## Bug
Fixes https://github.com/nim-lang/Nim/issues/12381 - HttpClient socket
handle leak
To replicate the bug, run the following code in a loop:
```nim
import httpclient
while true:
echo "New loop"
var client = newHttpClient(timeout = 1000)
try:
let response = client.request("http://10.44.0.4/bla", httpMethod = HttpPost, body = "boo")
echo "HTTP " & $response.status
except CatchableError as e:
echo "Error sending logs: " & $e.msg
finally:
echo "Finally"
client.close()
```
Note the IP address as the hostname. I'm directly connecting to a
plausible local IP, but one that does not resolve, as I have everything
under 10.4.x.x.
The output looks like this to me:
```
New loop
Error sending logs: Operation timed out
Finally
New loop
Error sending logs: Operation timed out
Finally
New loop
...
```
In Nim 2.0.4, running the code above leaks the socket:
<img width="944" alt="Screenshot 2024-05-05 at 22 00 13"
src="https://github.com/nim-lang/Nim/assets/53387/ddac67db-d7df-45e6-b7a5-3d42f79775ea">
## Fix
With the added line of code, each old socket is cleanly removed:
<img width="938" alt="Screenshot 2024-05-05 at 21 54 18"
src="https://github.com/nim-lang/Nim/assets/53387/5b0b4b2d-d4f0-4e74-a9cf-74aec0c50d2e">
I believe the line below, `closeUnusedFds(ord(domain))` was supposed to
clean up the failed connection attempts, but it failed to do so for the
last one, assuming it succeeded. Yet it didn't. This fix makes sure
failed connections are closed immediately.
## Tests
I don't have a test with this PR. When testing locally, the
`connect(lastFd, ..)` call on line 2032 blocks for ~75 seconds, ignoring
the http timeout. I fear any test I could add would either 1) take way
too long, 2) one day run in an environment where my randomly chosen IP
is real, yielding in weird flakes.
The only bug i can imagine is if running `lastFd.close()` twice is a bad
idea. I tested by actually running it twice, and... no crash/op? So
seems safe? I'm hoping the CI run will be green, and this will be
enough. However I'm happy to take feedback on how I should test this,
and do the necessary changes.
~Edit: looks like a test does fail, so moving to a draft while I figure
this out.~ Attempt 2 fixed it.
* avoiding allocating an unnecessary byte for IPv4
The inet.h file uses 16 as the string in C needs the last null byte
1b929c02af/include/linux/inet.h (L49)
However, strings in Nim do not need this. So one byte is being allocated unnecessary and will never be used.
* avoid unnecessary allocation in IPv6 dollar
It is currently allocating 48 bytes. However, the Nim implementation for IPv6 will print a maximum of 39 characters. Nim does not implement IPv6 "0000:0000:0000:0000:0000:ffff:255.255.255.255" (45 characters) nor "0000:0000:0000:0000:0000:ffff:255.255.255.255%3" (47 characters).
The indication in inet.h for 48 is due to the maximum use of 47 characters of a C string that needs a null byte at the end. So 48.
1b929c02af/include/linux/inet.h (L50)
* Improve dollar
* Improve dollar
* Simplify, remove 1 if in for loop
* ci
* Update lib/pure/net.nim
* Update lib/pure/net.nim
Co-authored-by: Andreas Rumpf <rumpf_a@web.de>
* Revert "Add OpenSSL 3 support (#19814)"
This reverts commit 2dcfd73260.
* openssl 3 support no longer opt in + some 1.0 support
* hopefully fix
* maybe fix
* final attempt
* actual fix hopefully
* make more standard libraries work with `nimPreviewSlimSystem`
* typo
* part two
* Delete specutils.nim
* fixes more tests
* more fixes
* fixes tests
* fixes three more tests
* add formatfloat import
* fix
* last
* conservative partial revert of #19814
* fix
* revert tssl
* revert azure CI change
* keep azure, revert version range
* fully revert CI, add changelog
* useOpenssl3 as separate define, .3 is a version
* Minor refactor
* Add OpenSSL 3 support
Remove symbols noOpenSSLHacksq and openssl10
* Drop loading of older openssl versions
* Add library path
* Use only versioned libssl soname os OSX
* Update .github/workflows/ci_packages.yml
Co-authored-by: Hein Thant <official.heinthanth@gmail.com>
* On Mac OS X CI, link OpenSSL in /usr/local/lib/
* Install OpenSSL on Mac OS X on azure pipeline
* Remove DYLD_LIBRARY_PATH
Co-authored-by: Hein Thant <official.heinthanth@gmail.com>
Co-authored-by: Andreas Rumpf <rumpf_a@web.de>
Co-authored-by: Hein Thant <official.heinthanth@gmail.com>
* fixes#19973; switch to poll on posix
* it is fd
* exclude lwip
* fixes lwip
* rename select to timeoutRead
* refactor into timeoutRead/timeoutWrite
* refactor common parts
Co-authored-by: xflywind <43030857+xflywind@users.noreply.github.com>
The Nim manual says that an implicit conversion to cstring will
eventually not be allowed [1]:
A Nim `string` is implicitly convertible to `cstring` for convenience.
[...]
Even though the conversion is implicit, it is not *safe*: The garbage collector
does not consider a `cstring` to be a root and may collect the underlying
memory. For this reason, the implicit conversion will be removed in future
releases of the Nim compiler. Certain idioms like conversion of a `const` string
to `cstring` are safe and will remain to be allowed.
And from Nim 1.6.0, such a conversion triggers a warning [2]:
A dangerous implicit conversion to `cstring` now triggers a `[CStringConv]` warning.
This warning will become an error in future versions! Use an explicit conversion
like `cstring(x)` in order to silence the warning.
However, some files in this repo produced such a warning. For example,
before this commit, compiling `parsejson.nim` would produce:
/foo/Nim/lib/pure/parsejson.nim(221, 37) Warning: implicit conversion to 'cstring' from a non-const location: my.buf; this will become a compile time error in the future [CStringConv]
/foo/Nim/lib/pure/parsejson.nim(231, 39) Warning: implicit conversion to 'cstring' from a non-const location: my.buf; this will become a compile time error in the future [CStringConv]
This commit resolves the most visible `CStringConv` warnings, making the
cstring conversions explicit.
[1] https://github.com/nim-lang/Nim/blob/d2318d9ccfe6/doc/manual.md#cstring-type
[2] https://github.com/nim-lang/Nim/blob/d2318d9ccfe6/changelogs/changelog_1_6_0.md#type-system
Previously CVerifyPeerUseEnvVars was not being passed into
scanSslCertificates, which meant that we weren't scanning
additional certificate locations given via the SSL_CERT_FILE and
SSL_CERT_DIR environment variables
* Variant of that works with raw IpAddresses.
- Add doc tests for new net proc's.
- Aadd recvFrom impl
- Add recvFrom impl -- tweak handling data var
- Update lib/pure/net.nim
Co-authored-by: Dominik Picheta <dominikpicheta@googlemail.com>
- cleaning up sendTo args
- remove extra connect test
- cleaning up sendTo args
- fix inet_ntop test
- fix test failing - byte len
* fix test failing - byte len
* debugging odd windows build failure
* debugging odd windows build failure
* more experiments to figure out the windows failure
* try manual assigment on InAddr
Co-authored-by: Jaremy Creechley <jaremy.creechley@panthalassa.com>
* Porting Nim to run on Zephyr.
Includes changes to `std/net`.
Squashed commit of the following:
tweaking more memory / malloc things
revert back bitmasks
tweaking nim to use kernel heap as C malloc doesn't work
fixing socket polling on zephyr
cleanup getting maximum sockets for process or for rtos'es
reorganizing and fixing net for async / system
merge netlite changes back into nativesockets
merge netlite changes back into nativesockets
reverting native sockets back
tweaking nim / zephyr network
adding option to run 'net-lite' from linux
bridging zephyr's max connections
fixing net errors
fixing compilation with getAddrString
fixing compilation with getAddrString
experimenting with a nativesockets_lite ... getAddrString
experimenting with a nativesockets_lite ... getAddrString
experimenting with a nativesockets_lite ... getLocalAddr
experimenting with a nativesockets_lite ... getLocalAddr
experimenting with a nativesockets_lite ...
add note regarding incorrect FreeRTOS Sockadd_in fields
changing to NIM_STATIC_ASSERT
cleaning up the static_assert error messages
cleaning up the static_assert error messages
setting up static assert ftw!
testing compile time asserts
reworking Sockaddr objects to more closely match various platforms
reworking Sockaddr objects to more closely match various platforms
reworking Sockaddr objects to more closely match various platforms
finding missing items (issue #18684)
fixup posix constants (issue #18684)
adding plumbing for zephyr os (issue #18684)
adding plumbing for zephyr os (issue #18684)
* fixing constant capitalizations
* remove extra debug prints and fix TSa_Family/cint issue
* remove extra debug prints and fix TSa_Family/cint issue
* Porting Nim to run on Zephyr.
Includes changes to `std/net`.
Squashed commit of the following:
tweaking more memory / malloc things
revert back bitmasks
tweaking nim to use kernel heap as C malloc doesn't work
fixing socket polling on zephyr
cleanup getting maximum sockets for process or for rtos'es
reorganizing and fixing net for async / system
merge netlite changes back into nativesockets
merge netlite changes back into nativesockets
reverting native sockets back
tweaking nim / zephyr network
adding option to run 'net-lite' from linux
bridging zephyr's max connections
fixing net errors
fixing compilation with getAddrString
fixing compilation with getAddrString
experimenting with a nativesockets_lite ... getAddrString
experimenting with a nativesockets_lite ... getAddrString
experimenting with a nativesockets_lite ... getLocalAddr
experimenting with a nativesockets_lite ... getLocalAddr
experimenting with a nativesockets_lite ...
add note regarding incorrect FreeRTOS Sockadd_in fields
changing to NIM_STATIC_ASSERT
cleaning up the static_assert error messages
cleaning up the static_assert error messages
setting up static assert ftw!
testing compile time asserts
reworking Sockaddr objects to more closely match various platforms
reworking Sockaddr objects to more closely match various platforms
reworking Sockaddr objects to more closely match various platforms
finding missing items (issue #18684)
fixup posix constants (issue #18684)
adding plumbing for zephyr os (issue #18684)
adding plumbing for zephyr os (issue #18684)
* fixing constant capitalizations
* remove extra debug prints and fix TSa_Family/cint issue
* remove extra debug prints and fix TSa_Family/cint issue
* fixing PR issues
* Porting Nim to run on Zephyr.
Includes changes to `std/net`.
Squashed commit of the following:
tweaking more memory / malloc things
revert back bitmasks
tweaking nim to use kernel heap as C malloc doesn't work
fixing socket polling on zephyr
cleanup getting maximum sockets for process or for rtos'es
reorganizing and fixing net for async / system
merge netlite changes back into nativesockets
merge netlite changes back into nativesockets
reverting native sockets back
tweaking nim / zephyr network
adding option to run 'net-lite' from linux
bridging zephyr's max connections
fixing net errors
fixing compilation with getAddrString
fixing compilation with getAddrString
experimenting with a nativesockets_lite ... getAddrString
experimenting with a nativesockets_lite ... getAddrString
experimenting with a nativesockets_lite ... getLocalAddr
experimenting with a nativesockets_lite ... getLocalAddr
experimenting with a nativesockets_lite ...
add note regarding incorrect FreeRTOS Sockadd_in fields
changing to NIM_STATIC_ASSERT
cleaning up the static_assert error messages
cleaning up the static_assert error messages
setting up static assert ftw!
testing compile time asserts
reworking Sockaddr objects to more closely match various platforms
reworking Sockaddr objects to more closely match various platforms
reworking Sockaddr objects to more closely match various platforms
finding missing items (issue #18684)
fixup posix constants (issue #18684)
adding plumbing for zephyr os (issue #18684)
adding plumbing for zephyr os (issue #18684)
* fixing constant capitalizations
* remove extra debug prints and fix TSa_Family/cint issue
* remove extra debug prints and fix TSa_Family/cint issue
* Remerge
* fixing constant capitalizations
* remove extra debug prints and fix TSa_Family/cint issue
* remove extra debug prints and fix TSa_Family/cint issue
* fixing PR issues
* fix maxDescriptors on zephyr/freertos
* move maxDescriptors to selector.nim -- fixes compile issue
* change realloc impl on zephyr to match ansi c behavior
* change realloc impl on zephyr to match ansi c behavior
* force compileOnly mode for tlwip
Co-authored-by: Jaremy J. Creechley <jaremy.creechley@wavebaselabs.com>
Co-authored-by: Jaremy Creechley <jaremy.creechley@panthalassa.com>
* Only allow IPv4 literals in strict form
The strict form as defined in RFC 6943, section 3.1.1 only allows the dotted
form ddd.ddd.ddd.ddd of IPv4 literals, where ddd is a one to three digit decimal
number between 0 and 255. Until now octal numbers (with a leading zero) were
interpreted as decimal numbers which has security implications, see
CVE-2021-29922 and CVE-2021-29923.
* Update lib/pure/net.nim
Co-authored-by: Dominik Picheta <dominikpicheta@googlemail.com>
