- Kore now only supports OpenSSL 1.1.1 and LibreSSL 3.x.
- Revise the default TLS ciphersuites.
- Kore now carries ffdhe4096.pem and installs it under PREFIX/share/kore.
- Kore its tls_dhparam config setting defaults to the path mentioned above
so you no longer have to set it.
Drop the kore.conf for python apps, all configuration
can be done from inside the python code since kore4.
Adds all the basic goo in the app.py file to get up and running.
- Unlink the socket path if possible before attempting to bind to it.
- Unlink the socket path if possible when Kore is shutting down.
inspired by a diff from Joel Arbring via patches@
- Try harder to mark integers as KORE_JSON_TYPE_INTEGER, especially if
they fit in the internal representation of one (int64_t).
- Move error codes into the JSON code itself, rather then requiring
a kore_json data structure. This allows the JSON API to relay errors
such as "item not found" or "type mismatch" properly when looking at items.
- When asking for a KORE_JSON_TYPE_INTEGER_U64 and a KORE_JSON_TYPE_INTEGER
was found with the same name, check if it could be returned properly and do
so if possible.
- Make sure tls-alpn01 works even if the underlying SSL library ends up
calling the ALPN callback *before* the SNI extension was parsed and
the correct domain was selected.
LibreSSL still does this, and older OpenSSL did too I believe, however
OpenSSL grew a clue and always makes sure SNI is called first.
Yes, TLS extensions have no fixed order but it still makes sense to
notify applications using your library of the SNI extension first
before anything else almost.
Oh well.
If a coroutine is woken up from another coroutine running from an
http request we can end up in a case where the call path looks like:
0 kore_worker_entry
1 epoll wait <- bound to pending timers
2 http_process <- first coro sleep
3 kore_python_coro_run <- wakes up request
4 http_process <- wakes up another coroutine
5 return to kore_worker_entry
In the case where 4 wakes up another coroutine but 1 is bound to a timer
and no io activity occurs the coroutine isn't run until the timer fires.
Fix this issue by always checking for pending coroutines even if the
netwait isn't INFINITE.
Add 2 new types:
KORE_JSON_TYPE_INTEGER
signed integer type, internally stored as s64.
KORE_JSON_TYPE_INTEGER_U64
unsigned integer type, internally stored as u64.
Kore JSON parser will prefer marking integers as INTEGER_U64 if it
was unsigned and did not have fractions.
This handles the default option parsing in Kore and should be called
by single_binary=yes builds in kore_parent_configure() unless they
want to handle their own argument parsing.
This will place the required sources for building
single binary builds under $PREFIX/share/kore.
The kodev utility will now pickup this KORE_SOURCE path automatically
unless another one is given via the conf/build.conf file or the KORE_SOURCE
environment path.
If KORE_SINGLE_BINARY is enabled, remove the getopt() call that
Kore does itself. This way all arguments are passed to the
kore_parent_configure() hook as-is allowing developers to
more easily implement their own option handling.
Otherwise in certain scenarios it could mean that workers
unsuccessfully grabbed the lock, reset accept_avail and
no longer attempt to grab the lock afterwards.
This can cause a complete stall in workers processing requests.
