Nick Mathewson [Sat, 20 Feb 2010 17:55:59 +0000 (12:55 -0500)]
Suspend read/write on bufferevents during hostname lookup
When we're doing a lookup in preparation for doing a connect, we
might have an unconnected socket on hand, and mustn't actually do
any reading or writing with it.
Nick Mathewson [Thu, 18 Feb 2010 05:54:44 +0000 (00:54 -0500)]
Fix getpid() usage on Windows
On Windows, getpid() is _getpid(), and requires that we first include
<process.h>. arc4random.c previously didn't know that.
Actually, I question whether arc4random needs to do its getpid() tricks
on Windows. They exist only so that we remember to re-seed the ARC4
cipher whenever we fork... but Windows has no fork(), so I think we're
in the clear.
Nick Mathewson [Thu, 18 Feb 2010 05:27:35 +0000 (00:27 -0500)]
When working without a current event base, don't try to use IOCP listeners
This fixes a bug turned up with the http unit tests, where we create
the evhttp object using an implicit (NULL) event_base. This failed
pretty badly when we tried to use IOCP-based listeners. We could
hunt for the current base from inside listener.c in the future, or
get the iocp base some other way, but for now this is probably the safest
solution.
Nick Mathewson [Tue, 16 Feb 2010 00:54:15 +0000 (19:54 -0500)]
Construct Windows locks using InitializeCriticalSectionAndSpinCount
Previously we were using InitializeCriticalSection, which creates a
lock that blocks immediately on contention and waits to be
rescheduled. This is inefficient; it's better to wait for a little
while before telling the US to reschedule us, in case the lock becomes
available again really soon (since most locks mostly do).
Good pthreads implementations do this automatically. On Windows,
though, we need to call this magic function, and we need to pick the
spin count ourselves.
Nick Mathewson [Fri, 5 Feb 2010 06:16:23 +0000 (01:16 -0500)]
Remove the 'flags' argument from evdns_base_set_option()
The 'flags' argument made sense when passed to
evdns_(base_)?parse_resolv_conf when it said which parts of the
resolv.conf file to obey. But for evdns_set_option(), it was really
silly, since you wouldn't be calling evdns_set_option() unless you
actually wanted to set the option. Its meaning was basically, "set
this to DNS_OPTIONS_ALL unless you want a funny surprise."
evdns_base_set_option was new in 2.0.1-alpha, so we aren't committed
to keeping it source-compatible.
Make Libevent 1.4.12 build on win32 with Unicode enabled.
This patch fixes calls to the win32 api to explicitly call the char* versions
of the functions. This fixes build failures when libevent is built with the
UNICODE define.
Niels Provos [Wed, 3 Feb 2010 22:34:56 +0000 (14:34 -0800)]
do not fail while sending on http connections the client closed.
when sending chunked requests via multiple calls to evhttp_send_reply_chunk,
the client may close the connection before the server is done sending. this
used to cause a crash.
we introduce a new function evhttp_request_get_connection() that allows the
server to determine if the request is still associated with a connection.
If it's not, evhttp_request_free() needs to be called explicitly or the user
can call evhttp_send_reply_end() which just frees the request, too.
Nick Mathewson [Wed, 3 Feb 2010 20:12:04 +0000 (15:12 -0500)]
Functions to view and manipulate rate-limiting buckets.
We need these for Tor, and other projects probably need them too. Uses
include:
- Checking whether bandwidth is mostly-used, and only taking some
actions when there's plenty of bandwidth.
- Deducting some non-bufferevent activities from a rate-limit group.
Nick Mathewson [Wed, 3 Feb 2010 07:09:19 +0000 (02:09 -0500)]
Reduce windows header includes in our own headers.
It turns out that absolutely everything that was including
windows.h was doing so needlessly; our headers don't need it,
so we should just include winsock2.h (since that's where
struct timeval is defined).
Pre-2.0 code will use the old headers, which include windows.h
for them, so we aren't breaking source compatibility with 1.4.
This solves the bug where we were leaving WIN32_LEAN_AND_MEAN
defined, in roughly the same way that buying an automobile
solves the question of what to give your coachman for boxing
day.
Nick Mathewson [Wed, 3 Feb 2010 06:22:44 +0000 (01:22 -0500)]
Remove EVUTIL_CHECK_FMT.
This was never supposed to be an exposed API, so its name should have been
more like _EVUTIL_CHECK_FMT. But it was only used in one place, so let's
just eliminate it.
Nick Mathewson [Tue, 26 Jan 2010 17:06:41 +0000 (12:06 -0500)]
Add ev_[u]intptr_t to include/event2/util.h
We already emulate most of the other useful bits of stdint.h, and
we seem to have started to use uintptr_t in a few places throughout
the code. Let's make sure we can continue to do so even on backwards
platforms that don't do C99.
Nick Mathewson [Mon, 25 Jan 2010 19:07:01 +0000 (14:07 -0500)]
Try to untangle the logic in server_port_flush().
The logic that prevented the first loop in this function from being
infinite was rather confusing and hard to follow. It seems to confuse
some automatic analysis tools as well as me. Let's try to replace it
with something more comprehensible.
Nick Mathewson [Mon, 25 Jan 2010 18:44:56 +0000 (13:44 -0500)]
Use less memory for each entry in a hashtable
Our hash-table implementation stored a copy of the hash code in each
element. But as we were using it, all of our hash codes were
ridiculously easy to calculate: most of them were just a matter of a
load and a shift.
This patch lets ht-internal be built in either of two ways: one caches
the hash-code for each element, and one recalculates it each time it's
needed.
This patch also chooses a slightly better hash code for
event_debug_entry.
Nick Mathewson [Mon, 25 Jan 2010 18:38:07 +0000 (13:38 -0500)]
Call event_debug_unassign on internal events
I don't expect that many users will be so religious about calling
unassign, but we need to be so that it's at least possible to use
debug mode without eating memory.
Nick Mathewson [Fri, 22 Jan 2010 05:34:37 +0000 (00:34 -0500)]
Add support for a "debug mode" to try to catch common errors.
Right now it only catches cases where we aren't initializing events,
or where we are re-initializing events without deleting them first.
These are however shockingly common.
Nick Mathewson [Sat, 23 Jan 2010 21:47:54 +0000 (16:47 -0500)]
Remove a needless include of rpc_compat.h
Nothing in evrpc.c was using rpc_compat.h, so it's best to take it
out, especially since it polluted our build process with GCC variadic
macros.
While we're at it, this patch puts an extra restriction on when the
variadic macros in rpc_compat.h are defined. Not only must GCC be the
compiler, but GCC must not be running in -ansi mode.
Nick Mathewson [Sat, 16 Jan 2010 20:24:58 +0000 (15:24 -0500)]
Minimize epoll_ctl calls by using changelist
The logic here is a little complex, since epoll_add must used called exactly
when no events were previously set, epoll_mod must be used when any events
were previously set, and epoll_del only called when the removing all events.
Nick Mathewson [Fri, 22 Jan 2010 21:14:49 +0000 (16:14 -0500)]
Check more internal event_add() calls for failure
Most of these should be unable to fail, since adding a timeout
generally always works. Still, it's better not to try to be "too
smart for our own good here."
There are some remaining event_add() calls that I didn't add checks
for; I've marked those with "XXXX" comments.
Nick Mathewson [Tue, 29 Dec 2009 21:38:03 +0000 (16:38 -0500)]
Detect setenv/unsetenv; skip main/base_environ test if we can't fake them.
Previously, we assumed that we would have setenv/unsetenv everywhere
but WIN32, where we could fake them with putenv. This isn't so: some
other non-windows systems lack setenv/unsetenv, and some of them lack
putenv too.
The first part of the solution, then, is to detect setenv/unsetenv/
putenv from configure.in, and to fake setenv/unsetenv with putenv
whenever we have the latter but not one of the former.
But what should we do when we don't even have putenv? We could do
elaborate tricks to manipulate the environ pointer, but since we're
only doing this for the unit tests, let's just skip the one test in
question that uses setenv/unsetenv.
Nick Mathewson [Wed, 20 Jan 2010 17:56:54 +0000 (12:56 -0500)]
Don't use a bind address for nameservers on loopback
If the user sets a bind address to use for nameservers, and a
nameserver happens to be on 127.0.0.1, the nameserver will generally
fail. This patch alters this behavior so that the bind address is
only applied when the nameserver is on a non-loopback address.
Nick Mathewson [Tue, 19 Jan 2010 19:01:36 +0000 (14:01 -0500)]
Functions to access more fields of struct event.
Once event_assign() or event_new() had been called, there was no way
to get at a copy of the event's callback, callback argument, or
configured events. This patch adds an accessor function for each, and
an all-fields accessor for code that wants to re-assign one field of
an event.
This patch also adds a function to return sizeof(struct event), so
that code with intense RAM needs can still retain ABI compatibility
between versions of Libevent without having to heap-allocate every
struct event individually.
Nick Mathewson [Tue, 19 Jan 2010 18:55:53 +0000 (13:55 -0500)]
Add a LICENSE file so people can find our license easily
For what it's worth, we are aware that "Copyright $YEAR $NAME" is
sufficient notice of copyright on software under US law and
Internationally, and saying Copyright (c) $YEAR $NAME is a bit nutty.
The character sequence (c) has never been ruled to have the same force
in US law as the actual copyright symbol, and that neither of these
US-specific symbols adds anything of value beyond saying "Copyright"
since the Berne convention took effect in the US back in 1989.
Similarly, saying "all rights reserved" doesn't do anything magical
unless your software goes in a time-warp back to when the Buenos Aires
Convention was the general rule. (And what will they run it on back
then?) And what would even lead you to say "All Rights Reserved" when
you're explicitly granting most of those rights to anybody receiving
the work in accordance with the 3-clause BSD license?
But still the FOSS community retains these ritual notations out of a
kind of cargo-cult lawyering. Who knows? Perhaps one day, if we
write our copyright notices ineptly enough, John Frum will come and
give us a DFSG-compatible license that everybody can get behind.
(Also, I am not a lawyer. The above should not be taken as legal
advice. -- Nick)
Nick Mathewson [Thu, 14 Jan 2010 22:04:08 +0000 (17:04 -0500)]
Remove kqueue->pend_changes.
Since we're no longer writing directly to it from add/del, we don't
need to worry about it changing as kq_dispatch releases the lock. We
would make it a local variable, except that we wouldn't want to malloc
and free it all the time.
Nick Mathewson [Thu, 14 Jan 2010 21:31:05 +0000 (16:31 -0500)]
Make kqueue use changelists.
This fixes a bug in kqueue identified by Charles Kerr and various
Transmission users, where adding and deleting an event in succession
would make the event get reported, even if we didn't actually want to
see it.
Of course, this also makes the array of changes passed to kevent
smaller, which could help performance.
Nick Mathewson [Thu, 14 Jan 2010 21:30:40 +0000 (16:30 -0500)]
Changelist code to defer event changes until just before dispatch
This is necessary or useful for a few reasons:
1) Sometimes applications will add and delete the same event more
than once between calls to dispatch. Processing these changes
immediately is needless, and potentially expensive (especially
if we're on a system that makes one syscall per changed event).
Yes, this actually happens in practice for nonpathological
code, such as in cases where the user's callback conditionally
re-adds a non-persistent event, or where draining a buffer
turns off writing and invokes a user callback which adds more
data which in turn re-enabled writing.
2) Sometimes we can coalesce multiple changes on the same fd into
a single syscall if we know about them in advance. For
example, epoll can do an add and a delete at the same time, but
only if we have found out about both of them before we tell
epoll.
3) Sometimes adding an event that we immediately delete can cause
unintended consequences: in kqueue, this makes pending events
get reported spuriously.
Nick Mathewson [Wed, 30 Dec 2009 05:11:27 +0000 (00:11 -0500)]
Allow http connections to use evdns for hostname looksups.
This was as simple as using bufferevent_connect_hostname instead of
calling connect() ourself, which already knows how to use an
evdns_base if it gets one.
Untangling the bind code might be a little trickier.
Nick Mathewson [Tue, 12 Jan 2010 20:58:36 +0000 (15:58 -0500)]
Fix test.sh on shells without echo -n
Some systems have a version of /bin/sh whose builtin echo doesn't
support the -n option used in test/test.sh. /bin/echo, however,
usually does. This patch makes us use /bin/echo for echo -n whenever
it is present.
Also, our use of echo -n really only made sense when suppressing all
test output. Since test output isn't suppressed when logging to a
file, this pach makes us stop using echo -n when logging to a file.
Pavel Plesov [Tue, 12 Jan 2010 00:04:11 +0000 (19:04 -0500)]
Add unit-test for bad_request bug fixed in 1.4 recently.
This is a partial forward-port from 4fd2dd9d83a000b6. There's no need
to forward-port the bugfix, since the test passes with http.c as-is.
I believe we fixed this while we were porting evhttp to bufferevent.
--nickm
Jardel Weyrich [Wed, 30 Dec 2009 21:22:23 +0000 (19:22 -0200)]
Improved error handling in evconnlistener_new_async(). Also keeping the fd open because it is not opened by this function, so the caller is responsible for closing it. Additionally, since evconnlistener_new_bind() creates a socket and passes it to the function above, it required error checking to close the same socket.
Nick Mathewson [Fri, 8 Jan 2010 09:02:19 +0000 (04:02 -0500)]
Look at the proper /etc/hosts file on windows.
This is harder than it might initially seem, since the proper filename
depends on what the admin has decided to call the windows system directory,
which for all we know might be Q:\tralfamidore\slartibartfast. And of course,
this being windows, there are twelve ways to do it, where you can pick a
nice one or a portable one, but not a really nice portable one.
Nick Mathewson [Mon, 7 Dec 2009 22:21:41 +0000 (17:21 -0500)]
evdns_getaddrinfo() now supports the /etc/hosts file.
The regular blocking evutil_getaddrinfo() already supported /etc/hosts
by falling back to getaddrinfo() or gethostbyname(). But
evdns_getaddrinfo() had no such facility. Now it does.
The data structure here isn't very clever. I guess people with huge
/etc/hosts files will either need to get out of the 1980s, or submit a
patch to this code so that it uses a hashtable instead of a linked
list.
Nick Mathewson [Wed, 30 Dec 2009 16:58:36 +0000 (11:58 -0500)]
Never believe that we have pthreads on win32, even if gcc thinks we do.
Apparently some newer versions of mingw provide a fake pthreads api to
let applications work even if they don't know about windows threading.
That's nice, but we aren't one of those.
Nick Mathewson [Wed, 30 Dec 2009 00:50:03 +0000 (19:50 -0500)]
Fix crash bugs when a bufferevent's eventcb is not set.
In many places throughout the code, we called _bufferevent_run_eventcb
without checking whether the eventcb was actually set. This would
work fine when the bufferevent's callbacks were deferred, but
otherwise the code would segfault. Strangely, we always remembered to
check before calling the _bufferevent_run_{read,write}cb functions.
To prevent similar errors in the future, all of
_buferevent_run_{read,write,event}cb now check to make sure the
callback is actually set before invoking or deferring the callback.
This patch also removes the now-redundant checks for {read,write}cb.
Nick Mathewson [Tue, 29 Dec 2009 22:59:55 +0000 (17:59 -0500)]
Allow the user to redirect the verbose output of test/test.sh to a file
By default, the test.sh script still suppresses the output of all the
tests it invokes. Now, however, you can have that output written to
a file specified in the TEST_OUTPUT_FILE shell variable.
Nick Mathewson [Tue, 29 Dec 2009 21:04:16 +0000 (16:04 -0500)]
Make the initial nameserver probe timeout configurable.
When we decide that a nameserver is down, we stop sending queries to
it, except to periodically probe it to see if it has come back up.
Our previous probe sechedule was an ad-hoc and hard-wired "10 seconds,
one minute, 5 minues, 15 minutes, 1 hour, 1 hour, 1 hour...". There
was nothing wrong with having it be ad-hoc, but making it hard-wired
served no good purpose.
Now the user can set the initial timeout via a new
"initial-probe-timeout:" option; future timeouts back off by a factor
of 3 on every failure to a maximum of 1 hour.
As a side-benefit, this lets us cut the runtime of the dns/retry test
from about 40 seconds to about 3 seconds. Faster unit tests are
always a good thing.