| Age | Commit message (Collapse) | Author |
|---|
|
|
|
The "nolint" tag is used to ignore lines from being processed by
golangci-lint.
Since we are not using golangci-lint anymore, now and in the
future, those lines can be removed.
|
|
For HTTP server that use TLS, set the minimum TLS version and
ReadHeaderTimeout to mitigate slowloris attack.
For HTTP client or server that parameterize the use of InsecureSkipVerify,
annotate the line with "nolint:gosec" to allow the code pass the check.
Library that still use sha1, in example in DKIM and TOTP, skip the
warnings by annotating the line with "nolint:gosec".
A pointer variable now allocated their address before assigning its
value.
Any error that returned now wrapped using "%w".
Also, replace error checking using [errors.Is] or [errors.As] instead of
using equal or not-equal operators.
In "lib/http", replace any usage of "math/rand" with "crypto/rand".
Any call of [math/big.Rat.SetString] now annotated with "nolint:gosec"
since its false positive, the issue has been fixed in Go >= 1.17.7.
Any switch case that does not cover the rest of the possible values now
handled by adding the cases or by replacing the "default" case with
the rest of values.
|
|
There are some reports that I disagree with revive, in example, code
should not declare the type after variables.
In my opinion, on some cases, declaring the type make the code more
readable and explicit.
Since I did not want to add new configuration file, we changes it and
follow revive for now.
|
|
The rand.Seed has been deprecated since Go 1.20 (we use 1.20 in go.mod).
The problem is if the user of this module is using Go tools < v1.20,
there is no guarantee that the Seed is initialize randomly.
|
|
The ReadWriteTimeout define the maximum duration the server wait when
receiving/sending packet from/to client before considering the
connection as broken.
Default read-write timeout is 30 seconds if not set.
This changes affect the exported function Send and Recv by adding
additional parameter timeout to both of them.
|
|
In 25d09e2625f we increase the maxBuffer to 4096 to try increasing the
performance when handling large payload.
Turns out increasing this make the server cannot handle larger payload.
|
|
The maxBuffer increased from 1024 to 4096 bytes.
The reason that we use 1024 previously is related to MTU size and maximum
payload in TCP (although its higher, 1460 bytes).
The maxQueue increase from 128 to 4096.
|
|
This fix tests that sometimes fail when running with -count=X, where
X > 1,
$ go test -race -count=30 -timeout=30s ./lib/websocket
Upon inspecting, when client sending larger payload, for example
65536 bytes, server sometimes only read half of them and return an
error "resource temporarily unavailable" or
"interrupted system call".
|
|
Replace assignment from using ":=" to use variable declaration with
type.
Rationale: clarity and minimize duplicate temporary variables with the
same type.
|
|
|
|
|
|
|
|
|
|
The valid syntax to suppress linter warnings is "//nolint:<name>" with
no space between comment and "nolint" and between ":". Also, we move the
placement of nolint directive to the top of statements for multiple
nolint in the same scope.
While at it, fix and supress some linter warnings.
|
|
Turn out rand.NewSource is not routine safe, replace it with default
Source and seed it on init().
|
|
When sending large packet, the send buffer may be full, which thrown
error EAGAIN or "resource temporarily unavailable".
To handle, this we check the errno returned from unix.Write.
|
|
When sending large payload, there is a possibility that a single Write
may not send all packet due to buffer or size limit on TCP.
|
|
|
|
The temporary storage for continuous frame is moved from server to
ClientManager, to prevent data race when modifying it and to allow one
central function to clear it (when client closed).
Another changes is on server handle parameter on HandleText and HandleBin.
Previously, we pass the frame to handler, now we pass the payload since
that is the real message the client send.
|
|
|
|
The method Pack on single frame is not usable in the point of view of
implementor, since we prefer NewFrameXxx to create frame by operation code.
|
|
function Concat in package bytes is more flexible, allow two or more slice
of byte in parameters.
|
|
Since the magic key only used once, there is no need to make it global
variable.
|
|
Package sha1 is required to generate handshake key per specification.
|
|
The idea is to make the websocket.go only for global constants and
variables.
|
