bbfbfc4c61
add ssl_no_compression option to allow one to disable OpenSSL compression.
2013-08-07 16:59:45 +02:00
04ee544982
Add support for ephemeral key exchange mechanisms, ssl_dhparam configuration option must be set (and point to a file containing a generated DH key).
2013-08-07 16:51:39 +02:00
db7ed69f2a
Add kore_buf_replace_string().
...
kore_buf_replace_string allows you to replace occurances of a certain
string with something else.
Example:
char *username = "Joris";
page = kore_buf_create(static_len_html_profile);
kore_buf_append(page, static_html_profile, static_len_html_profile);
kore_buf_replace_string(page, "%name%", username, strlen(username));
2013-08-07 14:56:14 +02:00
ef814a677d
Add http_argument_multiple_lookup() and http_argument_multiple_free().
...
Prototypes:
int http_argument_multiple_lookup(struct http_req *req,
struct http_arg *args);
void http_argument_multiple_free(struct http_arg *args);
These functions can be used to lookup arguments in a single call.
args points to an array of struct http_arg elements. Each of them
have the argument name set and its value set to NULL.
The array must have its last element name field set to NULL.
Upon return http_argument_multiple_lookup() gives the caller the
number of arguments that were successfully found. It makes their values
available under the value field in the struct http_arg array passed.
Example:
int v;
struct http_args args[4];
memset(args, 0, sizeof(args));
args[0].name = "email";
args[1].name = "password1";
args[2].name = "password2";
args[3].name = NULL;
v = http_argument_multiple_lookup(req, args);
if (v != 3) {
kore_debug("argument %s was not present", args[v].name);
} else {
for (v = 0; args[v].name != NULL; v++)
kore_debug("%s -> %s", args[v].name, args[v].value);
}
http_argument_multiple_free(args);
2013-08-07 14:41:16 +02:00
6dbcb30eb9
properly calculate if we need to expand the header block in spdy_header_block_add().
2013-08-06 15:58:21 +02:00
3eb3665600
Detect right amount of cpu's available under osx. From Vaibhav Bhembre via github.
2013-07-28 19:21:49 +02:00
659e19f92f
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
20f02ced23
remove meminuse and list of allocated memory blocks, we don't need it.
2013-07-25 23:41:00 +02:00
712461b081
kore_buf_appendb(): free d once we are done with it.
2013-07-22 23:42:40 +02:00
60ce2ce858
In kore_realloc() copy a minimum of old or new length bytes.
2013-07-22 22:44:42 +02:00
dca6e58189
remove commented out debug defines.
2013-07-18 22:13:59 +02:00
91b839f355
Add OSX support, buildable via "make osx".
...
Make sure you have OpenSSL 1.0.0d+ (available from Macports) installed.
Based on diff from Vaibhav Bhembre via github
2013-07-17 20:19:44 +02:00
2c1352b226
remove versioning numbers, i hate them.
2013-07-16 15:30:20 +02:00
341172f844
Do not 0 out everything we allocate, and instead fix the behaviour of the code in the appropriate places.
2013-07-16 09:56:36 +02:00
ae9fabb84f
No need to duplicate the received http buffer.
2013-07-16 09:33:46 +02:00
ced1279f88
Properly calculate worker offset, otherwise we'll eventually run into trouble.
2013-07-15 11:24:49 +02:00
1f938eb818
Only release accept lock when required.
2013-07-15 11:12:05 +02:00
29fa49ba83
Add fixed size memory pools and use them throughout Kore.
2013-07-15 11:06:36 +02:00
f54e7ace83
do not try to accept if accept has failed, but instead let kore continue
2013-07-13 22:24:00 +02:00
cebd1c2c2b
Reduce footprint of meminfo and shuffle some stuff around
2013-07-13 22:19:50 +02:00
51c8188f7a
remove cast for malloc + add missing stdlib.h
2013-07-13 21:47:04 +02:00
9c7aaf179f
Remove unneeded malloc result casting, annoying habbit of mine but serves no purpose.
2013-07-13 21:08:55 +02:00
94737a2a5f
If the idletimer expires for SPDY sessions use spdy_session_teardown()
...
to remove it gently.
2013-07-13 20:29:29 +02:00
c999bf5001
Kore can now disconnect SPDY session if they've been idle too long.
...
Configurable via spdy_idle_time in your configuration file.
Setting this to 0 will keep SPDY sessions open indefinately.
2013-07-13 20:19:01 +02:00
f59e94a7b6
Add spdy_session_teardown() which can properly teardown a SPDY session.
...
Use this throughout the spdy code to propagate session errors (if any) occur.
At the same time fix BSD's missing CONN_WRITE_BLOCK
2013-07-13 19:56:38 +02:00
0fee1247c9
TAILQ_REMOVE() the netbuf before adding it to the HEAD of recv_queue again.
2013-07-12 15:49:49 +02:00
2e3720abc9
free() -> kore_mem_free()
2013-07-12 10:49:37 +02:00
9eb32e668e
use correct base64 alphabet (URL and Filename Safe Alphabet)
2013-07-10 15:04:01 +02:00
bb09e8b2a9
add base64 encoder/decoder in prep for http/2.0 and websockets
2013-07-10 15:00:53 +02:00
bb2d4903f2
remove NETBUF_RETAIN, no longer needed
2013-07-10 13:39:35 +02:00
21a44589fc
If we already have all the POST data in the netbuf do not try and read more.
2013-07-10 13:34:42 +02:00
36d603ea67
When negotiating the protocol to be used using the NPN extension keep in mind that http/1.1 can be given there as well. (Googlebot does this, and thus couldn't access Kore sites).
...
On top of that be extra careful with how many bytes we memcmp() if we receive data from the NPN extension.
This fix makes googlebot and anybody negotiating http/1.1 over NPN properly.
2013-07-10 10:37:37 +02:00
94eee6a8d1
- Do not wrongly ignore WINDOW_UPDATE frames when a stream is still active.
...
- Only unblock a stream if it was actually blocked before.
2013-07-09 15:21:48 +02:00
b0c67df902
fix a typo
2013-07-09 13:27:39 +02:00
649e81afd7
use handler function name if available when logging a worker process that has died.
2013-07-07 14:56:50 +02:00
95bacb5690
Kore will now keep track of page handlers that cause workers to die.
...
This is useful to track down any issues you might have in your module.
A log entry with a page handler causing issues looks like:
Jul 7 14:44:30 devbook kore[18191]: [parent]: worker 1 (18193)-> status 11
Jul 7 14:44:30 devbook kore[18191]: [parent]: worker 1 (pid: 18193) (hdlr: 0x242d9c0) gone
Jul 7 14:44:30 devbook kore[18191]: [parent]: hdlr serve_intro has caused 2 error(s)
2013-07-07 14:48:32 +02:00
7df5339c8d
Properly fix bsd.c, sigh.
2013-07-06 21:05:17 +02:00
c1723f2db5
Clean up header includes, based on a diff from Ewan Higgs via github.
...
And while we're messing in it, make sure bsd.c compiles again.
2013-07-06 20:55:22 +02:00
886c3920db
sysconf() returns -1 on failure, cpu_count is an unsigned integer, failure would never have been caught.
...
from cremno via github
2013-07-05 22:17:56 +02:00
87d8fd784b
do not attempt to log the user-agent if it's not available.
2013-07-05 22:03:05 +02:00
51efd84b6e
also set has_lock to 0 when a worker starts.
2013-07-05 21:17:08 +02:00
e1183e22a6
If the worker that owns the accept lock dies, make sure the next one in line can grab it. Otherwise kore comes to a halt (by not accepting new connections).
2013-07-05 20:19:50 +02:00
eb43fd31e1
remove unused stuff
2013-07-05 16:02:03 +02:00
69df62f0ea
when receiving SETTINGS verify that the number of settings received by
...
the client matches the length of the SPDY frame we received.
Otherwise bad clients could potentially cause us to misbehave.
2013-07-01 12:34:18 +02:00
0c08b57d3e
- add idle timer for normal connections (ie: !SPDY), max 20 seconds.
...
- use idle timer to make sure we don't block SPDY connections indefinately
when our window size has reached 0.
2013-07-01 12:08:51 +02:00
51a9e4db9d
Implement SPDY WINDOW_UPDATE and SETTINGS.
2013-07-01 11:30:18 +02:00
6fa881e224
SSL_set_accept_state() when a new SSL * is created
2013-06-27 12:37:42 +02:00
108a0cbc81
remove unneeded blocks of code
2013-06-27 12:37:27 +02:00
3c6169a861
bring bsd into sync
2013-06-27 12:37:14 +02:00
a1342c93d5
remove memid from meminfo
2013-06-27 12:27:17 +02:00
f18a6388fd
fix kore_realloc() to actually behave properly
2013-06-27 09:20:48 +02:00
4b2420097b
- Better spread load between all worker processes.
...
- Introduce own memory management system on top of malloc to keep track
of all our allocations and free's. Later we should introduce a pooling
mechanism for fixed size allocations (http_request comes to mind).
- Introduce ssl_cipher in configuration.
Memory usage is kind of high right now, but it seems its OpenSSL
doing it rather then Kore.
2013-06-27 08:46:18 +02:00
b4a0330a96
- Better spread load between all worker processes.
...
- Introduce own memory management system on top of malloc to keep track
of all our allocations and free's. Later we should introduce a pooling
mechanism for fixed size allocations (http_request comes to mind).
- Introduce ssl_cipher in configuration.
Memory usage is kind of high right now, but it seems its OpenSSL
doing it rather then Kore.
2013-06-27 08:43:07 +02:00
2fc5233358
Rework the way worker processes give each other the accept lock.
...
Instead of waiting until one worker is filled up on connections
the workers find the next lowest loaded worker and will hand
over the lock to them instead. This will cause a nicer spread of load.
Instead of running one accept per event loop, we attempt to accept
as many as worker_max_connections allows.
Refactor net sending/recv code a bit.
2013-06-27 00:22:48 +02:00
124f3ecad9
no need to use kore_log() in a debug context
2013-06-26 15:59:42 +02:00
bf1940225a
everybody loves to tout their own horn.. so introduce a server response header
2013-06-26 16:58:01 +02:00
0dda6f996f
Add a form of synchronization between what worker will be accepting
...
new connections and which ones will not be notified for it.
Fixes the thundering herd problem, and nicely spreads out load between
all the workers equally. A configuration option (workers_max_connections)
is available to tweak how many connections a worker will have before
giving up the accept lock.
Two ways are added to this commit for access locking:
- Locking via semaphores.
- Locking via GCC's builtin atomic methods.
The default is running with semaphores disabled (OpenBSD cannot do
sem_init() with pshared set to 1, which is required).
If you want to use semaphores add KORE_USE_SEMAPHORES to CFLAGS,
and -lpthread to LDFLAGS in the Makefile.
Other fixes:
- BSD: add a timeout to kevent().
- Merge kore_worker_wait together, linux knows waitpid() as well.
- Send the correct SIGQUIT signal to workers instead of SIGINT.
- Fix kore_time_ms().
- Log fatal worker messages in syslog.
- Refactor code even more.
- Do not free our own kore_worker structure.
2013-06-26 16:37:22 +02:00
315f964abd
correct typo
2013-06-26 11:20:25 +02:00
3e5c17b8a3
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
6026a6d4ee
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
a1b400c400
Add access logging to Kore.
2013-06-24 09:36:40 +02:00
4dff38ebb0
ignore sigpipe in workers
2013-06-19 22:41:00 +02:00
c22eebb6d9
for non spdy clients, attempt to keep the connection open as long as possible (aka, send connection: keep-alive and do not close it till client does).
2013-06-22 20:14:10 +02:00
8b832f0a37
fix off-by-one
2013-06-20 23:30:03 +02:00
c49622e4ae
do not schedule kqueue events if we've reached the limit of changelist.
2013-06-20 23:29:26 +02:00
25f1ab9865
Add BSD kqueue(2) support. Compile with make bsd (or make linux for linux)
2013-06-17 23:39:17 +02:00
e170e916ce
Reload the module in the main process as well when SIGHUP is received.
...
Otherwise new worker processes will not receive the updated module.
2013-06-05 13:50:50 +02:00
b4deea82b4
add kore_buf_appendb() which allows us to append a kore_buf to another one.
...
(releases the kore_buf that is being appended while at it).
2013-06-05 11:27:03 +02:00
a74fffe40c
Introduce certfile and certkey in the configuration to specify where the certificate file and keys are located on a system.
...
Free unused vars in the main process after starting.
2013-06-05 09:47:08 +02:00
32a2035ce9
move kore_server_sslstart() into main process, workers will inherit.
2013-06-05 09:32:53 +02:00
338047a95b
use kore_log() to notify when a module is reloaded
2013-06-05 08:56:37 +02:00
b9f47b0f86
configuration files are now passed using the -c option.
...
allow debug output when the -d flag is specified.
2013-06-05 08:55:07 +02:00
ade34a26c1
move chroot() to workers instead, parent process doesn't require it plus it cannot unlink pidfile otherwise.
...
better logging in syslog
2013-06-05 08:45:51 +02:00
90e1b3a7da
use syslog() for informative messages from all parts of kore.
2013-06-04 23:24:47 +02:00
49b77d3b0e
better proctitles
2013-06-04 17:04:28 +02:00
276d8c5a82
oops bring back chroot
2013-06-04 17:01:06 +02:00
ca437a6cef
set process title
2013-06-04 16:58:13 +02:00
9ef669ff6f
write main process pid to /var/run/kore.pid (changable in configuration)
2013-06-04 16:53:30 +02:00
443b1c8c5f
format
2013-06-04 16:33:35 +02:00
e7db5ee6b1
rename kore_log to kore_debug, and allow one to turn it off.
2013-06-04 16:30:53 +02:00
11fca19923
be less spammy
2013-06-04 16:17:42 +02:00
ab0dc25c61
use sched_setaffinity() to set what CPU each worker process should run on.
2013-06-04 13:54:16 +02:00
8f8ab92521
upon quit time, workers will not accept new connections but will
...
handle all outstanding http requests.
2013-06-04 13:43:11 +02:00
0de28488a6
move from multithreads to single threaded worker processes.
2013-06-04 11:55:38 +02:00
b65cc93426
allow handlers to return KORE_RESULT_RETRY. This will tell the worker to reschedule the page request again at the end of its list. (Allows module creators to write truely nonblocking modules).
2013-05-31 00:40:06 +02:00
7dfa7e6ec0
be carefull when we reload the module to not reload it when workers are inside the module callbacks.
...
do this by implementing a pthread rwlock, and locking it for reading when going into a callback and locking it for writing when we need to reload the mod.
2013-05-31 00:06:54 +02:00
fecbd058cb
rework the worker thread so there's actually time to schedule more then one request at a time on them.
2013-05-31 14:24:00 +02:00
e428886e16
decrement the worker load on HTTP_REQUEST_DELETE
2013-05-31 13:30:51 +02:00
bb4001d119
ok that was wrong, disconnect http clients whne we're done sending or upon error, not immediately after queueing everything.
2013-05-30 21:57:14 +02:00
ca1c884e43
attempt to clear out send buffer before we shutdown ssl connection.
...
remove superfleaous debug
2013-05-30 21:39:01 +02:00
cf6a6550f0
allow onload to be given in the config file.
...
onload specifies what function in your module to call when the module has been loaded or reloaded.
2013-05-30 21:26:39 +02:00
ec5ac40706
wake up the workers once in a while to process anything that is waiting.
2013-05-30 20:55:50 +02:00
f9b3cfcee4
reschedule events if we cannot lock the connection at the time being.
2013-05-30 20:38:25 +02:00
9ad263e287
do not remove disconnected connections until we actually are ready to disconnect them.
2013-05-30 20:07:06 +02:00
9243f409cc
move to a worker based threading approach where we delegate http requests to workers in a round robin basis (later this should be swapped to find the laziest worker and assign the request to that instead).
2013-05-30 19:36:42 +02:00
8478d8df54
add chroot and runas directives so we can chroot and drop privilegs properly
2013-05-04 22:18:27 +02:00
3b30920a60
for now, until we properly handle a persistent HTTP connection for non spdy clients make sure we close the connection after handling the HTTP request.
2013-05-04 21:03:53 +02:00
ce729010f7
- simplify header building using kore_buf_appendf() for normal HTTP requests.
...
- make sure we dont free nb->buf if its NULL. (semantics).
- remove some superfluffy debug.
- make sure we call [inflate|deflate]End when we dc a client that used zlib.
2013-05-04 20:44:16 +02:00
45adae62f7
q->value should be set to NULL if a query parameter is present but no value was set for it.
...
introduce kore_buf_appendv() (much like readv()).
introduce kore_buf_appendf() (printf into buffers).
2013-05-04 19:09:07 +02:00
61b937ac1b
remove unused vars
2013-05-04 16:38:40 +02:00
Joris Vink