Joris Vink
bbfbfc4c61
add ssl_no_compression option to allow one to disable OpenSSL compression.
2013-08-07 16:59:45 +02:00
Joris Vink
04ee544982
Add support for ephemeral key exchange mechanisms, ssl_dhparam configuration option must be set (and point to a file containing a generated DH key).
2013-08-07 16:51:39 +02:00
Joris Vink
db7ed69f2a
Add kore_buf_replace_string().
...
kore_buf_replace_string allows you to replace occurances of a certain
string with something else.
Example:
char *username = "Joris";
page = kore_buf_create(static_len_html_profile);
kore_buf_append(page, static_html_profile, static_len_html_profile);
kore_buf_replace_string(page, "%name%", username, strlen(username));
2013-08-07 14:56:14 +02:00
Joris Vink
ef814a677d
Add http_argument_multiple_lookup() and http_argument_multiple_free().
...
Prototypes:
int http_argument_multiple_lookup(struct http_req *req,
struct http_arg *args);
void http_argument_multiple_free(struct http_arg *args);
These functions can be used to lookup arguments in a single call.
args points to an array of struct http_arg elements. Each of them
have the argument name set and its value set to NULL.
The array must have its last element name field set to NULL.
Upon return http_argument_multiple_lookup() gives the caller the
number of arguments that were successfully found. It makes their values
available under the value field in the struct http_arg array passed.
Example:
int v;
struct http_args args[4];
memset(args, 0, sizeof(args));
args[0].name = "email";
args[1].name = "password1";
args[2].name = "password2";
args[3].name = NULL;
v = http_argument_multiple_lookup(req, args);
if (v != 3) {
kore_debug("argument %s was not present", args[v].name);
} else {
for (v = 0; args[v].name != NULL; v++)
kore_debug("%s -> %s", args[v].name, args[v].value);
}
http_argument_multiple_free(args);
2013-08-07 14:41:16 +02:00
Joris Vink
6dbcb30eb9
properly calculate if we need to expand the header block in spdy_header_block_add().
2013-08-06 15:58:21 +02:00
Joris Vink
3eb3665600
Detect right amount of cpu's available under osx. From Vaibhav Bhembre via github.
2013-07-28 19:21:49 +02:00
Joris Vink
659e19f92f
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
Joris Vink
20f02ced23
remove meminuse and list of allocated memory blocks, we don't need it.
2013-07-25 23:41:00 +02:00
Joris Vink
712461b081
kore_buf_appendb(): free d once we are done with it.
2013-07-22 23:42:40 +02:00
Joris Vink
60ce2ce858
In kore_realloc() copy a minimum of old or new length bytes.
2013-07-22 22:44:42 +02:00
Joris Vink
dca6e58189
remove commented out debug defines.
2013-07-18 22:13:59 +02:00
Joris Vink
91b839f355
Add OSX support, buildable via "make osx".
...
Make sure you have OpenSSL 1.0.0d+ (available from Macports) installed.
Based on diff from Vaibhav Bhembre via github
2013-07-17 20:19:44 +02:00
Joris Vink
2c1352b226
remove versioning numbers, i hate them.
2013-07-16 15:30:20 +02:00
Joris Vink
341172f844
Do not 0 out everything we allocate, and instead fix the behaviour of the code in the appropriate places.
2013-07-16 09:56:36 +02:00
Joris Vink
ae9fabb84f
No need to duplicate the received http buffer.
2013-07-16 09:33:46 +02:00
Joris Vink
ced1279f88
Properly calculate worker offset, otherwise we'll eventually run into trouble.
2013-07-15 11:24:49 +02:00
Joris Vink
1f938eb818
Only release accept lock when required.
2013-07-15 11:12:05 +02:00
Joris Vink
29fa49ba83
Add fixed size memory pools and use them throughout Kore.
2013-07-15 11:06:36 +02:00
Joris Vink
f54e7ace83
do not try to accept if accept has failed, but instead let kore continue
2013-07-13 22:24:00 +02:00
Joris Vink
cebd1c2c2b
Reduce footprint of meminfo and shuffle some stuff around
2013-07-13 22:19:50 +02:00
Joris Vink
51c8188f7a
remove cast for malloc + add missing stdlib.h
2013-07-13 21:47:04 +02:00
Joris Vink
9c7aaf179f
Remove unneeded malloc result casting, annoying habbit of mine but serves no purpose.
2013-07-13 21:08:55 +02:00
Joris Vink
94737a2a5f
If the idletimer expires for SPDY sessions use spdy_session_teardown()
...
to remove it gently.
2013-07-13 20:29:29 +02:00
Joris Vink
c999bf5001
Kore can now disconnect SPDY session if they've been idle too long.
...
Configurable via spdy_idle_time in your configuration file.
Setting this to 0 will keep SPDY sessions open indefinately.
2013-07-13 20:19:01 +02:00
Joris Vink
f59e94a7b6
Add spdy_session_teardown() which can properly teardown a SPDY session.
...
Use this throughout the spdy code to propagate session errors (if any) occur.
At the same time fix BSD's missing CONN_WRITE_BLOCK
2013-07-13 19:56:38 +02:00
Joris Vink
0fee1247c9
TAILQ_REMOVE() the netbuf before adding it to the HEAD of recv_queue again.
2013-07-12 15:49:49 +02:00
Joris Vink
2e3720abc9
free() -> kore_mem_free()
2013-07-12 10:49:37 +02:00
Joris Vink
9eb32e668e
use correct base64 alphabet (URL and Filename Safe Alphabet)
2013-07-10 15:04:01 +02:00
Joris Vink
bb09e8b2a9
add base64 encoder/decoder in prep for http/2.0 and websockets
2013-07-10 15:00:53 +02:00
Joris Vink
bb2d4903f2
remove NETBUF_RETAIN, no longer needed
2013-07-10 13:39:35 +02:00
Joris Vink
21a44589fc
If we already have all the POST data in the netbuf do not try and read more.
2013-07-10 13:34:42 +02:00
Joris Vink
36d603ea67
When negotiating the protocol to be used using the NPN extension keep in mind that http/1.1 can be given there as well. (Googlebot does this, and thus couldn't access Kore sites).
...
On top of that be extra careful with how many bytes we memcmp() if we receive data from the NPN extension.
This fix makes googlebot and anybody negotiating http/1.1 over NPN properly.
2013-07-10 10:37:37 +02:00
Joris Vink
94eee6a8d1
- Do not wrongly ignore WINDOW_UPDATE frames when a stream is still active.
...
- Only unblock a stream if it was actually blocked before.
2013-07-09 15:21:48 +02:00
Joris Vink
b0c67df902
fix a typo
2013-07-09 13:27:39 +02:00
Joris Vink
649e81afd7
use handler function name if available when logging a worker process that has died.
2013-07-07 14:56:50 +02:00
Joris Vink
95bacb5690
Kore will now keep track of page handlers that cause workers to die.
...
This is useful to track down any issues you might have in your module.
A log entry with a page handler causing issues looks like:
Jul 7 14:44:30 devbook kore[18191]: [parent]: worker 1 (18193)-> status 11
Jul 7 14:44:30 devbook kore[18191]: [parent]: worker 1 (pid: 18193) (hdlr: 0x242d9c0) gone
Jul 7 14:44:30 devbook kore[18191]: [parent]: hdlr serve_intro has caused 2 error(s)
2013-07-07 14:48:32 +02:00
Joris Vink
7df5339c8d
Properly fix bsd.c, sigh.
2013-07-06 21:05:17 +02:00
Joris Vink
c1723f2db5
Clean up header includes, based on a diff from Ewan Higgs via github.
...
And while we're messing in it, make sure bsd.c compiles again.
2013-07-06 20:55:22 +02:00
Joris Vink
886c3920db
sysconf() returns -1 on failure, cpu_count is an unsigned integer, failure would never have been caught.
...
from cremno via github
2013-07-05 22:17:56 +02:00
Joris Vink
87d8fd784b
do not attempt to log the user-agent if it's not available.
2013-07-05 22:03:05 +02:00
Joris Vink
51efd84b6e
also set has_lock to 0 when a worker starts.
2013-07-05 21:17:08 +02:00
Joris Vink
e1183e22a6
If the worker that owns the accept lock dies, make sure the next one in line can grab it. Otherwise kore comes to a halt (by not accepting new connections).
2013-07-05 20:19:50 +02:00
Joris Vink
eb43fd31e1
remove unused stuff
2013-07-05 16:02:03 +02:00
Joris Vink
69df62f0ea
when receiving SETTINGS verify that the number of settings received by
...
the client matches the length of the SPDY frame we received.
Otherwise bad clients could potentially cause us to misbehave.
2013-07-01 12:34:18 +02:00
Joris Vink
0c08b57d3e
- add idle timer for normal connections (ie: !SPDY), max 20 seconds.
...
- use idle timer to make sure we don't block SPDY connections indefinately
when our window size has reached 0.
2013-07-01 12:08:51 +02:00
Joris Vink
51a9e4db9d
Implement SPDY WINDOW_UPDATE and SETTINGS.
2013-07-01 11:30:18 +02:00
Joris Vink
6fa881e224
SSL_set_accept_state() when a new SSL * is created
2013-06-27 12:37:42 +02:00
Joris Vink
108a0cbc81
remove unneeded blocks of code
2013-06-27 12:37:27 +02:00
Joris Vink
3c6169a861
bring bsd into sync
2013-06-27 12:37:14 +02:00
Joris Vink
a1342c93d5
remove memid from meminfo
2013-06-27 12:27:17 +02:00
Joris Vink
f18a6388fd
fix kore_realloc() to actually behave properly
2013-06-27 09:20:48 +02:00
Joris Vink
4b2420097b
- Better spread load between all worker processes.
...
- Introduce own memory management system on top of malloc to keep track
of all our allocations and free's. Later we should introduce a pooling
mechanism for fixed size allocations (http_request comes to mind).
- Introduce ssl_cipher in configuration.
Memory usage is kind of high right now, but it seems its OpenSSL
doing it rather then Kore.
2013-06-27 08:46:18 +02:00
Joris Vink
b4a0330a96
- Better spread load between all worker processes.
...
- Introduce own memory management system on top of malloc to keep track
of all our allocations and free's. Later we should introduce a pooling
mechanism for fixed size allocations (http_request comes to mind).
- Introduce ssl_cipher in configuration.
Memory usage is kind of high right now, but it seems its OpenSSL
doing it rather then Kore.
2013-06-27 08:43:07 +02:00
Joris Vink
2fc5233358
Rework the way worker processes give each other the accept lock.
...
Instead of waiting until one worker is filled up on connections
the workers find the next lowest loaded worker and will hand
over the lock to them instead. This will cause a nicer spread of load.
Instead of running one accept per event loop, we attempt to accept
as many as worker_max_connections allows.
Refactor net sending/recv code a bit.
2013-06-27 00:22:48 +02:00
Joris Vink
124f3ecad9
no need to use kore_log() in a debug context
2013-06-26 15:59:42 +02:00
Joris Vink
bf1940225a
everybody loves to tout their own horn.. so introduce a server response header
2013-06-26 16:58:01 +02:00
Joris Vink
0dda6f996f
Add a form of synchronization between what worker will be accepting
...
new connections and which ones will not be notified for it.
Fixes the thundering herd problem, and nicely spreads out load between
all the workers equally. A configuration option (workers_max_connections)
is available to tweak how many connections a worker will have before
giving up the accept lock.
Two ways are added to this commit for access locking:
- Locking via semaphores.
- Locking via GCC's builtin atomic methods.
The default is running with semaphores disabled (OpenBSD cannot do
sem_init() with pshared set to 1, which is required).
If you want to use semaphores add KORE_USE_SEMAPHORES to CFLAGS,
and -lpthread to LDFLAGS in the Makefile.
Other fixes:
- BSD: add a timeout to kevent().
- Merge kore_worker_wait together, linux knows waitpid() as well.
- Send the correct SIGQUIT signal to workers instead of SIGINT.
- Fix kore_time_ms().
- Log fatal worker messages in syslog.
- Refactor code even more.
- Do not free our own kore_worker structure.
2013-06-26 16:37:22 +02:00
Joris Vink
315f964abd
correct typo
2013-06-26 11:20:25 +02:00
Joris Vink
3e5c17b8a3
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
Joris Vink
6026a6d4ee
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
Joris Vink
a1b400c400
Add access logging to Kore.
2013-06-24 09:36:40 +02:00
Joris Vink
4dff38ebb0
ignore sigpipe in workers
2013-06-19 22:41:00 +02:00
Joris Vink
c22eebb6d9
for non spdy clients, attempt to keep the connection open as long as possible (aka, send connection: keep-alive and do not close it till client does).
2013-06-22 20:14:10 +02:00
Joris Vink
8b832f0a37
fix off-by-one
2013-06-20 23:30:03 +02:00
Joris Vink
c49622e4ae
do not schedule kqueue events if we've reached the limit of changelist.
2013-06-20 23:29:26 +02:00
Joris Vink
25f1ab9865
Add BSD kqueue(2) support. Compile with make bsd (or make linux for linux)
2013-06-17 23:39:17 +02:00
Joris Vink
e170e916ce
Reload the module in the main process as well when SIGHUP is received.
...
Otherwise new worker processes will not receive the updated module.
2013-06-05 13:50:50 +02:00
Joris Vink
b4deea82b4
add kore_buf_appendb() which allows us to append a kore_buf to another one.
...
(releases the kore_buf that is being appended while at it).
2013-06-05 11:27:03 +02:00
Joris Vink
a74fffe40c
Introduce certfile and certkey in the configuration to specify where the certificate file and keys are located on a system.
...
Free unused vars in the main process after starting.
2013-06-05 09:47:08 +02:00
Joris Vink
32a2035ce9
move kore_server_sslstart() into main process, workers will inherit.
2013-06-05 09:32:53 +02:00
Joris Vink
338047a95b
use kore_log() to notify when a module is reloaded
2013-06-05 08:56:37 +02:00
Joris Vink
b9f47b0f86
configuration files are now passed using the -c option.
...
allow debug output when the -d flag is specified.
2013-06-05 08:55:07 +02:00
Joris Vink
ade34a26c1
move chroot() to workers instead, parent process doesn't require it plus it cannot unlink pidfile otherwise.
...
better logging in syslog
2013-06-05 08:45:51 +02:00
Joris Vink
90e1b3a7da
use syslog() for informative messages from all parts of kore.
2013-06-04 23:24:47 +02:00
Joris Vink
49b77d3b0e
better proctitles
2013-06-04 17:04:28 +02:00
Joris Vink
276d8c5a82
oops bring back chroot
2013-06-04 17:01:06 +02:00
Joris Vink
ca437a6cef
set process title
2013-06-04 16:58:13 +02:00
Joris Vink
9ef669ff6f
write main process pid to /var/run/kore.pid (changable in configuration)
2013-06-04 16:53:30 +02:00
Joris Vink
443b1c8c5f
format
2013-06-04 16:33:35 +02:00
Joris Vink
e7db5ee6b1
rename kore_log to kore_debug, and allow one to turn it off.
2013-06-04 16:30:53 +02:00
Joris Vink
11fca19923
be less spammy
2013-06-04 16:17:42 +02:00
Joris Vink
ab0dc25c61
use sched_setaffinity() to set what CPU each worker process should run on.
2013-06-04 13:54:16 +02:00
Joris Vink
8f8ab92521
upon quit time, workers will not accept new connections but will
...
handle all outstanding http requests.
2013-06-04 13:43:11 +02:00
Joris Vink
0de28488a6
move from multithreads to single threaded worker processes.
2013-06-04 11:55:38 +02:00
Joris Vink
b65cc93426
allow handlers to return KORE_RESULT_RETRY. This will tell the worker to reschedule the page request again at the end of its list. (Allows module creators to write truely nonblocking modules).
2013-05-31 00:40:06 +02:00
Joris Vink
7dfa7e6ec0
be carefull when we reload the module to not reload it when workers are inside the module callbacks.
...
do this by implementing a pthread rwlock, and locking it for reading when going into a callback and locking it for writing when we need to reload the mod.
2013-05-31 00:06:54 +02:00
Joris Vink
fecbd058cb
rework the worker thread so there's actually time to schedule more then one request at a time on them.
2013-05-31 14:24:00 +02:00
Joris Vink
e428886e16
decrement the worker load on HTTP_REQUEST_DELETE
2013-05-31 13:30:51 +02:00
Joris Vink
bb4001d119
ok that was wrong, disconnect http clients whne we're done sending or upon error, not immediately after queueing everything.
2013-05-30 21:57:14 +02:00
Joris Vink
ca1c884e43
attempt to clear out send buffer before we shutdown ssl connection.
...
remove superfleaous debug
2013-05-30 21:39:01 +02:00
Joris Vink
cf6a6550f0
allow onload to be given in the config file.
...
onload specifies what function in your module to call when the module has been loaded or reloaded.
2013-05-30 21:26:39 +02:00
Joris Vink
ec5ac40706
wake up the workers once in a while to process anything that is waiting.
2013-05-30 20:55:50 +02:00
Joris Vink
f9b3cfcee4
reschedule events if we cannot lock the connection at the time being.
2013-05-30 20:38:25 +02:00
Joris Vink
9ad263e287
do not remove disconnected connections until we actually are ready to disconnect them.
2013-05-30 20:07:06 +02:00
Joris Vink
9243f409cc
move to a worker based threading approach where we delegate http requests to workers in a round robin basis (later this should be swapped to find the laziest worker and assign the request to that instead).
2013-05-30 19:36:42 +02:00
Joris Vink
8478d8df54
add chroot and runas directives so we can chroot and drop privilegs properly
2013-05-04 22:18:27 +02:00
Joris Vink
3b30920a60
for now, until we properly handle a persistent HTTP connection for non spdy clients make sure we close the connection after handling the HTTP request.
2013-05-04 21:03:53 +02:00
Joris Vink
ce729010f7
- simplify header building using kore_buf_appendf() for normal HTTP requests.
...
- make sure we dont free nb->buf if its NULL. (semantics).
- remove some superfluffy debug.
- make sure we call [inflate|deflate]End when we dc a client that used zlib.
2013-05-04 20:44:16 +02:00
Joris Vink
45adae62f7
q->value should be set to NULL if a query parameter is present but no value was set for it.
...
introduce kore_buf_appendv() (much like readv()).
introduce kore_buf_appendf() (printf into buffers).
2013-05-04 19:09:07 +02:00
Joris Vink
61b937ac1b
remove unused vars
2013-05-04 16:38:40 +02:00