Rework tls_filter #9
Conversation
|
UPD: Sometimes it hangs. Investigating. |
|
@icing now it works fine.. Could you take a look on that? Used this doc to refactor it.. |
|
Ah, forgot to describe. Also it fixes bug with websocket session. If I send frame 427Kb, it will be closed immediately. |
|
These changes are larger than I expected. I added basic websocket test cases in #11 and we need to reproduce the problems we try to fix there. Without test cases, this would be fragile. |
* add websocket test cases * add websockets to python requirements
|
removed some debug logs, what was treat as error |
test_tls_18_04 reproduces the problem with handling pending plain data in rustls. Disabled here, awaiting a fix like in #9.
* add wss test cases for accessing a wss: server via httpd * would like to extend that to https: but pyhtons websocket client is flaky in CI test_tls_18_04 reproduces the problem with handling pending plain data in rustls. Disabled here, awaiting a fix like in #9.
|
@makavity I made a reproducer of the problem in #12 (now merged into master). Applying this PR (with some minor fixes) makes the test pass. I include my diff below. It fixes some compiler warnings and I replaced the "pending byte count" with a flag that gets clear once rustls reports everything has been read. Hope I did not break anything. It's probably easiest if you rebase your PR on master. My adaptations to your PR in #13 |
* add wss test cases for accessing a wss: server via httpd * would like to extend that to https: but pyhtons websocket client is flaky in CI test_tls_18_04 reproduces the problem with handling pending plain data in rustls. Disabled here, awaiting a fix like in icing#9.
|
@icing thank you, i've rebased PR. |
|
CI complains mainly about the used paramter. Could you fix that? |
|
Oh, one second, should I apply your patch you meant in previous message? |
|
I think not. I'll force push rollback. Sorry. |
|
Now, things seem a bit messed up now. I did want to confuse you. Seeing my changes to the test code in this PR now means you cherry picked those? This confused git a little. Usually, when we say "rebasing" a PR, we mean something like the following: This leaves only your own commits as part of a pull request and lets you resolve potential conflicts. |
no problem, we'll get there. |
|
Okay, now we fine. Also removed unused variable. |
Taking the changes from #9, fixiing some compiler errors and replacing the "pending data" count with a boolean flag that gets cleared when the rustls plain text is completely read.
|
I think, we should close this PR due to #13 |
Thanks. I think that makes sense. I am debugging the changes as CI shows failures with the changes. Will update you once I know more. |
|
Thank you :) |
A flush of data was missing in the outgoing filter for backend conenctions that did not end in a meta bucket. This caused stalls of websocket frames from the client to never reach the backend. Rework filter logging to give a better picture of what is happening. refs #9
A flush of data was missing in the outgoing filter for backend conenctions that did not end in a meta bucket. This caused stalls of websocket frames from the client to never reach the backend. Rework filter logging to give a better picture of what is happening. refs #9
|
@icing thank you for your project. It saved a lot of my time :) |
2 participants
Resolves #8
Maybe it is not the best solution, but it works :D
Big chunk works, small chunks also works.
Optimized tls_filter interaction with rustls: improved read operation management, non-blocking handling, and full-duplex connection support (WebSocket).