- This normalizes the behavior for kestrel no matter what memory pool implementation is used. The transports should behave the same (ask for 1/2 full blocks) across pool implementations.
- Declare the minimum segment size in KestrelMemoryPool
- Updated the AdaptedPipeline to use MinimumSegmentSize / 2
- When using the array pool, we get terrible block density and as a result
the header parser was failing.
- This fixes the case where the parser needed to skip 2 blocks at the end
(which is unrealistic). Comparing the current index to the reader index is incorrect
since we may end up at the same index in another segment.
- We're removing the buffer arugment from the API as a result of a mini review. This is a pre-emptive reaction to avoid breakage when the change comes in.
- Made TransportConnecton derive from ConnectionContext
- Less objects, less opinions about what the ConnectionContext is. This diverges from what we do with HttpContext but it seems better overall.
- Made DefaultConnectionContext
- Usable for unit testing
- Usable for benchmarking
* Renames from API review
- Rename Microsoft.AspNetCore.Protocols.Abstractions to Microsoft.AspNetCore.Connections.Abstractions.
- Renamed IConnectionHandler to IConnectionDispatcher (and related properties and types)
- Added ConnectionHandler and UseConnectionHandler extension method to Connections.Abstractions.
- Use ActivatorUtilties to create the ConnectionHandler
* Metadata is now a first class property on ConnectionContext
- Make IConnectionMetadata a manatory top level feature on ConnectionContext
- TransportConnection will lazily manifest ConnectionMetadata on first access.
This should avoid allocations since Kestrel isn't using this today.
- This change aims to clean up the feature interfaces
used by kestrel and exposed by protocol absractions. It splits out the
IConnectionTransportFeature into smaller features that may or may
not be implemented on the connection.
- Added all of the features from Socket.Abstractions
in an attempt to make it go away completely. As a result
the helper methods and extensions have all been added here.
- Change IConnectionHandler to take TransportConnection. This cleans up the interface and makes it more explicit what features are required by Kestrel
- This change aims to clean up the feature interfaces
used by kestrel and exposed by protocol absractions. It splits out the
IConnectionTransportFeature into smaller features that may or may
not be implemented on the connection.
- Added all of the features from Socket.Abstractions
in an attempt to make it go away completely. As a result
the helper methods and extensions have all been added here.
- Change IConnectionHandler to take TransportConnection. This cleans up the interface and makes it more explicit what features are required by Kestrel
The default implementation of EncryptedXml doesn't support using the RSA
key from X509Certificate to decrypt xml unless that cert is in the X509
CurrentUser\My or Localmachine\My store. This adds support for
decrypting with the X509Certificate directly. This is useful for Linux
(often Docker) scenarios, where the user already has a .pfx file, but
may not have added it to X509Store.
* Clean up some of protocol abstractions
- Renamed PipeConnection to DuplexPipe
- Removed MemoryPool from ConnectionContext
- Work around value tuple issue on net471
Enables fetching variables directly from IIS when using in-process
hosting. This is not available for out-of-process hosting.
Other changes:
- Update tests to only run if IIS Express has been updated to support
the new schema for hostingModel
- Add a simpler test fixture for in-proc testing
- Based on the changes you made earlier (f4d27e6), we trigger OnConnectionClosed before the socket is disposed in the SocketTransport. This moves the call to Output.Complete to happen after and thus fixes the race.
* If we can't find a developer certificate on the certificate store
we will look for a developer certificate on the file system if a
password has been specified for the Development certificate.
* We will look at ${APPDATA}/ASP.NET/https/<<AppName>>.pfx for windows
and fallback to ${HOME}/.aspnet/https/<<AppName>>.pfx
* In case the password wasn't specified through configuration, the file
is not found on the file system or can't be loaded, we won't
do anything.
- Rename package IDs to dotnet-watch, dotnet-user-secrets, and dotnet-sql-cache
- Change packaging layout to support dotnet-install-tool
- Change package metadata to DotnetTool
- Drop support for DotNetCliToolReference (those will continue to be available under previous package ID's)
- Rename project files and folders
* Init check in for refactoring
* clean up to make app_offline work
* update loadassembly and build
* add configpath to aspnetcore_config to make recycle work
* Adds in process component to refactor (#249)
* outprocess first checkin (still missing marjor components)
* Adds In-Process support for shimmed module. (#257)
* Init check in for refactoring
* clean up to make app_offline work
* update loadassembly and build
* add configpath to aspnetcore_config to make recycle work
* Adds in process component to refactor (#249)
* outprocess first checkin (still missing marjor components)
* Adds In-Process support for shimmed module. (#257)
* load from bin start and catch unhandled exception
* Fixes request handler vcxproj
* Adds request handler to nuget package
* build issues
* outofprocess refactoring
* adding logging support
* enforce Warning As Error for build and enable process recycle for outofprocess
* fix AV for win32 build and update build flags
* Fixed m_srwLock lock issue
* remove dealock in loadmanagedapp and remove UseMFC
* Readd lost exception catching
* nuget package issue and status code
* fixing warnings
* Adds Headers
* removing web sockets exe for now
* remove flags
* nuspec stuff
* spelling
* only look in inetsvr for now (or same folder)
* rename method
* terminte thread before closing the handle to it
* couple changes related with AV
* null check and Kill thread for in process if dotnet timed out
* fix recursive lock issue reported by appverifier
* client disconnect support AV fix
* flow 502.5 process start failure error page
* Feedback from inperson code review
- Always add the TlsConnectionFeature when the HttpsConnectionAdapter runs
- Implemented the ITlsApplicationProtocolsFeature on the existing TlsConnectionFeature
- Removed Kestrel.Tls
- This should improve the performance of handling buffers by (eventually)
removing GCHandle churn for Kestrel's already pinned buffers.
- Made the Sockets transport target both netcoreapp2.1 and netstandard2.0 to use new
APIs
- Disable API check for the sockets transport
- Today we use localhost which binds to both the ipv4 and ipv6 addresses.
ANCM never communicates over ipv6 so it's pointless. This should also properly crash
the process if the ipv4 address fails to bind (which we've seen reports in real applications for).
* More reliably swallow accept errors during shutdown
* Handle and log connection reset errors thrown from accept
* Don't trace errors for server-aborted connections
* fix the AV in recycle process. this is due to we call Recycle again when the background thread exists
* more fixes
* reset hosting mode when all applications got removed
- Remove unnecessary tasks and scripts
- Ensure the KOREBUILD_DOTNET_* environment variables are preserved in the docker build context
- Other MSBuild cleanup of the targets
* adding FREB log and more ETW logs
* add missing aspnetcore_event.h file from previous commit
* Update aspnetcore_event.h
change provide id as 0x8000 is used by cors
* Make Sockets the default transport
* Create separate Libuv and Sockets functional test projects
* Fix functional tests that fail with Sockets
* Moved OneToTenThreads test to Kestrel.Transport.Libuv.Tests
* Fix systemd activation tests to use libuv transport
* Dispose Sockets PipeFactory
* Improve Socket's server-side abort handling
* Add explicit rebinding test
Use CustomAfterMicrosoftCommonTargets instead of MSBuildProjectExtensionsPath.
- No more need to write to obj/$(Project).g.dotnetwatch.targets
- Works on project that have changed default file locations via BaseIntermediateOutputPath
Simplify DotNetWatch targets
- Condense to one targets file
- Simplify dependency chain of targets
- Build project references in a parallel
- Most of the shared code is in the HttpProtocol class (former Frame)
- Virtual calls handle protocol-specific things
- Move the ProcessRequestsAsync loop to HttpProtocol
- Implement HTTP/1.x request processing in Http1Connection and HTTP/2
in Http2Stream, with Http1Connection<T> and Http2Stream<T> subclassing
those classes in order to handle the generic HttpContext parameter
- Split MessageBody into Http1MessageBody and Http2MessageBody,
with MessageBody containing shared member variables and methods
* Improve ConnectionLimitMiddleware and connection pipeline building
* Add IDecrementConcurrentConnectionCountFeature
* Flow connection features from connection middleware
- Use the pipe events and removed the Tasks from ConnectionContext
- Remove OnConnectionClosed from FrameConnection. Since the `FrameConnetion` is a single middleware, not the entire pipeline, we shouldn't need to wait on the connection close there.
- It seems like the callbacks are rooted on the pipe even after they fire. This needs to be investigated in pipelines.
Current path is:
Parser -> HttpVersion Enum -> Get Version String -> Set `HttpVersion` with string -> Convert back to Enum
Can just set the enum directly since its already parsed.
Also using the const rather than strings; where the strings are in code
* Added initial connection middleware pipeline
- Implemented IConnectionBuilder on ListenOptions. Kept IConnectionAdapter for now.
- Delay the configure callback for ListenOptions until the server has started.
- Added ConnectionLimitMiddleware and HttpConnectionMiddleware
- Expose ConnectionAborted and ConnectionClosed on ConnectionContext and
IConnectionTransportFeature
- Updated the tests
- Removed IConnectionApplicationFeature
- Moved Application to IConnectionTransportFeature
PackageLineup is a way to manage PackageReference versions across large projects. It removes the version information from the repository and instead pulls the information from an external "lineup" file.
What works:
- HTTP/2 over TLS1.2 with ALPN
- Request and response flow
- Headers are compressed and decompressed with HPACK
- Request body can be read by streams (if present)
- MVC template app with individual auth works fine
- PRIORITY frames are validated
- RST_STREAM frames are validated and abort streams
- SETTINGS frames are validated and ACKed
- PING frames are validated and ACKed
- GOAWAY frames stop connections
- WINDOW_UPDATE frames are validated
- CONTINUATION frames are sent for large header blocks
What doesn't work yet:
- Flow control in either direction
- It's not possible to encode a single header across more than one frame
- Affects only a very large header (name and value combined ~16KB long)
- Request trailers
- Response trailers
- Limits and timeouts in `KestrelServerLimits` are not enforced on HTTP/2
- HPACK use is very limited on the send side
- Literals are not Huffman-encoded
- Common headers (e.g. "server: Kestrel") are never indexed
- Honoring client settings
- Some error checking is still missing (e.g. validating incoming frame size)
- Added Protocols.Abstractions
- IConnectionHandler.OnConnection takes an IFeatureCollection instead of
IConnectionInfo
- Removed IConnectionContext and IConnectionInformation replaced with
IConnectionTransportFeature
- Updated FrameConnectionContext and FrameContext to have the relevant
state instead of flowing the ConnectionInformation.
- Updated tests
* UvPipeHandle.Open(IntPtr) and underlying interop
* LibuvConstants.ENOTSUP
* IEndpointInformation.HandleType along with ListenOptions extra ctor and handle type re-specification
* Exception-based auto-detection of socket type in Listener, accept socket creation support for detected handle types in ListenerContext
* Added systemd Unix socket activation tests
* Antares blocks some windows APIs. We have use socket instead of calling GetExtendedTcpTable to check whether the backend is listening on given port.
* Use socket instead of calling GetExtendedTcpTable to check if the backend process listens on given port since Antares blocks couple APIs
* Antares blocks some windows APIs. We have use socket instead of calling GetExtendedTcpTable
* update format
* format change
In the event someone wants to move the obj/ folder, MSBuild will not be able to locate dotnet-watch's generated targets. dotnet-watch cannot automatically find the obj folder (#244), so this command line switch allows users to point dotnet-watch to the right location.
- Added new options to allow configuring the maximum number of concurrent connections and upgraded connections.
- `KestrelServerLimits.MaxConcurrentConnections` defaults unlimited.
- `KestrelServerLimits.MaxConcurrentUpgradedConnections` defaults to unlimited.
- Calls to IHttpUpgradeFeature.UpgradeAsync() will throw when the MaxConcurrentUpgradedConnections limit has been reached.
- Kestrel will close new connections without response when MaxConcurrentConnections is reached.
This retargets all data protection libraries to ns2.0. This means .NET
Framework applications will need to upgrade to .NET Framework 4.6.1.
This upgrade makes available API to .NET Core that was previously only
available on .NET Framework, such as encrypting keys at rest with
certificates.
New API for .NET Core users:
- IDataProtectionBuilder.ProtectKeysWithCertificate(string thumbprint)
- CertificateXmlEncryptor
- ICertificateResolver
- DataProtectionProvider
- .Create(string applicationName, X509Certificate2 certificate)
- .Create(DirectoryInfo keyDirectory, X509Certificate2 certificate)
- .Create(DirectoryInfo keyDirectory, Action<IDataProtectionBuilder>
setupAction, X509Certificate2 certificate
Other minor changes in this commit:
- Fixed samples that were using obsolete logging API
- Remove calls to api-sets, instead using kernel32. .NET Core 2.0 no
longer requires using api-sets as Nano Server now forwards kernel32
calls
- Made minor improvements to the TypeForwardingActivator
- Remove dead code an unused api baselines
- Enable more tests on macOS/Linux that previously only ran on Windows
* Invert the dependency between connection adapters and Frame
- Removed PrepareRequest from IAdaptedConnection and instead added
a feature collection to the ConnectionAdapterContext. This allows features to be set
once by the adapter instead of per request. It's the Frame's job to copy features
from the connection level feature collection into the per request feature collection.
- Set the scheme to "https" based on the presence of ITlsConnectionFeature.
- Always set ITlsConnection feature if the HttpsAdaptedConnection doesn't throw during
the handshake
* More FrameConnection refactoring
- This change reverts the change to complete the writer with an
exception on abort because of the number of first chance exceptions
that get thrown.
- This change also moves connection logging into FrameConnection instead
of being split between the ConnectionHandler and FrameConnection.
- Fixed issues with LibuvOutputConsumerTests that leak WriteReq since
cancelled writes no longer end the connection.
* Refactoring and of FrameConnection and Frame
- Building on top of the last refactoring of FrameConnection, this change aims to clean up
the communication between the Frame and FrameConnection by removing some concepts and
being consistent about the communication between Frame and FrameConnection with or without
connection adapters. Changes include:
- Removing ConnectionLifetimeControl, ISocketOutput, StreamSocketOutput
- Moving more initialization of the frame to FrameConnection after the pipes
are setup
- OutputProducer communicates cancellation via the IPipeWriter instead of the output's IPipeReader.
- Frame always communicates via the pipes and that communications flows through the layers to the transport.
This means that each 1/2 of the adapted pipeline handles closing the right side of the transport at the
right time, propagating exceptions as necessary.
- This is how the flow looks now:
-> ->
[transport] [connection adapters] [frame]
<- <-
- Transports need to handle a ConnectionAbortedException on the output as a signal to stop
writing and end the connection. This will no longer try to drain the output but will just stop
writing and end the response immediately.
- Remove frame.Abort when cancellation on Write fails.
- Unify the connection shutdown logic
- Dispose 1/2 initialized connection adapters
#1815
* Added a ConnectionAbortedException to Transport.Abstractions
- To avoid hard coding TaskCanceledException in each transport
- This PR tries to keep compatibility by converting the ConnectionAbortedException
to a TaskCanceledException on exceptions in FrameRequestStream. The downside is that
this conversion causes an async state machine to be created per call to ReadAsync.
CopyToAsync isn't that bad because it's a single long running task.
* Fix race where ListenerPrimary is disposed before secondary listeners spin up
- Since we only add listeners to dispatch pipes after receiving the "ack" message
it's possible to have pipes that were created but not acked yet. We might miss
disposal of those pipes if they were never added to the list of _dispatchPipes.
#1761
The format:
The trace identifier begins with connection ID and ends with a number that increments with each request per connection.
Example:
Connection ID = xyz
Request 1 = "xyz:00000001"
Request 2 = "xyz:00000002"
...
Request 15 = "xyz:0000000F"
Request 16 = "xyz:00000010"
- This change does a few things:
1. It adds the events we will replace with
pipe events to IConnectionContext and IConnectionInformation to get out of
band notifications about pipe completions.
2. It also implements those callbacks
and exposing slight changes we'll need to make once we have them. The idea is
that we can delete/replace these methods once we have the new pipe API and things
will keep working.
- FIN from the client shouldn't throw
- Forced close from the server should throw
- Properly wrap connection reset exceptions and other exceptions
in IO exceptions
- This gives kestrel control over when the output closes
- Fixed one test that assumed libuv
- Dispose the connection to yield the reader
Fixes#1774
* Schedule connection adapter reads on configured thread pool
- This should speed up connection adapters as we don't block
new reads. It *might* also help some of the test flakiness
* Clean up libuv connection
- Cancel all pending flushes on the input writer before
disposing the stream handle.
- Complete the pipe before disposing the socket
- Added logging for connection pause/resume.
- Added test
After upgrade has been accepted by the server:
- Reads to HttpRequest.Body always return 0
- Writes to HttpResponse.Body always throw
- The only valid way to communicate is to use the stream returned by IHttpUpgradeFeature.UpgradeAsync()
Also, Kestrel returns HTTP 400 if requests attempt to send a request body along with Connection: Upgrade
- Simplify KestrelServer by refactoring address binding into a separate class
- Use strategy pattern to implement address binding for different sceanrios
- Add fallback from binding 0.0.0.0 if binding to [::] fails (can happen if UvException with EAFNOSUPPORT is thrown)
* Make all UvRequest objects normal GC handles
- This avoids the cost of using GCHandle.Alloc per operation.
- It *does* mean that we need to explicitly dispose UvRequest objects
after using them (which we did before anyways). This change does
add a few try catch statements to make sure we always dispose the UvRequest
if there are synchronous exceptions.
- This is ~1.5% of the overhead in the benchmarks today
- Keep track of all allocated UvRequest objects with a WeakReference in DEBUG
and assert none are kept around after cleaning up.
- Fixed a leak where we don't clean up UvWriteReq objects when writing
to the named pipe.
- This property will force Kestrel to use whatever scheduler the transport
used when write and read callbacks are fired. The default value is false so
all calls to user code including connection adapters, and the application function,
and cancellation token callbacks.
- Transports may expose configuration that changes what the transport thread is.
- Removed InternalKestrelServerOptions.cs
- Added a configurable UseSockets overload (even though there are no options yet)
- Remove RequiresDispatch from the IConnectionInformation
Improves Kestrel to reject requests that don't conform to HTTP spec.
RFC 7230 section 5.4: "A server MUST respond with a 400 (Bad Request)
status code to any HTTP/1.1 request message that lacks a Host header
field and to any request message that contains more than one Host
header field or a Host header field with an invalid field-value."
See https://tools.ietf.org/html/rfc7230#section-5.4.
Other changes:
- update VS code settings to work better with CLI 2.0
- update tests that were subject to infinite hangs
Stephen Halter
Andrew Stanton-Nurse
Ben Adams
Nate McMaster
John Luo
Justin Kotalik
pan-wang
Chris Ross (ASP.NET)
David Fowler
Sébastien Ros
Nate McMaster
Pavel Krymets
Andrei Amialchenia
Ryan Brandenburg
Javier Calvarro Nelson
Ajay Bhargav Baaskaran
Justin Wyer
Nikita Tsukanov
brightcr
Mike Harder
Alessio Franceschelli
Daniel Roth
Joshua Clark
Redouane Sobaihi
PRIYANSHU AGRAWAL
Pranav K
Sourabh Shirhatti
=
Steffen Forkmann
Murat Girgin
ASP.NET CI
BrennanConroy
Tornhoof
Chris Ross
Tim Seaward
arerlend
George Chakhidze
Tom Deseyn
Cesar Blum Silveira
Justin Kotalik
Jass Bagga
Cesar Blum Silveira
Vladimir Sadov
Luke Latham
Aristarkh Zagorodnikov
Hao Kung
Kiran Challa
Smit Patel
jhkimnew