* SOCKS handshake handler implementation
* Soundness
* Remove placeholder text
* Sad path tests
* Soundness
* Docs
* Fix workflow tests
* Make handler removable
* Protect methods
* Prevent test crashes
* Cleanup public types
* Add test that writing after auth fails
* Add force handler removal tests
* Remove client and server state from public api
* Explicitly handle states
* Remove promises
* Fix test
* Add data to authentication complete
* Refactor to add authentication complete flag
Implement a SOCKSv5 client according to RFC 1928. Server implementation will be added in another PR to keep sizes down.
https://datatracker.ietf.org/doc/html/rfc1928
A few meaningful changes:
Add all relevant types used across SOCKS clients and servers
Add a state machine used to manage a connection from a clients side
Add a channel handler that should be added at the very start of a channel pipeline
* fix crash in LengthFieldBasedFrameDecoder for malicious length values
Motivation:
LengthFieldBasedFrameDecoder will cause a fatal error if the length value does not fit into an `Int`.
This can happen if `lengthFieldLength` is set to `.eight` and we are on a 64 bit platform or if `lengthFieldLength` is set to `.four` and we are on a 32-bit platform.
If we then receive a length field value which is greater than `Int.max` the conversion from `UInt` to `Int` will cause a fatal error.
This could be abused to crash a server by only sending 4 or 8 bytes.
Modifications:
safely convert UInt64 & UInt32 to Int and throw an error if they can't be represented as an Int
Result:
- LengthFieldBasedFrameDecoder with lengthFieldLength set to `.eight` can no longer crash the server on a 64-bit platform
- LengthFieldBasedFrameDecoder with lengthFieldLength set to `.four` can no longer crash the server on a 32-bit platform
* use early exit instead of XCTSkipIf
* add support for `.eight` on 32-bit platforms
* limit frame length to `Int32.max`
* change test names
* throw correct error
* fix compilation for Swift 5.0 and add NIO prefix to error enum
* add test for maximum allowed length and one above the maximum allowed length
Signed-off-by: David Nadoba <dnadoba@gmail.com>
* run XCTest script
Signed-off-by: David Nadoba <dnadoba@gmail.com>
Co-authored-by: Johannes Weiss <johannesweiss@apple.com>
Motivation:
The RSocket protocol uses a 24 bit length field
Modifications:
- add two new methods readInteger and writeInteger on ByteBuffer that support reading and writing integers of any size.
- add a new case (.three) to ByteLength
Result:
LengthFieldBasedFrameDecoder & LengthFieldPrepender do now support a 24 bit length field
Co-authored-by: Johannes Weiss <johannesweiss@apple.com>
Motivation:
We support watchOS 6+ with SwiftNIO Transport Services; as such we should
include watchOS as a deployment target for our CocoaPods.
Modifications:
- Add a watchOS deployment target to `build_podspecs.sh`
Result:
Users can deploy to watchOS 6+ with CocoaPods.
Motivation:
As a rule of thumb we should always forward channel events to the next
handler. #106 added an implementation for `channelInactive` but forgot
to forward it.
Modifications:
- forward `channelInactive` in the `RequestResponseHandler`
Result:
Handlers after the `RequestResponseHandler` will recieve
`channelInactive`.
Motivation:
It's possible for channels to be closed without an error; and the
`RequestResponseHandler` should tolerate that by failing any promises
for which it does not have a response for.
Modifications:
- Add `ClosedBeforeReceivingResponseError`
- Fail outstanding promises with `ClosedBeforeReceivingResponseError` in
`RequestResponseHandler.channelInactive`
- Add a test.
Result:
Outstanding request promises are failed when the channel becomes inactive.
Motivation:
Current script always reports sdk errors on 5.2.
Modifications:
Only give -sdk where really necessary on 5.2 linux.
Result:
Script will work on 5.2 (although still reports silent errors)
Motivation:
It's useful to know the overhead we could be adding by including
the PCAP handler.
Modifications:
Add a new executable based on the NIO performance testing executable.
Result:
There is a new executable which runs a short test of sending and receiving
data through the HTTP/1 handler using multiple eventloops and showing
three options.
1) Vanilla
2) With in memory PCAP never written to disk
3) With a disk based PCAP.
Motivation:
Previously, when using the response compressor, doing a flush() right before finishing the
response data would cause the final compression chunk to be omitted. Some strict decompressors
(such as gzip or the zlib functionality exported in nodejs) would refuse to decompress the
incomplete response.
With this change, the generated compressed response is properly finalized.
Modifications:
In HTTPResponseCompressor.swift, a channel write is now also generated if no body data is
added, but a flush is required.
Result:
The response is now correct for this edge case, enabling gzip, nodejs, et al., to
decompress it without errors.
Motivation:
Capturing all packets is expensive. Recording to a ring buffer and
then outputting on a triggering event allows this cost to be reduced.
Modifications:
Add a new handler - NIOPCAPRingCaptureHandler.
This derives from the existing NIOWritePCAPHandler and generates PCAP recordings.
A ring buffer contained in this handler stores the captured packets until RecordPreviousPackets
is received as a user message at which point they are flushed to the sink.
Result:
There is a new handler capable of outputting packet captured data only in the build up to
a known event.
Co-authored-by: Cory Benfield <lukasa@apple.com>
Co-authored-by: George Barnett <gbrntt@gmail.com>
Motivation:
Ubuntu 16 ruby is too old to support latest cocoapods gem.
Modifications:
Don't install jazzy when on xenial
Result:
Docker image will now build - you need to use bionic images to build documentation.
Motivation:
The build_podspec.sh script generates a podspec which requires exact
versions of its dependencies. This very quickly turns into unresolvable
dependency graphs.
Modifications:
NIO version passed to script must be in the format MAJOR.MINOR
Podspec dependencies are now '>= MAJOR.MINOR', '< MAJOR+1'
Result:
Looser version requirements for podspecs
Motivation:
Previously, WritePCAPHandler would crash if more than 4GiB of data were
either received or sent through the same instance of the
WritePCAPHandler because of a UInt32 overflow representing the TCP
sequence/ACK numbers.
Modifications:
Make TCP sequence/ACK numbers wrap around correctly.
Result:
- now you can send/receive up to 16 EiB of data :P.
- fixes rdar://61887658
Motivation:
NIOHTTPRequestDecompressor and HTTPResponseDecompressor are both affected by an issue where the decompression limits defined by their DecompressionLimit property wasn't correctly checked when is was set with DecompressionLimit.size(...), allowing denial of service attacks.
Modifications:
- Update DecompressionLimit.size(...) to correctly check the size of the decompressed data.
- Update test cases to avoid future regressions regarding the size checks.
Result:
Prevents DoS attacks though maliciously crafted compressed data.
* Added NIOHTTPRequestCompressor to compress requests
Also moved common code from request and response compressor into separate NIOHTTPCompression enum.
* Updates after comments from @weissi
Also reinstated public enum HTTPResponseCompressor.CompressionError
* algorithms are now let not var
* Catch situation where head is flushed before anything else comes through
Content-encoding was not being set
Added additional tests for header values
* Added documentation around 5 bytes added to buffer size and add them
* Renaming NIOHTTPCompressionSetting to NIOCompression
Also
NIOHTTPCompressionSetting.CompressionAlgorithm is NIOCompression.Algorithm
NIOHTTPCompressionSetting.CompressionError is NIOCompression.Error
Algorithm now conforms to Equatable
* Forgot to run generate_linux_tests
* Fix typos
Motivation:
It's 2020; our license checking script should believe that that is an
acceptable year.
Modifications:
- Update scripts/sanity.sh
Result:
2020 is okay in license headers.
Motivation:
We were missing the 5.2 & 5.3 docker compose files and also the syntax
wasn't flexible enough to pull in the new nightlies.
Modifications:
- always specify the full image name
- add 5.2 & 5.3
Result:
More CI & newer Swifts.
motivation: publish api docs for helper modules
changes
* add doc publishing script
* add "shell" docker-compose task to help run document publishing from ci
Co-authored-by: Johannes Weiss <johannesweiss@apple.com>
motivation: more secured ci setup
changes:
* enable :z selinux flag on bind mounts so we can enable selinux on ci
* drop potentially exploitable capabilities from docker-compose
Motivation:
The code-of-conduct email address is out-of-date.
Modifications:
Update code-of-conduct email address to swift-server-conduct@group.apple.com
Result:
- Code of conduct email address is up-to-date.
Motivation:
The test suite for some reason imported NIO as @testable which is
verboten.
Modifications:
Don't do that.
Result:
Feeling better, compatible with the upcoming NIO 2.10.1.
