aboutsummaryrefslogtreecommitdiffstats
path: root/net
Commit message (Collapse)AuthorAgeFilesLines
...
| * net.unbound: Disable use of hosts file by default (fixes #1737)Kim Alvefur2022-05-161-0/+9
| | | | | | | | | | This mirrors the behaviour with net.dns and avoids the initialization issue in #1737
* | net.server_select: Restore dependency on LuaSec to soft for testsKim Alvefur2022-04-271-3/+1
| | | | | | | | | | server_select is used in e.g. storagemanager tests, and some of the CI runners are lacking LuaSec, which resulted in failures.
* | net.tls_luasec: Harden dependency on LuaSecKim Alvefur2022-04-271-3/+2
| | | | | | | | | | | | We at some point decided that it was okay to have a hard dependency the TLS library. Especially here since this module is meant to contain all LuaSec specifics.
* | net: refactor sslconfig to not depend on LuaSecJonas Schäfer2022-04-024-0/+25
| | | | | | | | | | | | | | | | | | | | | | This now requires that the network backend exposes a tls_builder function, which essentially wraps the former util.sslconfig.new() function, passing a factory to create the eventual SSL context. That allows a net.server backend to pick whatever it likes as SSL context factory, as long as it understands the config table passed by the SSL config builder. Heck, a backend could even mock and replace the entire SSL config builder API.
* | net: isolate LuaSec-specificsJonas Schäfer2022-04-274-15/+156
| | | | | | | | | | | | | | | | | | | | | | | | | | | | For this, various accessor functions are now provided directly on the sockets, which reach down into the LuaSec implementation to obtain the information. While this may seem of little gain at first, it hides the implementation detail of the LuaSec+LuaSocket combination that the actual socket and the TLS layer are separate objects. The net gain here is that an alternative implementation does not have to emulate that specific implementation detail and "only" has to expose LuaSec-compatible data structures on the new functions.
* | net.connect: Fix accumulation of connection attempt referencesKim Alvefur2022-04-201-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | Connection attempts that failed the Happy Eyeballs race were not unreferenced and would accumulate. Tested by inspecting the 'pending_connections_map' after establishing s2s with a s2s target where the IPv6 port has a -j DROP rule causing it to time out and the IPv4 attempt wins the race. Expected is that the losing connection stays around until net.server timeouts kick in where it should be removed. The map table should tend towards being empty during idle times.
* | net.connect: Improve logging on connection attempt failureMatthew Wild2022-03-211-1/+5
| |
* | net.connect: Improve handling of failure when attempts are still pendingMatthew Wild2022-03-211-3/+11
| | | | | | | | | | This could lead to failure being reported too early, even if some connections have not yet failed.
* | net.resolvers.basic: Fix incorrect field name (thanks CI)Matthew Wild2022-03-181-1/+1
| |
* | net.connect: When more targets are immediately available, try them after a delayMatthew Wild2022-03-181-1/+10
| | | | | | | | RFC 8305
* | net.connect: Support for multiple pending connection attemptsMatthew Wild2022-03-181-5/+10
| |
* | net.resolvers.basic: Indicate to callback if we have more targets availableMatthew Wild2022-03-181-1/+1
| |
* | net.resolvers.basic: Alternate IP address family targets, per RFC 8305Matthew Wild2022-03-181-2/+10
| |
* | net.resolvers.basic: Refactor to remove code duplicationMatthew Wild2022-03-181-80/+72
| | | | | | | | ...and prepare for Happy Eyeballs
* | net.resolvers.service: Honour record 'weight' when picking SRV targetsMatthew Wild2022-03-171-13/+68
|/ | | | #NotHappyEyeballs
* Spelling: Fix various spelling mistakes (thanks timeless)Kim Alvefur2022-03-072-8/+8
| | | | | | Words, sometimes I wonder how they even work Maybe I missed something.
* net.websocket.frames: Replace bit fiddling code with util.structKim Alvefur2022-03-061-48/+13
| | | | | | Fallback code for not having either the string.pack and string.unpack functions available in Lua 5.4 or the struct lib is no longer needed since the struct lib was imported as util.struct in 3ce3633527af
* net.stun: Support for xor-relayed-address attributeMatthew Wild2022-03-051-2/+20
|
* net.stun: Add xor-peer-address helperMatthew Wild2022-03-051-0/+16
|
* net.stun: Factor out address unpack, an operation common to multiple attributesMatthew Wild2022-03-051-11/+12
|
* net.stun: Name some more attributes from TURNMatthew Wild2022-03-051-0/+3
|
* net.stun: Add lookup table generation helper, reduces code duplicationMatthew Wild2022-03-051-16/+15
|
* net.stun: Hyphenate method names for consistencyMatthew Wild2022-03-051-2/+2
|
* net.stun: Use util.bitcompat to deal with bit module variances across Lua ↵Kim Alvefur2022-03-041-0/+1
| | | | versions
* net.stun: Use util.strbitopKim Alvefur2022-03-041-11/+1
| | | | Improves performance since the whole procedure is done in C
* net.stun: New library that implements STUN/TURN parsing/serializationMatthew Wild2022-03-041-0/+292
|
* net.server_epoll: Disable verbose mode by defaultKim Alvefur2022-02-121-2/+1
|
* net.http: Allow using DANE via options or per request settingsKim Alvefur2022-02-051-1/+5
| | | | Dare to enable by default?
* net.connect: Allow passing TLS context from resolverKim Alvefur2022-01-211-1/+2
| | | | | | Only allowing it to be passed directly makes it hard to combine plain (i.e. starttls) and Direct TLS connections in the same connection resolution procedure. But now we can, using chained resolvers!
* net.resolvers.chain: A resolver for combining other resolversKim Alvefur2022-01-211-0/+38
| | | | Say if you wanted to try both _xmpp and _xmpps services
* net.resolvers: Report DNSSEC validation errors instead of NoErrorKim Alvefur2021-12-282-3/+13
| | | | Thanks Martin bringing this case to attention
* util.id: Adjust entropy levels, with rationalesKim Alvefur2021-12-022-2/+2
| | | | | Modules using ids for logging should not need the now pretty large medium one.
* net.resolvers: Report when hostname fails IDNAKim Alvefur2021-12-072-2/+2
| | | | | Not a particularly user-friendly error message, but better than "unable to resolve service" and having no clue where it came from.
* net.server_epoll: Ensure calls to :write() return somethingKim Alvefur2021-12-061-1/+2
| | | | | | | | | | With opportunistic writes enabled, writes can return what :onwritable() returns, thus :onwritable() should return something sensible at each spot. Should prevent whatever caused > Error writing to connection: (nil) Tho this was probably harmless
* net.server_epoll: Prevent loop attempting to send last data after closeKim Alvefur2021-11-301-0/+1
| | | | | | | | | | | | | | If the connection is closed by the peer, any buffered data is given a last chance to be sent (see f27b9319e0da). If the connection is Really closed, no attempt to write will occur, instead epoll will raise the error flag and :onreadable() will be invoked again, where it will try to :close() again for the same reason, thus looping until the connection somehow gets destroyed. By clearing the _connected flag, the second time it passes :onreadable() it should go directly to :destroy(), breaking the loop. Thanks Link Mauve for reporting
* net.server_epoll: Fix streaming downloads (thanks Menel)Kim Alvefur2021-11-191-1/+1
| | | | | | | | | | ff4e34c448a4 broke the way net.http.server streams downloads from disk because it made writes from the ondrain callback no longer reset the want-write flag, causing the download to halt. Writes from the predrain handler still must not trigger anything but additions to the buffer, since it is about to do all the socket writing already.
* net.server_epoll: Try harder to avoid reentrant opportunistic writesKim Alvefur2021-11-181-1/+4
| | | | | | Opportunistic writes sure do complicate things. This is especially intended to avoid opportunistic_writes from within the onpredrain callback.
* net.connect: Prefer last connection error over last resolver errorKim Alvefur2021-11-131-1/+1
| | | | | E.g. "connection refused" over one IP version instead of NoError for the other IP version.
* net.connect: Propagate last error message from resolversKim Alvefur2021-11-123-5/+28
| | | | | | | | Previously it would only say "unable to resolve server" for all DNS problems. While "NoError in A lookup" might not make much sense to users, it should help in debugging more than the previous generic error. Friendlier errors will be future work.
* net.server_epoll: Process all queued events from epoll before timersKim Alvefur2021-10-211-2/+4
| | | | | | | Should call timers less frequently when many sockets are waiting for processing. May help under heavy load. Requested by Ge0rG
* net.server_epoll: Prevent starttls on direct TLS connectionsKim Alvefur2021-10-051-0/+1
| | | | | | | | | | This is not a pretty way to signal this... but it is the current API interface:inittls() is a new code path which did not go past the point in interface:starttls() where it set starttls to false, leading mod_tls to offer starttls on direct TLS connections Thanks Martin for discovering.
* net.server_epoll: Separate handling of "closed" from other errorsKim Alvefur2021-09-221-7/+7
| | | | | | The intent is to ensure 'ondisconnect' only gets called once, while giving buffered outgoing data a last chance to be delivered via the :close() path in case the connection was only shutdown in one direction.
* net.server_epoll: Skip attempt to flush write buffer when not connectedKim Alvefur2021-09-221-1/+1
| | | | | | | | Before 22825cb5dcd8 connection attempts that failed (e.g. connection refused) would be immediately destroyed. After, it would schedule another write cycle and then report 'ondisconnect' again when failing. Thanks Martin for reporting
* Merge 0.11->trunkKim Alvefur2021-09-201-0/+18
|\
| * net.server_epoll: Add a hard deadline on shutdown to extra-fix #1670Kim Alvefur2021-09-201-0/+12
| | | | | | | | Should ensure shutdown even if sockets somehow take a very long to get closed.
| * net.server_epoll: Close sockets added after shutdown signal (fixes #1670)Kim Alvefur2021-09-201-0/+6
| | | | | | | | | | This should ensure that sockets get closed even if they are added after the quit signal. Otherwise they may keep the server alive.
* | net.server_epoll: Fix indentation messed up in last mergeKim Alvefur2021-09-171-27/+27
| | | | | | | | Seems to have happened in 6427e2642976, probably because of Meld
* | net.server_epoll: Don't immediately destroy upon getting closed on readKim Alvefur2021-09-151-1/+1
| | | | | | | | | | | | | | | | | | | | Instead try to write any remaining buffered data. If the write attempt also fails with "closed" then there's nothing we can do and the socket is gone. This reverts what appears to be a mistakenly included part of c8aa66595072 Thanks jonas’ for noticing
* | net.server_epoll: Try to make port number related methods saneKim Alvefur2021-09-121-7/+11
| | | | | | | | | | | | | | | | | | Previously it was unclear whether "client port" was the port that the client connected to, or from. I hereby declare that the client port is the source port and the server port is the destination port. Incoming and outgoing connections can be distinguished by looking at the_server reference, which only incoming connections have.
* | net.server_select: Deprecate and warn about itKim Alvefur2021-09-031-0/+2
| | | | | | | | | | | | | | | | | | To be removed in the future, but not right now. Give the log warning a chance to prod anyone who might have network_backend="select" in their config first. There's also things built on Verse which uses server_select.lua, which will need to be updated somehow.