| Age | Commit message (Collapse) | Author |
|---|
|
Turns out it wasn't the plain CRC32 algorithm that should have
been used, whoops!
The implementation was adapted from pseudo code from
Thomas Cioppettini.
I've renamed the PROXY header building option value for
checksum from crc32 to crc32c and updated the documentation.
There is no support for plain crc32 checksums.
|
|
|
|
This is the function that should be called regardless of
TCP or TLS being used. The proper usage for this function is:
{ok, ProxyInfo} = ranch:recv_proxy_header(Ref, Timeout),
{ok, Socket} = ranch:handshake(Ref),
...
Ranch takes care of everything else under the hood. Transports
now need to have a Transport:recv_proxy_header/2 function. For
ranch_ssl the function gets the port from the sslsocket() record
and then calls ranch_tcp:recv_proxy_header/2 with it.
This means that two undocumented features are currently used for
this, but the interface is really nice so that's a sacrifice
worth doing. Also worth noting is that OTP 22 should have an
alternative for gen_tcp:unrecv/2 so the only real issue is about
the sslsocket() record at the moment.
|
|
The race condition occurs when the restart is faster than
the cleaning up. With this commit the restart will perform
the cleanup if it was not done beforehand.
|
|
This will avoid some unnecessary logs by default.
SASL can be enabled to log these events.
|
|
This uses the undocumented function gen_tcp:unrecv/2.
Tests have been added for both gen_tcp and ssl connections,
including sending data in the same first packet, at least
for gen_tcp (ssl tests may or may not end up buffering some
of the TLS handshake before the recv call, but there's no
guarantees).
|
|
Also add tests of the type parse(build(Info)), including
for testing the TLVs and the padding/checksum verification
options.
|
|
Using test cases from the spec and tomciopp/proxy_protocol.
Many more tests are needed, especially for the TLV part and
for the error conditions.
|
|
|
|
In addition to cleaning when ranch:stop_listener/1 is called, we
also need to clean when we detect the supervisor is going away
for normal reasons, because the supervisor might be in another
application's supervision tree.
Note that there might be a short delay in this case before the
cleanup is done, due to using monitors for detection.
|
|
This can be used by Cowboy to better deal with the switch
to maps for transport options and avoid the log message
when using lists.
|
|
Ranch is now made for and tested on 18+ only.
|
|
|
|
|
|
|
|
|
|
Also review and update the ranch(7) manual and fix a few specs.
|
|
It can be quite huge and hinders readability.
|
|
I had to use the process dictionary to work around the current
interface for one log call. You have been warned.
|
|
The "normal" errors are still silenced when calling ranch:handshake.
|
|
Based on the work done by @juhlig.
|
|
A map should now be used when specifying transport options
that contain more than just socket options. It is still
possible to pass a list of socket options directly as a
convenience.
The ack_timeout is renamed to handshake_timeout when
specified as a map. This corresponds to the new function
ranch:handshake/1,2 that will be favored in Ranch 2.0.
Specifying Ranch-specific options via the proplist will
no longer be possible starting from Ranch 2.0.
|
|
|
|
Next release will only support 18+.
|
|
This commit deprecates Transport:accept_ack/1 in favor of
a new forward-compatible function. Transport:handshake/1,2
will use ssl:handshake/2,3 from Ranch 2.0 onward.
|
|
LH: Reworked validation style and added a -dialyzer
attribute to acceptor_SUITE to silence expected errors.
|
|
|
|
|
|
This allows graceful draining of connections, updating transport
options on a running listener without having to drop connections
and other similar scenarios.
Note that when updating transport options the listener must be
suspended which means that new connections will be rejected until
the listener is resumed.
|
|
|
|
|
|
|
|
|
|
|
|
The NumAcceptors argument has been moved to transport option
num_acceptor, which defaults to 10. The functions now take
one less argument. The old functions are still here, though
deprecated.
|
|
Amended with small whitespace changes and removing an unused clause.
|
|
Provides detailed information about Ranch listeners
|
|
Ranch now depends on SSL. Users embedding listeners in
their supervision tree are expected to depend on SSL too
if they are using it.
|
|
|
|
We always get the acceptor to resume. The child process will
be killed, and the current code will ignore any EXIT message
when that happens because the pid isn't in the process dictionary.
|
|
|
|
Simplify some return values, improve error messages for
eaddrinuse and no_cert.
Amended to add tests and simpler code. Also hides the
contents of cert and key transport options, if any.
|
|
|
|
Cert/certfile is no longer required if SNI options are provided.
|
|
Dialyzer will still complain about unknown options, but at
least users won't be stuck waiting for an upstream update.
|
|
|
|
In some cases the ranch_server:get_connections_sup/1 call could
still succeed depending on timing.
|
|
|
|
Added in ssl-7.3.1 (OTP-13261). Documented in ssl-8.0.
|
|
|
