unit.git/src, branch 1.34 Universal Web Application Server java: websocket: Additional payload length validation 2025-02-25T17:08:06+00:00 Mark Thomas markt@apache.org 2020-06-29T13:02:59+00:00 e857293f5aae004403490cf0f62187959951769c <https://bz.apache.org/bugzilla/show_bug.cgi?id=64563> Patch taken from <https://github.com/apache/tomcat/commit/1c1c77b0efb667cea80b532440b44cea1dc427c3.patch> [ Subject / message tweak - Andrew ] Signed-off-by: Andrew Clayton <a.clayton@nginx.com> 
<https://bz.apache.org/bugzilla/show_bug.cgi?id=64563>

Patch taken from <https://github.com/apache/tomcat/commit/1c1c77b0efb667cea80b532440b44cea1dc427c3.patch>

[ Subject / message tweak - Andrew ]
Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
java: websocket: Fix calculation of payload length for > 32bit values 2025-02-25T17:08:06+00:00 Mark Thomas markt@apache.org 2020-06-29T14:08:25+00:00 c1372d1e43bd0457c8a00b055f667022c54d7219 Patch taken from <https://github.com/apache/tomcat/commit/1cddae8da4ecb4ac04575d3b5fba2daa2e0c8ead.patch> [ Subject / message tweak - Andrew ] Signed-off-by: Andrew Clayton <a.clayton@nginx.com> 
Patch taken from <https://github.com/apache/tomcat/commit/1cddae8da4ecb4ac04575d3b5fba2daa2e0c8ead.patch>

[ Subject / message tweak - Andrew ]
Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
otel: remove deadcode 2025-01-10T16:33:06+00:00 Ava Hahn a.hahn@f5.com 2025-01-07T23:27:26+00:00 b5db00124153ed4caa84d826d63820c42b1d1f11 The superfluous else condition in nxt_otel_propagate_header was dead code. This commit removes it. Signed-off-by: Ava Hahn <a.hahn@f5.com> 
The superfluous else condition in nxt_otel_propagate_header was dead code.
This commit removes it.

Signed-off-by: Ava Hahn <a.hahn@f5.com>
otel: fix segfaults when otel not configured 2025-01-10T16:33:06+00:00 Ava Hahn a.hahn@f5.com 2025-01-07T02:47:47+00:00 2dc9a4edaf4ffc9fb43b1d9563ea57c80d889d5a This commit adds NULL checks for the request->otel object that were missed in the Traceparent and Tracestate routines. Closes: https://github.com/nginx/unit/issues/1523 Closes: https://github.com/nginx/unit/issues/1526 Fixes: 9d3dcb800 ("otel: add build tooling to include otel code") Signed-off-by: Ava Hahn <a.hahn@f5.com> 
This commit adds NULL checks for the request->otel object that
were missed in the Traceparent and Tracestate routines.

Closes: https://github.com/nginx/unit/issues/1523
Closes: https://github.com/nginx/unit/issues/1526
Fixes: 9d3dcb800 ("otel: add build tooling to include otel code")
Signed-off-by: Ava Hahn <a.hahn@f5.com>
wasm-wc: Update crates 2024-12-18T18:27:08+00:00 Andrew Clayton a.clayton@nginx.com 2024-12-18T04:13:21+00:00 e812f15fc16a8f3b9dac74e4cef732df129815f3 Run 'cargo update' to get the latest version of the required crates in preparation for the 1.34.0 release. This resolves a dependabot notification regarding 'idna'. Link: <https://github.com/nginx/unit/security/dependabot/13> Signed-off-by: Andrew Clayton <a.clayton@nginx.com> 
Run 'cargo update' to get the latest version of the required crates in
preparation for the 1.34.0 release.

This resolves a dependabot notification regarding 'idna'.

Link: <https://github.com/nginx/unit/security/dependabot/13>
Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
otel: Update crates 2024-12-18T03:55:30+00:00 Andrew Clayton a.clayton@nginx.com 2024-12-05T21:27:46+00:00 0959ff0b5d2b1fb9d97abead055ca2ba47bb84a3 Run 'cargo update' to get the latest version of the required crates in preparation for the 1.34.0 release. The rustls update fixes a panic in `rustls::server::Acceptor::accept()`, but Unit does not use this code path and was not affected. Link: <https://rustsec.org/advisories/RUSTSEC-2024-0399.html> Link: <https://github.com/nginx/unit/security/dependabot/11> Closes: <https://github.com/nginx/unit/issues/1503> Signed-off-by: Andrew Clayton <a.clayton@nginx.com> 
Run 'cargo update' to get the latest version of the required crates in
preparation for the 1.34.0 release.

The rustls update fixes a panic in `rustls::server::Acceptor::accept()`,
but Unit does not use this code path and was not affected.

Link: <https://rustsec.org/advisories/RUSTSEC-2024-0399.html>
Link: <https://github.com/nginx/unit/security/dependabot/11>
Closes: <https://github.com/nginx/unit/issues/1503>
Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
wasm-wc: Update to wasmtime 27.0.0 2024-12-18T03:53:37+00:00 Andrew Clayton a.clayton@nginx.com 2024-12-12T23:03:05+00:00 f5371e958e5296b95539d0529a6d06cb34944951 For no real reason other than to be on the latest release for the next release of Unit... Signed-off-by: Andrew Clayton <a.clayton@nginx.com> 
For no real reason other than to be on the latest release for the next
release of Unit...

Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
otel: Disable static_mut_refs warning for nxt_otel_rs_span_tx() 2024-12-10T23:08:28+00:00 Andrew Clayton a.clayton@nginx.com 2024-12-10T18:30:42+00:00 f189d39359cfb9e205d2c5827d67685123b1754d When compiling OTEL support with rustc 1.83.0 we started getting the following warning Compiling otel v0.1.0 (/home/andrew/src/unit/src/otel) warning: creating a mutable reference to mutable static is discouraged --> src/lib.rs:42:9 | 42 | SPAN_TX.take(); | ^^^^^^^^^^^^^^ mutable reference to mutable static | = note: for more information, see <https://doc.rust-lang.org/nightly/edition-guide/rust-2024/static-mut-references.html> = note: mutable references to mutable statics are dangerous; it's undefined behavior if any other pointer to the static is used or if any other reference is created for the static while the mutable reference lives = note: `#[warn(static_mut_refs)]` on by default warning: `otel` (lib) generated 1 warning Finished `release` profile [optimized] target(s) in 1m 07s However it *seems* our usage is OK, so we can disable this warning (which it seems will soon turn into a hard error), fortunately we only need to disable it for the nxt_otel_rs_span_tx() function. Signed-off-by: Andrew Clayton <a.clayton@nginx.com> 
When compiling OTEL support with rustc 1.83.0 we started getting the
following warning

     Compiling otel v0.1.0 (/home/andrew/src/unit/src/otel)
  warning: creating a mutable reference to mutable static is discouraged
    --> src/lib.rs:42:9
     |
  42 |         SPAN_TX.take();
     |         ^^^^^^^^^^^^^^ mutable reference to mutable static
     |
     = note: for more information, see <https://doc.rust-lang.org/nightly/edition-guide/rust-2024/static-mut-references.html>
     = note: mutable references to mutable statics are dangerous; it's undefined behavior if any other pointer to the static is used or if any other reference is created for the static while the mutable reference lives
     = note: `#[warn(static_mut_refs)]` on by default

  warning: `otel` (lib) generated 1 warning
      Finished `release` profile [optimized] target(s) in 1m 07s

However it *seems* our usage is OK, so we can disable this warning
(which it seems will soon turn into a hard error), fortunately we only
need to disable it for the nxt_otel_rs_span_tx() function.

Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
wasm: Fix build with wasmtime 27.0.0 2024-11-26T18:05:07+00:00 Sergey A. Osokin osa@FreeBSD.org.ru 2024-11-23T03:13:18+00:00 6cc4d706fba2577babc076ad0d2ef145c0c648d7 Wasmtime 27.0.0 adjusted the C API to start flowing through the directory and file permission bits of the underlying rust wasi_config_preopen_dir() implementation. The directory permissions control whether a directory is read-only or whether you can create/modify files within. You always need at least WASMTIME_WASI_DIR_PERMS_READ. The file permissions control whether you can read or read/write files. WASMTIME_WASI_FILE_PERMS_WRITE seems to imply WASMTIME_WASI_FILE_PERMS_READ (but we add both just to make it clear what we want) [ Permissions tweak and commit message - Andrew ] Signed-off-by: Andrew Clayton <a.clayton@nginx.com> 
Wasmtime 27.0.0 adjusted the C API to start flowing through the
directory and file permission bits of the underlying rust
wasi_config_preopen_dir() implementation.

The directory permissions control whether a directory is read-only or
whether you can create/modify files within.

You always need at least WASMTIME_WASI_DIR_PERMS_READ.

The file permissions control whether you can read or read/write files.

WASMTIME_WASI_FILE_PERMS_WRITE seems to imply
WASMTIME_WASI_FILE_PERMS_READ (but we add both just to make it clear
what we want)

[ Permissions tweak and commit message - Andrew ]
Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
Decast nxt_cpymem() 2024-11-19T17:51:05+00:00 Andrew Clayton a.clayton@nginx.com 2024-11-13T15:54:32+00:00 4f041328a9ee343ef87b1e2f571daed0b3cef37c nxt_cpymem() is basically mempcpy(3) Like mempcpy() nxt_cpymem() returns a void *. nxt_cpymem() is implemented as a wrapper around memcpy(3), however before returning the new pointer value we cast the return of memcpy(3) to a u_char *, then add the length parameter to it. I guess this was done to support compilers that do not support arithmetic on void pointers as the C standard forbids it. However since we removed support for compilers other than GCC and Clang (ending in commit 9cd11133 ("Remove support for Sun's Sun Studio/SunPro C compiler")) this is no longer an issue as both GCC and Clang support arithmetic on void pointers (without the -pedantic option) by treating the size of a void as 1. While removing the unnecessary casting in this case doesn't necessarily improve type-safety (as we're dealing with void *'s in and out), it does just make the code that little more readable. Oh and for interest we have actually already been relying on this extension src/nxt_array.c:143:40: warning: arithmetic on a pointer to void is a GNU extension [-Wgnu-pointer-arith] 143 | nxt_memcpy(data, src->elts + (i * size), size); | ~~~~~~~~~ ^ src/nxt_string.h:45:24: note: expanded from macro 'nxt_memcpy' 45 | (void) memcpy(dst, src, length) | ^~~ which was introduced in e2b53e16 ("Added "rootfs" feature.") back in 2020. Link: <https://gcc.gnu.org/onlinedocs/gcc/Pointer-Arith.html> Link: <https://clang.llvm.org/docs/LanguageExtensions.html#introduction> Signed-off-by: Andrew Clayton <a.clayton@nginx.com> 
nxt_cpymem() is basically mempcpy(3)

Like mempcpy() nxt_cpymem() returns a void *.

nxt_cpymem() is implemented as a wrapper around memcpy(3), however
before returning the new pointer value we cast the return of memcpy(3)
to a u_char *, then add the length parameter to it.

I guess this was done to support compilers that do not support
arithmetic on void pointers as the C standard forbids it.

However since we removed support for compilers other than GCC and Clang
(ending in commit 9cd11133 ("Remove support for Sun's Sun Studio/SunPro
C compiler")) this is no longer an issue as both GCC and Clang support
arithmetic on void pointers (without the -pedantic option) by treating
the size of a void as 1.

While removing the unnecessary casting in this case doesn't necessarily
improve type-safety (as we're dealing with void *'s in and out), it does
just make the code that little more readable.

Oh and for interest we have actually already been relying on this
extension

  src/nxt_array.c:143:40: warning: arithmetic on a pointer to void is a GNU extension [-Wgnu-pointer-arith]
    143 |             nxt_memcpy(data, src->elts + (i * size), size);
        |                              ~~~~~~~~~ ^
  src/nxt_string.h:45:24: note: expanded from macro 'nxt_memcpy'
     45 |     (void) memcpy(dst, src, length)
        |                        ^~~

which was introduced in e2b53e16 ("Added "rootfs" feature.") back in
2020.

Link: <https://gcc.gnu.org/onlinedocs/gcc/Pointer-Arith.html>
Link: <https://clang.llvm.org/docs/LanguageExtensions.html#introduction>
Signed-off-by: Andrew Clayton <a.clayton@nginx.com>