoll: Fix streaming downloads (thanks Menel)Kim Alvefur2021-11-191-1/+1
| | | | | | | | | | ff4e34c448a4 broke the way net.http.server streams downloads from disk because it made writes from the ondrain callback no longer reset the want-write flag, causing the download to halt. Writes from the predrain handler still must not trigger anything but additions to the buffer, since it is about to do all the socket writing already.
* net.server_epoll: Try harder to avoid reentrant opportunistic writesKim Alvefur2021-11-181-1/+4
| | | | | | Opportunistic writes sure do complicate things. This is especially intended to avoid opportunistic_writes from within the onpredrain callback.
* net.connect: Prefer last connection error over last resolver errorKim Alvefur2021-11-131-1/+1
| | | | | E.g. "connection refused" over one IP version instead of NoError for the other IP version.
* net.connect: Propagate last error message from resolversKim Alvefur2021-11-123-5/+28
| | | | | | | | Previously it would only say "unable to resolve server" for all DNS problems. While "NoError in A lookup" might not make much sense to users, it should help in debugging more than the previous generic error. Friendlier errors will be future work.
* net.server_epoll: Process all queued events from epoll before timersKim Alvefur2021-10-211-2/+4
| | | | | | | Should call timers less frequently when many sockets are waiting for processing. May help under heavy load. Requested by Ge0rG
* net.server_epoll: Prevent starttls on direct TLS connectionsKim Alvefur2021-10-051-0/+1
| | | | | | | | | | This is not a pretty way to signal this... but it is the current API interface:inittls() is a new code path which did not go past the point in interface:starttls() where it set starttls to false, leading mod_tls to offer starttls on direct TLS connections Thanks Martin for discovering.
* net.server_epoll: Separate handling of "closed" from other errorsKim Alvefur2021-09-221-7/+7
| | | | | | The intent is to ensure 'ondisconnect' only gets called once, while giving buffered outgoing data a last chance to be delivered via the :close() path in case the connection was only shutdown in one direction.
* net.server_epoll: Skip attempt to flush write buffer when not connectedKim Alvefur2021-09-221-1/+1
| | | | | | | | Before 22825cb5dcd8 connection attempts that failed (e.g. connection refused) would be immediately destroyed. After, it would schedule another write cycle and then report 'ondisconnect' again when failing. Thanks Martin for reporting
* Merge 0.11->trunkKim Alvefur2021-09-201-0/+18
|\
| * net.server_epoll: Add a hard deadline on shutdown to extra-fix #1670Kim Alvefur2021-09-201-0/+12
| | | | | | | | Should ensure shutdown even if sockets somehow take a very long to get closed.
| * net.server_epoll: Close sockets added after shutdown signal (fixes #1670)Kim Alvefur2021-09-201-0/+6
| | | | | | | | | | This should ensure that sockets get closed even if they are added after the quit signal. Otherwise they may keep the server alive.
* | net.server_epoll: Fix indentation messed up in last mergeKim Alvefur2021-09-171-27/+27
| | | | | | | | Seems to have happened in 6427e2642976, probably because of Meld
* | net.server_epoll: Don't immediately destroy upon getting closed on readKim Alvefur2021-09-151-1/+1
| | | | | | | | | | | | | | | | | | | | Instead try to write any remaining buffered data. If the write attempt also fails with "closed" then there's nothing we can do and the socket is gone. This reverts what appears to be a mistakenly included part of c8aa66595072 Thanks jonas’ for noticing
* | net.server_epoll: Try to make port number related methods saneKim Alvefur2021-09-121-7/+11
| | | | | | | | | | | | | | | | | | Previously it was unclear whether "client port" was the port that the client connected to, or from. I hereby declare that the client port is the source port and the server port is the destination port. Incoming and outgoing connections can be distinguished by looking at the_server reference, which only incoming connections have.
* | net.server_select: Deprecate and warn about itKim Alvefur2021-09-031-0/+2
| | | | | | | | | | | | | | | | | | To be removed in the future, but not right now. Give the log warning a chance to prod anyone who might have network_backend="select" in their config first. There's also things built on Verse which uses server_select.lua, which will need to be updated somehow.
* | net.server: Pikc server_epoll as unconditional defaultKim Alvefur2021-09-031-2/+1
| | | | | | | | | | | | | | Previously it would have gone for server_select if util.poll was for some reason not available, which should be never these days. And even if it was, best to flush it out by throwing loud errors so users notice. Then they can work around it by using select until we delete that one.
* | net.server: Fall back to default backend from libevent instead of always selectKim Alvefur2021-09-031-2/+2
| | | | | | | | | | | | | | | | Fixes that selecting libevent when unavaibalbe would fall back to select instead of epoll, even if that's available. This way, we only have to update it in once place when choosing a new default.
* | net.server_epoll: Prevent removed timers from being readdedKim Alvefur2021-08-311-2/+12
| | | | | | | | | | | | | | | | | | In a case like this the timer would not be readded: addtimer(1, function(t, id) stop(id) return 1 end);
* | Merge 0.11->trunkKim Alvefur2021-08-311-29/+29
|\|
| * net.server_epoll: Fix to preserve ids of readded timersKim Alvefur2021-08-311-2/+2
| | | | | | | | | | | | | | Likely affected rescheduling but have no reports of this. After readding a timer, it would have been issued a new id. Rescheduling would use the previous id, thus not working.
* | net.http: fail open if surrounding code does not configure TLSJonas Schäfer2021-08-291-1/+1
| | | | | | | | | | | | | | | | | | | | | | Previously, if surrounding code was not configuring the TLS context used default in net.http, it would not validate certificates at all. This is not a security issue with prosody, because prosody updates the context with `verify = "peer"` as well as paths to CA certificates in util.startup.init_http_client. Nevertheless... Let's not leave this pitfall out there in the open.
* | net.server_epoll: Split, attempt to clarify dirty noise messageKim Alvefur2021-08-161-1/+2
| | | | | | | | | | | | Only relevant because a "dirty" connection (with incoming data in LuaSocket's buffer) does not count as "readable" according to epoll, so special care needs to be taken to keep on processing it.
* | net.server: Add a predrain callaback just before writesKim Alvefur2021-08-163-0/+11
| | | | | | | | | | | | | | | | | | | | Allows sneaking in things in the write buffer just before it's sent to the network stack. For example ack requests, compression flushes or other things that make sense to send after stanzas or other things. This ensures any additional trailing data sent is included in the same write, and possibly the same TCP packet. Other methods used such as timers or nextTick might not have the same effect as it depends on scheduling.
* | net.server_epoll: Improve efficiency of opportunistic writesKim Alvefur2021-08-141-1/+3
| | | | | | | | | | | | | | | | | | Should prevent further opportunistic write attempts after the kernel buffers are full and stops accepting writes. When combined with `keep_buffers = false` it should stop it from repeatedly recreating the buffer table and concatenating it back into a string when there's a lot to write.
* | Fix various spelling errors (thanks codespell)Kim Alvefur2021-07-271-1/+1
| | | | | | | | | | Also special thanks to timeless, for wordlessly reminding me to check for typos.
* | net.resolvers.service: Only do DANE with secure SRV recordsKim Alvefur2021-07-181-0/+4
| | | | | | | | | | | | If this seems backwards, that' because it is but the API isn't really designed to easily pass along details from each resolution step onto the next.
* | Revert 926d53af9a7a: Restore DANE supportKim Alvefur2021-07-181-4/+5
| | | | | | | | | | Previous commit adds a workaround, so this doesn't mutate global state anymore, only per-connection 'extra' state as originally intended.
* | net.server_epoll: Fix traceback-causing typoKim Alvefur2021-07-181-1/+1
| | | | | | | | | | | | | | Caused "attempt to index a string value (local 'data')", but only if keep_buffers is set to false, which is not the default. Introduced in 917eca7be82b
* | net.server_epoll: Ensure timeouts match epoll flagsKim Alvefur2021-07-171-0/+6
| | | | | | | | | | Read and write timeouts should usually match whether we want to read or write.
* | net.server_epoll: Skip reset of read timeout when not readingKim Alvefur2021-07-171-1/+2
| | | | | | | | Should avoid rare but needless timer interactions
* | net.server_epoll: Reduce timer churn during TLS handshakeKim Alvefur2021-07-171-1/+1
| | | | | | | | | | Instead of removing and readding the timer, keep it and adjust it instead. Should reduce garbage production a bit.
* | net.server_epoll: Use only fatal "write" timeout during TLS negotiationKim Alvefur2021-07-161-3/+3
| | | | | | | | | | | | | | Only real difference between the read and write timeouts is that the former has a callback that allows the higher levels to keep the connection alive, while hitting the later is immediately fatal. We want the later behavior for TLS negotiation.
* | net.server_epoll: Optimize concatenation of exactly 2 buffer chunksKim Alvefur2021-07-161-1/+3
| | | | | | | | | | | | Saves a function call. I forget if I measured this kind of thing but IIRC infix concatenation is faster than a function call up to some number of items, but let's stop at 2 here.
* | net.server_epoll: Avoid allocating a buffer table for single writesKim Alvefur2021-07-161-11/+20
| | | | | | | | | | | | | | writebuffer is now string | { string } Saves the allocation of a buffer table until the second write, which could be rare, especially with opportunistic writes.
* | net.server_epoll: Optionally let go of buffersKim Alvefur2021-07-161-5/+17
| | | | | | | | | | Reusing an already existing buffer table would reduce garbage, but keeping it while idle is a waste.
* | net.server_epoll: Propagate returns from opportunistic writesKim Alvefur2021-07-161-3/+4
| | | | | | | | | | So that if a write ends up writing directly to the socket, it gets the actual return value
* | net.server_epoll: Set minimum wait time to 1ms, matching epollKim Alvefur2021-07-151-1/+1
| | | | | | | | | | | | | | | | | | | | A timeout value less than 0.001 gets turned into zero on the C side, so epoll_wait() returns instantly and essentially busy-loops up to 1ms, e.g. when a timer event ends up scheduled (0, 0.001)ms into the future. Unsure if this has much effect in practice, but it may waste a small amount of CPU time. How much would depend on how often this ends up happening and how fast the CPU gets trough main loop iterations.
* | net.server_epoll: Add setting for disabling the Nagle algorithmKim Alvefur2021-07-141-0/+6
| | | | | | | | Nagle increases latency and is the bane of all networking!
* | net.server_epoll: Support setting keepalive idle timeKim Alvefur2021-07-141-0/+3
| | | | | | | | | | | | | | Activated by setting config.tcp_keepalive to a number, in seconds. Defaults to 2h. Depends on LuaSocket support for this option.
* | net.server_epoll: Add way to enable TCP keeplives on all connectionsKim Alvefur2021-07-141-1/+6
| | | | | | | | | | | | In case one wishes to enable this for all connections, not just c2s (not Direct TLS ones, because LuaSec) and s2s. Unclear what use these are, since they kick in after 2 hours of idle time.
* | net.server_epoll: Add an (empty) method for setting socket optionsKim Alvefur2021-07-141-0/+6
| |
* | net.server_epoll: Log failures to set socket optionsKim Alvefur2021-07-141-2/+8
| | | | | | | | | | | | | | | | | | Good to know if it fails, especially since the return value doesn't seem to be checked anywhere. Since LuaSec-wrapped sockets don't expose the setoption method, this will likely show when mod_c2s tries to enable keepalives on direct tls connections.
* | net.server_epoll: Call onconnect immediately after TLS handshake completionKim Alvefur2021-07-131-1/+2
| | | | | | | | | | | | Skips a roundtrip through the main loop in case client-first data is available already, if not then :onreadable() will set the appropriate timeout.
* | net.server_epoll: Refactor immediate TLS handshake startKim Alvefur2021-07-131-6/+5
| |