1. 03 Jul, 2019 1 commit
  2. 24 Jun, 2019 1 commit
  3. 03 Jun, 2019 1 commit
  4. 18 Apr, 2019 1 commit
    • Vladimír Čunát's avatar
      simplify approach to bind() · 8cecbf0d
      Vladimír Čunát authored
      The complication is that we need to work with addresses and
      just file-descriptors passed from some parent process.
      The former approach lead to logical duplication of some steps;
      now we add a step converting addresses to file-descriptors.
      Thanks to that we always do bind() without touching libuv,
      so the problem with forking disappears :-)
      8cecbf0d
  5. 17 Apr, 2019 1 commit
    • Vladimír Čunát's avatar
      module API+ABI: remove one level of indirection · 176b1c28
      Vladimír Čunát authored
      ... for layers and props.  This breaks C module API+ABI.
      
      It seemed weird to repeatedly call a function that returns a pointer
      to a structure in which we find the function we want to actually call.
      We've never used changing these functions AFAIK, and the target
      functions could easily be written to change their behavior instead
      (i.e. move the indirection *inside* the function).
      
      When breaking this, I also removed these two (_layers and _props)
      from the dynamic symbols (to be) exported from the C modules.
      They always pointed to memory belonging inside the module,
      and they seem quite sensible to be set up by the _init symbol instead.
      176b1c28
  6. 11 Apr, 2019 1 commit
  7. 12 Mar, 2019 1 commit
  8. 05 Mar, 2019 3 commits
  9. 25 Feb, 2019 1 commit
  10. 22 Feb, 2019 1 commit
    • Vladimír Čunát's avatar
      daemon: rework handling of TLS authentication params · 81b1450e
      Vladimír Čunát authored
      It's mainly about the way we parse and validate them.
      
      Almost all of the parts of validation that were being done
      in modules/policy/policy.lua and daemon/tls.c got moved
      to daemon/bindings/net.c, so it's easier to follow that.
      Also more checks are being done now, e.g. contents of .pin_sha256
      and .hostname strings.
      81b1450e
  11. 11 Feb, 2019 1 commit
  12. 09 Jan, 2019 1 commit
  13. 11 Dec, 2018 3 commits
  14. 03 Dec, 2018 1 commit
    • Vladimír Čunát's avatar
      lib/utils: fix memory leak since 58def8bb · 021cdc24
      Vladimír Čunát authored
      The problem was the mm_malloc() typo :-/ so allocation was going through
      malloc() instead of the packet's allocator (always memory pool ATM).
      I added mm_free() for better correctness anyway.
      021cdc24
  15. 26 Nov, 2018 3 commits
  16. 21 Nov, 2018 1 commit
  17. 14 Sep, 2018 1 commit
    • Marek Vavruša's avatar
      daemon/worker: fixes error handling from TLS writes · f52231b6
      Marek Vavruša authored
      The error handling loop for uncorking TLS data was wrong, as the
      underlying push function is asynchronous and there's no relationship
      between completed DNS packet writes and number of TLS message writes.
      In case of the asynchronous function, the buffered data must be valid
      until the write is complete, currently this is not guaranteed and
      loading the resolver with pipelined requests results in memory errors:
      
      ```
      $ getdns_query @127.0.0.1#853 -s -a -s -l L -B -F queries -q
      ...
      ==47111==ERROR: AddressSanitizer: heap-use-after-free on address 0x6290040a1253 at pc 0x00010da960d3 bp 0x7ffee2628b30 sp 0x7ffee26282e0
      READ of size 499 at 0x6290040a1253 thread T0
          #0 0x10da960d2 in wrap_write (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x1f0d2)
          #1 0x10d855971 in uv__write (libuv.1.dylib:x86_64+0xf971)
          #2 0x10d85422e in uv__stream_io (libuv.1.dylib:x86_64+0xe22e)
          #3 0x10d85b35a in uv__io_poll (libuv.1.dylib:x86_64+0x1535a)
          #4 0x10d84c644 in uv_run (libuv.1.dylib:x86_64+0x6644)
          #5 0x10d602ddf in main main.c:422
          #6 0x7fff6a28a014 in start (libdyld.dylib:x86_64+0x1014)
      
      0x6290040a1253 is located 83 bytes inside of 16895-byte region [0x6290040a1200,0x6290040a53ff)
      freed by thread T0 here:
          #0 0x10dacdfdd in wrap_free (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x56fdd)
          #1 0x10d913c2e in _mbuffer_head_remove_bytes (libgnutls.30.dylib:x86_64+0xbc2e)
          #2 0x10d915080 in _gnutls_io_write_flush (libgnutls.30.dylib:x86_64+0xd080)
          #3 0x10d90ca18 in _gnutls_send_tlen_int (libgnutls.30.dylib:x86_64+0x4a18)
          #4 0x10d90edde in gnutls_record_send2 (libgnutls.30.dylib:x86_64+0x6dde)
          #5 0x10d90f085 in gnutls_record_uncork (libgnutls.30.dylib:x86_64+0x7085)
          #6 0x10d5f6569 in tls_push tls.c:238
          #7 0x10d5e5b2a in qr_task_send worker.c:1002
          #8 0x10d5e2ea6 in qr_task_finalize worker.c:1562
          #9 0x10d5dab99 in qr_task_step worker.c
          #10 0x10d5e12fe in worker_process_tcp worker.c:2410
      ```
      
      The current implementation adds opportunistic uv_try_write which
      either writes the requested data, or returns UV_EAGAIN or an error,
      which then falls back to slower asynchronous write that copies the buffered data.
      
      The function signature is changed from simple write to vectorized write.
      
      This also enables TLS False Start to save 1RTT when possible.
      f52231b6
  18. 14 Aug, 2018 4 commits
  19. 11 May, 2018 1 commit
  20. 09 May, 2018 2 commits
  21. 23 Apr, 2018 1 commit
    • Marek Vavrusa's avatar
      lib/utils: fixed memory corruption in kr_pkt_recycle and kr_pkt_clear_payload · c4037c24
      Marek Vavrusa authored
      Previous implementation forgot to clear the compression table, which is
      an internal structure to packet. So when a recycled packet was reused,
      it compared owners of newly inserted records with dangling pointers left
      in the compression table.
      
      This is less of a problem in query processing,
      as each packet uses a memory pool, so the pointed names were never deallocated,
      but it would write out wrong compression pointers because the compression
      table kept pointing into packet that was now cleared and reused for something else.
      
      It is more of a problem with packets created without a memory pool,
      as the compression table kept references to memory that was already freed.
      c4037c24
  22. 18 Apr, 2018 2 commits
  23. 12 Apr, 2018 1 commit
  24. 01 Mar, 2018 1 commit
  25. 15 Feb, 2018 1 commit
  26. 29 Jan, 2018 1 commit
  27. 23 Jan, 2018 1 commit
    • Vladimír Čunát's avatar
      nitpicks from review of !405: query-trace · f705c82a
      Vladimír Čunát authored
      The deckard change was probably unintentional, so I reverted that.
      The only real mistake I found was `sizeof(128)`, though the effect was
      just unnecessary reallocations.
      
      On the whole I really like it.  Verbose logging might get slightly
      slower, due to increased amount of string allocation and copying,
      but it does seem worth it, at least until we can prove otherwise.
      I didn't look much into http module changes, etc.
      f705c82a
  28. 18 Jan, 2018 1 commit
  29. 17 Jan, 2018 1 commit