uringmachine 0.4 → 0.5.1

data/ext/um/um_ssl.h

@@ -0,0 +1,22 @@
+#ifndef UM_SSL_H
+#define UM_SSL_H
+
+#include <ruby.h>
+// #include <openssl/bio.h>
+#include <openssl/ssl.h>
+// #include <openssl/dh.h>
+// #include <openssl/err.h>
+// #include <openssl/x509.h>
+
+enum ssl_role {
+  ROLE_SERVER,
+  ROLE_CLIENT
+};
+
+struct um_ssl_connection {
+  VALUE self;
+
+  enum ssl_role role;
+};
+
+#endif // UM_SSL_H

data/ext/um/um_ssl_class.c

@@ -0,0 +1,138 @@
+/*
+  Adopted from:
+    https://github.com/puma/puma/blob/master/ext/puma_http11/mini_ssl.c
+  
+  License (BSD-3):
+    https://github.com/puma/puma/blob/master/LICENSE
+*/
+
+#include "um.h"
+#include "um_ssl.h"
+// #include <openssl/bio.h>
+#include <openssl/ssl.h>
+// #include <openssl/dh.h>
+// #include <openssl/err.h>
+// #include <openssl/x509.h>
+
+VALUE eSSLError;
+VALUE cSSLConnection;
+
+static void UM_SSL_Connection_mark(void *ptr) {
+  // struct um_ssl_connection *connection = ptr;
+  // rb_gc_mark_movable(connection->self);
+
+  // um_op_list_mark(machine, machine->transient_head);
+  // um_op_list_mark(machine, machine->runqueue_head);
+}
+
+static void UM_SSL_Connection_compact(void *ptr) {
+  // struct um_ssl_connection *connection = ptr;
+  // machine->self = rb_gc_location(machine->self);
+  // machine->poll_fiber = rb_gc_location(machine->poll_fiber);
+
+  // um_op_list_compact(machine, machine->transient_head);
+  // um_op_list_compact(machine, machine->runqueue_head);
+}
+
+static void UM_SSL_Connection_free(void *ptr) {
+  // um_ssl_connection_teardown((struct um_ssl_connection *)ptr);
+  free(ptr);
+}
+
+static size_t UM_SSL_Connection_size(const void *ptr) {
+  return sizeof(struct um_ssl_connection);
+}
+
+static const rb_data_type_t UM_SSL_Connection_type = {
+    "UringMachine::SSL::Connection",
+    {UM_SSL_Connection_mark, UM_SSL_Connection_free, UM_SSL_Connection_size, UM_SSL_Connection_compact},
+    0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED
+};
+
+static VALUE UM_SSL_Connection_allocate(VALUE klass) {
+  struct um_ssl_connection *connection = ALLOC(struct um_ssl_connection);
+  return TypedData_Wrap_Struct(klass, &UM_SSL_Connection_type, connection);
+}
+
+VALUE UM_SSL_Connection_initialize(VALUE self, VALUE machine, VALUE fd, VALUE ctx) {
+  // struct um_ssl_connection *connection = RTYPEDDATA_DATA(self);
+
+  return self;
+}
+
+VALUE UM_SSL_check(VALUE self) {
+  return Qnil;
+}
+
+void Init_SSL(void) {
+  VALUE cUM = rb_define_class("UringMachine", rb_cObject);
+  VALUE cSSL = rb_define_module_under(cUM, "SSL");
+
+  cSSLConnection = rb_define_class_under(cSSL, "Connection", rb_cObject);
+  rb_define_alloc_func(cUM, UM_SSL_Connection_allocate);
+
+  rb_define_method(cSSLConnection, "initialize", UM_SSL_Connection_initialize, 3);
+
+  // cCtx = rb_define_class_under(cSSL, "SSLContext", rb_cObject);
+  // rb_define_alloc_func(cCtx, sslctx_alloc);
+  // rb_define_method(cCtx, "initialize", sslctx_initialize, 1);
+  // rb_undef_method(cCtx, "initialize_copy");
+
+  // OpenSSL Build / Runtime/Load versions
+
+  /* Version of OpenSSL that UringMachine was compiled with */
+  rb_define_const(cSSL, "OPENSSL_VERSION", rb_str_new2(OPENSSL_VERSION_TEXT));
+
+#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000
+  /* Version of OpenSSL that UringMachine loaded with */
+  rb_define_const(cSSL, "OPENSSL_LIBRARY_VERSION", rb_str_new2(OpenSSL_version(OPENSSL_VERSION)));
+#else
+  rb_define_const(cSSL, "OPENSSL_LIBRARY_VERSION", rb_str_new2(SSLeay_version(SSLEAY_VERSION)));
+#endif
+
+#if defined(OPENSSL_NO_SSL3) || defined(OPENSSL_NO_SSL3_METHOD)
+  /* True if SSL3 is not available */
+  rb_define_const(cSSL, "OPENSSL_NO_SSL3", Qtrue);
+#else
+  rb_define_const(cSSL, "OPENSSL_NO_SSL3", Qfalse);
+#endif
+
+#if defined(OPENSSL_NO_TLS1) || defined(OPENSSL_NO_TLS1_METHOD)
+  /* True if TLS1 is not available */
+  rb_define_const(cSSL, "OPENSSL_NO_TLS1", Qtrue);
+#else
+  rb_define_const(cSSL, "OPENSSL_NO_TLS1", Qfalse);
+#endif
+
+#if defined(OPENSSL_NO_TLS1_1) || defined(OPENSSL_NO_TLS1_1_METHOD)
+  /* True if TLS1_1 is not available */
+  rb_define_const(cSSL, "OPENSSL_NO_TLS1_1", Qtrue);
+#else
+  rb_define_const(cSSL, "OPENSSL_NO_TLS1_1", Qfalse);
+#endif
+
+  rb_define_singleton_method(cSSL, "check", UM_SSL_check, 0);
+
+  eSSLError = rb_define_class_under(cSSL, "SSLError", rb_eStandardError);
+
+  // rb_define_singleton_method(cSSLConnection, "server", engine_init_server, 1);
+  // rb_define_singleton_method(cSSLConnection, "client", engine_init_client, 0);
+
+  // rb_define_method(cSSLConnection, "inject", engine_inject, 1);
+  // rb_define_method(cSSLConnection, "read",  engine_read, 0);
+
+  // rb_define_method(cSSLConnection, "write",  engine_write, 1);
+  // rb_define_method(cSSLConnection, "extract", engine_extract, 0);
+
+  // rb_define_method(cSSLConnection, "shutdown", engine_shutdown, 0);
+
+  // rb_define_method(cSSLConnection, "init?", engine_init, 0);
+
+  /* @!attribute [r] peercert
+   * Returns `nil` when `MiniSSL::Context#verify_mode` is set to `VERIFY_NONE`.
+   * @return [String, nil] DER encoded cert
+   */
+  // rb_define_method(cSSLConnection, "peercert", engine_peercert, 0);
+
+  // rb_define_method(cSSLConnection, "ssl_vers_st", engine_ssl_vers_st, 0);
+}

data/ext/um/um_sync.c

@@ -0,0 +1,273 @@
+#include "um.h"
+#include <stdatomic.h>
+#include <linux/futex.h>
+
+#define FUTEX2_SIZE_U32		0x02
+
+void um_futex_wait(struct um *machine, uint32_t *futex, uint32_t expect) {
+  struct um_op op;
+  um_prep_op(machine, &op, OP_FUTEX_WAIT);
+  struct io_uring_sqe *sqe = um_get_sqe(machine, &op);
+  io_uring_prep_futex_wait(
+    sqe, (uint32_t *)futex, expect, FUTEX_BITSET_MATCH_ANY,
+		FUTEX2_SIZE_U32, 0
+  );
+  
+  VALUE ret = um_fiber_switch(machine);
+  if (!um_op_completed_p(&op))
+    um_cancel_and_wait(machine, &op);
+  else {
+    if (op.result.res != -EAGAIN)
+      um_raise_on_error_result(op.result.res);
+  }
+
+  RB_GC_GUARD(ret);
+  raise_if_exception(ret);
+}
+
+void um_futex_wake(struct um *machine, uint32_t *futex, uint32_t num_waiters) {
+  struct um_op op;
+  um_prep_op(machine, &op, OP_FUTEX_WAKE);
+  struct io_uring_sqe *sqe = um_get_sqe(machine, &op);
+  // submit futex_wait
+  io_uring_prep_futex_wake(
+    sqe, (uint32_t *)futex, num_waiters, FUTEX_BITSET_MATCH_ANY,
+		FUTEX2_SIZE_U32, 0
+  );
+
+  VALUE ret = um_fiber_switch(machine);
+  um_check_completion(machine, &op);
+
+  RB_GC_GUARD(ret);
+  raise_if_exception(ret);
+}
+
+void um_futex_wake_transient(struct um *machine, uint32_t *futex, uint32_t num_waiters) {
+  struct io_uring_sqe *sqe = um_get_sqe(machine, NULL);
+  io_uring_prep_futex_wake(
+    sqe, (uint32_t *)futex, num_waiters, FUTEX_BITSET_MATCH_ANY,
+		FUTEX2_SIZE_U32, 0
+  );
+}
+
+
+#define MUTEX_LOCKED    1
+#define MUTEX_UNLOCKED  0
+
+void um_mutex_init(struct um_mutex *mutex) {
+  mutex->state = MUTEX_UNLOCKED;
+}
+
+inline void um_mutex_lock(struct um *machine, uint32_t *state) {
+  while (*state == MUTEX_LOCKED) {
+    um_futex_wait(machine, state, MUTEX_LOCKED);
+  }
+  *state = MUTEX_LOCKED;
+}
+
+inline void um_mutex_unlock(struct um *machine, uint32_t *state) {
+  *state = MUTEX_UNLOCKED;
+  // Wake up 1 waiting fiber
+  um_futex_wake(machine, state, 1);
+}
+
+struct sync_ctx {
+  struct um *machine;
+  uint32_t *state;
+};
+
+VALUE synchronize_begin(VALUE arg) {
+  struct sync_ctx *ctx = (struct sync_ctx *)arg;
+  um_mutex_lock(ctx->machine, ctx->state);
+  return rb_yield(Qnil);
+}
+
+VALUE synchronize_ensure(VALUE arg) {
+  struct sync_ctx *ctx = (struct sync_ctx *)arg;
+  um_mutex_unlock(ctx->machine, ctx->state);
+  return Qnil;
+}
+
+inline VALUE um_mutex_synchronize(struct um *machine, uint32_t *state) {
+  struct sync_ctx ctx = { .machine = machine, .state = state };
+  return rb_ensure(synchronize_begin, (VALUE)&ctx, synchronize_ensure, (VALUE)&ctx);
+}
+
+#define QUEUE_EMPTY 0
+#define QUEUE_READY 1
+
+inline void um_queue_init(struct um_queue *queue) {
+  queue->head = queue->tail = queue->free_head = NULL;
+  queue->state = QUEUE_EMPTY;
+  queue->count = 0;
+}
+
+inline void um_queue_free(struct um_queue *queue) {
+  struct um_queue_entry *entry = queue->head;
+  while (entry) {
+    struct um_queue_entry *next = entry->next;
+    free(entry);
+    entry = next;
+  }
+
+  entry = queue->free_head;
+  while (entry) {
+    struct um_queue_entry *next = entry->next;
+    free(entry);
+    entry = next;
+  }
+
+  free(queue);
+}
+
+inline void um_queue_mark(struct um_queue *queue) {
+  rb_gc_mark_movable(queue->self);
+  struct um_queue_entry *entry = queue->head;
+  while (entry) {
+    rb_gc_mark_movable(entry->value);
+    entry = entry->next;
+  }
+}
+
+inline void um_queue_compact(struct um_queue *queue) {
+  queue->self = rb_gc_location(queue->self);
+  struct um_queue_entry *entry = queue->head;
+  while (entry) {
+    entry->value = rb_gc_location(entry->value);
+    entry = entry->next;
+  }
+}
+
+inline struct um_queue_entry *um_queue_entry_checkout(struct um_queue *queue) {
+  struct um_queue_entry *entry = queue->free_head;
+  if (entry) {
+    queue->free_head = entry->next;
+  }
+  else
+    entry = malloc(sizeof(struct um_queue_entry));
+  return entry;
+}
+
+inline void um_queue_entry_checkin(struct um_queue *queue, struct um_queue_entry *entry) {
+  entry->next = queue->free_head;
+  queue->free_head = entry;
+}
+
+static inline void queue_add_head(struct um_queue *queue, VALUE value) {
+  struct um_queue_entry *entry = um_queue_entry_checkout(queue);
+
+  entry->next = queue->head;
+  if (queue->head) { 
+    queue->head->prev = entry;
+    queue->head = entry;
+  }
+  else
+    queue->head = queue->tail = entry;
+  entry->prev = NULL;
+  RB_OBJ_WRITE(queue->self, &entry->value, value);
+}
+
+static inline void queue_add_tail(struct um_queue *queue, VALUE value) {
+  struct um_queue_entry *entry = um_queue_entry_checkout(queue);
+
+  entry->prev = queue->tail;
+  if (queue->tail) { 
+    queue->tail->next = entry;
+    queue->tail = entry;
+  }
+  else
+    queue->head = queue->tail = entry;
+  entry->next = NULL;
+  RB_OBJ_WRITE(queue->self, &entry->value, value);
+}
+
+VALUE queue_remove_head(struct um_queue *queue) {
+  struct um_queue_entry *entry = queue->head;
+  queue->head = entry->next;
+  if (!queue->head) queue->tail = NULL;
+
+  VALUE v = entry->value;
+  um_queue_entry_checkin(queue, entry);
+  return v;
+
+}
+
+VALUE queue_remove_tail(struct um_queue *queue) {
+  struct um_queue_entry *entry = queue->tail;
+  queue->tail = entry->prev;
+  if (!queue->tail) queue->head = NULL;
+
+  VALUE v = entry->value;
+  um_queue_entry_checkin(queue, entry);
+  return v;
+}
+
+static inline VALUE um_queue_add(struct um *machine, struct um_queue *queue, VALUE value, int add_head) {
+  if (add_head) queue_add_head(queue, value);
+  else          queue_add_tail(queue, value);
+  
+  queue->count++;
+
+  queue->state = QUEUE_READY;
+  if (queue->num_waiters)
+    um_futex_wake_transient(machine, &queue->state, 1);
+  return queue->self;
+}
+
+VALUE um_queue_push(struct um *machine, struct um_queue *queue, VALUE value) {
+  return um_queue_add(machine, queue, value, false);
+}
+
+VALUE um_queue_unshift(struct um *machine, struct um_queue *queue, VALUE value) {
+  return um_queue_add(machine, queue, value, true);
+}
+
+enum queue_op { QUEUE_POP, QUEUE_SHIFT };
+
+struct queue_wait_ctx {
+  struct um *machine;
+  struct um_queue *queue;
+  enum queue_op op;
+};
+
+VALUE um_queue_remove_begin(VALUE arg) {
+  struct queue_wait_ctx *ctx = (struct queue_wait_ctx *)arg;
+  
+  ctx->queue->num_waiters++;
+  while (ctx->queue->state == QUEUE_EMPTY) {
+    um_futex_wait(ctx->machine, &ctx->queue->state, QUEUE_EMPTY);
+  }
+
+  if (ctx->queue->state != QUEUE_READY)
+    rb_raise(rb_eRuntimeError, "Internal error: queue should be in ready state!");
+  if (!ctx->queue->tail)
+    rb_raise(rb_eRuntimeError, "Internal error: queue should be in ready state!");
+
+  ctx->queue->count--;
+  return (ctx->op == QUEUE_POP ? queue_remove_tail : queue_remove_head)(ctx->queue);
+}
+
+VALUE um_queue_remove_ensure(VALUE arg) {
+  struct queue_wait_ctx *ctx = (struct queue_wait_ctx *)arg;
+
+  ctx->queue->num_waiters--;
+
+  if (ctx->queue->num_waiters && ctx->queue->tail) {
+    um_futex_wake_transient(ctx->machine, &ctx->queue->state, 1);
+  }
+  else if (!ctx->queue->tail) {
+    ctx->queue->state = QUEUE_EMPTY;
+  }
+
+  return Qnil;
+}
+
+VALUE um_queue_pop(struct um *machine, struct um_queue *queue) {
+  struct queue_wait_ctx ctx = { .machine = machine, .queue = queue, .op = QUEUE_POP };
+  return rb_ensure(um_queue_remove_begin, (VALUE)&ctx, um_queue_remove_ensure, (VALUE)&ctx);
+}
+
+VALUE um_queue_shift(struct um *machine, struct um_queue *queue) {
+  struct queue_wait_ctx ctx = { .machine = machine, .queue = queue, .op = QUEUE_SHIFT };
+  return rb_ensure(um_queue_remove_begin, (VALUE)&ctx, um_queue_remove_ensure, (VALUE)&ctx);
+}

data/ext/um/um_utils.c

@@ -24,7 +24,7 @@ inline VALUE um_raise_exception(VALUE e) {
   return rb_funcall(rb_mKernel, ID_raise, 1, e);
 }
 
-inline void um_raise_on_system_error(int result) {
+inline void um_raise_on_error_result(int result) {
   if (unlikely(result < 0)) rb_syserr_fail(-result, strerror(-result));
 }
 

data/lib/uringmachine/dns_resolver.rb

@@ -0,0 +1,84 @@
+# frozen_string_literal: true
+
+require 'resolv'
+
+class UringMachine
+  class DNSResolver
+    def initialize(machine)
+      @machine = machine
+      @requests = UM::Queue.new
+      @nameservers = get_nameservers
+      @fiber = @machine.spin { handle_requests_loop }
+      @last_id = 0
+      @cache = {}
+    end
+
+    def resolve(hostname, type)
+      @machine.push(@requests, [hostname, type, Fiber.current])
+      @machine.yield
+    end
+
+    def handle_requests_loop
+      while true
+        hostname, type, fiber = @machine.shift(@requests)
+        res = do_resolve(hostname, type)
+        @machine.schedule(fiber, res)
+      end
+    end
+
+    def get_nameservers
+      nameservers = []
+      IO.readlines('/etc/resolv.conf').each do |line|
+        if line =~ /^nameserver (.+)$/
+          nameservers << $1.split(/\s+/).first
+        end
+      end
+      nameservers
+    end
+
+    def socket_fd
+      @socket_fd ||= prepare_socket
+    end
+
+    def prepare_socket
+      fd = @machine.socket(UM::AF_INET, UM::SOCK_DGRAM, 0, 0)
+      @machine.bind(fd, '0.0.0.0', 0)
+      @machine.connect(fd, @nameservers.sample, 53)
+      fd
+    end
+
+    def do_resolve(hostname, type, try_count = 0)
+      fd = socket_fd
+      req = prepare_request_packet(hostname, type)
+      msg = req.encode
+      @machine.send(fd, msg, msg.bytesize, 0)
+
+      buf = +''
+      @machine.recv(fd, buf, 16384, 0)
+
+      msg = Resolv::DNS::Message.decode buf
+      addrs = []
+      msg.each_answer do |name, ttl, data|
+        p [name, ttl, data]
+        if data.kind_of?(Resolv::DNS::Resource::IN::A) ||
+          data.kind_of?(Resolv::DNS::Resource::IN::AAAA)
+          addrs << data.address.to_s
+        end
+      end
+      addrs
+    end
+
+    def prepare_request_packet(hostname, type)
+      msg = Resolv::DNS::Message.new
+      msg.id = (@last_id += 1)
+      msg.rd = 1
+      msg.add_question hostname, msg_type(type)
+      msg
+    end
+
+    def msg_type(type)
+      # TODO: add support for other types
+      Resolv::DNS::Resource::IN::A
+    end
+  end
+end

data/lib/uringmachine/ssl/context_builder.rb

@@ -0,0 +1,96 @@
+module UringMachine
+  module SSL
+    class ContextBuilder
+      def initialize(params, log_writer)
+        @params = params
+        @log_writer = log_writer
+      end
+
+      def context
+        ctx = SSL::Context.new
+
+        if defined?(JRUBY_VERSION)
+          unless params['keystore']
+            log_writer.error "Please specify the Java keystore via 'keystore='"
+          end
+
+          ctx.keystore = params['keystore']
+
+          unless params['keystore-pass']
+            log_writer.error "Please specify the Java keystore password  via 'keystore-pass='"
+          end
+
+          ctx.keystore_pass = params['keystore-pass']
+          ctx.keystore_type = params['keystore-type']
+
+          if truststore = params['truststore']
+            ctx.truststore = truststore.eql?('default') ? :default : truststore
+            ctx.truststore_pass = params['truststore-pass']
+            ctx.truststore_type = params['truststore-type']
+          end
+
+          ctx.cipher_suites = params['cipher_suites'] || params['ssl_cipher_list']
+          ctx.protocols = params['protocols'] if params['protocols']
+        else
+          if params['key'].nil? && params['key_pem'].nil?
+            log_writer.error "Please specify the SSL key via 'key=' or 'key_pem='"
+          end
+
+          ctx.key = params['key'] if params['key']
+          ctx.key_pem = params['key_pem'] if params['key_pem']
+          ctx.key_password_command = params['key_password_command'] if params['key_password_command']
+
+          if params['cert'].nil? && params['cert_pem'].nil?
+            log_writer.error "Please specify the SSL cert via 'cert=' or 'cert_pem='"
+          end
+
+          ctx.cert = params['cert'] if params['cert']
+          ctx.cert_pem = params['cert_pem'] if params['cert_pem']
+
+          if ['peer', 'force_peer'].include?(params['verify_mode'])
+            unless params['ca']
+              log_writer.error "Please specify the SSL ca via 'ca='"
+            end
+            # needed for UM::SSL::Socket#peercert, env['puma.peercert']
+            require 'openssl'
+          end
+
+          ctx.ca = params['ca'] if params['ca']
+          ctx.ssl_cipher_filter = params['ssl_cipher_filter'] if params['ssl_cipher_filter']
+          ctx.ssl_ciphersuites = params['ssl_ciphersuites'] if params['ssl_ciphersuites'] && HAS_TLS1_3
+
+          ctx.reuse = params['reuse'] if params['reuse']
+        end
+
+        ctx.no_tlsv1   = params['no_tlsv1'] == 'true'
+        ctx.no_tlsv1_1 = params['no_tlsv1_1'] == 'true'
+
+        if params['verify_mode']
+          ctx.verify_mode = case params['verify_mode']
+                            when "peer"
+                              SSL::VERIFY_PEER
+                            when "force_peer"
+                              SSL::VERIFY_PEER | SSL::VERIFY_FAIL_IF_NO_PEER_CERT
+                            when "none"
+                              SSL::VERIFY_NONE
+                            else
+                              log_writer.error "Please specify a valid verify_mode="
+                              SSL::VERIFY_NONE
+                            end
+        end
+
+        if params['verification_flags']
+          ctx.verification_flags = params['verification_flags'].split(',').
+            map { |flag| SSL::VERIFICATION_FLAGS.fetch(flag) }.
+            inject { |sum, flag| sum ? sum | flag : flag }
+        end
+
+        ctx
+      end
+
+      private
+
+      attr_reader :params, :log_writer
+    end
+  end
+end