This commit converts TLS::TLSv12 to a Core::Stream object, and in the
process allows TLS to now wrap other Core::Stream::Socket objects.
As a large part of LibHTTP and LibGemini depend on LibTLS's interface,
this also converts those to support Core::Stream, which leads to a
simplification of LibHTTP (as there's no need to care about the
underlying socket type anymore).
Note that RequestServer now controls the TLS socket options, which is a
better place anyway, as RS is the first receiver of the user-requested
options (though this is currently not particularly useful).
pending_bytes() and can_read_without_blocking() should also take
the buffered data into account, otherwise we'll end up pretending that
the socket cannot be read from while it has buffered data.
This is equivalent to Core::Socket::set_notifications_enabled(), and
serves to disable the on_ready_to_read() notifications, as the sockets
often implement these using the event loop, this method can help avoid
waking the event loop and spamming useless calls to on_ready_to_read().
release_fd() releases the fd associated with the LocalSocket it is
called on. This is analogous to release_value() on container objects in
AK, after which the object does not contain the value.
This functionality is required by Core::LocalServer and LibIPC depends
on LibCore.
take_over_accepted_socket_from_system_server has also been renamed to
take_over_socket_from_system_server as the socket need not be accepted
before taking it over. :^)
In order to avoid having multiple instances, we were keeping a pointer
to these singleton objects and only allocating them when it was null.
We have `__cxa_guard_{acquire,release}` in the userland, so there's no
need to do this dance, as the compiler will ensure that the constructors
are only called once.
There's no need to allocate a String for these. Note the "string"
parameter of DateTime::parse is left as a String for now; the parser is
currently using strtol which needs a NUL-terminated string. This method
can likely be rewritten with GenericLexer.
The default format string is used in many applications/services like
FileManager/FileSystemAccessServer. Showing the time zone in e.g. the
last modified time for every file in FileManager is feeling a bit over
the top, so let's revert this change and assume the user is smart enough
to know what time zone they are in.
This formats the time zone name. This is now used in the default format
string because DateTime is meant to represent local time; it only makes
sense to include the time zone by default now that we support non-UTC.
Apologies for the enormous commit, but I don't see a way to split this
up nicely. In the vast majority of cases it's a simple change. A few
extra places can use TRY instead of manual error checking though. :^)
Reverts recent change introduced to support implicit symbolic permission
which broke the parser when multiple classes are specified.
The state machine must assume it's dealing with classes until an
operation character is consumed.
It's a bad idea to have a global event loop in a client application as
that will cause an initialization-order fiasco in ASAN. Therefore, LibC
now has a flag "s_global_initializers_ran" which is false until _entry
in crt0 runs, which in turn only gets called after all the global
initializers were actually executed. The EventLoop constructor checks
the flag and crashes the program if it is being called as a global
constructor. A note next to the VERIFY_NOT_REACHED() informs the
developer of these things and how we usually instantiate event loops.
The upshot of this is that global event loops will cause a crash before
any undefined behavior is hit.
The event loop is responsible for handling POSIX signals while it's
running. The signal handler adds the signals to a wake pipe which is
then read after the select'ing code in wait_for_event. Problems happen,
however, when another signal comes in after the select wake: the signal
will interrupt the next syscall, the `read` from the wake pipe, and the
resulting EINTR in wait_for_event causes the program to crash. This is
undesirable. Instead, we want to retry reading as long as we're
interrupted.
After the previous change, the wake pipe was only being created on the
main thread by the main event loop. This change utilizes a flag to
always initialize the wake pipe on other threads. Because the pipe is
quite expensive (it will count towards the file descriptor limit, for
instance), we do the initialization "lazily": Only when an event loop is
constructed and it notices that there hasn't been a wake pipe created on
its thread, it will create the pipe. Conversely, this means that there
are no pipes on threads that never use an event loop.
The event loop system was previously very singletony to the point that
there's only a single event loop stack per process and only one event
loop (the topmost) can run at a time. This commit simply makes the event
loop stack and related structures thread-local so that each thread has
an isolated event loop system.
Some things are kept at a global level and synchronized with the new
MutexProtected: The main event loop needs to still be obtainable from
anywhere, as it closes down the application when it exits. The ID
allocator is global as IDs should not be shared even between threads.
And for the inspector server connection, the same as for the main loop
holds.
Note that currently, the wake pipe is only created by the main thread,
so notifications don't work on other threads.
This removes the temporary mutex fix for notifiers, introduced in
0631d3fed5 .
Previously, we weren't ever populating the read buffer in read(), which
was making the BufferedHelper useless, how silly :^). This introduces
a buffer refill when we have run out of buffered samples, restoring
FlacLoader performance from the new low of 200% (directly before this
commit) to the old level of ~1400%.
MemoryStream is the Core::Stream API's streamlike access to a chunk of
memory, mimicking AK::DuplexMemoryStream. The implementation is very
similar, except that no APIs except the SeekableStream operations
currently exist. This will be fine for the first users and can be
expanded upon later.
BigEndianInputBitStream is the Core::Stream API's bitwise input stream
for big endian input data. The functionality and bitwise read API is
almost unchanged from AK::BitStream, except that this bit stream only
supports big endian operations.
As the behavior for mixing big endian and little endian reads on
AK::BitStream is unknown (and untested), it was never done anyways. So
this was a good opportunity to split up big endian and little endian
reading.
Another API improvement from AK::BitStream is the ability to specify
the return type of the bit read function. Always needing to static_cast
the result of BitStream::read_bits_big_endian into the desired type is
adding a lot of avoidable noise to the users (primarily FlacLoader).
This hides the method Group::add_group() on both MacOS and OpenBSD since
the function putgrent(), which is essential for add_group() to work, is
not available on these OSes.
This mirrors the previous default in Core::LocalSocket, and is the safer
default anyway. This prevents fds from living on in other processes when
exec() is called in certain programs such as Assistant.
Fixes#12029.
This is wrong because we have already set the fd in the
PosixSocketHelper, and the destructor of the respective Socket class
will close the fd for us. With the manual closing of the fd, we attempt
to close the same fd twice which results in a crash.
Thanks to stelar7 for noticing this bug.
This adds the Core::Group C++ abstraction to ease interaction with the
group entry database, as well as represent the Group entry.
Core::Group abstraction currently contains the following functionality:
- Add a group entry - 'Core::Group::add_group()'
This change unfortunately cannot be atomically made without a single
commit changing everything.
Most of the important changes are in LibIPC/Connection.cpp,
LibIPC/ServerConnection.cpp and LibCore/LocalServer.cpp.
The notable changes are:
- IPCCompiler now generates the decode and decode_message functions such
that they take a Core::Stream::LocalSocket instead of the socket fd.
- IPC::Decoder now uses the receive_fd method of LocalSocket instead of
doing system calls directly on the fd.
- IPC::ConnectionBase and related classes now use the Stream API
functions.
- IPC::ServerConnection no longer constructs the socket itself; instead,
a convenience macro, IPC_CLIENT_CONNECTION, is used in place of
C_OBJECT and will generate a static try_create factory function for
the ServerConnection subclass. The subclass is now responsible for
passing the socket constructed in this function to its
ServerConnection base; the socket is passed as the first argument to
the constructor (as a NonnullOwnPtr<Core::Stream::LocalServer>) before
any other arguments.
- The functionality regarding taking over sockets from SystemServer has
been moved to LibIPC/SystemServerTakeover.cpp. The Core::LocalSocket
implementation of this functionality hasn't been deleted due to my
intention of removing this class in the near future and to reduce
noise on this (already quite noisy) PR.
