The closed flag isn't a good design by any means, but let's have this
working first before I get rid of the flag and potentially create a
non-backportable commit.
* asyncnet, net: don't attempt SSL_shutdown if a fatal error occurred
Per TLS standard and SSL_shutdown(3ssl). This should prevent errors
coming from a close() after a bad event (ie. the other end of the pipe
is closed before shutdown can be negotiated).
Ref #9867
* tssl: try sending until an error occur
* tssl: cleanup
* tssl: actually run the test
I forgot to make the test run :P
* tssl: run the test on ARC, maybe then it'll be happy
* tssl: turns off ARC, switch tlsEmulation on for freebsd
* tssl: document why tlsEmulation is employed
* net: move SafeDisconn handling logic to socketError
Per SSL_get_error(3):
The current thread's error queue must be empty before the TLS/SSL I/O
operation is attempted, or SSL_get_error() will not work reliably.
There has been records of not clearing the error queue causing weird SSL
errors when there shouldn't be any, see:
https://github.com/openssl/openssl/issues/11889
* added high level sendTo and recvFrom to std/asyncnet; tests were also added.
* add .since annotation, a changelog entry and fixed to standard library style guide.
* Improved asserts msgs and added notes for use with UDP sockets
* pointers removed in parameters and fixes
* added .since annotation
* minor fixes
* added high level sendTo and recvFrom to std/asyncnet; tests were also added.
* add .since annotation, a changelog entry and fixed to standard library style guide.
* Improved asserts msgs and added notes for use with UDP sockets
* make i2d_X509 and d2i_X509 always available
i2d_X509 and d2i_X509 have been available in all versions of OpenSSL, so
make them available even if nimDisableCertificateValidation is set.
* introduce getPeerCertificates, fixes#13299
getPeerCertificates retrieves the verified certificate chain of the peer
we are connected to through an SSL-wrapped Socket/AsyncSocket. This
introduces the new type Certificate which stores a DER-encoded X509 certificate.
* fixes overloading resolution for passing owned(Future[string]) to Future[T]
* WIP: make --newruntime work with .async
* memtracker: make it compile again
* make Nimble compile again
Unfortunately this required some code duplication because the
doConnect() from asynccommon.nim only works with addrInfo which does not
make sense for AF_UNIX.
makeUnixAddr() was moved to nativesocket.nim and exported
* Implement dial, support IPv6 in httpclient
Added ``dial`` procedure to networking modules: ``net``, ``asyncdispatch``,
``asyncnet``. It merges socket creation, address resolution, and connection
into single step. When using ``dial``, you don't have to worry about
IPv4 vs IPv6 problem.
Fixed addrInfo loop in connect to behave properly.
Previously it would stop on first non-immediate failure, instead of
continuing and trying the remaining addresses.
Fixed newAsyncNativeSocket to raise proper error if socket creation
fails.
Fixes: #3811
* Check domain during connect() only on non-Windows
This is how it was in the previous implementation of connect().
* Call 'osLastError' before 'close' in net.dial
* Record osLastError before freeAddrInfo in net.dial
* Add missing docs for 'dial' proc
* Optimize dial to create one FD per domain, add tests
And make async IPv6 servers work on Windows.
* Add IPv6 test to uri module
* Fix getAddrString error handling
