Galen Charlton [Wed, 15 Feb 2017 19:12:34 +0000 (14:12 -0500)]
LP#1652382: handle cases where supplied key is longer than 250 bytes
With this patch, if cache clients want to use a key longer
than the memcached text protocol limit of 250 bytes, the
key is normalized to 'shortened_' + md5_hex(normalized_key).
Signed-off-by: Galen Charlton <gmc@equinoxinitiative.org> Signed-off-by: Jeff Davis <jdavis@sitka.bclibraries.ca>
Mike Rylander [Fri, 27 Jan 2017 20:25:05 +0000 (15:25 -0500)]
LP#1652382: normalization of memcache keys in C code
Memcache does not allow spaces in keys, so here we will actively strip them
from any key we get from a caller. Some callers are not very proactive about
sending clean keys, and this patch prevents issues that can poison C-based
OpenSRF service backends.
Signed-off-by: Mike Rylander <mrylander@gmail.com> Signed-off-by: Kathy Lussier <klussier@masslnc.org> Signed-off-by: Galen Charlton <gmc@equinoxinitiative.org> Signed-off-by: Jeff Davis <jdavis@sitka.bclibraries.ca>
Galen Charlton [Thu, 22 Dec 2016 10:53:12 +0000 (15:53 +0500)]
LP#1652122: fix infinite recursion in opensrf.system.method.all
Under certain circumstances, calling opensrf.system.method.all on a
Perl service can result in an infinite recursion when attempting to
serialize an OpenSRF::Application object to JSON. In particular,
this was observed to happen when doing an introspection of
the opensrf.settings service.
This patch avoids the infinite recursion (and consequent memory
leak) by ensuring that the 'session' key is slated for exclusion
from serialization from OpenSRF::Application objects during
bootstrapping.
Note that the problem does not affect all Perl services; if a
Perl service declares at least one streaming method, the auto-registration
of the .atomic method will result in 'session'-stripping.
This patch fixes a regression introduced in bug 1350457.
To test
-------
[1] Run 'introspect opensrf.settings' via srfsh; observe
that it never returns and that the opensrf.settings drone
will grow in memory sized until killed.
[2] Apply the patch, then repeat step 1. This time, the
request should succeed.
Signed-off-by: Galen Charlton <gmc@esilibrary.com> Signed-off-by: Mike Rylander <mrylander@gmail.com>
- Use "OSRFVERSION" in the master branch rather than
a specific version number; this is meant to be changed
during the release process.
- Update references to the OpenSRF downloads index
page.
Remington Steed [Mon, 21 Nov 2016 15:58:33 +0000 (10:58 -0500)]
LP#1382038: Add instructions for implied download/unpack step
Occasionally, new users have complained that the installation
instructions making too many assumptions about what a user knows. This
commit explicitly instructs users in downloading the source tarball,
unpacking it, and changing the working directory so they will be ready
for the next instructions.
This patch also refactors the code that actually does the
splitting and sending of chunked responses into a new
public function, osrfSendChunkedResult().
Signed-off-by: Galen Charlton <gmc@esilibrary.com> Signed-off-by: Ben Shum <ben@evergreener.net> Signed-off-by: Mike Rylander <miker@esilibrary.com>
Mike Rylander [Thu, 25 Aug 2016 21:42:31 +0000 (17:42 -0400)]
LP#1631522: Dispatch mode for method_lookup subrequests
There is a pattern in the wild of using OpenSRF's method_lookup() facility
to decide between one of several local methods when delegating to pre-existing
logic. Often times, we want to simply hand control over to another method,
but the output of a subrequest's run() is an array of results. The caller has
to know if, and how, to restructure the result for the client.
Instead, we can now call dispatch() instead of run() and have OpenSRF session
control completely passed to the delegate code. This way, the delegate code
need not know anything about its caller, and vice versa.
Signed-off-by: Mike Rylander <mrylander@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Galen Charlton [Tue, 1 Nov 2016 19:46:13 +0000 (15:46 -0400)]
LP#1612771: don't adjust max_stanza_size during installation
As the typical max_stanza_size for ejabberd installations
is larger than what OpenSRF now needs, this patch adjusts
the installation instructions to remove the step to change
max_stanza_size.
Bill Erickson [Thu, 27 Feb 2014 20:18:15 +0000 (15:18 -0500)]
LP#1612771: set Perl / C max_chunk_size default sizes
default max bundle size == 25K
default max chunk size == 50K
Note with Ejabberd using 65536 as the default max stanza size, these
new OpenSRF defaults mean that all messages will fit the default
message size constraints -- i.e. no more need to raise the
max_stanza_size.
Signed-off-by: Bill Erickson <berick@esilibrary.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
* Added missing max_chunk_size method to AppSession
* Copy API max_chunk_size value into the handler AppRequest
* Fix error where no-chunking resulted in empty responses
Signed-off-by: Bill Erickson <berick@esilibrary.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
This patch is first in a series of patches that provides the following
features:
* OpenSRF message bundling -- Pack multiple OpenSRF messages together
in a single XMPP envelope, as long as we believe more messages will be
sent in the future and we are below some threshold of combined message size.
The default for that threshold is 25Kb.
* OpenSRF message chunking -- Break up large OpenSRF messages across
multiple XMPP envelopes. This is implemented with a new OpenSRF message type.
C, Perl, and Javascript libraries are taught how to reconstruct chunked
messages. The default chunking threshold is 50Kb, just a bit below the default
ejabberd max stanza size of 64Kb.
This patch in particular renames "chunking" to "bundling", then
implements message splitting ("chunking") in Perl using two new
oilsResult subclasses
Signed-off-by: Mike Rylander <mrylander@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
When an OpenSRF client is run with syslog enabled and with the
OSRF_ADOPT_SYSLOG environment variable set to a true value, no attempt
is made to modify the syslog configuration, including no calls to
openlog()/closelog() and no modification of the syslog facility when
calling syslog().
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Mike Rylander [Fri, 7 Oct 2016 16:19:52 +0000 (12:19 -0400)]
LP#1631520: configure install location of Perl modules
Add --with-perlbase configure option to specify
an alternative location for installing the Perl modules. This
can be useful for setups that want to run the Perl modules
from a shared filesystem or environments that need to run
multiple versions of OpenSRF simultaneously.
Users of --with-perlbase are responsible for ensuring that
PERL5LIB is set appropriately.
To test
-------
[1] Use --with-perlbase during the configure step, e.g.,
./configure --perl-base /tmp/perl
[2] Run make; make check; sudo make install
[3] Verify that the Perl modules are installed under
/tmp/perl.
[4] Make a change to a Perl source file, then
go to src/perl, then run sudo ./Build install. Verify
that it remembers the --with-perlbase directory
and installs the updated module there.
Signed-off-by: Mike Rylander <mrylander@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Currently, there is no protocol-level mechanism for passing the client's
desired timezone to the server. In much the same way we pass the locale,
we can let the server know what timezone it should use when interpreting
time stamps.
To do this we:
* Teach perl server code to live in the client TZ, if supplied
* Teach perl client code to send the current $ENV{TZ}
* Teach javascript library to include client TZ in
gateway/translator/websocket communication
* Teach C code to pull the incoming TZ and apply it to outgoing messages
* Teach srfsh to pull TZ from the environment and pass it with requests
Signed-off-by: Mike Rylander <mrylander@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Chris Sharp [Fri, 19 Feb 2016 01:12:40 +0000 (20:12 -0500)]
LP#1551090: Adding apache2-dev dependency to xenial and fixing whitespace
Signed-off-by: Chris Sharp <csharp@georgialibraries.org> Signed-off-by: Jason Stephenson <jason@sigio.com> Signed-off-by: Ben Shum <ben@evergreener.net>
Conflicts:
src/extras/Makefile.install
Chris Sharp [Thu, 18 Feb 2016 23:10:34 +0000 (18:10 -0500)]
LP#1551090: Since we move apache to the "install_extra_debs*" targets,
we need to move debian_sys_config further down to compensate.
Signed-off-by: Chris Sharp <csharp@georgialibraries.org> Signed-off-by: Jason Stephenson <jason@sigio.com> Signed-off-by: Ben Shum <ben@evergreener.net>
Chris Sharp [Thu, 18 Feb 2016 00:35:02 +0000 (19:35 -0500)]
LP#1551090: Adding necessary connectivity for xenial deb installation.
Signed-off-by: Chris Sharp <csharp@georgialibraries.org> Signed-off-by: Jason Stephenson <jason@sigio.com> Signed-off-by: Ben Shum <ben@evergreener.net>
Chris Sharp [Thu, 18 Feb 2016 00:26:01 +0000 (19:26 -0500)]
LP#1551090: Adding apache2 package to Makefile.install deb list.
Signed-off-by: Chris Sharp <csharp@georgialibraries.org> Signed-off-by: Jason Stephenson <jason@sigio.com> Signed-off-by: Ben Shum <ben@evergreener.net>
Chris Sharp [Wed, 17 Feb 2016 20:28:05 +0000 (15:28 -0500)]
LP#1551090: Updating Makefile to accommodate ubuntu-xenial target.
Removing some redundancy in the extra debs lists.
Signed-off-by: Chris Sharp <csharp@georgialibraries.org> Signed-off-by: Jason Stephenson <jason@sigio.com> Signed-off-by: Ben Shum <ben@evergreener.net>
Conflicts:
src/extras/Makefile.install
Now that Debian Squeeze's LTS (long-term support) period
has ended, Evergreen no longer offers community support
for that distribution. This patch removes references
to Squeeze from the installation scripts and documentation.
To test:
[1] Verify that Debian Squeeze is no longer referenced in
the installation documentation.
Signed-off-by: Galen Charlton <gmc@esilibrary.com> Signed-off-by: Ben Shum <ben@evergreener.net>
Mike Rylander [Wed, 30 Jul 2014 17:29:46 +0000 (13:29 -0400)]
LP#1350457: Pass caller's session to subrequests called via method_lookup
In the process of looking up a method for an internal subrequest, we lose
session info. This is a problem when the subrequest makes a remote request,
because then the subrequest can't look up the proper locale, among other
things. The forthcoming branch passes the caller's session to the subrequest.
This patch also teaches OpenSRF object registration how to strip certain
object members -- in particular, the session -- so that introspection
continues to work.
Signed-off-by: Mike Rylander <mrylander@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Mike Rylander [Thu, 10 Sep 2015 20:56:13 +0000 (16:56 -0400)]
LP#1494486: Limit damage caused by dropped drone XMPP sockets
It is apparently possible for drones to get into a state where their XMPP
socket is closed but they don't notice. This is bad because the drone can
continue to receive requests from its listener but can no longer respond
to them. To limit the pain this can cause, we should kill the drone as soon
as we notice this condition.
To avoid overhead, this commit notices when the socket returns an error (or
raises a signal, in Perl) upon write, and exits immediately. One message
will be lost, but the drone will no longer be a black hole that does nothing
but absorb requests it can never fill.
To test
-------
[1] Start an OpenSRF stack and look for a drone process.
[2] Use lsof to identify which socket that drone is using
to talk to XMPP.
[3] Use gdb to attach to the process and close the socket, e.g.,
$ gdb -p $PID
(gdb) p close(11) # or whatever the socket number was
(gdb) c
[4] Use srfsh to make requests of that service. Eventually, one
of them will hit the drone.
[5] Sans patch, the request will get handled by the drone, but
the results will never get sent, and the drone will remain
available to handle other requests.
[6] With the patch, the drone will exit when it discovers that it
can no longer write to the XMPP socket.
Signed-off-by: Mike Rylander <mrylander@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Galen Charlton [Wed, 3 Jun 2015 17:42:06 +0000 (17:42 +0000)]
LP#1461625: ensure srfsh doesn't close STDOUT prematurely
Ensure that when running srfsh in non-interactive mode
that reads commands directly from a file, (i.e.,
"srfsh script.srfsh" or as a shebang script), it does
not close STDOUT after handling the first request.
To test
-------
[1] Create a srfsh script containing:
[2] Run "srfsh script.srfsh". Note that only the
results of the first echo request are output.
[3] Apply the patch and recompile, then run
"srfsh script.srfsh" again. This time, the
output of both requests is displayed.
Signed-off-by: Galen Charlton <gmc@esilibrary.com> Signed-off-by: Mike Rylander <mrylander@gmail.com>
Galen Charlton [Tue, 24 Mar 2015 21:00:57 +0000 (21:00 +0000)]
LP#1436047: make srfsh --safe act as if "! command" doesn't exist
This patch make srfsh treat attempting to run an external
command via "! command" as a parsing error if --safe is
supplied. It also suppress mention of "! commands" from
the internal help.
Signed-off-by: Galen Charlton <gmc@esilibrary.com> Signed-off-by: Mike Rylander <mrylander@gmail.com>
Mike Rylander [Tue, 24 Mar 2015 20:22:16 +0000 (16:22 -0400)]
LP#1436047: Allow disabling of "bang commands" in srfsh
srfsh has the ability to execute commands via system() calls using
the common "!command" syntax. This is very useful, but it would
be nice to be able to turn that functionality off in some cases.
This branch adds argument parsing to detect a new '--safe' command
line parameter, which disables the "!command" syntax.
Signed-off-by: Mike Rylander <mrylander@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Avoid referencing variable defined somewhere outside the send_ws()
function. Doing so happened to result in re-sending the same message
twice in some cases.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Mike Rylander <mrylander@gmail.com>
Ben Shum [Mon, 10 Nov 2014 17:20:31 +0000 (12:20 -0500)]
LP#1391248: Fix NameVirtualHost warnings in websockets apache2.conf
For the websockets configuration, the sample apache2.conf for Apache 2.4 (i.e.
Ubuntu 14.04, etc.) contains NameVirtualHost entries that are no longer
needed.
When starting apache2-websockets, you may see warnings like:
AH00548: NameVirtualHost has no effect and will be removed in the next
release /etc/apache2-websockets/apache2.conf:53
Remove the NameVirtualHost entries and these warnings go away.
Signed-off-by: Ben Shum <bshum@biblio.org> Signed-off-by: Bill Erickson <berickxx@gmail.com>
Ben Shum [Sat, 13 Sep 2014 22:23:46 +0000 (18:23 -0400)]
LP#1369169: Mention the requirement for valid SSL certificate
The apache2-websockets instance will not start without a valid SSL certificate
in /etc/apache2/ssl. Include a mention of this in the README with the extra
stipulation that it is still possible to use a self-signed SSL certificate for
testing purposes, but this is not recommended for live installations.
Signed-off-by: Ben Shum <bshum@biblio.org> Signed-off-by: Bill Erickson <berickxx@gmail.com>
Ben Shum [Fri, 12 Sep 2014 21:58:11 +0000 (17:58 -0400)]
LP#1369169: Add websockets section to the OpenSRF README
Remove the separate README.websockets and move the contents into the primary
OpenSRF README document so that all steps are in one place.
Additional edits to the websockets instructions to detail differences made
between Ubuntu 14.04 Trusty and Debian / Ubuntu 12.04 Precise. More edits
may be necessary for Debian Jessie later?
Also, create a separate config file for Apache 2.4 that is copied into place
for Ubuntu Trusty and potentially other systems that will need it.
Signed-off-by: Ben Shum <bshum@biblio.org> Signed-off-by: Bill Erickson <berickxx@gmail.com>
Ben Shum [Sat, 13 Sep 2014 22:04:54 +0000 (18:04 -0400)]
LP#1369169: Add Apache 2.4 specific configuration file for websockets
For Apache 2.4, there were some necessary modifications for running the
websockets code properly. Similar to how we do things in Evergreen, we
added a new directory for apache_24 which contains the modified apache2.conf
file.
Signed-off-by: Ben Shum <bshum@biblio.org> Signed-off-by: Bill Erickson <berickxx@gmail.com>
This allows the OpenSRF JavaScript client library (or
to be precise, one that has been modified to direct
requests at a different domain) to take advantage of CORS
support.
Bennett Goble [Tue, 22 May 2012 15:57:56 +0000 (11:57 -0400)]
LP#1002028: Cross Origin Resource Sharing for OpenSRF
Background
----------
Browsers' same-origin policy currently restricts requests to the current
website's domain to prevent various nefarious scenarios. However,
because APIs and other web resources need to remain open to cross-site
use Cross Origin Resource Sharing (CORS) was created to allow services
to formally authorize cross-origin requests. CORS makes it simple to use
OpenSRF's HTTP translator and gateway APIs on websites using separate
domains.
Example Scenarios
-----------------
1) A library would like an AJAX-driven "quicksearch" box on their main
site, which is hosted on a different domain than their catalog.
2) A developer wants to create new web applications and services that
tie into Evergreen, but does not wish to install EG locally or
configure a proxy.
Implementation
--------------
The function crossOriginHeaders() has been added to apachetools.c.
Incoming requests are checked to see if they have an Origin header. The
value of the Origin header is checked against a whitelist defined in
opensrf_core.xml config (XPath: /config/gateway/cross_origin/origin).
The function returns 1 if CORS headers have been added to the response.
Notes
-----
* The OpenSRF Javascript client library (opensrf.js) defaults to the root
of the current web host "/osrf-http-translator." In addition, synchronous
requests are presumed in some situations: resulting in the oncomplete
method never returning (Blocking requests are not possible with cross-
domain XHR.)
* It is also possible to enable CORS with the Apache "set header"
configuration directive. However, this means that the necessary headers
would be appended to every response.
Links
-----
Specification - http://www.w3.org/TR/cors/
Wikipedia Article - http://en.wikipedia.org/wiki/Cross-origin_resource_sharing
Josh Stompro [Wed, 21 May 2014 13:26:53 +0000 (08:26 -0500)]
(doc) Reorder changes to ejabberd.cfg in install instructions
I found it annoying that the list of changes to make to ejabberd.cfg
didn't follow the order that the options showed up in the default
Debian ejabberd.cfg. I reordered them so after you finish changing one
option, you can search forward in the document for the next term.
Mike Rylander [Wed, 30 Jul 2014 17:29:46 +0000 (13:29 -0400)]
LP#1350457: Pass caller's session to subrequests called via method_lookup
In the process of looking up a method for an internal subrequest, we lose
session info. This is a problem when the subrequest makes a remote request,
because then the subrequest can't look up the proper locale, among other
things. The forthcoming branch passes the caller's session to the subrequest.
Signed-off-by: Mike Rylander <mrylander@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
The most common form of XMPP error messages are "bounced" messages, i.e.
those where the recipient is not available. Instead of passing these
useless and confusing messages down to a drone for processing, log the
error in the listener and drop the message.
Signed-off-by: Bill Erickson <berick@esilibrary.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
There appears to be a bug in Chromium where loading the same page
multiple times (without a refresh or cache clear) causes the
SharedWorker to fail to instantiate on every other page load.
Further research pending. Disabling SharedWorker's entirely for
now.
Note, to replicate, load a page using shared workers, focus the
browser address bar, hit Enter to load the page again. The shared
worker will fail to load on every other page load, though it will
appear to the SharedWorker caller (opensrf.js) that the port is open.
Signed-off-by: Bill Erickson <berick@esilibrary.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
* avoid unneccessary and wrong incantation of apr_thread_exit. The two
sub-threads now both live for the duration of the process.
* to be safe, create thread mutex before threads
Signed-off-by: Bill Erickson <berick@esilibrary.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
It was falling behind the shared lib in bug fixes and features. A
per-tab WS implementation is (maybe) a dangerous thing to have around,
as well, since it encourages /many/ connections. Can resurrect later if
needed.
Signed-off-by: Bill Erickson <berick@esilibrary.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
projects / OpenSRF.git / log