Smalltalk Frameworks & Tools Swazoo

[ANN] Dolphin Swazoo_5.4.0

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Steve Alan Waring
Reply | Threaded
Open this post in threaded view
|

[ANN] Dolphin Swazoo_5.4.0

Steve Alan Waring
Hi,

I have released a new version of Dolphin Swazoo for Dolphin 5 at:

http://www.dolphinharbor.org/dh/projects/swazoo/index.html

I did not have time to work on Janko and Aleksander's OpenSSL additions, so
it is not the equivalent of VW 0.9.60.

I did rework the HTTPConnection class for this release. Swazoo Dolphin had
been using a state pattern in its HTTPConnection, with the state based on
the error status of the socket. While this was fun at the time, it was
awkward and unnecessary.

For a couple of reasons that I have posted in the past, the HTTPConnection
class from VW is not easy to implement in Dolphin.

In the latest version I have replaced all the HTTP*State classes with a
single HTTPMessageExchange class (terminology borrowed from the w3 soap
transport spec). An HTTPMessageExchange is a single HTTPRequest and its
HTTPResponse.  It is firstly responsible for reading a single request,
checking that it is valid and dispatching the request. Errors are handled by
setting the response to be a 500. It is then responsible for writing the
response to the socket.

HTTPConnection has an interact loop and an exchange instance variable. The
interact loop sends the connection  #exchangeMessage (which creates an
HTTPMessageExchange and processes it) until this answers false. An
unwindBlock for this loop is responsible for closing the connection and the
socket. This unwindBlock is the only sender of #close to the connection.

If a process (other than the interact loop process) wants to shut down a
connection, it must send the connection the #killConnection message. This
message causes an error to be signalled in the interact loop process, and
therefore forces the connection to be shutdown via the unwind block.

Three advantages are:
-A request and response can be easily logged. (HTTPConnection has a logger
instance variable which must respond to #onProcessed:for:)
-Using an ensure block to close the connection is clean.
-HTTPMessageExchange is easier to test.

I have retained the previous Dolphin version's method of handling "bad"
connections: An HTTPConnection can be tested if it #isWaiting and asked for
the timestamp it started waiting. A connection can only be #isWaiting
between starting to read a request and before reading the first line of a
request.

HTTPServer has a killLoop process, which runs at a priority higher than the
serveLoop process and mostly waits on a Delay. When it wakes up, it
enumerates over the connections, selecting the connections that are
#isWaiting for at least a specified number of seconds. It then sends those
connections the #killConnection message.

While this will not defend against an attack, it does look after the normal
case of an HTTP1.1 client holding a connection open and not sending a
request, without needing to fork a second process for each connection.

If you dont have access to Dolphin 5, and want to look at the code, the .pac
files in the download at the above link are in ASCII Smalltalk chunk format.
The Server/Connection classes are in the "SZ Swazoo Server.pac" file and
UnitTests for these classes are in the "SZT Swazoo Tests.pac" file.

Any feedback on this design appreciated.

Thanks,
Steve Waring
[hidden email]
http://www.dolphinharbor.org
Free forum by Nabble Edit this page