mirrors
/
kore
mirror of https://git.kore.io/kore.git
1
0
Fork 1
Code Issues Projects Releases Wiki Activity
kore/src/kore.c

1026 lines
20 KiB
C
Raw Normal View History

first commit
2013-04-17 22:34:27 +02:00
/*
i forgot, it's 2022.
2022-01-31 22:02:06 +01:00
* Copyright (c) 2013-2022 Joris Vink <joris@coders.se>
first commit
2013-04-17 22:34:27 +02:00
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
Stop client initiated TLS renegotiations completely.
2015-05-20 16:36:13 +02:00
#include <sys/types.h>
Massive rework of HTTP layer. This commit is a flag day, your old modules will almost certainly need to be updated in order to build properly with these changes. Summary of changes: - Offload HTTP bodies to disk if they are large (inspired by #100). (disabled by default) - The http_argument_get* macros now takes an explicit http_request parameter. - Kore will now throw 404 errors almost immediately after an HTTP request has come in instead of waiting until all data has arrived. API changes: - http_argument_get* macros now require an explicit http_request parameter. (no more magic invokations). - http_generic_404() is gone - http_populate_arguments() is gone - http_body_bytes() is gone - http_body_text() is gone - http_body_read() has been added - http_populate_post() has been added - http_populate_get() has been added - http_file_read() has been added - http_file_rewind() has been added - http_file_lookup() no longer takes name, fname, data and len parameters. - http_file_lookup() now returns a struct http_file pointer. - http_populate_multipart_form() no longer takes an secondary parameter. New configuration options: - http_body_disk_offload: Number of bytes after which Kore will offload the HTTP body to disk instead of retaining it in memory. If 0 this feature is disabled. (Default: 0) - http_body_disk_path: The path where Kore will store temporary HTTP body files. (this directory does not get created if http_body_disk_offload is 0). New example: The upload example has been added, demonstrating how to deal with file uploads from a multipart form.
2016-01-18 11:30:22 +01:00
#include <sys/stat.h>
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
#include <sys/un.h>
Massive rework of HTTP layer. This commit is a flag day, your old modules will almost certainly need to be updated in order to build properly with these changes. Summary of changes: - Offload HTTP bodies to disk if they are large (inspired by #100). (disabled by default) - The http_argument_get* macros now takes an explicit http_request parameter. - Kore will now throw 404 errors almost immediately after an HTTP request has come in instead of waiting until all data has arrived. API changes: - http_argument_get* macros now require an explicit http_request parameter. (no more magic invokations). - http_generic_404() is gone - http_populate_arguments() is gone - http_body_bytes() is gone - http_body_text() is gone - http_body_read() has been added - http_populate_post() has been added - http_populate_get() has been added - http_file_read() has been added - http_file_rewind() has been added - http_file_lookup() no longer takes name, fname, data and len parameters. - http_file_lookup() now returns a struct http_file pointer. - http_populate_multipart_form() no longer takes an secondary parameter. New configuration options: - http_body_disk_offload: Number of bytes after which Kore will offload the HTTP body to disk instead of retaining it in memory. If 0 this feature is disabled. (Default: 0) - http_body_disk_path: The path where Kore will store temporary HTTP body files. (this directory does not get created if http_body_disk_offload is 0). New example: The upload example has been added, demonstrating how to deal with file uploads from a multipart form.
2016-01-18 11:30:22 +01:00
first commit
2013-04-17 22:34:27 +02:00
#include <sys/socket.h>
Stop client initiated TLS renegotiations completely.
2015-05-20 16:36:13 +02:00
#include <sys/resource.h>
first commit
2013-04-17 22:34:27 +02:00
add kore_proctitle(). manipulates the argv+environ pointers to get a sensible process title under linux / darwin.
2019-03-29 16:24:14 +01:00
#include <libgen.h>
Add asynchronous subprocess support. This adds kore.proc to the python runtime allowing async processing handling: The kore.proc method takes the command to run and an optional timeout parameter in milliseconds. If the process did not exit normally after that amount of time a TimeoutError exception is raised. For instance: async def run(cmd): proc = kore.proc(cmd, 1000) try: await proc.send("hello") proc.close_stdin() except TimeoutError: proc.kill() retcode = await proc.reap() return retcode
2018-10-26 19:19:47 +02:00
#include <fcntl.h>
Add missing C library headers
2016-01-22 12:08:13 +01:00
#include <stdio.h>
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
#include <netdb.h>
allow sending SIGHUP to kore, which will then reload its content module
2013-05-03 00:04:06 +02:00
#include <signal.h>
first commit
2013-04-17 22:34:27 +02:00
#include "kore.h"
Move Kore hook functions to kore/hooks.h.
2021-01-11 23:58:26 +01:00
#include "hooks.h"
first commit
2013-04-17 22:34:27 +02:00
Massive rework of HTTP layer. This commit is a flag day, your old modules will almost certainly need to be updated in order to build properly with these changes. Summary of changes: - Offload HTTP bodies to disk if they are large (inspired by #100). (disabled by default) - The http_argument_get* macros now takes an explicit http_request parameter. - Kore will now throw 404 errors almost immediately after an HTTP request has come in instead of waiting until all data has arrived. API changes: - http_argument_get* macros now require an explicit http_request parameter. (no more magic invokations). - http_generic_404() is gone - http_populate_arguments() is gone - http_body_bytes() is gone - http_body_text() is gone - http_body_read() has been added - http_populate_post() has been added - http_populate_get() has been added - http_file_read() has been added - http_file_rewind() has been added - http_file_lookup() no longer takes name, fname, data and len parameters. - http_file_lookup() now returns a struct http_file pointer. - http_populate_multipart_form() no longer takes an secondary parameter. New configuration options: - http_body_disk_offload: Number of bytes after which Kore will offload the HTTP body to disk instead of retaining it in memory. If 0 this feature is disabled. (Default: 0) - http_body_disk_path: The path where Kore will store temporary HTTP body files. (this directory does not get created if http_body_disk_offload is 0). New example: The upload example has been added, demonstrating how to deal with file uploads from a multipart form.
2016-01-18 11:30:22 +01:00
#if !defined(KORE_NO_HTTP)
#include "http.h"
#endif
Add asynchronous libcurl support. This commit adds the CURL=1 build option. When enabled allows you to schedule CURL easy handles onto the Kore event loop. It also adds an easy to use HTTP client API that abstracts away the settings required from libcurl to make HTTP requests. Tied together with HTTP request state machines this means you can write fully asynchronous HTTP client requests in an easy way. Additionally this exposes that API to the Python code as well allowing you do to things like: client = kore.httpclient("https://kore.io") status, body = await client.get() Introduces 2 configuration options: - curl_recv_max Max incoming bytes for a response. - curl_timeout Timeout in seconds before a transfer is cancelled. This API also allows you to take the CURL easy handle and send emails with it, run FTP, etc. All asynchronously.
2019-04-24 00:10:47 +02:00
#if defined(KORE_USE_CURL)
#include "curl.h"
#endif
python pgsql changes. - decouple pgsql from the HTTP request allowing it to be used in other contexts as well (such as a task, etc). - change names to dbsetup() and dbquery(). eg: result = kore.dbquery("db", "select foo from bar")
2019-09-04 19:57:28 +02:00
#if defined(KORE_USE_PGSQL)
#include "pgsql.h"
#endif
Add initial python support. Based on work done by Stanislav Yudin.
2017-01-12 23:38:51 +01:00
#if defined(KORE_USE_PYTHON)
#include "python_api.h"
#endif
Initial lua runtime. Works enough so one can do basic configuration and handle HTTP.
2023-01-21 23:41:35 +01:00
#if defined(KORE_USE_LUA)
#include "lua_api.h"
#endif
Add acmev2 (RFC8555) support to Kore. A new acme process is created that communicates with the acme servers. This process does not hold any of your private keys (no account keys, no domain keys etc). Whenever the acme process requires a signed payload it will ask the keymgr process to do the signing with the relevant keys. This process is also sandboxed with pledge+unveil on OpenBSD and seccomp syscall filtering on Linux. The implementation only supports the tls-alpn-01 challenge. This means that you do not need to open additional ports on your machine. http-01 and dns-01 are currently not supported (no wildcard support). A new configuration option "acme_provider" is available and can be set to the acme server its directory. By default this will point to the live letsencrypt environment: https://acme-v02.api.letsencrypt.org/directory The acme process can be controlled via the following config options: - acme_root (where the acme process will chroot/chdir into). - acme_runas (the user the acme process will run as). If none are set, the values from 'root' and 'runas' are taken. If you want to turn on acme for domains you do it as follows: domain kore.io { acme yes } You do not need to specify certkey/certfile anymore, if they are present still they will be overwritten by the acme system. The keymgr will store all certificates and keys under its root (keymgr_root), the account key is stored as "/account-key.pem" and all obtained certificates go under "certificates/<domain>/fullchain.pem" while keys go under "certificates/<domain>/key.pem". Kore will automatically renew certificates if they will expire in 7 days or less.
2019-11-06 19:33:53 +01:00
#if defined(KORE_USE_ACME)
#include "acme.h"
#endif
minor style
2018-04-13 16:05:59 +02:00
volatile sig_atomic_t sig_recv;
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
struct kore_server_list kore_servers;
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
u_int8_t nlisteners;
add kore_proctitle(). manipulates the argv+environ pointers to get a sensible process title under linux / darwin.
2019-03-29 16:24:14 +01:00
int kore_argc = 0;
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
pid_t kore_pid = -1;
Add BSD kqueue(2) support. Compile with make bsd (or make linux for linux)
2013-06-17 23:39:17 +02:00
u_int16_t cpu_count = 1;
Add -q flag. If specified Kore will run quietly and only log important messages.
2018-11-15 16:01:37 +01:00
int kore_quiet = 0;
Make runas behave similarly to chroot. Add new command line knob '-r', that disables runas similar to '-n', it's implied as well for kore command runs. Add default runas (nobody) user and chroot (/var/empty) path, if none are specified, fallback to these.
2015-05-18 21:34:39 +02:00
int skip_runas = 0;
Allow on-the-fly reloading of certificates/keys. This commit introduces the ability for the keymgr process to reload the certificates/keys for domains when receiving a SIGUSR1 signal. The keymgr receives 2 new configuration options: - keymgr_root_path The root path where the keymgr will live. If -n is not specified when the application starts the keymgr process will chroot into here. - keymgr_runas_user The user the keymgr will drop privileges towards if -r was not specified. All certfile and certkey configuration options are now relative to the keymgr_root_path configuration setting. The keymgr process will now also load the certificate for the domain (rather then the workers) and submit these to the worker processes so they can be reloaded when required. Worker processes will refuse connections until the TLS configuration for a given domain is completed (aka: the workers receive the certificate for that domain). Other changes: - client_certificates renamed to client_verify. - the chroot configuration option is now called root. - kore is a little more verbose if privsep options are missing. - filemaps are now relative to the root configuration option.
2018-07-11 09:44:29 +02:00
int skip_chroot = 0;
u_int8_t worker_count = 0;
add kore_proctitle(). manipulates the argv+environ pointers to get a sensible process title under linux / darwin.
2019-03-29 16:24:14 +01:00
char **kore_argv = NULL;
Add memory protection with KORE_MEM_GUARD. When KORE_MEM_GUARD is set in the environment when Kore is started it will enable a few memory protection techniques for all kore pools: 1) The metadata is placed away from the actual user pointer returned. 2) Each entry in a pool is placed in such a way that it is followed immediately by a guard page which has PROT_NONE. Accessing a guard page will cause an immediate crash. 3) Each entry is marked with PROT_NONE until it is allocated. Once it is returned to a pool it becomes PROT_NONE again, protecting against use after frees. This commit also removes the magic goo from the mem facitilies such as kore_malloc and friends and moves these as canaries into the kore pool facilities instead. Note that using this will increase memory pressure and decrease performance. It is recommended to enable this during development to catch bugs.
2023-01-05 22:47:29 +01:00
int kore_mem_guard = 0;
Rework runtime init a little bit. It was hardcoded that if KORE_USE_PYTHON was defined we would look at the passed argument on the command-line as the python script or module to be run. This won't work when adding more runtimes. So instead call a kore_runtime_resolve() function that in turn calls each available runtime its resolve function. That resolve function will check if its a script / module that it can load, and if so will load it. This way we can remove all those KORE_USE_PYTHON blocks in the Kore startup path and we pave the way for lua.
2023-01-16 21:00:01 +01:00
int kore_foreground = 1;
add kore_proctitle(). manipulates the argv+environ pointers to get a sensible process title under linux / darwin.
2019-03-29 16:24:14 +01:00
char *kore_progname = NULL;
Improve very heavy load handling. Introduces two new configuration knobs: * socket_backlog (backlog for listen(2)) * http_request_limit The second one is the most interesting one. Before, kore would iterate over all received HTTP requests in its queue before returning out of http_process(). Under heavy load this queue can cause Kore to spend a considerable amount of time iterating over said queue. With the http_request_limit, kore will process at MOST http_request_limit requests before returning back to the event loop. This means responses to processed requests are sent out much quicker and allows kore to handle any other incoming requests more gracefully.
2015-04-09 15:29:44 +02:00
u_int32_t kore_socket_backlog = 5000;
Differentiate between normal shutdown and fatal. The parent process never differentiated between a worker process asking for a shutdown or a worker process calling fatalx() when it came to its exit code. I made some changes here so the parent process will exit with an exit code 1 if anything worker related went wrong (fatalx/death policy).
2022-08-08 11:02:27 +02:00
int kore_quit = KORE_QUIT_NONE;
write main process pid to /var/run/kore.pid (changable in configuration)
2013-06-04 16:53:30 +02:00
char *kore_pidfile = KORE_PIDFILE_DEFAULT;
first commit
2013-04-17 22:34:27 +02:00
Rework worker startup/privsep config. Starting with the privsep config, this commit changes the following: - Removes the root, runas, keymgr_root, keymgr_runas, acme_root and acme_runas configuration options. Instead these are now configured via a privsep configuration context: privsep worker { root /tmp runas nobody } This is also configurable via Python using the new kore.privsep() method: kore.privsep("worker", root="/tmp", runas="nobody", skip=["chroot"]) Tied into this we also better handle worker startup: - Per worker process, wait until it signalled it is ready. - If a worker fails at startup, display its last log lines more clearly. - Don't start acme process if no domain requires acme. - Remove each process its individual startup log message in favour of a generalized one that displays its PID, root and user. - At startup, log the kore version and built-ins in a nicer way. - The worker processes now check things they need to start running before signaling they are ready (such as access to CA certs for TLS client authentication).
2021-09-07 21:59:22 +02:00
struct kore_privsep worker_privsep;
add kore_proctitle(). manipulates the argv+environ pointers to get a sensible process title under linux / darwin.
2019-03-29 16:24:14 +01:00
extern char **environ;
Allow "kore build" to produce single binaries. Producing single binaries can now be done with building with "kore build". To get started edit your build.conf and add the following directives: single_binary = yes kore_source = /path/to/kore optionally you can add kore_flavor to instruct how kore should be built: kore_flavor = NOTLS=1 When doing this your build.conf must also include the correct linking options as the linking is now done fully by kore build. The binary produced will include your configuration and takes over a few of kore its command line flags (such as -f, -n or -r).
2016-07-06 16:16:15 +02:00
extern char *__progname;
make native proctitle better. count how much space is available for a mangled process title only once, and use that as reference later.
2019-04-29 21:08:58 +02:00
static size_t proctitle_maxlen = 0;
Allow "kore build" to produce single binaries. Producing single binaries can now be done with building with "kore build". To get started edit your build.conf and add the following directives: single_binary = yes kore_source = /path/to/kore optionally you can add kore_flavor to instruct how kore should be built: kore_flavor = NOTLS=1 When doing this your build.conf must also include the correct linking options as the linking is now done fully by kore build. The binary produced will include your configuration and takes over a few of kore its command line flags (such as -f, -n or -r).
2016-07-06 16:16:15 +02:00
configuration files are now passed using the -c option. allow debug output when the -d flag is specified.
2013-06-05 08:55:07 +02:00
static void usage(void);
Add -v to dump out version and compiled in features
2014-07-04 09:25:18 +02:00
static void version(void);
Remove getopt() for KORE_SINGLE_BINARY. If KORE_SINGLE_BINARY is enabled, remove the getopt() call that Kore does itself. This way all arguments are passed to the kore_parent_configure() hook as-is allowing developers to more easily implement their own option handling.
2020-09-08 22:38:06 +02:00
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
static void kore_write_kore_pid(void);
make native proctitle better. count how much space is available for a mangled process title only once, and use that as reference later.
2019-04-29 21:08:58 +02:00
static void kore_proctitle_setup(void);
Improve how the parent handles workers. - Make sure we drain the worker log channel if it dies so we can flush out any lingering log messages. - Get rid of the raise() in the parent to signal ourselves we should terminate. Instead depend on the new kore_quit. - Always attempt to reap children one way or the other.
2021-11-03 17:23:05 +01:00
static void kore_server_shutdown(void);
Add kore_parent_daemonized(). This is called for single binaries after the parent process has called daemon(). Also fix kore_parent_configure() for !single binaries.
2018-10-18 17:18:41 +02:00
static void kore_server_start(int, char *[]);
make sure we can still run normal apps even with PYTHON=1
2019-09-26 20:38:02 +02:00
static void kore_call_parent_configure(int, char **);
first commit
2013-04-17 22:34:27 +02:00
Rework runtime init a little bit. It was hardcoded that if KORE_USE_PYTHON was defined we would look at the passed argument on the command-line as the python script or module to be run. This won't work when adding more runtimes. So instead call a kore_runtime_resolve() function that in turn calls each available runtime its resolve function. That resolve function will check if its a script / module that it can load, and if so will load it. This way we can remove all those KORE_USE_PYTHON blocks in the Kore startup path and we pave the way for lua.
2023-01-16 21:00:01 +01:00
#if !defined(KORE_SINGLE_BINARY)
static const char *rarg0 = NULL;
#endif
make sure we can still run normal apps even with PYTHON=1
2019-09-26 20:38:02 +02:00
static const char *parent_config_hook = KORE_CONFIG_HOOK;
static const char *parent_teardown_hook = KORE_TEARDOWN_HOOK;
Rework runtime init a little bit. It was hardcoded that if KORE_USE_PYTHON was defined we would look at the passed argument on the command-line as the python script or module to be run. This won't work when adding more runtimes. So instead call a kore_runtime_resolve() function that in turn calls each available runtime its resolve function. That resolve function will check if its a script / module that it can load, and if so will load it. This way we can remove all those KORE_USE_PYTHON blocks in the Kore startup path and we pave the way for lua.
2023-01-16 21:00:01 +01:00
make sure we can still run normal apps even with PYTHON=1
2019-09-26 20:38:02 +02:00
#if defined(KORE_SINGLE_BINARY)
static const char *parent_daemonized_hook = KORE_DAEMONIZED_HOOK;
Many many Python improvements. - Kore can now fully be configured via Python code if one wants nothing to do with configuration files. - Kore can now start single python files and no longer requires them to be inside a module directory. - Pass all regex capture groups to the handler methods, allowing you to get access to them immediately. - Change python websocket_handshake to take callable objects directly. - Added a new deployment configuration option. If set to "dev" or "development" Kore will automatically foreground, no chroot / etc. If set to "production" Kore *will* chroot, drop privs, etc. - Many more.. These are all backported from a project that I was working on a while ago. I decided these should go back into mainline Kore.
2019-09-26 15:49:00 +02:00
#endif
configuration files are now passed using the -c option. allow debug output when the -d flag is specified.
2013-06-05 08:55:07 +02:00
static void
usage(void)
{
Initial lua runtime. Works enough so one can do basic configuration and handle HTTP.
2023-01-21 23:41:35 +01:00
if (kore_runtime_count() > 0) {
printf("Usage: %s [options] [app | script]\n", __progname);
} else {
printf("Usage: %s [options]\n", __progname);
}
update -h output a bit.
2018-04-02 18:20:57 +02:00
fix usage for python builds. while here, force a module or script as a cli argument and fix kodev run to pass the config if inside of a module.
2019-09-26 16:41:52 +02:00
printf("\n");
Add memory protection with KORE_MEM_GUARD. When KORE_MEM_GUARD is set in the environment when Kore is started it will enable a few memory protection techniques for all kore pools: 1) The metadata is placed away from the actual user pointer returned. 2) Each entry in a pool is placed in such a way that it is followed immediately by a guard page which has PROT_NONE. Accessing a guard page will cause an immediate crash. 3) Each entry is marked with PROT_NONE until it is allocated. Once it is returned to a pool it becomes PROT_NONE again, protecting against use after frees. This commit also removes the magic goo from the mem facitilies such as kore_malloc and friends and moves these as canaries into the kore pool facilities instead. Note that using this will increase memory pressure and decrease performance. It is recommended to enable this during development to catch bugs.
2023-01-05 22:47:29 +01:00
printf("Command-line options:\n");
Add kore_default_getopt(). This handles the default option parsing in Kore and should be called by single_binary=yes builds in kore_parent_configure() unless they want to handle their own argument parsing.
2020-10-08 13:51:50 +02:00
#if !defined(KORE_SINGLE_BINARY)
Add memory protection with KORE_MEM_GUARD. When KORE_MEM_GUARD is set in the environment when Kore is started it will enable a few memory protection techniques for all kore pools: 1) The metadata is placed away from the actual user pointer returned. 2) Each entry in a pool is placed in such a way that it is followed immediately by a guard page which has PROT_NONE. Accessing a guard page will cause an immediate crash. 3) Each entry is marked with PROT_NONE until it is allocated. Once it is returned to a pool it becomes PROT_NONE again, protecting against use after frees. This commit also removes the magic goo from the mem facitilies such as kore_malloc and friends and moves these as canaries into the kore pool facilities instead. Note that using this will increase memory pressure and decrease performance. It is recommended to enable this during development to catch bugs.
2023-01-05 22:47:29 +01:00
printf("\t-c\tThe configuration file to load when starting.\n");
Add kore_default_getopt(). This handles the default option parsing in Kore and should be called by single_binary=yes builds in kore_parent_configure() unless they want to handle their own argument parsing.
2020-10-08 13:51:50 +02:00
#endif
Add memory protection with KORE_MEM_GUARD. When KORE_MEM_GUARD is set in the environment when Kore is started it will enable a few memory protection techniques for all kore pools: 1) The metadata is placed away from the actual user pointer returned. 2) Each entry in a pool is placed in such a way that it is followed immediately by a guard page which has PROT_NONE. Accessing a guard page will cause an immediate crash. 3) Each entry is marked with PROT_NONE until it is allocated. Once it is returned to a pool it becomes PROT_NONE again, protecting against use after frees. This commit also removes the magic goo from the mem facitilies such as kore_malloc and friends and moves these as canaries into the kore pool facilities instead. Note that using this will increase memory pressure and decrease performance. It is recommended to enable this during development to catch bugs.
2023-01-05 22:47:29 +01:00
printf("\t-f\tDo not daemonize, everything runs in the foreground.\n");
printf("\t-h\tThis help text.\n");
printf("\t-n\tDo not do the chroot privsep step.\n");
printf("\t-q\tQuiet mode, only logs errors.\n");
printf("\t-r\tDo not do the privsep user swapping step.\n");
printf("\t-v\tDisplay %s build information.\n", __progname);
Move orbit functionality into kore directly. Makes more sense and reads easier: kore create myapp kore build myapp kore run myapp Note that kore retains its cli options (if no command was given), meaning you can still start kore in the traditional way as well. The command options are simply to make development easier.
2014-08-01 13:59:47 +02:00
Add memory protection with KORE_MEM_GUARD. When KORE_MEM_GUARD is set in the environment when Kore is started it will enable a few memory protection techniques for all kore pools: 1) The metadata is placed away from the actual user pointer returned. 2) Each entry in a pool is placed in such a way that it is followed immediately by a guard page which has PROT_NONE. Accessing a guard page will cause an immediate crash. 3) Each entry is marked with PROT_NONE until it is allocated. Once it is returned to a pool it becomes PROT_NONE again, protecting against use after frees. This commit also removes the magic goo from the mem facitilies such as kore_malloc and friends and moves these as canaries into the kore pool facilities instead. Note that using this will increase memory pressure and decrease performance. It is recommended to enable this during development to catch bugs.
2023-01-05 22:47:29 +01:00
printf("\n");
printf("Environment options:\n");
printf(" env KORE_MEM_GUARD=1\n");
printf(" Enables memory pool guards and other protections.\n");
printf("\n");
printf(" Enabling this will include guard pages for each\n");
printf(" pool entry allocations and mark pool entries as\n");
printf(" PROT_NONE when unused.\n");
printf("\n");
printf(" This catches bugs and prevents memory vulnerabilities\n");
printf(" but with performance and memory pressure costs.\n");
printf("\n");
update -h output a bit.
2018-04-02 18:20:57 +02:00
Allow "kore build" to produce single binaries. Producing single binaries can now be done with building with "kore build". To get started edit your build.conf and add the following directives: single_binary = yes kore_source = /path/to/kore optionally you can add kore_flavor to instruct how kore should be built: kore_flavor = NOTLS=1 When doing this your build.conf must also include the correct linking options as the linking is now done fully by kore build. The binary produced will include your configuration and takes over a few of kore its command line flags (such as -f, -n or -r).
2016-07-06 16:16:15 +02:00
exit(1);
configuration files are now passed using the -c option. allow debug output when the -d flag is specified.
2013-06-05 08:55:07 +02:00
}
Add -v to dump out version and compiled in features
2014-07-04 09:25:18 +02:00
static void
version(void)
{
Alter where the version number comes from. Now if we are a git repo we fetch the branch name and commitid to build the version string. If there is no git repo we'll look at the RELEASE file.
2018-06-19 19:05:55 +02:00
printf("%s ", kore_version);
Introduce NOHTTP=1 build option. This basically turns off the HTTP layer for Kore. It does not compile in anything for HTTP. This allows Kore to be used as a network application platform as well. Added an example for this called nohttp. Other changes that sneaked in while hacking on this: * Use calloc(), kill pendantic malloc option. * Killed off SPDY/3.1 support completely, will be superseded by http2 Note that comes with massive changes to a lot of the core API functions provided by Kore, these might break your application.
2015-11-27 16:22:50 +01:00
#if defined(KORE_NO_HTTP)
printf("no-http ");
#endif
Add asynchronous libcurl support. This commit adds the CURL=1 build option. When enabled allows you to schedule CURL easy handles onto the Kore event loop. It also adds an easy to use HTTP client API that abstracts away the settings required from libcurl to make HTTP requests. Tied together with HTTP request state machines this means you can write fully asynchronous HTTP client requests in an easy way. Additionally this exposes that API to the Python code as well allowing you do to things like: client = kore.httpclient("https://kore.io") status, body = await client.get() Introduces 2 configuration options: - curl_recv_max Max incoming bytes for a response. - curl_timeout Timeout in seconds before a transfer is cancelled. This API also allows you to take the CURL easy handle and send emails with it, run FTP, etc. All asynchronously.
2019-04-24 00:10:47 +02:00
#if defined(KORE_USE_CURL)
Stop a python coro from getting stuck with httpclient. In cases where a request is immediately completed in libcurl its multi handle and no additional i/o is happening a coro can get stuck waiting to be run. Prevent this by lowering netwait from KORE_WAIT_INFINITE if there are pending python coroutines.
2019-10-22 17:06:32 +02:00
printf("curl-%s ", LIBCURL_VERSION);
Add asynchronous libcurl support. This commit adds the CURL=1 build option. When enabled allows you to schedule CURL easy handles onto the Kore event loop. It also adds an easy to use HTTP client API that abstracts away the settings required from libcurl to make HTTP requests. Tied together with HTTP request state machines this means you can write fully asynchronous HTTP client requests in an easy way. Additionally this exposes that API to the Python code as well allowing you do to things like: client = kore.httpclient("https://kore.io") status, body = await client.get() Introduces 2 configuration options: - curl_recv_max Max incoming bytes for a response. - curl_timeout Timeout in seconds before a transfer is cancelled. This API also allows you to take the CURL easy handle and send emails with it, run FTP, etc. All asynchronously.
2019-04-24 00:10:47 +02:00
#endif
Add -v to dump out version and compiled in features
2014-07-04 09:25:18 +02:00
#if defined(KORE_USE_PGSQL)
printf("pgsql ");
#endif
#if defined(KORE_USE_TASKS)
printf("tasks ");
Introduce NOHTTP=1 build option. This basically turns off the HTTP layer for Kore. It does not compile in anything for HTTP. This allows Kore to be used as a network application platform as well. Added an example for this called nohttp. Other changes that sneaked in while hacking on this: * Use calloc(), kill pendantic malloc option. * Killed off SPDY/3.1 support completely, will be superseded by http2 Note that comes with massive changes to a lot of the core API functions provided by Kore, these might break your application.
2015-11-27 16:22:50 +01:00
#endif
add python flavor string to -v
2017-01-25 22:21:30 +01:00
#if defined(KORE_USE_PYTHON)
Allow building with python3.8
2019-10-15 10:16:53 +02:00
printf("python-%s ", PY_VERSION);
Allow acme config via python api
2019-11-13 23:01:24 +01:00
#endif
Initial lua runtime. Works enough so one can do basic configuration and handle HTTP.
2023-01-21 23:41:35 +01:00
#if defined(KORE_USE_LUA)
printf("lua-%s.%s.%s ",
LUA_VERSION_MAJOR, LUA_VERSION_MINOR, LUA_VERSION_RELEASE);
#endif
Allow acme config via python api
2019-11-13 23:01:24 +01:00
#if defined(KORE_USE_ACME)
printf("acme ");
Add memory protection with KORE_MEM_GUARD. When KORE_MEM_GUARD is set in the environment when Kore is started it will enable a few memory protection techniques for all kore pools: 1) The metadata is placed away from the actual user pointer returned. 2) Each entry in a pool is placed in such a way that it is followed immediately by a guard page which has PROT_NONE. Accessing a guard page will cause an immediate crash. 3) Each entry is marked with PROT_NONE until it is allocated. Once it is returned to a pool it becomes PROT_NONE again, protecting against use after frees. This commit also removes the magic goo from the mem facitilies such as kore_malloc and friends and moves these as canaries into the kore pool facilities instead. Note that using this will increase memory pressure and decrease performance. It is recommended to enable this during development to catch bugs.
2023-01-05 22:47:29 +01:00
#endif
#if defined(KORE_DEBUG)
printf("debug ");
add python flavor string to -v
2017-01-25 22:21:30 +01:00
#endif
Initial work splitting OpenSSL code away. This work moves all TLS / crypto related code into a tls_openssl.c file and adds a tls_none.c which contains just stubs. Allows compilation of Kore with TLS_BACKEND=none to remove building against OpenSSL. Also adds code for SHA1/SHA2 taken from openssh-portable so we don't depend on those being present anymore in libcrypto.
2022-02-17 13:45:28 +01:00
if (!kore_tls_supported())
printf("notls ");
Add memory protection with KORE_MEM_GUARD. When KORE_MEM_GUARD is set in the environment when Kore is started it will enable a few memory protection techniques for all kore pools: 1) The metadata is placed away from the actual user pointer returned. 2) Each entry in a pool is placed in such a way that it is followed immediately by a guard page which has PROT_NONE. Accessing a guard page will cause an immediate crash. 3) Each entry is marked with PROT_NONE until it is allocated. Once it is returned to a pool it becomes PROT_NONE again, protecting against use after frees. This commit also removes the magic goo from the mem facitilies such as kore_malloc and friends and moves these as canaries into the kore pool facilities instead. Note that using this will increase memory pressure and decrease performance. It is recommended to enable this during development to catch bugs.
2023-01-05 22:47:29 +01:00
Add -v to dump out version and compiled in features
2014-07-04 09:25:18 +02:00
printf("\n");
exit(0);
}
first commit
2013-04-17 22:34:27 +02:00
int
main(int argc, char *argv[])
{
Rework runtime init a little bit. It was hardcoded that if KORE_USE_PYTHON was defined we would look at the passed argument on the command-line as the python script or module to be run. This won't work when adding more runtimes. So instead call a kore_runtime_resolve() function that in turn calls each available runtime its resolve function. That resolve function will check if its a script / module that it can load, and if so will load it. This way we can remove all those KORE_USE_PYTHON blocks in the Kore startup path and we pave the way for lua.
2023-01-16 21:00:01 +01:00
#if !defined(KORE_SINGLE_BINARY)
Improve python experience. - If Kore is built with PYTHON=1 you can now specify the module that should be loaded on the command-line. eg: $ kore -frn myapp - Add skeleton generation for python applications to kodev. eg: $ kodev create -p myapp This should make it a whole lot easier to get started with kore python.
2019-06-12 23:35:43 +02:00
struct stat st;
#endif
Rework runtime init a little bit. It was hardcoded that if KORE_USE_PYTHON was defined we would look at the passed argument on the command-line as the python script or module to be run. This won't work when adding more runtimes. So instead call a kore_runtime_resolve() function that in turn calls each available runtime its resolve function. That resolve function will check if its a script / module that it can load, and if so will load it. This way we can remove all those KORE_USE_PYTHON blocks in the Kore startup path and we pave the way for lua.
2023-01-16 21:00:01 +01:00
struct kore_runtime_call *rcall;
first commit
2013-04-17 22:34:27 +02:00
add kore_proctitle(). manipulates the argv+environ pointers to get a sensible process title under linux / darwin.
2019-03-29 16:24:14 +01:00
kore_argc = argc;
kore_argv = argv;
Move orbit functionality into kore directly. Makes more sense and reads easier: kore create myapp kore build myapp kore run myapp Note that kore retains its cli options (if no command was given), meaning you can still start kore in the traditional way as well. The command options are simply to make development easier.
2014-08-01 13:59:47 +02:00
Allow "kore build" to produce single binaries. Producing single binaries can now be done with building with "kore build". To get started edit your build.conf and add the following directives: single_binary = yes kore_source = /path/to/kore optionally you can add kore_flavor to instruct how kore should be built: kore_flavor = NOTLS=1 When doing this your build.conf must also include the correct linking options as the linking is now done fully by kore build. The binary produced will include your configuration and takes over a few of kore its command line flags (such as -f, -n or -r).
2016-07-06 16:16:15 +02:00
#if !defined(KORE_SINGLE_BINARY)
Add kore_default_getopt(). This handles the default option parsing in Kore and should be called by single_binary=yes builds in kore_parent_configure() unless they want to handle their own argument parsing.
2020-10-08 13:51:50 +02:00
kore_default_getopt(argc, argv);
Remove getopt() for KORE_SINGLE_BINARY. If KORE_SINGLE_BINARY is enabled, remove the getopt() call that Kore does itself. This way all arguments are passed to the kore_parent_configure() hook as-is allowing developers to more easily implement their own option handling.
2020-09-08 22:38:06 +02:00
#endif
configuration files are now passed using the -c option. allow debug output when the -d flag is specified.
2013-06-05 08:55:07 +02:00
add kore_proctitle(). manipulates the argv+environ pointers to get a sensible process title under linux / darwin.
2019-03-29 16:24:14 +01:00
kore_mem_init();
Initial mem and log earlier. Kill the kodev mention.
2021-09-13 15:33:42 +02:00
kore_msg_init();
kore_log_init();
Call kore_tls_init() earlier at startup.
2023-01-06 10:54:07 +01:00
kore_tls_init();
Initial mem and log earlier. Kill the kodev mention.
2021-09-13 15:33:42 +02:00
add kore_proctitle(). manipulates the argv+environ pointers to get a sensible process title under linux / darwin.
2019-03-29 16:24:14 +01:00
kore_progname = kore_strdup(argv[0]);
make native proctitle better. count how much space is available for a mangled process title only once, and use that as reference later.
2019-04-29 21:08:58 +02:00
kore_proctitle_setup();
add kore_proctitle(). manipulates the argv+environ pointers to get a sensible process title under linux / darwin.
2019-03-29 16:24:14 +01:00
Remove getopt() for KORE_SINGLE_BINARY. If KORE_SINGLE_BINARY is enabled, remove the getopt() call that Kore does itself. This way all arguments are passed to the kore_parent_configure() hook as-is allowing developers to more easily implement their own option handling.
2020-09-08 22:38:06 +02:00
#if !defined(KORE_SINGLE_BINARY)
configuration files are now passed using the -c option. allow debug output when the -d flag is specified.
2013-06-05 08:55:07 +02:00
argc -= optind;
argv += optind;
Remove getopt() for KORE_SINGLE_BINARY. If KORE_SINGLE_BINARY is enabled, remove the getopt() call that Kore does itself. This way all arguments are passed to the kore_parent_configure() hook as-is allowing developers to more easily implement their own option handling.
2020-09-08 22:38:06 +02:00
#endif
configuration files are now passed using the -c option. allow debug output when the -d flag is specified.
2013-06-05 08:55:07 +02:00
Rework runtime init a little bit. It was hardcoded that if KORE_USE_PYTHON was defined we would look at the passed argument on the command-line as the python script or module to be run. This won't work when adding more runtimes. So instead call a kore_runtime_resolve() function that in turn calls each available runtime its resolve function. That resolve function will check if its a script / module that it can load, and if so will load it. This way we can remove all those KORE_USE_PYTHON blocks in the Kore startup path and we pave the way for lua.
2023-01-16 21:00:01 +01:00
#if !defined(KORE_SINGLE_BINARY)
if (kore_runtime_count() > 0) {
if (argc > 0) {
rarg0 = argv[0];
argc--;
argv++;
make sure we can still run normal apps even with PYTHON=1
2019-09-26 20:38:02 +02:00
}
Rework runtime init a little bit. It was hardcoded that if KORE_USE_PYTHON was defined we would look at the passed argument on the command-line as the python script or module to be run. This won't work when adding more runtimes. So instead call a kore_runtime_resolve() function that in turn calls each available runtime its resolve function. That resolve function will check if its a script / module that it can load, and if so will load it. This way we can remove all those KORE_USE_PYTHON blocks in the Kore startup path and we pave the way for lua.
2023-01-16 21:00:01 +01:00
if (rarg0) {
if (lstat(rarg0, &st) == -1) {
if (errno == ENOENT)
rarg0 = NULL;
else
fatal("stat(%s): %s", rarg0, errno_s);
}
}
make sure we can still run normal apps even with PYTHON=1
2019-09-26 20:38:02 +02:00
}
Change kore_parent_configure() for single binaries. This function now takes any remaining arguments passed on the command line after kore parsed its own. For C the new prototype looks like this: void kore_parent_configure(int argc, char **argv); For python code, kore will pass each argument to the function so you can do things like: def kore_parent_configure(arg1, arg2):
2018-04-09 12:51:20 +02:00
#endif
add little hint for kodev.
2017-02-22 20:09:11 +01:00
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
kore_pid = getpid();
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
nlisteners = 0;
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
LIST_INIT(&kore_servers);
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
Add seccomp syscall filtering to kore. With this commit all Kore processes (minus the parent) are running under seccomp. The worker processes get the bare minimum allowed syscalls while each module like curl, pgsql, etc will add their own filters to allow what they require. New API functions: int kore_seccomp_filter(const char *name, void *filter, size_t len); Adds a filter into the seccomp system (must be called before seccomp is enabled). New helpful macro: define KORE_SYSCALL_ALLOW(name) Allow the syscall with a given name, should be used in a sock_filter data structure. New hooks: void kore_seccomp_hook(void); Called before seccomp is enabled, allows developers to add their own BPF filters into seccomp.
2019-09-25 14:25:49 +02:00
kore_platform_init();
Introduce NOHTTP=1 build option. This basically turns off the HTTP layer for Kore. It does not compile in anything for HTTP. This allows Kore to be used as a network application platform as well. Added an example for this called nohttp. Other changes that sneaked in while hacking on this: * Use calloc(), kill pendantic malloc option. * Killed off SPDY/3.1 support completely, will be superseded by http2 Note that comes with massive changes to a lot of the core API functions provided by Kore, these might break your application.
2015-11-27 16:22:50 +01:00
#if !defined(KORE_NO_HTTP)
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
http_parent_init();
Add asynchronous libcurl support. This commit adds the CURL=1 build option. When enabled allows you to schedule CURL easy handles onto the Kore event loop. It also adds an easy to use HTTP client API that abstracts away the settings required from libcurl to make HTTP requests. Tied together with HTTP request state machines this means you can write fully asynchronous HTTP client requests in an easy way. Additionally this exposes that API to the Python code as well allowing you do to things like: client = kore.httpclient("https://kore.io") status, body = await client.get() Introduces 2 configuration options: - curl_recv_max Max incoming bytes for a response. - curl_timeout Timeout in seconds before a transfer is cancelled. This API also allows you to take the CURL easy handle and send emails with it, run FTP, etc. All asynchronously.
2019-04-24 00:10:47 +02:00
#if defined(KORE_USE_CURL)
kore_curl_sysinit();
python pgsql changes. - decouple pgsql from the HTTP request allowing it to be used in other contexts as well (such as a task, etc). - change names to dbsetup() and dbquery(). eg: result = kore.dbquery("db", "select foo from bar")
2019-09-04 19:57:28 +02:00
#endif
#if defined(KORE_USE_PGSQL)
kore_pgsql_sys_init();
Add asynchronous libcurl support. This commit adds the CURL=1 build option. When enabled allows you to schedule CURL easy handles onto the Kore event loop. It also adds an easy to use HTTP client API that abstracts away the settings required from libcurl to make HTTP requests. Tied together with HTTP request state machines this means you can write fully asynchronous HTTP client requests in an easy way. Additionally this exposes that API to the Python code as well allowing you do to things like: client = kore.httpclient("https://kore.io") status, body = await client.get() Introduces 2 configuration options: - curl_recv_max Max incoming bytes for a response. - curl_timeout Timeout in seconds before a transfer is cancelled. This API also allows you to take the CURL easy handle and send emails with it, run FTP, etc. All asynchronously.
2019-04-24 00:10:47 +02:00
#endif
Add authentication blocks for Kore. Using authentication blocks one can define "authentication" mechanisms in Kore for page handlers. This can be used to require a session cookie (validated by your own validator) for certain page handlers, and hopefully in the future provide a framework for adding more authentication things (like HTTP Auth). Right now only cookie checking is available.
2014-01-22 22:55:10 +01:00
kore_auth_init();
Introduce NOHTTP=1 build option. This basically turns off the HTTP layer for Kore. It does not compile in anything for HTTP. This allows Kore to be used as a network application platform as well. Added an example for this called nohttp. Other changes that sneaked in while hacking on this: * Use calloc(), kill pendantic malloc option. * Killed off SPDY/3.1 support completely, will be superseded by http2 Note that comes with massive changes to a lot of the core API functions provided by Kore, these might break your application.
2015-11-27 16:22:50 +01:00
kore_validator_init();
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
kore_filemap_init();
Add acmev2 (RFC8555) support to Kore. A new acme process is created that communicates with the acme servers. This process does not hold any of your private keys (no account keys, no domain keys etc). Whenever the acme process requires a signed payload it will ask the keymgr process to do the signing with the relevant keys. This process is also sandboxed with pledge+unveil on OpenBSD and seccomp syscall filtering on Linux. The implementation only supports the tls-alpn-01 challenge. This means that you do not need to open additional ports on your machine. http-01 and dns-01 are currently not supported (no wildcard support). A new configuration option "acme_provider" is available and can be set to the acme server its directory. By default this will point to the live letsencrypt environment: https://acme-v02.api.letsencrypt.org/directory The acme process can be controlled via the following config options: - acme_root (where the acme process will chroot/chdir into). - acme_runas (the user the acme process will run as). If none are set, the values from 'root' and 'runas' are taken. If you want to turn on acme for domains you do it as follows: domain kore.io { acme yes } You do not need to specify certkey/certfile anymore, if they are present still they will be overwritten by the acme system. The keymgr will store all certificates and keys under its root (keymgr_root), the account key is stored as "/account-key.pem" and all obtained certificates go under "certificates/<domain>/fullchain.pem" while keys go under "certificates/<domain>/key.pem". Kore will automatically renew certificates if they will expire in 7 days or less.
2019-11-06 19:33:53 +01:00
#endif
#if defined(KORE_USE_ACME)
kore_acme_init();
Introduce NOHTTP=1 build option. This basically turns off the HTTP layer for Kore. It does not compile in anything for HTTP. This allows Kore to be used as a network application platform as well. Added an example for this called nohttp. Other changes that sneaked in while hacking on this: * Use calloc(), kill pendantic malloc option. * Killed off SPDY/3.1 support completely, will be superseded by http2 Note that comes with massive changes to a lot of the core API functions provided by Kore, these might break your application.
2015-11-27 16:22:50 +01:00
#endif
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
kore_domain_init();
Allow Kore to load multiple modules at once.
2013-12-15 01:11:56 +01:00
kore_module_init();
- Better spread load between all worker processes. - Introduce own memory management system on top of malloc to keep track of all our allocations and free's. Later we should introduce a pooling mechanism for fixed size allocations (http_request comes to mind). - Introduce ssl_cipher in configuration. Memory usage is kind of high right now, but it seems its OpenSSL doing it rather then Kore.
2013-06-27 08:43:07 +02:00
Initial lua runtime. Works enough so one can do basic configuration and handle HTTP.
2023-01-21 23:41:35 +01:00
#if !defined(KORE_SINGLE_BINARY)
if (kore_runtime_count() == 0 && config_file == NULL)
Allow developers to pass the lib to load on the cli. When running in -f (foreground) you can now specify the library Kore needs to load on the command line: kore -fnc module.conf myapp.so This has the benefit that your configuration file no longer needs the load directive when hacking on your code. Note that you can still specify load in your config file regardless, if you so chose. All of this is being done in order to try and move away from the backwards way of getting up and running with Kore.
2014-07-31 17:15:51 +02:00
usage();
Add filemaps. A filemap is a way of telling Kore to serve files from a directory much like a traditional webserver can do. Kore filemaps only handles files. Kore does not generate directory indexes or deal with non-regular files. The way files are sent to a client differs a bit per platform and build options: default: - mmap() backed file transfer due to TLS. NOTLS=1 - sendfile() under FreeBSD, macOS and Linux. - mmap() backed file for OpenBSD. The opened file descriptors/mmap'd regions are cached and reused when appropriate. If a file is no longer in use it will be closed and evicted from the cache after 30 seconds. New API's are available allowing developers to use these facilities via: void net_send_fileref(struct connection *, struct kore_fileref *); void http_response_fileref(struct http_request *, struct kore_fileref *); Kore will attempt to match media types based on file extensions. A few default types are built-in. Others can be added via the new "http_media_type" configuration directive.
2018-06-28 13:27:44 +02:00
#endif
Add initial python support. Based on work done by Stanislav Yudin.
2017-01-12 23:38:51 +01:00
kore_module_load(NULL, NULL, KORE_MODULE_NATIVE);
Add a kore_python_preinit() hook. This is called before the python initialization is completed and allows developers to inject their own built-in methods.
2018-11-12 09:01:05 +01:00
#if defined(KORE_USE_PYTHON)
kore_python_init();
Improve python experience. - If Kore is built with PYTHON=1 you can now specify the module that should be loaded on the command-line. eg: $ kore -frn myapp - Add skeleton generation for python applications to kodev. eg: $ kodev create -p myapp This should make it a whole lot easier to get started with kore python.
2019-06-12 23:35:43 +02:00
#endif
Rework runtime init a little bit. It was hardcoded that if KORE_USE_PYTHON was defined we would look at the passed argument on the command-line as the python script or module to be run. This won't work when adding more runtimes. So instead call a kore_runtime_resolve() function that in turn calls each available runtime its resolve function. That resolve function will check if its a script / module that it can load, and if so will load it. This way we can remove all those KORE_USE_PYTHON blocks in the Kore startup path and we pave the way for lua.
2023-01-16 21:00:01 +01:00
Initial lua runtime. Works enough so one can do basic configuration and handle HTTP.
2023-01-21 23:41:35 +01:00
#if defined(KORE_USE_LUA)
kore_lua_init();
#endif
Rework runtime init a little bit. It was hardcoded that if KORE_USE_PYTHON was defined we would look at the passed argument on the command-line as the python script or module to be run. This won't work when adding more runtimes. So instead call a kore_runtime_resolve() function that in turn calls each available runtime its resolve function. That resolve function will check if its a script / module that it can load, and if so will load it. This way we can remove all those KORE_USE_PYTHON blocks in the Kore startup path and we pave the way for lua.
2023-01-16 21:00:01 +01:00
#if !defined(KORE_SINGLE_BINARY)
if (kore_runtime_count() > 0 && rarg0 != NULL)
kore_runtime_resolve(rarg0, &st);
Add a kore_python_preinit() hook. This is called before the python initialization is completed and allows developers to inject their own built-in methods.
2018-11-12 09:01:05 +01:00
#endif
make sure we can still run normal apps even with PYTHON=1
2019-09-26 20:38:02 +02:00
#if defined(KORE_SINGLE_BINARY)
kore_call_parent_configure(argc, argv);
Rework runtime init a little bit. It was hardcoded that if KORE_USE_PYTHON was defined we would look at the passed argument on the command-line as the python script or module to be run. This won't work when adding more runtimes. So instead call a kore_runtime_resolve() function that in turn calls each available runtime its resolve function. That resolve function will check if its a script / module that it can load, and if so will load it. This way we can remove all those KORE_USE_PYTHON blocks in the Kore startup path and we pave the way for lua.
2023-01-16 21:00:01 +01:00
#else
if (kore_runtime_count() > 0 && rarg0 != NULL)
make sure we can still run normal apps even with PYTHON=1
2019-09-26 20:38:02 +02:00
kore_call_parent_configure(argc, argv);
Add kore_parent_daemonized(). This is called for single binaries after the parent process has called daemon(). Also fix kore_parent_configure() for !single binaries.
2018-10-18 17:18:41 +02:00
#endif
Allow developers to pass the lib to load on the cli. When running in -f (foreground) you can now specify the library Kore needs to load on the command line: kore -fnc module.conf myapp.so This has the benefit that your configuration file no longer needs the load directive when hacking on your code. Note that you can still specify load in your config file regardless, if you so chose. All of this is being done in order to try and move away from the backwards way of getting up and running with Kore.
2014-07-31 17:15:51 +02:00
Many many Python improvements. - Kore can now fully be configured via Python code if one wants nothing to do with configuration files. - Kore can now start single python files and no longer requires them to be inside a module directory. - Pass all regex capture groups to the handler methods, allowing you to get access to them immediately. - Change python websocket_handshake to take callable objects directly. - Added a new deployment configuration option. If set to "dev" or "development" Kore will automatically foreground, no chroot / etc. If set to "production" Kore *will* chroot, drop privs, etc. - Many more.. These are all backported from a project that I was working on a while ago. I decided these should go back into mainline Kore.
2019-09-26 15:49:00 +02:00
kore_parse_config();
make sure we can still run normal apps even with PYTHON=1
2019-09-26 20:38:02 +02:00
#if !defined(KORE_SINGLE_BINARY)
alter python skeleton from kodev create -p. adds the kore.config.file setting (required a fix for -c) and the kore.config.deployment option is set to "development".
2019-09-26 19:58:13 +02:00
free(config_file);
make sure we can still run normal apps even with PYTHON=1
2019-09-26 20:38:02 +02:00
#endif
Many many Python improvements. - Kore can now fully be configured via Python code if one wants nothing to do with configuration files. - Kore can now start single python files and no longer requires them to be inside a module directory. - Pass all regex capture groups to the handler methods, allowing you to get access to them immediately. - Change python websocket_handshake to take callable objects directly. - Added a new deployment configuration option. If set to "dev" or "development" Kore will automatically foreground, no chroot / etc. If set to "production" Kore *will* chroot, drop privs, etc. - Many more.. These are all backported from a project that I was working on a while ago. I decided these should go back into mainline Kore.
2019-09-26 15:49:00 +02:00
Introduce NOHTTP=1 build option. This basically turns off the HTTP layer for Kore. It does not compile in anything for HTTP. This allows Kore to be used as a network application platform as well. Added an example for this called nohttp. Other changes that sneaked in while hacking on this: * Use calloc(), kill pendantic malloc option. * Killed off SPDY/3.1 support completely, will be superseded by http2 Note that comes with massive changes to a lot of the core API functions provided by Kore, these might break your application.
2015-11-27 16:22:50 +01:00
#if !defined(KORE_NO_HTTP)
Massive rework of HTTP layer. This commit is a flag day, your old modules will almost certainly need to be updated in order to build properly with these changes. Summary of changes: - Offload HTTP bodies to disk if they are large (inspired by #100). (disabled by default) - The http_argument_get* macros now takes an explicit http_request parameter. - Kore will now throw 404 errors almost immediately after an HTTP request has come in instead of waiting until all data has arrived. API changes: - http_argument_get* macros now require an explicit http_request parameter. (no more magic invokations). - http_generic_404() is gone - http_populate_arguments() is gone - http_body_bytes() is gone - http_body_text() is gone - http_body_read() has been added - http_populate_post() has been added - http_populate_get() has been added - http_file_read() has been added - http_file_rewind() has been added - http_file_lookup() no longer takes name, fname, data and len parameters. - http_file_lookup() now returns a struct http_file pointer. - http_populate_multipart_form() no longer takes an secondary parameter. New configuration options: - http_body_disk_offload: Number of bytes after which Kore will offload the HTTP body to disk instead of retaining it in memory. If 0 this feature is disabled. (Default: 0) - http_body_disk_path: The path where Kore will store temporary HTTP body files. (this directory does not get created if http_body_disk_offload is 0). New example: The upload example has been added, demonstrating how to deal with file uploads from a multipart form.
2016-01-18 11:30:22 +01:00
if (http_body_disk_offload > 0) {
if (mkdir(http_body_disk_path, 0700) == -1 && errno != EEXIST) {
printf("can't create http_body_disk_path '%s': %s\n",
http_body_disk_path, errno_s);
return (KORE_RESULT_ERROR);
}
}
Introduce NOHTTP=1 build option. This basically turns off the HTTP layer for Kore. It does not compile in anything for HTTP. This allows Kore to be used as a network application platform as well. Added an example for this called nohttp. Other changes that sneaked in while hacking on this: * Use calloc(), kill pendantic malloc option. * Killed off SPDY/3.1 support completely, will be superseded by http2 Note that comes with massive changes to a lot of the core API functions provided by Kore, these might break your application.
2015-11-27 16:22:50 +01:00
#endif
add chroot and runas directives so we can chroot and drop privilegs properly
2013-05-04 22:18:27 +02:00
Use sigaction() for signals. Don't duplicate signal setup code between parent and worker processes.
2018-05-25 20:49:02 +02:00
kore_signal_setup();
Add kore_parent_daemonized(). This is called for single binaries after the parent process has called daemon(). Also fix kore_parent_configure() for !single binaries.
2018-10-18 17:18:41 +02:00
kore_server_start(argc, argv);
Improve how the parent handles workers. - Make sure we drain the worker log channel if it dies so we can flush out any lingering log messages. - Get rid of the raise() in the parent to signal ourselves we should terminate. Instead depend on the new kore_quit. - Always attempt to reap children one way or the other.
2021-11-03 17:23:05 +01:00
kore_server_shutdown();
Add kore_[parent|worker]_teardown(). If exists these functions are called when the worker is exiting and when right before the parent exists. Allows for cleanup code for applications if need to do cleanup on exit.
2018-10-23 21:46:34 +02:00
make sure we can still run normal apps even with PYTHON=1
2019-09-26 20:38:02 +02:00
rcall = kore_runtime_getcall(parent_teardown_hook);
Add kore_[parent|worker]_teardown(). If exists these functions are called when the worker is exiting and when right before the parent exists. Allows for cleanup code for applications if need to do cleanup on exit.
2018-10-23 21:46:34 +02:00
if (rcall != NULL) {
kore_runtime_execute(rcall);
kore_free(rcall);
}
if (unlink(kore_pidfile) == -1 && errno != ENOENT)
kore_log(LOG_NOTICE, "failed to remove pidfile (%s)", errno_s);
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
kore_server_cleanup();
Add -q flag. If specified Kore will run quietly and only log important messages.
2018-11-15 16:01:37 +01:00
if (!kore_quiet)
Rework worker startup/privsep config. Starting with the privsep config, this commit changes the following: - Removes the root, runas, keymgr_root, keymgr_runas, acme_root and acme_runas configuration options. Instead these are now configured via a privsep configuration context: privsep worker { root /tmp runas nobody } This is also configurable via Python using the new kore.privsep() method: kore.privsep("worker", root="/tmp", runas="nobody", skip=["chroot"]) Tied into this we also better handle worker startup: - Per worker process, wait until it signalled it is ready. - If a worker fails at startup, display its last log lines more clearly. - Don't start acme process if no domain requires acme. - Remove each process its individual startup log message in favour of a generalized one that displays its PID, root and user. - At startup, log the kore version and built-ins in a nicer way. - The worker processes now check things they need to start running before signaling they are ready (such as access to CA certs for TLS client authentication).
2021-09-07 21:59:22 +02:00
kore_log(LOG_INFO, "goodbye");
Separate private keys from worker processes. Kore will now isolate RSA private keys to a separate process (keymgr). Worker processes that require RSA signing for TLS connections will communicate with this keymgr process in order to do so. This behaviour cannot be disabled and is always turned on.
2016-06-08 13:55:14 +02:00
Add asynchronous pgsql query support to python. This commit adds the ability to use python "await" to suspend execution of your page handler until the query sent to postgresql has returned a result. This is built upon the existing asynchrous query framework Kore had. With this you can now write stuff like: async def page(req): result = await req.pgsql("db", "SELECT name FROM table"); req.response(200, json.dumps(result).encode("utf-8")) The above code will fire off a query and suspend itself so Kore can take care of business as usual until the query is successful at which point Kore will jump back into the handler and resume. This does not use threading, it's purely based on Python's excellent coroutines and generators and Kore its built-in pgsql support.
2017-02-06 11:42:53 +01:00
#if defined(KORE_USE_PYTHON)
kore_python_cleanup();
#endif
Initial lua runtime. Works enough so one can do basic configuration and handle HTTP.
2023-01-21 23:41:35 +01:00
#if defined(KORE_USE_LUA)
kore_lua_cleanup();
#endif
Add asynchronous pgsql query support to python. This commit adds the ability to use python "await" to suspend execution of your page handler until the query sent to postgresql has returned a result. This is built upon the existing asynchrous query framework Kore had. With this you can now write stuff like: async def page(req): result = await req.pgsql("db", "SELECT name FROM table"); req.response(200, json.dumps(result).encode("utf-8")) The above code will fire off a query and suspend itself so Kore can take care of business as usual until the query is successful at which point Kore will jump back into the handler and resume. This does not use threading, it's purely based on Python's excellent coroutines and generators and Kore its built-in pgsql support.
2017-02-06 11:42:53 +01:00
kore_mem_cleanup();
Differentiate between normal shutdown and fatal. The parent process never differentiated between a worker process asking for a shutdown or a worker process calling fatalx() when it came to its exit code. I made some changes here so the parent process will exit with an exit code 1 if anything worker related went wrong (fatalx/death policy).
2022-08-08 11:02:27 +02:00
return (kore_quit);
first commit
2013-04-17 22:34:27 +02:00
}
Add kore_default_getopt(). This handles the default option parsing in Kore and should be called by single_binary=yes builds in kore_parent_configure() unless they want to handle their own argument parsing.
2020-10-08 13:51:50 +02:00
void
kore_default_getopt(int argc, char **argv)
{
int ch;
#if !defined(KORE_SINGLE_BINARY)
Rework runtime init a little bit. It was hardcoded that if KORE_USE_PYTHON was defined we would look at the passed argument on the command-line as the python script or module to be run. This won't work when adding more runtimes. So instead call a kore_runtime_resolve() function that in turn calls each available runtime its resolve function. That resolve function will check if its a script / module that it can load, and if so will load it. This way we can remove all those KORE_USE_PYTHON blocks in the Kore startup path and we pave the way for lua.
2023-01-16 21:00:01 +01:00
while ((ch = getopt(argc, argv, "c:dfhnqrv")) != -1) {
Add kore_default_getopt(). This handles the default option parsing in Kore and should be called by single_binary=yes builds in kore_parent_configure() unless they want to handle their own argument parsing.
2020-10-08 13:51:50 +02:00
#else
Rework runtime init a little bit. It was hardcoded that if KORE_USE_PYTHON was defined we would look at the passed argument on the command-line as the python script or module to be run. This won't work when adding more runtimes. So instead call a kore_runtime_resolve() function that in turn calls each available runtime its resolve function. That resolve function will check if its a script / module that it can load, and if so will load it. This way we can remove all those KORE_USE_PYTHON blocks in the Kore startup path and we pave the way for lua.
2023-01-16 21:00:01 +01:00
while ((ch = getopt(argc, argv, "dfhnqrv")) != -1) {
Add kore_default_getopt(). This handles the default option parsing in Kore and should be called by single_binary=yes builds in kore_parent_configure() unless they want to handle their own argument parsing.
2020-10-08 13:51:50 +02:00
#endif
switch (ch) {
#if !defined(KORE_SINGLE_BINARY)
case 'c':
free(config_file);
if ((config_file = strdup(optarg)) == NULL)
fatal("strdup");
break;
#endif
Rework runtime init a little bit. It was hardcoded that if KORE_USE_PYTHON was defined we would look at the passed argument on the command-line as the python script or module to be run. This won't work when adding more runtimes. So instead call a kore_runtime_resolve() function that in turn calls each available runtime its resolve function. That resolve function will check if its a script / module that it can load, and if so will load it. This way we can remove all those KORE_USE_PYTHON blocks in the Kore startup path and we pave the way for lua.
2023-01-16 21:00:01 +01:00
case 'd':
kore_foreground = 0;
break;
Add kore_default_getopt(). This handles the default option parsing in Kore and should be called by single_binary=yes builds in kore_parent_configure() unless they want to handle their own argument parsing.
2020-10-08 13:51:50 +02:00
case 'f':
Rework runtime init a little bit. It was hardcoded that if KORE_USE_PYTHON was defined we would look at the passed argument on the command-line as the python script or module to be run. This won't work when adding more runtimes. So instead call a kore_runtime_resolve() function that in turn calls each available runtime its resolve function. That resolve function will check if its a script / module that it can load, and if so will load it. This way we can remove all those KORE_USE_PYTHON blocks in the Kore startup path and we pave the way for lua.
2023-01-16 21:00:01 +01:00
printf("note: -f is the default now, "
"use -d to daemonize\n");
Add kore_default_getopt(). This handles the default option parsing in Kore and should be called by single_binary=yes builds in kore_parent_configure() unless they want to handle their own argument parsing.
2020-10-08 13:51:50 +02:00
break;
case 'h':
usage();
break;
case 'n':
skip_chroot = 1;
break;
case 'q':
kore_quiet = 1;
break;
case 'r':
skip_runas = 1;
break;
case 'v':
version();
break;
default:
usage();
}
}
}
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
int
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
kore_server_bind(struct kore_server *srv, const char *ip, const char *port,
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
const char *ccb)
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
{
Add kore_sockopt(). Use it where we before were using setsockopt().
2017-02-22 22:23:30 +01:00
int r;
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
struct listener *l;
Allow Kore to function under DragonflyBSD. From David Carlier
2015-06-14 16:54:44 +02:00
struct addrinfo hints, *results;
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
Allow Kore to function under DragonflyBSD. From David Carlier
2015-06-14 16:54:44 +02:00
memset(&hints, 0, sizeof(hints));
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
hints.ai_protocol = IPPROTO_TCP;
hints.ai_flags = 0;
r = getaddrinfo(ip, port, &hints, &results);
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
if (r != 0)
fatal("getaddrinfo(%s): %s", ip, gai_strerror(r));
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
l = kore_listener_create(srv);
l->host = kore_strdup(ip);
l->port = kore_strdup(port);
kore_listener_init() returns KORE_RESULT_OK or KORE_RESULT_ERROR.
2019-12-13 09:14:26 +01:00
if (!kore_listener_init(l, results->ai_family, ccb)) {
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
freeaddrinfo(results);
return (KORE_RESULT_ERROR);
}
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
if (bind(l->fd, results->ai_addr, results->ai_addrlen) == -1) {
kore_listener_free(l);
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
freeaddrinfo(results);
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
kore_log(LOG_ERR, "bind(): %s", errno_s);
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
return (KORE_RESULT_ERROR);
}
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
freeaddrinfo(results);
if (listen(l->fd, kore_socket_backlog) == -1) {
kore_listener_free(l);
kore_log(LOG_ERR, "listen(): %s", errno_s);
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
return (KORE_RESULT_ERROR);
}
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
return (KORE_RESULT_OK);
}
int
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
kore_server_bind_unix(struct kore_server *srv, const char *path,
const char *ccb)
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
{
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
struct listener *l;
Add async/await support for socket i/o in python. This means you can now do things like: resp = await koresock.recv(1024) await koresock.send(resp) directly from page handlers if they are defined as async. Adds lots more to the python goo such as fatalx(), bind_unix(), task_create() and socket_wrap().
2018-10-15 20:18:54 +02:00
int len;
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
struct sockaddr_un sun;
Add async/await support for socket i/o in python. This means you can now do things like: resp = await koresock.recv(1024) await koresock.send(resp) directly from page handlers if they are defined as async. Adds lots more to the python goo such as fatalx(), bind_unix(), task_create() and socket_wrap().
2018-10-15 20:18:54 +02:00
socklen_t socklen;
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
memset(&sun, 0, sizeof(sun));
sun.sun_family = AF_UNIX;
Add async/await support for socket i/o in python. This means you can now do things like: resp = await koresock.recv(1024) await koresock.send(resp) directly from page handlers if they are defined as async. Adds lots more to the python goo such as fatalx(), bind_unix(), task_create() and socket_wrap().
2018-10-15 20:18:54 +02:00
len = snprintf(sun.sun_path, sizeof(sun.sun_path), "%s", path);
if (len == -1 || (size_t)len >= sizeof(sun.sun_path)) {
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
kore_log(LOG_ERR, "unix socket path '%s' too long", path);
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
return (KORE_RESULT_ERROR);
}
Add async/await support for socket i/o in python. This means you can now do things like: resp = await koresock.recv(1024) await koresock.send(resp) directly from page handlers if they are defined as async. Adds lots more to the python goo such as fatalx(), bind_unix(), task_create() and socket_wrap().
2018-10-15 20:18:54 +02:00
#if defined(__linux__)
if (sun.sun_path[0] == '@')
sun.sun_path[0] = '\0';
socklen = sizeof(sun.sun_family) + len;
Fix unix binds on BSD families.
2019-05-28 21:44:46 +02:00
#else
socklen = sizeof(sun);
#endif
Add async/await support for socket i/o in python. This means you can now do things like: resp = await koresock.recv(1024) await koresock.send(resp) directly from page handlers if they are defined as async. Adds lots more to the python goo such as fatalx(), bind_unix(), task_create() and socket_wrap().
2018-10-15 20:18:54 +02:00
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
l = kore_listener_create(srv);
l->host = kore_strdup(path);
kore_listener_init() returns KORE_RESULT_OK or KORE_RESULT_ERROR.
2019-12-13 09:14:26 +01:00
if (!kore_listener_init(l, AF_UNIX, ccb))
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
return (KORE_RESULT_ERROR);
Unix socket path improvements. - Unlink the socket path if possible before attempting to bind to it. - Unlink the socket path if possible when Kore is shutting down. inspired by a diff from Joel Arbring via patches@
2021-04-08 09:25:19 +02:00
if (sun.sun_path[0] != '\0') {
if (unlink(sun.sun_path) == -1 && errno != ENOENT) {
kore_log(LOG_ERR, "unlink: %s: %s",
sun.sun_path, errno_s);
kore_listener_free(l);
return (KORE_RESULT_ERROR);
}
}
Add async/await support for socket i/o in python. This means you can now do things like: resp = await koresock.recv(1024) await koresock.send(resp) directly from page handlers if they are defined as async. Adds lots more to the python goo such as fatalx(), bind_unix(), task_create() and socket_wrap().
2018-10-15 20:18:54 +02:00
if (bind(l->fd, (struct sockaddr *)&sun, socklen) == -1) {
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
kore_log(LOG_ERR, "bind: %s", errno_s);
kore_listener_free(l);
return (KORE_RESULT_ERROR);
}
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
Improve very heavy load handling. Introduces two new configuration knobs: * socket_backlog (backlog for listen(2)) * http_request_limit The second one is the most interesting one. Before, kore would iterate over all received HTTP requests in its queue before returning out of http_process(). Under heavy load this queue can cause Kore to spend a considerable amount of time iterating over said queue. With the http_request_limit, kore will process at MOST http_request_limit requests before returning back to the event loop. This means responses to processed requests are sent out much quicker and allows kore to handle any other incoming requests more gracefully.
2015-04-09 15:29:44 +02:00
if (listen(l->fd, kore_socket_backlog) == -1) {
Change kore_preload() and kore_onload(). Renamed both of them: kore_preload -> kore_parent_configure kore_onload -> kore_worker_configure These functions will now always be called if they are defined in any module regardless of your application being built as a single binary or not.
2017-02-01 17:12:11 +01:00
kore_log(LOG_ERR, "listen(): %s", errno_s);
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
kore_listener_free(l);
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
return (KORE_RESULT_ERROR);
}
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
return (KORE_RESULT_OK);
}
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
struct kore_server *
kore_server_create(const char *name)
{
struct kore_server *srv;
srv = kore_calloc(1, sizeof(struct kore_server));
srv->name = kore_strdup(name);
Initial work splitting OpenSSL code away. This work moves all TLS / crypto related code into a tls_openssl.c file and adds a tls_none.c which contains just stubs. Allows compilation of Kore with TLS_BACKEND=none to remove building against OpenSSL. Also adds code for SHA1/SHA2 taken from openssh-portable so we don't depend on those being present anymore in libcrypto.
2022-02-17 13:45:28 +01:00
if (kore_tls_supported())
srv->tls = 1;
else
srv->tls = 0;
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
TAILQ_INIT(&srv->domains);
LIST_INIT(&srv->listeners);
LIST_INSERT_HEAD(&kore_servers, srv, list);
return (srv);
}
void
kore_server_finalize(struct kore_server *srv)
{
struct listener *l;
const char *proto;
if (kore_quiet)
return;
LIST_FOREACH(l, &srv->listeners, list) {
if (srv->tls)
proto = "https";
else
proto = "http";
if (l->family == AF_UNIX) {
Rework worker startup/privsep config. Starting with the privsep config, this commit changes the following: - Removes the root, runas, keymgr_root, keymgr_runas, acme_root and acme_runas configuration options. Instead these are now configured via a privsep configuration context: privsep worker { root /tmp runas nobody } This is also configurable via Python using the new kore.privsep() method: kore.privsep("worker", root="/tmp", runas="nobody", skip=["chroot"]) Tied into this we also better handle worker startup: - Per worker process, wait until it signalled it is ready. - If a worker fails at startup, display its last log lines more clearly. - Don't start acme process if no domain requires acme. - Remove each process its individual startup log message in favour of a generalized one that displays its PID, root and user. - At startup, log the kore version and built-ins in a nicer way. - The worker processes now check things they need to start running before signaling they are ready (such as access to CA certs for TLS client authentication).
2021-09-07 21:59:22 +02:00
kore_log(LOG_INFO, "%s serving %s on %s",
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
srv->name, proto, l->host);
} else {
Rework worker startup/privsep config. Starting with the privsep config, this commit changes the following: - Removes the root, runas, keymgr_root, keymgr_runas, acme_root and acme_runas configuration options. Instead these are now configured via a privsep configuration context: privsep worker { root /tmp runas nobody } This is also configurable via Python using the new kore.privsep() method: kore.privsep("worker", root="/tmp", runas="nobody", skip=["chroot"]) Tied into this we also better handle worker startup: - Per worker process, wait until it signalled it is ready. - If a worker fails at startup, display its last log lines more clearly. - Don't start acme process if no domain requires acme. - Remove each process its individual startup log message in favour of a generalized one that displays its PID, root and user. - At startup, log the kore version and built-ins in a nicer way. - The worker processes now check things they need to start running before signaling they are ready (such as access to CA certs for TLS client authentication).
2021-09-07 21:59:22 +02:00
kore_log(LOG_INFO, "%s serving %s on %s:%s",
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
srv->name, proto, l->host, l->port);
}
}
}
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
struct listener *
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
kore_listener_create(struct kore_server *server)
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
{
struct listener *l;
l = kore_calloc(1, sizeof(struct listener));
nlisteners++;
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
LIST_INSERT_HEAD(&server->listeners, l, list);
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
l->server = server;
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
l->fd = -1;
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
l->evt.type = KORE_TYPE_LISTENER;
l->evt.handle = kore_listener_accept;
return (l);
}
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
struct kore_server *
kore_server_lookup(const char *name)
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
{
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
struct kore_server *srv;
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
LIST_FOREACH(srv, &kore_servers, list) {
if (!strcmp(srv->name, name))
return (srv);
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
}
return (NULL);
}
int
kore_listener_init(struct listener *l, int family, const char *ccb)
{
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
switch (family) {
case AF_INET:
case AF_INET6:
case AF_UNIX:
break;
default:
fatal("unknown address family %d", family);
}
l->family = family;
Changes to the event loop inside of Kore. Now anyone can schedule events and get a callback to work as long as the user data structure that is added for the event begins with a kore_event data structure. All event state is now kept in that kore_event structure and renamed CONN_[READ|WRITE]_POSSIBLE to KORE_EVENT_[READ|WRITE].
2018-10-09 19:34:40 +02:00
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
if ((l->fd = socket(family, SOCK_STREAM, 0)) == -1) {
kore_listener_free(l);
kore_log(LOG_ERR, "socket(): %s", errno_s);
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
return (KORE_RESULT_ERROR);
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
}
Add asynchronous subprocess support. This adds kore.proc to the python runtime allowing async processing handling: The kore.proc method takes the command to run and an optional timeout parameter in milliseconds. If the process did not exit normally after that amount of time a TimeoutError exception is raised. For instance: async def run(cmd): proc = kore.proc(cmd, 1000) try: await proc.send("hello") proc.close_stdin() except TimeoutError: proc.kill() retcode = await proc.reap() return retcode
2018-10-26 19:19:47 +02:00
if (fcntl(l->fd, F_SETFD, FD_CLOEXEC) == -1) {
kore_listener_free(l);
kore_log(LOG_ERR, "fcntl(): %s", errno_s);
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
return (KORE_RESULT_ERROR);
Add asynchronous subprocess support. This adds kore.proc to the python runtime allowing async processing handling: The kore.proc method takes the command to run and an optional timeout parameter in milliseconds. If the process did not exit normally after that amount of time a TimeoutError exception is raised. For instance: async def run(cmd): proc = kore.proc(cmd, 1000) try: await proc.send("hello") proc.close_stdin() except TimeoutError: proc.kill() retcode = await proc.reap() return retcode
2018-10-26 19:19:47 +02:00
}
don't set nodelay on unix listener sockets
2018-10-07 21:21:37 +02:00
if (!kore_connection_nonblock(l->fd, family != AF_UNIX)) {
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
kore_listener_free(l);
kore_log(LOG_ERR, "kore_connection_nonblock(): %s", errno_s);
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
return (KORE_RESULT_ERROR);
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
}
if (!kore_sockopt(l->fd, SOL_SOCKET, SO_REUSEADDR)) {
kore_listener_free(l);
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
return (KORE_RESULT_ERROR);
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
}
Introduce NOHTTP=1 build option. This basically turns off the HTTP layer for Kore. It does not compile in anything for HTTP. This allows Kore to be used as a network application platform as well. Added an example for this called nohttp. Other changes that sneaked in while hacking on this: * Use calloc(), kill pendantic malloc option. * Killed off SPDY/3.1 support completely, will be superseded by http2 Note that comes with massive changes to a lot of the core API functions provided by Kore, these might break your application.
2015-11-27 16:22:50 +01:00
if (ccb != NULL) {
Add initial python support. Based on work done by Stanislav Yudin.
2017-01-12 23:38:51 +01:00
if ((l->connect = kore_runtime_getcall(ccb)) == NULL) {
Change kore_preload() and kore_onload(). Renamed both of them: kore_preload -> kore_parent_configure kore_onload -> kore_worker_configure These functions will now always be called if they are defined in any module regardless of your application being built as a single binary or not.
2017-02-01 17:12:11 +01:00
kore_log(LOG_ERR, "no such callback: '%s'", ccb);
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
kore_listener_free(l);
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
return (KORE_RESULT_ERROR);
Introduce NOHTTP=1 build option. This basically turns off the HTTP layer for Kore. It does not compile in anything for HTTP. This allows Kore to be used as a network application platform as well. Added an example for this called nohttp. Other changes that sneaked in while hacking on this: * Use calloc(), kill pendantic malloc option. * Killed off SPDY/3.1 support completely, will be superseded by http2 Note that comes with massive changes to a lot of the core API functions provided by Kore, these might break your application.
2015-11-27 16:22:50 +01:00
}
} else {
l->connect = NULL;
}
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
return (KORE_RESULT_OK);
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
}
Show the uri to the running kore instance in foreground mode
2014-08-01 20:00:09 +02:00
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
void
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
kore_server_free(struct kore_server *srv)
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
{
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
struct listener *l;
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
struct kore_domain *dom;
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
LIST_REMOVE(srv, list);
while ((dom = TAILQ_FIRST(&srv->domains)) != NULL)
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
kore_domain_free(dom);
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
while ((l = LIST_FIRST(&srv->listeners)) != NULL)
kore_listener_free(l);
kore_free(srv->name);
kore_free(srv);
}
void
kore_listener_free(struct listener *l)
{
Unix socket path improvements. - Unlink the socket path if possible before attempting to bind to it. - Unlink the socket path if possible when Kore is shutting down. inspired by a diff from Joel Arbring via patches@
2021-04-08 09:25:19 +02:00
int rm;
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
LIST_REMOVE(l, list);
if (l->fd != -1)
close(l->fd);
Unix socket path improvements. - Unlink the socket path if possible before attempting to bind to it. - Unlink the socket path if possible when Kore is shutting down. inspired by a diff from Joel Arbring via patches@
2021-04-08 09:25:19 +02:00
rm = 0;
#if defined(__linux__)
if (worker == NULL && l->family == AF_UNIX && l->host[0] != '@')
rm++;
#else
if (worker == NULL && l->family == AF_UNIX)
rm++;
#endif
if (rm) {
if (unlink(l->host) == -1) {
kore_log(LOG_NOTICE,
"failed to remove unix socket %s (%s)", l->host,
errno_s);
}
}
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
kore_free(l->host);
kore_free(l->port);
allow kore to bind to unix sockets via bind_unix.
2018-10-07 20:49:16 +02:00
kore_free(l);
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
}
Changes to the event loop inside of Kore. Now anyone can schedule events and get a callback to work as long as the user data structure that is added for the event begins with a kore_event data structure. All event state is now kept in that kore_event structure and renamed CONN_[READ|WRITE]_POSSIBLE to KORE_EVENT_[READ|WRITE].
2018-10-09 19:34:40 +02:00
void
kore_listener_accept(void *arg, int error)
{
struct connection *c;
struct listener *l = arg;
u_int32_t accepted;
if (error)
fatal("error on listening socket");
if (!(l->evt.flags & KORE_EVENT_READ))
return;
accepted = 0;
while (worker_active_connections < worker_max_connections) {
if (worker_accept_threshold != 0 &&
If we hit the accept threshold, unlock worker.
2018-10-22 09:01:05 +02:00
accepted >= worker_accept_threshold) {
kore_worker_make_busy();
Changes to the event loop inside of Kore. Now anyone can schedule events and get a callback to work as long as the user data structure that is added for the event begins with a kore_event data structure. All event state is now kept in that kore_event structure and renamed CONN_[READ|WRITE]_POSSIBLE to KORE_EVENT_[READ|WRITE].
2018-10-09 19:34:40 +02:00
break;
If we hit the accept threshold, unlock worker.
2018-10-22 09:01:05 +02:00
}
Changes to the event loop inside of Kore. Now anyone can schedule events and get a callback to work as long as the user data structure that is added for the event begins with a kore_event data structure. All event state is now kept in that kore_event structure and renamed CONN_[READ|WRITE]_POSSIBLE to KORE_EVENT_[READ|WRITE].
2018-10-09 19:34:40 +02:00
if (!kore_connection_accept(l, &c))
break;
if (c == NULL)
break;
accepted++;
kore_platform_event_all(c->fd, c);
}
}
Add kore_sockopt(). Use it where we before were using setsockopt().
2017-02-22 22:23:30 +01:00
int
kore_sockopt(int fd, int what, int opt)
{
int on;
on = 1;
if (setsockopt(fd, what, opt, (const char *)&on, sizeof(on)) == -1) {
kore_log(LOG_ERR, "setsockopt(): %s", errno_s);
return (KORE_RESULT_ERROR);
}
return (KORE_RESULT_OK);
}
Use sigaction() for signals. Don't duplicate signal setup code between parent and worker processes.
2018-05-25 20:49:02 +02:00
void
kore_signal_setup(void)
Worker hook rework. This commit adds improved hooks for Python and a new signal delivery hook. For the Python API kore_worker_configure() and kore_worker_teardown() had to be implemented before this commit. Now one can create a workerstart and workerend method in their koreapp as those will be called when they exist. The new signal hook is either kore_worker_signal() or koreapp.signal. This new hook is called after the worker event code handles the received signal itself first. With this commit there is also a new kore_signal_trap() API call allowing you to more easily trap new signals. This API also also exported to the Python part of the code under kore.sigtrap()
2021-12-22 09:50:26 +01:00
{
kore_signal_trap(SIGHUP);
kore_signal_trap(SIGQUIT);
kore_signal_trap(SIGTERM);
kore_signal_trap(SIGUSR1);
kore_signal_trap(SIGCHLD);
if (kore_foreground)
kore_signal_trap(SIGINT);
else
(void)signal(SIGINT, SIG_IGN);
(void)signal(SIGPIPE, SIG_IGN);
}
void
kore_signal_trap(int sig)
Use sigaction() for signals. Don't duplicate signal setup code between parent and worker processes.
2018-05-25 20:49:02 +02:00
{
struct sigaction sa;
sig_recv = 0;
memset(&sa, 0, sizeof(sa));
sa.sa_handler = kore_signal;
if (sigfillset(&sa.sa_mask) == -1)
fatal("sigfillset: %s", errno_s);
Worker hook rework. This commit adds improved hooks for Python and a new signal delivery hook. For the Python API kore_worker_configure() and kore_worker_teardown() had to be implemented before this commit. Now one can create a workerstart and workerend method in their koreapp as those will be called when they exist. The new signal hook is either kore_worker_signal() or koreapp.signal. This new hook is called after the worker event code handles the received signal itself first. With this commit there is also a new kore_signal_trap() API call allowing you to more easily trap new signals. This API also also exported to the Python part of the code under kore.sigtrap()
2021-12-22 09:50:26 +01:00
if (sigaction(sig, &sa, NULL) == -1)
Use sigaction() for signals. Don't duplicate signal setup code between parent and worker processes.
2018-05-25 20:49:02 +02:00
fatal("sigaction: %s", errno_s);
}
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
void
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
kore_server_closeall(void)
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
{
struct listener *l;
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
struct kore_server *srv;
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
LIST_FOREACH(srv, &kore_servers, list) {
LIST_FOREACH(l, &srv->listeners, list)
l->fd = -1;
}
Allow listening of tls/notls ports at the same time. Before kore needed to be built with NOTLS=1 to be able to do non TLS connections. This has been like this for years. It is time to allow non TLS listeners without having to rebuild Kore. This commit changes your configuration format and will break existing applications their config. Configurations now get listener {} contexts: listen default { bind 127.0.0.1 8888 } The above will create a listener on 127.0.0.1, port 8888 that will serve TLS (still the default). If you want to turn off TLS on that listener, specify "tls no" in that context. Domains now need to be attached to a listener: Eg: domain * { attach default } For the Python API this kills kore.bind(), and kore.bind_unix(). They are replaced with: kore.listen("name", ip=None, port=None, path=None, tls=True).
2019-09-27 12:22:35 +02:00
}
Separate private keys from worker processes. Kore will now isolate RSA private keys to a separate process (keymgr). Worker processes that require RSA signing for TLS connections will communicate with this keymgr process in order to do so. This behaviour cannot be disabled and is always turned on.
2016-06-08 13:55:14 +02:00
void
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
kore_server_cleanup(void)
Separate private keys from worker processes. Kore will now isolate RSA private keys to a separate process (keymgr). Worker processes that require RSA signing for TLS connections will communicate with this keymgr process in order to do so. This behaviour cannot be disabled and is always turned on.
2016-06-08 13:55:14 +02:00
{
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
struct kore_server *srv;
Separate private keys from worker processes. Kore will now isolate RSA private keys to a separate process (keymgr). Worker processes that require RSA signing for TLS connections will communicate with this keymgr process in order to do so. This behaviour cannot be disabled and is always turned on.
2016-06-08 13:55:14 +02:00
Allow multiple binds on new server directive.
2019-09-27 20:00:35 +02:00
while ((srv = LIST_FIRST(&kore_servers)) != NULL)
kore_server_free(srv);
Separate private keys from worker processes. Kore will now isolate RSA private keys to a separate process (keymgr). Worker processes that require RSA signing for TLS connections will communicate with this keymgr process in order to do so. This behaviour cannot be disabled and is always turned on.
2016-06-08 13:55:14 +02:00
}
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
void
kore_signal(int sig)
{
sig_recv = sig;
}
Add kore_shutdown(). Allows workers to cleanly initiate a shutdown of the entire server process.
2018-10-23 19:49:42 +02:00
void
kore_shutdown(void)
{
if (worker != NULL) {
kore_msg_send(KORE_MSG_PARENT, KORE_MSG_SHUTDOWN, NULL, 0);
return;
}
fatal("kore_shutdown: called from parent");
}
add kore_proctitle(). manipulates the argv+environ pointers to get a sensible process title under linux / darwin.
2019-03-29 16:24:14 +01:00
void
kore_proctitle(const char *title)
{
make native proctitle better. count how much space is available for a mangled process title only once, and use that as reference later.
2019-04-29 21:08:58 +02:00
int len;
kore_argv[1] = NULL;
len = snprintf(kore_argv[0], proctitle_maxlen, "%s %s",
basename(kore_progname), title);
if (len == -1 || (size_t)len >= proctitle_maxlen)
fatal("proctitle '%s' too large", title);
memset(kore_argv[0] + len, 0, proctitle_maxlen - len);
}
Rework runtime init a little bit. It was hardcoded that if KORE_USE_PYTHON was defined we would look at the passed argument on the command-line as the python script or module to be run. This won't work when adding more runtimes. So instead call a kore_runtime_resolve() function that in turn calls each available runtime its resolve function. That resolve function will check if its a script / module that it can load, and if so will load it. This way we can remove all those KORE_USE_PYTHON blocks in the Kore startup path and we pave the way for lua.
2023-01-16 21:00:01 +01:00
void
kore_hooks_set(const char *config, const char *teardown, const char *daemonized)
{
parent_config_hook = config;
parent_teardown_hook = teardown;
#if defined(KORE_SINGLE_BINARY)
parent_daemonized_hook = daemonized;
#endif
}
make native proctitle better. count how much space is available for a mangled process title only once, and use that as reference later.
2019-04-29 21:08:58 +02:00
static void
kore_proctitle_setup(void)
{
int i;
add kore_proctitle(). manipulates the argv+environ pointers to get a sensible process title under linux / darwin.
2019-03-29 16:24:14 +01:00
char *p;
make native proctitle better. count how much space is available for a mangled process title only once, and use that as reference later.
2019-04-29 21:08:58 +02:00
proctitle_maxlen = 0;
add kore_proctitle(). manipulates the argv+environ pointers to get a sensible process title under linux / darwin.
2019-03-29 16:24:14 +01:00
for (i = 0; environ[i] != NULL; i++) {
Use strdup() when munging environment pointers.
2019-08-27 13:12:44 +02:00
if ((p = strdup(environ[i])) == NULL)
fatal("strdup");
make native proctitle better. count how much space is available for a mangled process title only once, and use that as reference later.
2019-04-29 21:08:58 +02:00
proctitle_maxlen += strlen(environ[i]) + 1;
add kore_proctitle(). manipulates the argv+environ pointers to get a sensible process title under linux / darwin.
2019-03-29 16:24:14 +01:00
environ[i] = p;
}
for (i = 0; kore_argv[i] != NULL; i++)
make native proctitle better. count how much space is available for a mangled process title only once, and use that as reference later.
2019-04-29 21:08:58 +02:00
proctitle_maxlen += strlen(kore_argv[i]) + 1;
add kore_proctitle(). manipulates the argv+environ pointers to get a sensible process title under linux / darwin.
2019-03-29 16:24:14 +01:00
}
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
static void
Add kore_parent_daemonized(). This is called for single binaries after the parent process has called daemon(). Also fix kore_parent_configure() for !single binaries.
2018-10-18 17:18:41 +02:00
kore_server_start(int argc, char *argv[])
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
{
Add initial python support. Based on work done by Stanislav Yudin.
2017-01-12 23:38:51 +01:00
u_int32_t tmp;
Do not add keymgr its msg fd if not started. Reshuffles the keymgr_active flag to keymgr.c and let it be figured out from inside kore_server_start() instead of the worker init code.
2019-10-07 10:31:35 +02:00
struct kore_server *srv;
rework timers so they fire more predictably. this change also stops python coroutines from waking up very late after their timeout has expired. in filerefs, don't prime the timer until we actually have something to expire, and kill the timer when the last ref drops.
2019-03-21 10:17:08 +01:00
u_int64_t netwait;
Improve how the parent handles workers. - Make sure we drain the worker log channel if it dies so we can flush out any lingering log messages. - Get rid of the raise() in the parent to signal ourselves we should terminate. Instead depend on the new kore_quit. - Always attempt to reap children one way or the other.
2021-11-03 17:23:05 +01:00
int last_sig;
Only enable accesslog vacuum if needed. If no accesslogs are enabled, the parent has no need for the vacuum timer to be activated. This way the parent blocks in epoll_wait() instead of waking up for no reason when there are no accesslogs enabled.
2022-01-28 14:29:58 +01:00
#if !defined(KORE_NO_HTTP)
int alog;
struct kore_domain *dom;
#endif
make sure we can still run normal apps even with PYTHON=1
2019-09-26 20:38:02 +02:00
#if defined(KORE_SINGLE_BINARY)
hide rcall properly if needed
2019-09-26 16:05:01 +02:00
struct kore_runtime_call *rcall;
#endif
Many many Python improvements. - Kore can now fully be configured via Python code if one wants nothing to do with configuration files. - Kore can now start single python files and no longer requires them to be inside a module directory. - Pass all regex capture groups to the handler methods, allowing you to get access to them immediately. - Change python websocket_handshake to take callable objects directly. - Added a new deployment configuration option. If set to "dev" or "development" Kore will automatically foreground, no chroot / etc. If set to "production" Kore *will* chroot, drop privs, etc. - Many more.. These are all backported from a project that I was working on a while ago. I decided these should go back into mainline Kore.
2019-09-26 15:49:00 +02:00
move startup log back into kore_server_start().
2021-09-07 23:26:36 +02:00
if (!kore_quiet) {
kore_log(LOG_INFO, "%s %s starting, built=%s",
__progname, kore_version, kore_build_date);
Add memory protection with KORE_MEM_GUARD. When KORE_MEM_GUARD is set in the environment when Kore is started it will enable a few memory protection techniques for all kore pools: 1) The metadata is placed away from the actual user pointer returned. 2) Each entry in a pool is placed in such a way that it is followed immediately by a guard page which has PROT_NONE. Accessing a guard page will cause an immediate crash. 3) Each entry is marked with PROT_NONE until it is allocated. Once it is returned to a pool it becomes PROT_NONE again, protecting against use after frees. This commit also removes the magic goo from the mem facitilies such as kore_malloc and friends and moves these as canaries into the kore pool facilities instead. Note that using this will increase memory pressure and decrease performance. It is recommended to enable this during development to catch bugs.
2023-01-05 22:47:29 +01:00
kore_log(LOG_INFO, "memory pool protections: %s",
kore_mem_guard ? "enabled" : "disabled");
move startup log back into kore_server_start().
2021-09-07 23:26:36 +02:00
kore_log(LOG_INFO, "built-ins: "
#if defined(__linux__)
"seccomp "
#endif
#if defined(KORE_USE_PGSQL)
"pgsql "
#endif
#if defined(KORE_USE_TASKS)
"tasks "
#endif
#if defined(KORE_USE_JSONRPC)
"jsonrpc "
#endif
#if defined(KORE_USE_PYTHON)
"python "
#endif
#if defined(KORE_USE_ACME)
"acme "
#endif
#if defined(KORE_USE_CURL)
"curl "
add lua to built-ins log
2023-01-23 21:56:49 +01:00
#endif
#if defined(KORE_USE_LUA)
"lua "
move startup log back into kore_server_start().
2021-09-07 23:26:36 +02:00
#endif
);
}
Rework runtime init a little bit. It was hardcoded that if KORE_USE_PYTHON was defined we would look at the passed argument on the command-line as the python script or module to be run. This won't work when adding more runtimes. So instead call a kore_runtime_resolve() function that in turn calls each available runtime its resolve function. That resolve function will check if its a script / module that it can load, and if so will load it. This way we can remove all those KORE_USE_PYTHON blocks in the Kore startup path and we pave the way for lua.
2023-01-16 21:00:01 +01:00
kore_tls_log_version();
rename foreground to kore_foreground.
2021-01-11 23:35:16 +01:00
if (kore_foreground == 0) {
Add kore_parent_daemonized(). This is called for single binaries after the parent process has called daemon(). Also fix kore_parent_configure() for !single binaries.
2018-10-18 17:18:41 +02:00
if (daemon(1, 0) == -1)
fatal("cannot daemon(): %s", errno_s);
#if defined(KORE_SINGLE_BINARY)
make sure we can still run normal apps even with PYTHON=1
2019-09-26 20:38:02 +02:00
rcall = kore_runtime_getcall(parent_daemonized_hook);
Add kore_parent_daemonized(). This is called for single binaries after the parent process has called daemon(). Also fix kore_parent_configure() for !single binaries.
2018-10-18 17:18:41 +02:00
if (rcall != NULL) {
kore_runtime_execute(rcall);
kore_free(rcall);
}
#endif
}
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
kore_pid = getpid();
always write the pidfile even in foreground
2017-02-22 20:38:07 +01:00
kore_write_kore_pid();
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
Rework runtime init a little bit. It was hardcoded that if KORE_USE_PYTHON was defined we would look at the passed argument on the command-line as the python script or module to be run. This won't work when adding more runtimes. So instead call a kore_runtime_resolve() function that in turn calls each available runtime its resolve function. That resolve function will check if its a script / module that it can load, and if so will load it. This way we can remove all those KORE_USE_PYTHON blocks in the Kore startup path and we pave the way for lua.
2023-01-16 21:00:01 +01:00
#if !defined(KORE_SINGLE_BINARY)
if (kore_runtime_count() == 0 || rarg0 == NULL)
make sure we can still run normal apps even with PYTHON=1
2019-09-26 20:38:02 +02:00
kore_call_parent_configure(argc, argv);
Slightly change kore_parent_configure() again. - Call it before loading configurations when built as single binaries. - Call it right before forking workers when built as a dso.
2017-02-09 13:36:08 +01:00
#endif
Major Python API improvements. 1) Add @kore.route as a decorator for Python. This decorator can be used on non-class methods to automatically declare their route and parameters. Takes the same arguments as the kore.domain.route function that exists today. Provides a nice clean way of setting up Kore if you dont want a whole class based approach. 2) Remove the requirement for the name for kore.server() and the kore.domain(attach=) keywords. Instead of no name was given, the name "default" is used in both places resulting in less boilerplating. 3) Allow multiple routes to be defined for the same URI as long as the methods are different. So you can have one method for GET / and another for POST /. All changes combined condense the initial experience of getting a Kore Python app up and running: eg: import kore kore.server(ip="127.0.0.1", port="8888", tls=False) kore.domain("*") @kore.route("/", methods=["get"]) async def index(req): req.response(200, b'get method') @kore.route("/", methods=["post"]) async def index_post(req) req.response(200, b'post method')
2021-05-02 00:23:11 +02:00
#if defined(KORE_USE_PYTHON)
kore_python_routes_resolve();
#endif
Do not add keymgr its msg fd if not started. Reshuffles the keymgr_active flag to keymgr.c and let it be figured out from inside kore_server_start() instead of the worker init code.
2019-10-07 10:31:35 +02:00
/* Check if keymgr will be active. */
Initial work splitting OpenSSL code away. This work moves all TLS / crypto related code into a tls_openssl.c file and adds a tls_none.c which contains just stubs. Allows compilation of Kore with TLS_BACKEND=none to remove building against OpenSSL. Also adds code for SHA1/SHA2 taken from openssh-portable so we don't depend on those being present anymore in libcrypto.
2022-02-17 13:45:28 +01:00
if (kore_tls_supported()) {
LIST_FOREACH(srv, &kore_servers, list) {
if (srv->tls) {
kore_keymgr_active = 1;
break;
}
Do not add keymgr its msg fd if not started. Reshuffles the keymgr_active flag to keymgr.c and let it be figured out from inside kore_server_start() instead of the worker init code.
2019-10-07 10:31:35 +02:00
}
Initial work splitting OpenSSL code away. This work moves all TLS / crypto related code into a tls_openssl.c file and adds a tls_none.c which contains just stubs. Allows compilation of Kore with TLS_BACKEND=none to remove building against OpenSSL. Also adds code for SHA1/SHA2 taken from openssh-portable so we don't depend on those being present anymore in libcrypto.
2022-02-17 13:45:28 +01:00
} else {
kore_keymgr_active = 0;
Do not add keymgr its msg fd if not started. Reshuffles the keymgr_active flag to keymgr.c and let it be figured out from inside kore_server_start() instead of the worker init code.
2019-10-07 10:31:35 +02:00
}
add kore_proctitle(). manipulates the argv+environ pointers to get a sensible process title under linux / darwin.
2019-03-29 16:24:14 +01:00
kore_platform_proctitle("[parent]");
Rework worker startup/privsep config. Starting with the privsep config, this commit changes the following: - Removes the root, runas, keymgr_root, keymgr_runas, acme_root and acme_runas configuration options. Instead these are now configured via a privsep configuration context: privsep worker { root /tmp runas nobody } This is also configurable via Python using the new kore.privsep() method: kore.privsep("worker", root="/tmp", runas="nobody", skip=["chroot"]) Tied into this we also better handle worker startup: - Per worker process, wait until it signalled it is ready. - If a worker fails at startup, display its last log lines more clearly. - Don't start acme process if no domain requires acme. - Remove each process its individual startup log message in favour of a generalized one that displays its PID, root and user. - At startup, log the kore version and built-ins in a nicer way. - The worker processes now check things they need to start running before signaling they are ready (such as access to CA certs for TLS client authentication).
2021-09-07 21:59:22 +02:00
if (!kore_worker_init()) {
kore_log(LOG_ERR, "last worker log lines:");
kore_log(LOG_ERR, "=====================================");
net_init();
kore_connection_init();
kore_platform_event_init();
kore_msg_parent_init();
kore_platform_event_wait(10);
kore_worker_dispatch_signal(SIGQUIT);
kore_log(LOG_ERR, "=====================================");
return;
}
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
Add our messaging framework. With this framework apps can now send messages between worker processes. A new API function exists: int kore_msg_register(u_int8_t id, void (*cb)(const void *, u_int32_t); This API call allows your app to register a new message callback for a given ID. You can then send messages on this ID to other workers using: void kore_msg_send(u_int8_t id, void *data, u_int32_t length); This framework will interally be used for a few things such as allowing websocket data to broadcasted between all workers, adding unified caching and hopefully eventually moving the access log to this as well. Some internals have changed with this commit: * worker_clients has been called connections. * the parent now initializes the net, and event subsystems. * kore_worker_websocket_broadcast() is dead.
2015-06-22 21:13:32 +02:00
/* Set worker_max_connections for kore_connection_init(). */
tmp = worker_max_connections;
worker_max_connections = worker_count;
net_init();
kore_connection_init();
kore_platform_event_init();
kore_msg_parent_init();
worker_max_connections = tmp;
Allow on-the-fly reloading of certificates/keys. This commit introduces the ability for the keymgr process to reload the certificates/keys for domains when receiving a SIGUSR1 signal. The keymgr receives 2 new configuration options: - keymgr_root_path The root path where the keymgr will live. If -n is not specified when the application starts the keymgr process will chroot into here. - keymgr_runas_user The user the keymgr will drop privileges towards if -r was not specified. All certfile and certkey configuration options are now relative to the keymgr_root_path configuration setting. The keymgr process will now also load the certificate for the domain (rather then the workers) and submit these to the worker processes so they can be reloaded when required. Worker processes will refuse connections until the TLS configuration for a given domain is completed (aka: the workers receive the certificate for that domain). Other changes: - client_certificates renamed to client_verify. - the chroot configuration option is now called root. - kore is a little more verbose if privsep options are missing. - filemaps are now relative to the root configuration option.
2018-07-11 09:44:29 +02:00
Rework accesslog handling. Move away from the parent constantly hitting the disk for every accesslog the workers are sending. The workers will now write their own accesslogs to shared memory before the parent will pick those up. The parent will flush them to disk once every second or if they grow larger then 1MB. This removes the heavy penalty for having access logs turned on when you are dealing with a large volume of requests.
2018-12-22 09:25:00 +01:00
kore_timer_init();
Only enable accesslog vacuum if needed. If no accesslogs are enabled, the parent has no need for the vacuum timer to be activated. This way the parent blocks in epoll_wait() instead of waking up for no reason when there are no accesslogs enabled.
2022-01-28 14:29:58 +01:00
wrap accesslog calls in !KORE_NO_HTTP.
2018-12-22 09:41:55 +01:00
#if !defined(KORE_NO_HTTP)
Only enable accesslog vacuum if needed. If no accesslogs are enabled, the parent has no need for the vacuum timer to be activated. This way the parent blocks in epoll_wait() instead of waking up for no reason when there are no accesslogs enabled.
2022-01-28 14:29:58 +01:00
alog = 0;
LIST_FOREACH(srv, &kore_servers, list) {
TAILQ_FOREACH(dom, &srv->domains, list) {
if (dom->accesslog != -1)
alog = 1;
}
}
if (alog) {
kore_timer_add(kore_accesslog_run, 100, NULL, 0);
kore_log(LOG_INFO, "accesslog vacuum is enabled");
}
wrap accesslog calls in !KORE_NO_HTTP.
2018-12-22 09:41:55 +01:00
#endif
Rework accesslog handling. Move away from the parent constantly hitting the disk for every accesslog the workers are sending. The workers will now write their own accesslogs to shared memory before the parent will pick those up. The parent will flush them to disk once every second or if they grow larger then 1MB. This removes the heavy penalty for having access logs turned on when you are dealing with a large volume of requests.
2018-12-22 09:25:00 +01:00
Add kore.sendmsg(object, worker=None) to the python api. This allows you to send Python objects that can be run through pickle to other worker processes. If your application implements koreapp.onmsg() you will be able to receive these objects.
2019-10-16 12:05:27 +02:00
#if defined(KORE_USE_PYTHON)
kore_msg_unregister(KORE_PYTHON_SEND_OBJ);
#endif
Differentiate between normal shutdown and fatal. The parent process never differentiated between a worker process asking for a shutdown or a worker process calling fatalx() when it came to its exit code. I made some changes here so the parent process will exit with an exit code 1 if anything worker related went wrong (fatalx/death policy).
2022-08-08 11:02:27 +02:00
while (kore_quit == KORE_QUIT_NONE) {
Worker hook rework. This commit adds improved hooks for Python and a new signal delivery hook. For the Python API kore_worker_configure() and kore_worker_teardown() had to be implemented before this commit. Now one can create a workerstart and workerend method in their koreapp as those will be called when they exist. The new signal hook is either kore_worker_signal() or koreapp.signal. This new hook is called after the worker event code handles the received signal itself first. With this commit there is also a new kore_signal_trap() API call allowing you to more easily trap new signals. This API also also exported to the Python part of the code under kore.sigtrap()
2021-12-22 09:50:26 +01:00
last_sig = sig_recv;
Add worker_death_policy setting. By default kore will restart worker processes if they terminate unexpected. However in certain scenarios you may want to bring down an entire kore instance if a worker process fails. By setting worker_death_policy to "terminate" the Kore server will completely stop if a worker exits unexpected.
2019-03-22 09:49:50 +01:00
Worker hook rework. This commit adds improved hooks for Python and a new signal delivery hook. For the Python API kore_worker_configure() and kore_worker_teardown() had to be implemented before this commit. Now one can create a workerstart and workerend method in their koreapp as those will be called when they exist. The new signal hook is either kore_worker_signal() or koreapp.signal. This new hook is called after the worker event code handles the received signal itself first. With this commit there is also a new kore_signal_trap() API call allowing you to more easily trap new signals. This API also also exported to the Python part of the code under kore.sigtrap()
2021-12-22 09:50:26 +01:00
if (last_sig != 0) {
switch (last_sig) {
Allow Kore to be started in foreground mode (-f) Sending SIGINT or Ctrl-c will reap all workers and exit again. Useful for development.
2014-07-31 13:27:04 +02:00
case SIGHUP:
Worker hook rework. This commit adds improved hooks for Python and a new signal delivery hook. For the Python API kore_worker_configure() and kore_worker_teardown() had to be implemented before this commit. Now one can create a workerstart and workerend method in their koreapp as those will be called when they exist. The new signal hook is either kore_worker_signal() or koreapp.signal. This new hook is called after the worker event code handles the received signal itself first. With this commit there is also a new kore_signal_trap() API call allowing you to more easily trap new signals. This API also also exported to the Python part of the code under kore.sigtrap()
2021-12-22 09:50:26 +01:00
kore_worker_dispatch_signal(last_sig);
Allow Kore to be started in foreground mode (-f) Sending SIGINT or Ctrl-c will reap all workers and exit again. Useful for development.
2014-07-31 13:27:04 +02:00
kore_module_reload(0);
break;
case SIGINT:
case SIGQUIT:
Let SIGTERM properly shutdown Kore as well.
2016-01-31 16:48:17 +01:00
case SIGTERM:
Differentiate between normal shutdown and fatal. The parent process never differentiated between a worker process asking for a shutdown or a worker process calling fatalx() when it came to its exit code. I made some changes here so the parent process will exit with an exit code 1 if anything worker related went wrong (fatalx/death policy).
2022-08-08 11:02:27 +02:00
kore_quit = KORE_QUIT_NORMAL;
Worker hook rework. This commit adds improved hooks for Python and a new signal delivery hook. For the Python API kore_worker_configure() and kore_worker_teardown() had to be implemented before this commit. Now one can create a workerstart and workerend method in their koreapp as those will be called when they exist. The new signal hook is either kore_worker_signal() or koreapp.signal. This new hook is called after the worker event code handles the received signal itself first. With this commit there is also a new kore_signal_trap() API call allowing you to more easily trap new signals. This API also also exported to the Python part of the code under kore.sigtrap()
2021-12-22 09:50:26 +01:00
kore_worker_dispatch_signal(last_sig);
Allow Kore to be started in foreground mode (-f) Sending SIGINT or Ctrl-c will reap all workers and exit again. Useful for development.
2014-07-31 13:27:04 +02:00
continue;
Allow on-the-fly reloading of certificates/keys. This commit introduces the ability for the keymgr process to reload the certificates/keys for domains when receiving a SIGUSR1 signal. The keymgr receives 2 new configuration options: - keymgr_root_path The root path where the keymgr will live. If -n is not specified when the application starts the keymgr process will chroot into here. - keymgr_runas_user The user the keymgr will drop privileges towards if -r was not specified. All certfile and certkey configuration options are now relative to the keymgr_root_path configuration setting. The keymgr process will now also load the certificate for the domain (rather then the workers) and submit these to the worker processes so they can be reloaded when required. Worker processes will refuse connections until the TLS configuration for a given domain is completed (aka: the workers receive the certificate for that domain). Other changes: - client_certificates renamed to client_verify. - the chroot configuration option is now called root. - kore is a little more verbose if privsep options are missing. - filemaps are now relative to the root configuration option.
2018-07-11 09:44:29 +02:00
case SIGUSR1:
Worker hook rework. This commit adds improved hooks for Python and a new signal delivery hook. For the Python API kore_worker_configure() and kore_worker_teardown() had to be implemented before this commit. Now one can create a workerstart and workerend method in their koreapp as those will be called when they exist. The new signal hook is either kore_worker_signal() or koreapp.signal. This new hook is called after the worker event code handles the received signal itself first. With this commit there is also a new kore_signal_trap() API call allowing you to more easily trap new signals. This API also also exported to the Python part of the code under kore.sigtrap()
2021-12-22 09:50:26 +01:00
kore_worker_dispatch_signal(last_sig);
Allow on-the-fly reloading of certificates/keys. This commit introduces the ability for the keymgr process to reload the certificates/keys for domains when receiving a SIGUSR1 signal. The keymgr receives 2 new configuration options: - keymgr_root_path The root path where the keymgr will live. If -n is not specified when the application starts the keymgr process will chroot into here. - keymgr_runas_user The user the keymgr will drop privileges towards if -r was not specified. All certfile and certkey configuration options are now relative to the keymgr_root_path configuration setting. The keymgr process will now also load the certificate for the domain (rather then the workers) and submit these to the worker processes so they can be reloaded when required. Worker processes will refuse connections until the TLS configuration for a given domain is completed (aka: the workers receive the certificate for that domain). Other changes: - client_certificates renamed to client_verify. - the chroot configuration option is now called root. - kore is a little more verbose if privsep options are missing. - filemaps are now relative to the root configuration option.
2018-07-11 09:44:29 +02:00
break;
Add asynchronous subprocess support. This adds kore.proc to the python runtime allowing async processing handling: The kore.proc method takes the command to run and an optional timeout parameter in milliseconds. If the process did not exit normally after that amount of time a TimeoutError exception is raised. For instance: async def run(cmd): proc = kore.proc(cmd, 1000) try: await proc.send("hello") proc.close_stdin() except TimeoutError: proc.kill() retcode = await proc.reap() return retcode
2018-10-26 19:19:47 +02:00
case SIGCHLD:
Add worker_death_policy setting. By default kore will restart worker processes if they terminate unexpected. However in certain scenarios you may want to bring down an entire kore instance if a worker process fails. By setting worker_death_policy to "terminate" the Kore server will completely stop if a worker exits unexpected.
2019-03-22 09:49:50 +01:00
kore_worker_reap();
Add asynchronous subprocess support. This adds kore.proc to the python runtime allowing async processing handling: The kore.proc method takes the command to run and an optional timeout parameter in milliseconds. If the process did not exit normally after that amount of time a TimeoutError exception is raised. For instance: async def run(cmd): proc = kore.proc(cmd, 1000) try: await proc.send("hello") proc.close_stdin() except TimeoutError: proc.kill() retcode = await proc.reap() return retcode
2018-10-26 19:19:47 +02:00
break;
Allow Kore to be started in foreground mode (-f) Sending SIGINT or Ctrl-c will reap all workers and exit again. Useful for development.
2014-07-31 13:27:04 +02:00
default:
break;
Add a form of synchronization between what worker will be accepting new connections and which ones will not be notified for it. Fixes the thundering herd problem, and nicely spreads out load between all the workers equally. A configuration option (workers_max_connections) is available to tweak how many connections a worker will have before giving up the accept lock. Two ways are added to this commit for access locking: - Locking via semaphores. - Locking via GCC's builtin atomic methods. The default is running with semaphores disabled (OpenBSD cannot do sem_init() with pshared set to 1, which is required). If you want to use semaphores add KORE_USE_SEMAPHORES to CFLAGS, and -lpthread to LDFLAGS in the Makefile. Other fixes: - BSD: add a timeout to kevent(). - Merge kore_worker_wait together, linux knows waitpid() as well. - Send the correct SIGQUIT signal to workers instead of SIGINT. - Fix kore_time_ms(). - Log fatal worker messages in syslog. - Refactor code even more. - Do not free our own kore_worker structure.
2013-06-26 16:37:22 +02:00
}
Allow Kore to be started in foreground mode (-f) Sending SIGINT or Ctrl-c will reap all workers and exit again. Useful for development.
2014-07-31 13:27:04 +02:00
Add worker_death_policy setting. By default kore will restart worker processes if they terminate unexpected. However in certain scenarios you may want to bring down an entire kore instance if a worker process fails. By setting worker_death_policy to "terminate" the Kore server will completely stop if a worker exits unexpected.
2019-03-22 09:49:50 +01:00
if (sig_recv == last_sig)
sig_recv = 0;
else
continue;
Add a form of synchronization between what worker will be accepting new connections and which ones will not be notified for it. Fixes the thundering herd problem, and nicely spreads out load between all the workers equally. A configuration option (workers_max_connections) is available to tweak how many connections a worker will have before giving up the accept lock. Two ways are added to this commit for access locking: - Locking via semaphores. - Locking via GCC's builtin atomic methods. The default is running with semaphores disabled (OpenBSD cannot do sem_init() with pshared set to 1, which is required). If you want to use semaphores add KORE_USE_SEMAPHORES to CFLAGS, and -lpthread to LDFLAGS in the Makefile. Other fixes: - BSD: add a timeout to kevent(). - Merge kore_worker_wait together, linux knows waitpid() as well. - Send the correct SIGQUIT signal to workers instead of SIGINT. - Fix kore_time_ms(). - Log fatal worker messages in syslog. - Refactor code even more. - Do not free our own kore_worker structure.
2013-06-26 16:37:22 +02:00
}
rework timers so they fire more predictably. this change also stops python coroutines from waking up very late after their timeout has expired. in filerefs, don't prime the timer until we actually have something to expire, and kill the timer when the last ref drops.
2019-03-21 10:17:08 +01:00
netwait = kore_timer_next_run(kore_time_ms());
Rework accesslog handling. Move away from the parent constantly hitting the disk for every accesslog the workers are sending. The workers will now write their own accesslogs to shared memory before the parent will pick those up. The parent will flush them to disk once every second or if they grow larger then 1MB. This removes the heavy penalty for having access logs turned on when you are dealing with a large volume of requests.
2018-12-22 09:25:00 +01:00
kore_platform_event_wait(netwait);
Add our messaging framework. With this framework apps can now send messages between worker processes. A new API function exists: int kore_msg_register(u_int8_t id, void (*cb)(const void *, u_int32_t); This API call allows your app to register a new message callback for a given ID. You can then send messages on this ID to other workers using: void kore_msg_send(u_int8_t id, void *data, u_int32_t length); This framework will interally be used for a few things such as allowing websocket data to broadcasted between all workers, adding unified caching and hopefully eventually moving the access log to this as well. Some internals have changed with this commit: * worker_clients has been called connections. * the parent now initializes the net, and event subsystems. * kore_worker_websocket_broadcast() is dead.
2015-06-22 21:13:32 +02:00
kore_connection_prune(KORE_CONNECTION_PRUNE_DISCONNECT);
rework timers so they fire more predictably. this change also stops python coroutines from waking up very late after their timeout has expired. in filerefs, don't prime the timer until we actually have something to expire, and kill the timer when the last ref drops.
2019-03-21 10:17:08 +01:00
kore_timer_run(kore_time_ms());
Improve how the parent handles workers. - Make sure we drain the worker log channel if it dies so we can flush out any lingering log messages. - Get rid of the raise() in the parent to signal ourselves we should terminate. Instead depend on the new kore_quit. - Always attempt to reap children one way or the other.
2021-11-03 17:23:05 +01:00
kore_worker_reap();
Add a form of synchronization between what worker will be accepting new connections and which ones will not be notified for it. Fixes the thundering herd problem, and nicely spreads out load between all the workers equally. A configuration option (workers_max_connections) is available to tweak how many connections a worker will have before giving up the accept lock. Two ways are added to this commit for access locking: - Locking via semaphores. - Locking via GCC's builtin atomic methods. The default is running with semaphores disabled (OpenBSD cannot do sem_init() with pshared set to 1, which is required). If you want to use semaphores add KORE_USE_SEMAPHORES to CFLAGS, and -lpthread to LDFLAGS in the Makefile. Other fixes: - BSD: add a timeout to kevent(). - Merge kore_worker_wait together, linux knows waitpid() as well. - Send the correct SIGQUIT signal to workers instead of SIGINT. - Fix kore_time_ms(). - Log fatal worker messages in syslog. - Refactor code even more. - Do not free our own kore_worker structure.
2013-06-26 16:37:22 +02:00
}
Add resource management as part of the kore shutdown process.
2015-12-29 20:39:39 +01:00
Improve how the parent handles workers. - Make sure we drain the worker log channel if it dies so we can flush out any lingering log messages. - Get rid of the raise() in the parent to signal ourselves we should terminate. Instead depend on the new kore_quit. - Always attempt to reap children one way or the other.
2021-11-03 17:23:05 +01:00
kore_worker_dispatch_signal(SIGQUIT);
}
static void
kore_server_shutdown(void)
{
if (!kore_quiet)
kore_log(LOG_INFO, "server shutting down");
kore_worker_shutdown();
wrap accesslog calls in !KORE_NO_HTTP.
2018-12-22 09:41:55 +01:00
#if !defined(KORE_NO_HTTP)
rework timers so they fire more predictably. this change also stops python coroutines from waking up very late after their timeout has expired. in filerefs, don't prime the timer until we actually have something to expire, and kill the timer when the last ref drops.
2019-03-21 10:17:08 +01:00
kore_accesslog_gather(NULL, kore_time_ms(), 1);
wrap accesslog calls in !KORE_NO_HTTP.
2018-12-22 09:41:55 +01:00
#endif
Rework accesslog handling. Move away from the parent constantly hitting the disk for every accesslog the workers are sending. The workers will now write their own accesslogs to shared memory before the parent will pick those up. The parent will flush them to disk once every second or if they grow larger then 1MB. This removes the heavy penalty for having access logs turned on when you are dealing with a large volume of requests.
2018-12-22 09:25:00 +01:00
rename *_fini to *_cleanup
2016-01-04 22:40:14 +01:00
kore_platform_event_cleanup();
kore_connection_cleanup();
Formatting and unbreaking NOHTTP builds.
2016-02-01 20:02:02 +01:00
kore_domain_cleanup();
Initial work splitting OpenSSL code away. This work moves all TLS / crypto related code into a tls_openssl.c file and adds a tls_none.c which contains just stubs. Allows compilation of Kore with TLS_BACKEND=none to remove building against OpenSSL. Also adds code for SHA1/SHA2 taken from openssh-portable so we don't depend on those being present anymore in libcrypto.
2022-02-17 13:45:28 +01:00
kore_tls_cleanup();
rename *_fini to *_cleanup
2016-01-04 22:40:14 +01:00
net_cleanup();
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
}
Add BSD kqueue(2) support. Compile with make bsd (or make linux for linux)
2013-06-17 23:39:17 +02:00
static void
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
kore_write_kore_pid(void)
write main process pid to /var/run/kore.pid (changable in configuration)
2013-06-04 16:53:30 +02:00
{
FILE *fp;
if ((fp = fopen(kore_pidfile, "w+")) == NULL) {
Allow developers to pass the lib to load on the cli. When running in -f (foreground) you can now specify the library Kore needs to load on the command line: kore -fnc module.conf myapp.so This has the benefit that your configuration file no longer needs the load directive when hacking on your code. Note that you can still specify load in your config file regardless, if you so chose. All of this is being done in order to try and move away from the backwards way of getting up and running with Kore.
2014-07-31 17:15:51 +02:00
printf("warning: couldn't write pid to %s (%s)\n",
kore_pidfile, errno_s);
write main process pid to /var/run/kore.pid (changable in configuration)
2013-06-04 16:53:30 +02:00
} else {
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
fprintf(fp, "%d\n", kore_pid);
write main process pid to /var/run/kore.pid (changable in configuration)
2013-06-04 16:53:30 +02:00
fclose(fp);
}
}
make sure we can still run normal apps even with PYTHON=1
2019-09-26 20:38:02 +02:00
static void
kore_call_parent_configure(int argc, char **argv)
{
struct kore_runtime_call *rcall;
rcall = kore_runtime_getcall(parent_config_hook);
if (rcall != NULL) {
kore_runtime_configure(rcall, argc, argv);
kore_free(rcall);
}
}