When receiving an HTTP body, Kore never reset http_timeout once
the transfer was done.
This can result in a 408 being thrown by Kore while a request is
activity running.
The worker_count is incremented by 2 earlier to account for keymgr/acme
but aren't actually workers that should count towards CPU pinning.
So adjust the count when comparing to cpu_count when logging that there
are more workers than cpus.
The crl keyword is parsed when the client_verify keyword has been set.
eg:
kore.domain("kore.io", cert="cert.pem", key="key.pem",
client_verify="cacert.pem", verify_depth=1, crl="crl.pem")
This commit introduces the ability to add authenticators to filemaps.
Just like in normal routes, the authenticators will be resolved first
before allowing access to the filemap entries.
Configuration wise, the authenticator is an optional value after the
filemap config directive:
filemap / webroot myauth
In the Python API you can now pass the authenticator for a filemap entry
but turning the value of the filemap into a tuple with the first entry
being the path and the second being the auth dict:
AUTH AUTH={
"type": "cookie",
"value": "cookiename",
"redirect": "/auth/",
"verify": verify_cookie
}
domain.filemaps({
"/css/": "webroot/css",
"/secret/": ("webroot/secret", AUTH)
})
The parent process never differentiated between a worker process
asking for a shutdown or a worker process calling fatalx() when
it came to its exit code.
I made some changes here so the parent process will exit with
an exit code 1 if anything worker related went wrong (fatalx/death policy).
The coroutines results are now relayed back via PyIter_Send() and
no longer obtainable via _PyGen_FetchStopIterationValue().
This means that our kore.gather() would not be able to return any
values from any of the coroutines it governed.
Fix this by saving the object returned in PyIter_Send() and using it
later in pygather_reap_coro().
Python 3.10.x its PyIter_Send() will return PYGEN_ERROR if the
generator returned (as opposed to yielding) if the result returned
is Py_None and no argument was given to PyIter_Send(). Which is counter
intuitive since it seems it should give us a PYGEN_RETURN as per its
documentation.
It also no longer sets PyExc_StopIteration in this case so we cannot depend
on that anymore to figure out if a coroutine has finished.
This caused Kore to respond with a 500 immediately after coroutines
ran to completion as it was looking for the PyExc_StopIteration exception.
Fix this by simply doing another check if an exception happened before
we enter the code path where Kore would spew the 500.
The cmsghdr contains a length (cmsg_len) which indicates the length
of the data in combination with the cmsghdr length itself.
Remove the length of the cmsghdr before passing it back up to callers
so they don't need to bother with it.
This also fixes a mistake where we ended up copying extra data
from the ancdata buffer that was unintended.
When this code was moved from src/connection.c into src/tls_openssl.c
a return wouldn't break us out from kore_connection_handle() as
previously expected.
This ment that Kore would move the connection into established state
immediately even if SSL_accept() needed to read more.
This broke TLS client authentication as Kore its belts and suspenders
kept throwing a 403 due to the code not properly obtaining the client
certificate when expected.
The whole while (cnt-- >= 0) idiom is busted since cnt started
at 0 and if the first call to PyUnicode_FromStringAndSize() fails
then we're attempting to access -1.
use it in places explicit_bzero() used to be called.
The kore_mem_zero() is a best effort to try and let the compiler
not optimize the code away. Highly platform dependent.
This work moves all TLS / crypto related code into a tls_openssl.c
file and adds a tls_none.c which contains just stubs.
Allows compilation of Kore with TLS_BACKEND=none to remove building
against OpenSSL.
Also adds code for SHA1/SHA2 taken from openssh-portable so we don't
depend on those being present anymore in libcrypto.
It wasn't possible for the parent process to send messages
directly via kore_msg_send() to other worker processes.
This is now rectified to from the parent process one can call
kore_msg_send() with a worker destination and it'll work.
Wait for any process in our process group only instead of WAIT_ANY.
This allows the parent process to start subprocesses that end up
in different process groups which are handled in user code instead
completely (using signalfd for example).
Inside of the new route handlers the "authenticate" keyword can
be specified to let the route authenticate via a previously
configured authentication block.
The ability to do this went missing in a previous commit that overhauled
the routing structure of the configuration.
Just noticed the 5 seconds wasn't enough when renewing all
certificates in my own setup (i have about 30 ACME domains via Kore).
Bumped it to 30 seconds instead.
If no accesslogs are enabled, the parent has no need for
the vacuum timer to be activated.
This way the parent blocks in epoll_wait() instead of waking up
for no reason when there are no accesslogs enabled.
This commit adds improved hooks for Python and a new signal delivery hook.
For the Python API kore_worker_configure() and kore_worker_teardown() had
to be implemented before this commit. Now one can create a workerstart
and workerend method in their koreapp as those will be called when
they exist.
The new signal hook is either kore_worker_signal() or koreapp.signal.
This new hook is called after the worker event code handles the received
signal itself first.
With this commit there is also a new kore_signal_trap() API call allowing
you to more easily trap new signals. This API also also exported to the
Python part of the code under kore.sigtrap()
Adding the hooks keyword with a dictionary attached to specify
the relevant hooks will hook them for the given route.
Eg:
domain.route("/", self.index, methods=["get"],
hooks={
"on_free": self.request_free
}
)
These are the same hooks available via a normal Kore route configuration.
This dictionary for now only contains the subject and issuer names
from the client certificate (if one was provided) with their
X509_NAME components.
Eg:
{
"issuer": {
"C": "SE",
"O": "kore autogen: x509name-test",
"CN": "localhost"
},
"subject": {
"C": "SE",
"O": "kore autogen: x509name-test",
"CN": "localhost"
}
}
When a kore.socket() is closed from any coroutine, make sure any other
coroutines waiting on events on the socket are awoken so they properly
can return errors.
- Make sure we drain the worker log channel if it dies
so we can flush out any lingering log messages.
- Get rid of the raise() in the parent to signal ourselves
we should terminate. Instead depend on the new kore_quit.
- Always attempt to reap children one way or the other.
This will generate an asset file for Kore based on the source file
or directory given.
This allows other build systems to more easily generate asset
files if their compilation steps are different.
These will spew out the required CFLAGS and LDFLAGS respectively
when compiling source code for use in Kore applications.
This should make it easier to integrate this into existing
build systems where using kodev may be a bit annoying.
Eg: gcc -Wall -std=c99 `kodev cflags` koreapp.c `kodev ldflags` -o koreapp.so
If set, will call a given handler with the prototype of
`void body_chunk(struct http_request *req, const void *data, size_t len);`
for each chunk of the received HTTP body, allowing a developer to handle
it in their own way.
The incoming body is still being handled and retained in the same way
as before (in a kore_buf or temporary file).
While here, allow HTTP_STATUS_CONTINUE to work via http_response() and
make the handling of incoming HTTP header data a bit better.
Introduce an on_headers callback for routes, allowing one to inspect
the headers before the request is processed further.
Additionall,
Add a new way of obtaining HTTP headers. Much like http_argument_get_*()
functions, these new APIs allow you to fetch the data of an HTTP header
as a specified C type.
The new APIs are:
* http_request_header_int16()
* http_request_header_uint16()
* http_request_header_int32()
* http_request_header_uint32()
* http_request_header_int64()
* http_request_header_uint64()
* http_request_header_float()
* http_request_header_double()
Should make it easier to operate in HTTP header data in a safe way.
No need to always roll your own string to int conversion functions.
Routes are now configured in a context per route:
route /path {
handler handler_name
methods get post head
validate qs:get id v_id
}
All route related configurations are per-route, allowing multiple
routes for the same path (for different methods).
The param context is removed and merged into the route context now
so that you use the validate keyword to specify what needs validating.
Joris Vink
Daniel Fahlgren
Joel Arbring