Nick Mathewson [Thu, 19 Apr 2012 04:25:12 +0000 (00:25 -0400)]
If time has jumped so we'd reschedule a periodic event in the past, schedule it for the future instead
Fixes an issue reported on libevent-users in the thread "a dead
looping bug when changing system time backward". Previously, if time
jumped forward 1 hour[*] and we had a one-second periodic timer event,
that event would get invoked 3600 times. That's almost certainly not
what anybody wants.
In a future version of Libevent, we should expose the amount of time
that the callbac kwould have been invoked somehow.
[*] Forward time jumps can happen with nonmonotonic clocks, or with
clocks that jump on suspend/resume. It can also happen from
Libevent's point of view if the user exits from event_base_loop() and
doesn't call it again for a while.
Nick Mathewson [Tue, 3 Apr 2012 22:31:08 +0000 (18:31 -0400)]
Backport: provide EVENT_LOG_* names, and deprecate _EVENT_LOG_*
This is a partial backport of cb9da0bf and a backport of c9635349.
Because C doesn't like us to declare identifiers starting with an
underscore, Libevent 2.1 has renamed every such identifier. The
only change that affects a public API is that the _EVENT_LOG_*
macros have been renamed to start with EVENT_LOG instead. The old
names are still present, but deprecated.
I'm doing this backport because it represents the deprecation of a
Libevent 2.0 interface, and folks should have the opportunity to
write code that isn't deprecated and works with both 2.0 and 2.1.
Sebastian Hahn [Tue, 13 Mar 2012 05:40:56 +0000 (06:40 +0100)]
Don't do clang version detection when disabling some flags
When clang 2.9 was around we hoped they'd introduce support for the
normalized=id and override-init warnings by 3.0, but they haven't. We
should only add the version detection back in when clang actually
supports those warnings.
Nick Mathewson [Thu, 16 Feb 2012 01:12:32 +0000 (20:12 -0500)]
Stop crashing in evdns when nameserver probes give a weird error
When a nameserver is down, we periodically try sending a "probe"
message to that nameserver to see if it has come back up. If a
nameserver comes up, we cancel any pending probe messages.
Cancelling a probe message while handling the probe's response would
result in a access-after-free or a double-free, so when we notice that
we're about to call a nameserver up because of having received a probe
from it, we need to check whether current response is the response
from the probe.
There was a case where we didn't to that, though: when the resolver
gave us an unusual error response to our request that it resolve
google.com. This is pretty rare, but apparently it can happen with
some weird cacheing nameservers -- the one on the mikrotik router, for
example. Without this patch, we would crash with a NULL pointer
derefernce.
Thanks to Hannes Sowa for finding this issue and helping me track it
down.
Nick Mathewson [Fri, 10 Feb 2012 16:24:51 +0000 (11:24 -0500)]
In the kqueue backend, do not report EBADF as an EV_READ
We were doing this because of (correct) reports that NetBSD gives an
EBADF when you try to add the write side of a pipe for which the
read side has been closed. But on most kqueue platforms, that
doesn't happen, and on *all* kqueue platforms, reporting a
nonexistent fd (which we usually have if we have seen EBADF) as
readable tends to give programs a case of the vapors.
Nicholas Marriott wrote the original patch here; I did the comment
fixes.
Nick Mathewson [Mon, 6 Feb 2012 17:24:49 +0000 (12:24 -0500)]
Loop on filtering SSL reads until we are blocked or exhausted.
This is not a perfect fix, but it's much much better than the
current buggy behavior, which could lead to filtering SSL
connections that just stopped reading.
Based on ideas by Maseeb Abdul Qadir and Mark Ellzey.
Nick Mathewson [Mon, 23 Jan 2012 22:59:16 +0000 (17:59 -0500)]
Fix a list corruption bug when using event_reinit() with signals present
While re-adding all the events, event_reinit() could add a signal
event, which could then cause evsig_add() to add the
base->sig.ev_signal event. Later on its merry path through
base->eventqueue, event_reinit() would find that same event and give
it to event_io_add a second time. This would make the ev_io_next
list for that fd become circular. Ouch!
Nick Mathewson [Mon, 9 Jan 2012 21:44:53 +0000 (16:44 -0500)]
Fix a race condition in the dns/bufferevent_connect_hostname test.
As originally written, the test would only pass if the accept()
callbacks for the evconnlistener were all invoked before the last of
the CONNECTED/ERROR callbacks for the connecting/resolving bufferevent
had its call to event_base_loopexit() complete. But this was only
accidentally true in 2.0, and might not be true at all in 2.1 where
we schedule event_base_once() callbacks more aggressively.
Nick Mathewson [Mon, 9 Jan 2012 16:49:41 +0000 (11:49 -0500)]
Make evconnlistener work around bug in older Linux when getting nmapped
Older Linuxes sometimes respond to some nmap probes by having accept()
return a success but with socklen 0. That can lead to confusing behavior
when you go to process the sockaddr.
Nick Mathewson [Mon, 5 Dec 2011 20:02:27 +0000 (15:02 -0500)]
Be absolutely sure to clear pncalls before leaving event_signal_closure
I thought we'd fixed the cases where this could come up, but
apparently having an event_base_break() happen while processing
signal events could get us in trouble.
Found by Remi Gacogne. Sourceforge issue 3451433 .
Mark Ellzey [Thu, 17 Nov 2011 16:59:41 +0000 (11:59 -0500)]
Avoid spinning on OpenSSL reads
Previously, if some sender were generating data to read on an
OpenSSL connection as fast as we could process it, we could easily
wind up looping on an openssl do_read operation without ever
considering other sockets.
The difference between this and the original method in
consider_reading() is that it only loops for a single completed
*frame* instead of looping until fd is drained or an error condition
was triggered.
Mark Ellzey [Mon, 14 Nov 2011 15:24:07 +0000 (10:24 -0500)]
Avoid potential SSL read spinlocks
OpenSSL bufferevents with deferred callbacks enabled under high load will
spinlock in the function consider_reading(). This loop continues until all
data has been read.
Because of this condition; openssl bufferevents will never return back into
event_base_loop() until SSL_read has determined data is no longer ready.
As of yet I have not found a reason why this while loop exists, so this patch
just swaps out while for if.
If needed I can write same code which would trigger this effect; optionally
libevhtp has a test.c program which can be run with the following flags:
The return data will include the number of times the readcb got data and the
length of that read.
Without this patch, you are likely to see a small amount of "bytes read....",
otherwise the "bytes read..." return data should show much more reasonable
numbers.
Leonid Evdokimov [Wed, 19 Oct 2011 18:38:37 +0000 (22:38 +0400)]
Empty DNS reply with OK status is another way to say NODATA.
Sometimes DNS reply has nothing but query section. It does not look like
error, so it should be treated as NODATA with TTL=0 as soon as there is
no SOA record to deduce negative TTL from.
Nick Mathewson [Thu, 29 Sep 2011 13:30:04 +0000 (09:30 -0400)]
Prefer mmap to sendfile unless a DRAINS_TO_FD flag is set. Allows add_file to work with SSL.
The sendfile() implementation for evbuffer_add_file is potentially more
efficient, but it has a problem: you can only use it to send bytes over
a socket using sendfile(). If you are writing bytes via SSL_send() or
via a filter, or if you need to be able to inspect your buffer, it
doesn't work.
As an easy fix, this patch disables the sendfile-based implementation of
evbuffer_add_file on an evbuffer unless the user sets a new
EVBUFFER_FLAG_DRAINS_TO_FD flag on that evbuffer, indicating that the
evbuffer will not be inspected, but only written out via
evbuffer_write(), evbuffer_write_atmost(), or drained with stuff like
evbuffer_drain() or evbuffer_add_buffer(). This flag is off by
default, except for evbuffers used for output on bufferevent_socket.
In the future, it could be interesting to make a best-effort file
segment implementation that tries to send via sendfile, but mmaps on
demand. That's too much complexity for a stable release series, though.