prosody
4a8740e01813
net/server_epoll.lua
Software / code / prosody
Comparison
net/server_epoll.lua @ 12802:4a8740e01813
Merge 0.12->trunk
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 12 Dec 2022 07:10:54 +0100 |
| parent | 12594:29685403be32 |
| child | 12827:0605d4f03e25 |
comparison
equal
deleted
inserted
replaced
| 12801:ebd6b4d8bf04 | 12802:4a8740e01813 |
|---|---|
| 16 local ipairs = ipairs; | 16 local ipairs = ipairs; |
| 17 local traceback = debug.traceback; | 17 local traceback = debug.traceback; |
| 18 local logger = require "util.logger"; | 18 local logger = require "util.logger"; |
| 19 local log = logger.init("server_epoll"); | 19 local log = logger.init("server_epoll"); |
| 20 local socket = require "socket"; | 20 local socket = require "socket"; |
| 21 local luasec = require "ssl"; | |
| 22 local realtime = require "util.time".now; | 21 local realtime = require "util.time".now; |
| 23 local monotonic = require "util.time".monotonic; | 22 local monotonic = require "util.time".monotonic; |
| 24 local indexedbheap = require "util.indexedbheap"; | 23 local indexedbheap = require "util.indexedbheap"; |
| 25 local createtable = require "util.table".create; | 24 local createtable = require "util.table".create; |
| 26 local inet = require "util.net"; | 25 local inet = require "util.net"; |
| 27 local inet_pton = inet.pton; | 26 local inet_pton = inet.pton; |
| 28 local _SOCKETINVALID = socket._SOCKETINVALID or -1; | 27 local _SOCKETINVALID = socket._SOCKETINVALID or -1; |
| 29 local new_id = require "util.id".short; | 28 local new_id = require "util.id".short; |
| 30 local xpcall = require "util.xpcall".xpcall; | 29 local xpcall = require "util.xpcall".xpcall; |
| 30 local sslconfig = require "util.sslconfig"; | |
| 31 local tls_impl = require "net.tls_luasec"; | |
| 31 | 32 |
| 32 local poller = require "util.poll" | 33 local poller = require "util.poll" |
| 33 local EEXIST = poller.EEXIST; | 34 local EEXIST = poller.EEXIST; |
| 34 local ENOENT = poller.ENOENT; | 35 local ENOENT = poller.ENOENT; |
| 35 | 36 |
| 89 -- Reuse write buffer tables | 90 -- Reuse write buffer tables |
| 90 keep_buffers = true; | 91 keep_buffers = true; |
| 91 | 92 |
| 92 --- How long to wait after getting the shutdown signal before forcefully tearing down every socket | 93 --- How long to wait after getting the shutdown signal before forcefully tearing down every socket |
| 93 shutdown_deadline = 5; | 94 shutdown_deadline = 5; |
| 95 | |
| 96 -- TCP Fast Open | |
| 97 tcp_fastopen = false; | |
| 98 | |
| 99 -- Defer accept until incoming data is available | |
| 100 tcp_defer_accept = false; | |
| 94 }}; | 101 }}; |
| 95 local cfg = default_config.__index; | 102 local cfg = default_config.__index; |
| 96 | 103 |
| 97 local fds = createtable(10, 0); -- FD -> conn | 104 local fds = createtable(10, 0); -- FD -> conn |
| 98 | 105 |
| 612 | 619 |
| 613 function interface:set_sslctx(sslctx) | 620 function interface:set_sslctx(sslctx) |
| 614 self._sslctx = sslctx; | 621 self._sslctx = sslctx; |
| 615 end | 622 end |
| 616 | 623 |
| 624 function interface:sslctx() | |
| 625 return self.tls_ctx | |
| 626 end | |
| 627 | |
| 628 function interface:ssl_info() | |
| 629 local sock = self.conn; | |
| 630 if not sock.info then return nil, "not-implemented"; end | |
| 631 return sock:info(); | |
| 632 end | |
| 633 | |
| 634 function interface:ssl_peercertificate() | |
| 635 local sock = self.conn; | |
| 636 if not sock.getpeercertificate then return nil, "not-implemented"; end | |
| 637 return sock:getpeercertificate(); | |
| 638 end | |
| 639 | |
| 640 function interface:ssl_peerverification() | |
| 641 local sock = self.conn; | |
| 642 if not sock.getpeerverification then return nil, { { "Chain verification not supported" } }; end | |
| 643 return sock:getpeerverification(); | |
| 644 end | |
| 645 | |
| 646 function interface:ssl_peerfinished() | |
| 647 local sock = self.conn; | |
| 648 if not sock.getpeerfinished then return nil, "not-implemented"; end | |
| 649 return sock:getpeerfinished(); | |
| 650 end | |
| 651 | |
| 652 function interface:ssl_exportkeyingmaterial(label, len, context) | |
| 653 local sock = self.conn; | |
| 654 if sock.exportkeyingmaterial then | |
| 655 return sock:exportkeyingmaterial(label, len, context); | |
| 656 end | |
| 657 end | |
| 658 | |
| 659 | |
| 617 function interface:starttls(tls_ctx) | 660 function interface:starttls(tls_ctx) |
| 618 if tls_ctx then self.tls_ctx = tls_ctx; end | 661 if tls_ctx then self.tls_ctx = tls_ctx; end |
| 619 self.starttls = false; | 662 self.starttls = false; |
| 620 if self.writebuffer and (self.writebuffer[1] or type(self.writebuffer) == "string") then | 663 if self.writebuffer and (self.writebuffer[1] or type(self.writebuffer) == "string") then |
| 621 self:debug("Start TLS after write"); | 664 self:debug("Start TLS after write"); |
| 639 if tls_ctx then self.tls_ctx = tls_ctx; end | 682 if tls_ctx then self.tls_ctx = tls_ctx; end |
| 640 self._tls = true; | 683 self._tls = true; |
| 641 self.starttls = false; | 684 self.starttls = false; |
| 642 self:debug("Starting TLS now"); | 685 self:debug("Starting TLS now"); |
| 643 self:updatenames(); -- Can't getpeer/sockname after wrap() | 686 self:updatenames(); -- Can't getpeer/sockname after wrap() |
| 644 local ok, conn, err = pcall(luasec.wrap, self.conn, self.tls_ctx); | 687 local conn, err = self.tls_ctx:wrap(self.conn); |
| 645 if not ok then | |
| 646 conn, err = ok, conn; | |
| 647 self:debug("Failed to initialize TLS: %s", err); | |
| 648 end | |
| 649 if not conn then | 688 if not conn then |
| 650 self:on("disconnect", err); | 689 self:on("disconnect", err); |
| 651 self:destroy(); | 690 self:destroy(); |
| 652 return conn, err; | 691 return conn, err; |
| 653 end | 692 end |
| 654 conn:settimeout(0); | 693 conn:settimeout(0); |
| 655 self.conn = conn; | 694 self.conn = conn; |
| 656 if conn.sni then | 695 if conn.sni then |
| 657 if self.servername then | 696 if self.servername then |
| 658 conn:sni(self.servername); | 697 conn:sni(self.servername); |
| 659 elseif self._server and type(self._server.hosts) == "table" and next(self._server.hosts) ~= nil then | 698 elseif next(self.tls_ctx._sni_contexts) ~= nil then |
| 660 conn:sni(self._server.hosts, true); | 699 conn:sni(self.tls_ctx._sni_contexts, true); |
| 661 end | 700 end |
| 662 end | 701 end |
| 663 if self.extra and self.extra.tlsa and conn.settlsa then | 702 if self.extra and self.extra.tlsa and conn.settlsa then |
| 664 -- TODO Error handling | 703 -- TODO Error handling |
| 665 if not conn:setdane(self.servername or self.extra.dane_hostname) then | 704 if not conn:setdane(self.servername or self.extra.dane_hostname) then |
| 739 if extra.servername then | 778 if extra.servername then |
| 740 conn.servername = extra.servername; | 779 conn.servername = extra.servername; |
| 741 end | 780 end |
| 742 end | 781 end |
| 743 | 782 |
| 744 conn:updatenames(); | |
| 745 return conn; | 783 return conn; |
| 746 end | 784 end |
| 747 | 785 |
| 748 function interface:updatenames() | 786 function interface:updatenames() |
| 749 local conn = self.conn; | 787 local conn = self.conn; |
| 765 self:debug("Error accepting new client: %s, server will be paused for %ds", err, cfg.accept_retry_interval); | 803 self:debug("Error accepting new client: %s, server will be paused for %ds", err, cfg.accept_retry_interval); |
| 766 self:pausefor(cfg.accept_retry_interval); | 804 self:pausefor(cfg.accept_retry_interval); |
| 767 return; | 805 return; |
| 768 end | 806 end |
| 769 local client = wrapsocket(conn, self, nil, self.listeners); | 807 local client = wrapsocket(conn, self, nil, self.listeners); |
| 808 client:updatenames(); | |
| 770 client:debug("New connection %s on server %s", client, self); | 809 client:debug("New connection %s on server %s", client, self); |
| 771 client:defaultoptions(); | 810 client:defaultoptions(); |
| 772 client._writable = cfg.opportunistic_writes; | 811 client._writable = cfg.opportunistic_writes; |
| 773 if self.tls_direct then | 812 if self.tls_direct then |
| 774 client:add(true, true); | 813 client:add(true, true); |
| 883 sockname = addr; | 922 sockname = addr; |
| 884 sockport = port; | 923 sockport = port; |
| 885 log = logger.init(("serv%s"):format(new_id())); | 924 log = logger.init(("serv%s"):format(new_id())); |
| 886 }, interface_mt); | 925 }, interface_mt); |
| 887 server:debug("Server %s created", server); | 926 server:debug("Server %s created", server); |
| 927 if cfg.tcp_fastopen then | |
| 928 server:setoption("tcp-fastopen", cfg.tcp_fastopen); | |
| 929 end | |
| 930 if type(cfg.tcp_defer_accept) == "number" then | |
| 931 server:setoption("tcp-defer-accept", cfg.tcp_defer_accept); | |
| 932 end | |
| 888 server:add(true, false); | 933 server:add(true, false); |
| 889 return server; | 934 return server; |
| 890 end | 935 end |
| 891 | 936 |
| 892 local function listen(addr, port, listeners, config) | 937 local function listen(addr, port, listeners, config) |
| 906 end | 951 end |
| 907 | 952 |
| 908 -- COMPAT | 953 -- COMPAT |
| 909 local function wrapclient(conn, addr, port, listeners, read_size, tls_ctx, extra) | 954 local function wrapclient(conn, addr, port, listeners, read_size, tls_ctx, extra) |
| 910 local client = wrapsocket(conn, nil, read_size, listeners, tls_ctx, extra); | 955 local client = wrapsocket(conn, nil, read_size, listeners, tls_ctx, extra); |
| 956 client:updatenames(); | |
| 911 if not client.peername then | 957 if not client.peername then |
| 912 client.peername, client.peerport = addr, port; | 958 client.peername, client.peerport = addr, port; |
| 913 end | 959 end |
| 914 local ok, err = client:init(); | 960 local ok, err = client:init(); |
| 915 if not ok then return ok, err; end | 961 if not ok then return ok, err; end |
| 939 end | 985 end |
| 940 local conn, err = create(); | 986 local conn, err = create(); |
| 941 if not conn then return conn, err; end | 987 if not conn then return conn, err; end |
| 942 local ok, err = conn:settimeout(0); | 988 local ok, err = conn:settimeout(0); |
| 943 if not ok then return ok, err; end | 989 if not ok then return ok, err; end |
| 990 local client = wrapsocket(conn, nil, read_size, listeners, tls_ctx, extra) | |
| 991 if cfg.tcp_fastopen then | |
| 992 client:setoption("tcp-fastopen-connect", 1); | |
| 993 end | |
| 944 local ok, err = conn:setpeername(addr, port); | 994 local ok, err = conn:setpeername(addr, port); |
| 945 if not ok and err ~= "timeout" then return ok, err; end | 995 if not ok and err ~= "timeout" then return ok, err; end |
| 946 local client = wrapsocket(conn, nil, read_size, listeners, tls_ctx, extra) | 996 client:updatenames(); |
| 947 local ok, err = client:init(); | 997 local ok, err = client:init(); |
| 948 if not client.peername then | 998 if not client.peername then |
| 949 -- otherwise not set until connected | 999 -- otherwise not set until connected |
| 950 client.peername, client.peerport = addr, port; | 1000 client.peername, client.peerport = addr, port; |
| 951 end | 1001 end |
| 1083 link = link; | 1133 link = link; |
| 1084 set_config = function (newconfig) | 1134 set_config = function (newconfig) |
| 1085 cfg = setmetatable(newconfig, default_config); | 1135 cfg = setmetatable(newconfig, default_config); |
| 1086 end; | 1136 end; |
| 1087 | 1137 |
| 1138 tls_builder = function(basedir) | |
| 1139 return sslconfig._new(tls_impl.new_context, basedir) | |
| 1140 end, | |
| 1141 | |
| 1088 -- libevent emulation | 1142 -- libevent emulation |
| 1089 event = { EV_READ = "r", EV_WRITE = "w", EV_READWRITE = "rw", EV_LEAVE = -1 }; | 1143 event = { EV_READ = "r", EV_WRITE = "w", EV_READWRITE = "rw", EV_LEAVE = -1 }; |
| 1090 addevent = function (fd, mode, callback) | 1144 addevent = function (fd, mode, callback) |
| 1091 log("warn", "Using deprecated libevent emulation, please update code to use watchfd API instead"); | 1145 log("warn", "Using deprecated libevent emulation, please update code to use watchfd API instead"); |
| 1092 local function onevent(self) | 1146 local function onevent(self) |
