Commit Graph

192 Commits

Author SHA1 Message Date
Logan Allen
be7c94fcba eyre: replace +slam with +slym for a speedup 2021-05-20 14:31:28 -05:00
L
782a7644a3
Update pkg/arvo/sys/vane/eyre.hoon
Co-authored-by: fang <github@fang.io>
2021-05-20 13:40:05 -05:00
L
c0daa7f9fc
Update pkg/arvo/sys/vane/eyre.hoon
Co-authored-by: fang <github@fang.io>
2021-05-20 13:39:49 -05:00
Logan Allen
5e2eb1b783 eyre: use slam and statically typed conversion 2021-05-20 18:03:04 +00:00
Logan Allen
306dbbaead eyre: use static mark conversions 2021-05-20 12:11:45 -05:00
Logan Allen
c0e4dcdc18 eyre: no-op on clay take 2021-05-19 16:01:05 -05:00
Logan Allen
054806b307 eyre: send warp to warm %c cache for any mark that gets used 2021-05-19 15:40:32 -05:00
fang
6f0a947d1b
Merge branch 'master' into release/next-sys 2021-04-26 23:13:27 +02:00
Philip Monk
66b4c3f193
Merge pull request #4677 from urbit/philip/fast-refresh
sys: Speed up things used in Landscape
2021-04-19 15:43:16 -07:00
Logan Allen
5d16911f69 eyre: use font-display:swap; in login page 2021-04-09 16:02:55 +00:00
fang
1ec5e5acfb
hoon: add +stap, path parser
And cleans up a bunch of locally hand-written implementations of it.
2021-04-07 21:14:13 +02:00
Philip Monk
a777567bb6
eyre: faster wain-to-octs conversion
Avoid allocating hundreds of thousands of cells when giving large
requests.  This took the footprint of this function on initial landscape
load from 1 second to 100 ms.
2021-03-28 00:57:33 -07:00
Philip Monk
a1647a9767
clay, eyre: add profiling hints 2021-03-28 00:50:25 -07:00
Joe Bryan
aaf506ce8a Merge branch 'jb/motion' into jb/motion-merge
* jb/motion:
  pill: solid
  zuse: remove %crud from vane-task
  arvo: full vane names in $sign
  aqua: build again (still broken)
  arvo: reform of the scry reform
2020-12-07 18:52:51 -08:00
Joe Bryan
5dd3e148b8 zuse: remove %crud from vane-task 2020-12-07 18:01:48 -08:00
fang
d98c59e73a
zuse: lift moves out of +able 2020-12-08 01:47:06 +01:00
Joe Bryan
17736990ed arvo: full vane names in $sign 2020-12-07 16:30:22 -08:00
Joe Bryan
98f2b8c6b3 arvo: reform of the scry reform 2020-12-07 13:52:12 -08:00
Joe Bryan
ff06ccd2b9 arvo: completes scry reform 2020-12-06 03:33:43 -08:00
Joe Bryan
5bc6d38437 arvo: updates vane interface 2020-12-06 03:33:43 -08:00
Joe Bryan
fb3d8bde72 %eyre: avoid +sloy when scrying for +code 2020-12-06 03:33:43 -08:00
Joe Bryan
958bb5acf7 arvo: removes +is and all references to it 2020-12-05 00:51:49 -08:00
matildepark
a92dd9e39b
Merge pull request #4069 from tylershuster/logindigo
login: translate to indigo
2020-12-03 20:02:17 -05:00
Tyler Brown Cifu Shuster
7584b4d33c eyre: translate login to indigo
fixes https://github.com/urbit/landscape/issues/154
2020-12-03 16:27:25 -08:00
Joe Bryan
b5ec0c30f0 hoon: renames +new-end, +new-lsh, +new-rsh 2020-12-02 01:00:09 -08:00
Joe Bryan
bec63413b0 hoon: adds +new-rsh, switches all +rsh call sites 2020-12-02 00:21:51 -08:00
Joe Bryan
072e2c8101 Merge branch 'm/vane-unversion' into m/modern-hoon
* m/vane-unversion:
  ames: remove old state versions & conversions
  gall: rename fading styles
  vanes: remove old load types and logic
  gall: refresh clay subscription on fade
  gall: add nonce to agent wires
  gall: add %doze-style fade
  gall: fade initial commit
2020-11-30 21:04:16 -08:00
fang
a539d986a7
various: move away from {type} syntax
In favor of [type] syntax.
Turns a bunch of ++ into +$ along the way.
2020-11-26 17:43:26 +01:00
fang
44fb0cc19d
various: move away from face/type syntax
In favor of face=type.
2020-11-26 17:38:00 +01:00
Joe Bryan
f95e1f48c2 arvo: scry reform 2020-11-25 16:02:10 -08:00
fang
7956adedee
vanes: remove old load types and logic
Maintains state version numbers to avoid tripping up migration tools.
2020-11-25 16:24:16 +01:00
fang
fb97528fd4
arvo: unflop the spur in scry
No longer use reversed paths in sley-style peek handling.
2020-11-24 15:41:35 +01:00
John Franklin
756c94aeb6 hoon: update glyph names (continued) 2020-11-14 23:08:52 -06:00
fang
3ca993df07
eyre: clog exclusively for %facts
Eyre's clog logic was a tad inconsistent about "only facts" vs "not poke-acks".
This makes it consistently say "only facts" when it comes to clog-related logic.
Yes, in theory this means %watch-acks and %kicks can build up endlessly, but
those should take up negligible space compared to %facts.

Should fix any oddball cases of crashes here that #3835 didn't already catch.
2020-11-10 22:06:28 +01:00
fang
c992e4ce9d
eyre: forego <atom> in favor of (scow %aura atom)
Pretty-printing is expensive, yet we do it whenever we construct the cookie
string, at least once (but usually twice) per authenticated request.

Here we call out the the specific to-tape functions we need, instead of relying
on the pretty-printer for converting... tapes to tapes, among other things.  
The primary gains come from the cookie-related instances, we update the others
mostly for good style.

For the "receive request and immediately send response" case, that is processed
synchronously within eyre (ie, client sends channel ack), speeds thing up by
roughly 55%.
2020-11-04 01:02:11 +01:00
fang
a35cad457a
Merge pull request #3830 from urbit/m/respect-forwarded-more
eyre: respect protocol from Forwarded header
2020-10-31 00:38:41 +01:00
fang
f8a2235d6e
Merge pull request #3835 from urbit/m/silent-subs
eyre: ignore facts directly after clog
2020-10-29 22:13:04 +01:00
fang
42229657ca
eyre: respect protocol from Forwarded header
If the Forwarded header specifies the original connection is secure,
update the flag to reflect that, regardless of whether the connection
directly to the urbit was made securely.
2020-10-29 14:24:24 +01:00
fang
93475aa756
eyre: remove fact-without-subscription printf 2020-10-26 15:52:39 +01:00
fang
26049a3da0
eyre: ignore facts directly after clog
When an application would send multiple facts during a single event, it
was possible for the first fact to trigger a clog, removing the
subscription and sending a quit, but then the second fact still getting
sent out at normal.

Here, we drop any facts for subscriptions we don't have registered in
state, which should only happen in the described case.
2020-10-24 11:45:21 +02:00
fang
b92cfdb242
eyre: produce moves in correct order
Because storing in reverse order means producing in reverse reverse
order.

The tests didn't catch this because they, too, were infected with the
"reverse moves" meme.
2020-10-24 01:48:51 +02:00
fang
5bebff3c38
eyre: kick subscriptions if fact conversion fails
This matches the behavior that gall uses for %watch-as subscriptions,
which eyre was using previously.
2020-10-19 19:17:58 +02:00
fang
1d4ee5a7b5
eyre: kick busy subscriptions if client not acking
In order to curb event queue growth when a client for whatever reason
isn't acking the events we send out, we implement a mechanism for
detecting such "clogging", and proactively kick subscriptions which are
adding too many events to the queue.

If the client hasn't sent an ack for ~s30, any subscription that accrues
more than 50 unacked %facts gets closed to prevent further buildup.

Upon reconnecting, the client will see %kick for the relevant
subscriptions and can open a new subscription as appropriate.

Includes a simple test for this behavior, and updates /app/dbug to be
able to display the newly tracked statistics.
2020-10-19 15:56:05 +02:00
fang
63b4fb3e19
eyre: simplify channel subscription storage
Instead of storing by "channel wire", store by request-id instead.
The channel wire was just the channel-id, request-id, and some cruft.
2020-10-19 00:48:18 +02:00
fang
7e5f29cfd2
eyre: convert facts to json manually
By doing a %watch instead of %watch-as %json for channel subscriptions,
we can hopefully make better use of noun deduplication, when storing
events in a channel's event queue until they get acked.
2020-10-18 16:31:35 +02:00
fang
8def1dbea8
eyre: store unacked events unserialized
Store the gall events from channel subscriptions as (vaseless) signs,
instead of serialized events. This should be smaller in memory, and
makes it more likely for noun deduplication to happen.

The cost is needing to reserialize upon channel reconnect, but this is
the less common case, and we don't expect it to be particularly slow.
2020-10-18 16:04:19 +02:00
Fang
c444806c3d
eyre: explicitly permit proposed request in cors
Instead of always providing a wildcard for the allowed methods and
headers, now echoes back the method and headers that the client asked
for, if any.

Fixes #3676.
2020-10-09 14:07:05 +02:00
fang
a1e43e02a0
eyre: prevent binding in reserved namespaces
Disallows registering bindings (through %connect and %serve) that would capture
traffic on paths starting with /~ (Eyre's) or /~_~ (runtime's, as of cc389c5).

Note that we don't touch +insert-binding, which is used by Eyre internally to
set up bindings in its own namespace.
2020-10-06 16:50:49 +02:00
fang
be1f4a5f6b
eyre: add authentication checker scry endpoint
Lets you check whether a specific Cookie header value string constitutes an
authenticated request.

/ex/=//=/authenticated/cookie/(scot %t 'cookie-string')

Intended for use in the runtime, for example with #3557.
2020-10-01 19:55:16 +02:00
fang
a37b728b86
Merge pull request #3565 from tylershuster/eyre-response-code
eyre: send 'no content' status with no content
2020-10-01 16:06:44 +02:00
Fang
0866d99c73
eyre: minimal CORS support
Adds a cors-registry to Eyre's state that tracks allowed and rejected
origins for the purposes of CORS request handling.

For preflight requests, generates a response in-line.
For simple requests, adds CORS headers onto whatever response is given.

See also:
https://groups.google.com/a/urbit.org/g/dev/c/bb82dwEJGzM/m/q2JjNSx5BwAJ
2020-09-30 15:54:15 +02:00
Tyler Brown Cifu Shuster
8a9534e0ac eyre: send 'no content' headers with no content 2020-09-24 21:07:07 -07:00
pkova
5902ef9a53 eyre: remove superfluous connection-state check
This was originally introduced by me in #1814 to address #1811. Eyre was not
canceling heartbeat timers on all relevant events making it easy to end
up with an infinite behn loop. This check allowed ships that entered an infinite
loop to recover, as per my comment at
https://github.com/urbit/urbit/pull/1814#discussion_r333477482. Otherwise it's
not necessary.
2020-09-24 17:50:42 +03:00
Fang
b06f8a0f9e
eyre: send %leave on %fact/ack for deleted channel
Ordinarily, eyre cleans up the relevant gall subscriptions whenever a
channel disappears. In yet unresolved erroneous behavior though, it may
leave a gall subscription open, despite wiping the channel from state.

Attempting to pass the response onto the deleted channel anyway results
in an %eyre-no-channel error later in the event. The volume of these
errors can degrade the user experience, as per #3196.

To resolve the annoyance (but not the underlying issue) we detect the
"subscription has no channel" case, and issue a %leave. Doing so
requires additional information in the wire, so we add that in,
refactoring the relevant wire building along the way.

Note that due to the wire requirements, this cannot resolve existing
cases. For that, we depend on bc929ba6d.
2020-08-27 14:16:46 +02:00
Caio Marcelo de Oliveira Filho
72b164ade2 eyre: Make %code-changed handling less chatty 2020-07-31 13:01:19 -07:00
Caio Marcelo de Oliveira Filho
df868e2c4f jael, eyre: Add a way to reset the web login code
Jael now stores a `step` that is combined with the original salt to
produce a new code.  A `%step` card is used to increment that value,
and effectively resetting the keys.  Because the first `step` is zero,
the first code is the same as before.

Eyre was changed to be notified with `%code-changed` so it can forget
old cookies, sessions and discard all the existing channels.

A new generator was added |code, that does both querying and
resetting the code

    |code             :: shows current code, step and help
    |code %reset      :: changes the code

The old +code generator still works correctly.
2020-07-31 11:35:48 -07:00
matildepark
2ea019850e
Merge pull request #3105 from urbit/mp/destub-ver
eyre: remove stubbed version text
2020-07-09 16:53:12 -04:00
Fang
fa32d711fa
eyre: remove channel.js
Userspace has, rightfully, taken over the task of serving a js client for
eyre's channel API.
2020-07-09 00:15:51 +02:00
Matilde Park
eef149d46d eyre: remove stubbed version text
In replicating a mockup, the residual 'version' for OS1 has overstayed
its welcome as a stub. This commit
removes it.
2020-07-07 23:41:37 -04:00
Philip Monk
935ffaaf23
eyre: give scry function to generators
In Ford Fusion, Clay builds generators but Dojo and Eyre run them.  Dojo
is already virtualized with a scry function, so +mule is fine, but Eyre
is not, so Eyre needs to use +mock and explicitly supply the scry
function.  This does that.  Fortunately, the produced result is simple
and easily clammable.

Fixes #3089
2020-07-02 23:30:17 -07:00
Philip Monk
37b9f854fd
eyre: give all args to generators
fixes #3082
2020-07-02 14:42:26 -07:00
Philip Monk
0301838f25
Merge remote-tracking branch 'origin/release/next-sys' into ford-fusion 2020-06-26 17:46:25 -07:00
Fang
3ecb6f7154
Merge branch 'release/next-sys' into m/eyre-kill-channels 2020-06-18 22:34:22 +02:00
Fang
4ab55893bc
eyre: slightly better error pages 2020-06-12 02:13:13 +02:00
Fang
3c168eddb4
gall: do mark conversion in +ap-peek
Attempt to convert the scry result to the mark that was asked for,
failing the scry (with ~) if the conversion fails.

Eyre's scry logic, then, can pass the requested mark directly into gall.
2020-06-12 02:11:08 +02:00
Fang
b870466977
eyre: only allow authenticated GET scry requests
Lacking any other permissioning mechanism, we must simply reject
unauthenticated HTTP-scry requests for now.
2020-06-12 00:57:25 +02:00
Fang
d20877e414
eyre: support %gx scries
Exposes a scry endpoint. Any requests made to the /app/scry.mark url
under the endpoint will scry into %app using a %gx scry, at the
/scry/noun path, and attempt to convert the scry result into the %mark,
before converting that into the %mime mark, and sending that as an http
response.
2020-06-11 01:45:05 +02:00
Fang
f1fab71d59
eyre: find sub-path for binding
In addition to producing the action bound for a given request, now also
produces the subset of the request url that comes _after_ the path at
which the binding has been established.

Will allow some bindings to more easily dispatch off the relevant part
of the url.
2020-06-11 01:42:21 +02:00
Fang
a4785458d1
eyre: don't lose redirect upon failing login
If we failed the password check, the login page served to us would never
include any redirect details, even if they were there in the original request.

Now we simply (attempt to) parse out the redirect field a little earlier.
2020-06-10 20:37:12 +02:00
Fang
0a32bcda35
Merge branch 'release/next-sys' into ford-fusion 2020-06-09 20:10:28 +02:00
Fang
90ef268a32
Merge branch 'release/next-sys' into m/eyre-kill-channels 2020-06-05 22:25:18 +02:00
Liam Fitzgerald
3ff99b0d7f Merge branch 'origin/lf/get-eyre-redirect' into release/next-sys 2020-06-05 10:41:15 +10:00
Fang
b54dc7cd34
eyre, zuse: expire channels with their sessions
Associates channels with the authentication sessions that opened them,
and deletes the channel when its associated session expires.

Also updates the debug dashboard to display channel counts per session.
2020-06-05 00:22:39 +02:00
Fang
68491420d2
eyre: refactor %delete to reuse timeout logic
Turns +on-channel-timeout into +discard-channel, which cleans up the
entirety of the channel, based on its current state. This allows us to
simplify the %delete channel request into a simple function call.
2020-06-05 00:20:06 +02:00
Liam Fitzgerald
b553d57c29 eyre: 303 redirect on successful login
Changes the HTTP status code of the redirect that occurs upon a
successful login from 307 to 303. 307 preserves the method of the
original request, so the redirected request is a POST. With the new SPA,
this causes a 404 as app/file-server validates the method of the
request, something that did not happen in earlier versions of landscape.
303 instead changes the method to always produce a GET request.
2020-06-04 15:09:00 +10:00
Fang
a66cfc31da
eyre: fake duct for on-load logout binding
Empty duct is considered not good.
2020-06-03 14:29:13 +02:00
Fang
6e3284feac
eyre: use 303 to redirect to login post-logout
This ensures the client sends a GET request, which is more appropriate.
2020-06-03 14:28:30 +02:00
Philip Monk
8b78f04dd3
Merge remote-tracking branch 'origin/master' into ford-fusion 2020-06-02 21:50:20 -07:00
Fang
4d93349402
eyre: provide logout endpoint
Set up, by default, on /~/logout.

Sending a POST request to this expires the current session and redirects
to the login page. If the "all" key is set in the request body, expires
all open sessions.
2020-06-03 01:40:32 +02:00
Fang
574b05a88a
Merge pull request #2959 from urbit/m/eyre-cookies
eyre: augmented cookie handling
2020-06-01 22:11:57 +02:00
Fang
750ff6e5e1
eyre: respect "forwarded" header from localhost
For request transparency, HTTP proxies may set the Forwarded header to
specify who the original requester is.

For requests from localhost only, we make Eyre respect the Forwarded
header, and adjust the handled ip address accordingly.

Note that we do not support X-Forwarded or other non-standard variants.
The header remains in the request, so server applications can handle
them as desired.

Fixes #2723.
2020-05-31 17:45:22 +02:00
Fang
63c26151a3
eyre: extend session duration on-use
When sending a response to an authenticated request, update the session
to last for +session-timeout again, and send an updated cookie to match.

Assuming the user makes an actual HTTP request at least once a week,
this will make sure they don't get logged out automatically. Simply
keeping a channel open, unfortunately, doesn't count.
2020-05-30 02:29:20 +02:00
Fang
a51d93326a
eyre: clean up old +load code
Removes pre-breach state adapter logic and touches up code style.
2020-05-29 15:33:22 +02:00
Fang
00e3159287
eyre: clear expired sessions/cookies from state
Instead of setting a timer for every session, we set a single expiry
timer when the first session is created. On the subsequent wake event,
we clear all cookies that have expired at that time, then set a timer
for when the next session expires.

This approach gives us flexibility wrt sessions going forward, allowing
extending or early deleting of sessions without having to care about the
related timers.

Note that in +load, we clear all existing sessions. We would start the
expiry timer flow there, but can't. Forcing the user to login again
post-ota once isn't the end of the world.
2020-05-29 15:28:44 +02:00
Fang
52ef23ccca
eyre, zuse: add scry interfaces for eyre state
Scries for getting out open connections, cookie sessions, and existing
channels.

Moves the involved types from eyre into zuse.
2020-05-22 23:55:17 +02:00
Ted Blackman
96264f7fa3 eyre: clarify common prints 2020-05-20 04:36:33 -04:00
Ted Blackman
9588542ed4 eyre: fix tests 2020-05-08 01:29:25 -04:00
Fang
664275c9f1
eyre: expose bindings through scry
Allows you to scry out all bound endpoints at /=bindings=.

Moves an internal type into zuse for easier external use.
2020-05-08 01:39:56 +02:00
Ted Blackman
a064afbd89 /sys: |mass works again 2020-05-07 04:51:08 -04:00
Ted Blackman
8fc787b0ca eyre: use ford-fusion; compiles, untested 2020-05-05 01:28:37 -04:00
Michael Hartl
3e203634e3 Fix spelling of "existent" 2020-04-06 08:18:22 -07:00
Luke Champine
b3d78b5d71
eyre: Remove leading sig from password placeholder 2020-03-30 13:32:21 -04:00
Logan Allen
bd947421ca eyre: upon login redirect parameter being empty, redirect to / 2020-03-09 17:16:43 -07:00
Joe Bryan
67cef638c4 Merge branch 'master' into arvo-errors
* master: (484 commits)
  king: Slight CLI cleanup and fix test build.
  king: Add command-line flags to configure HTTP and HTTPS ports.
  groups: reduce metadata updates, removal
  chat: reducer handles metadata removal
  groups: exclude group metadata from channels list
  groups: set and surface group name metadata
  groups: remove dummy 'share' flow, 'default' group
  contacts: rename, migrate '~contacts' to '~groups'
  sh/release: rename vere release tarballs
  vere: patch version bump (v0.10.3 -> v0.10.4.rc1) [ci skip]
  pills: updated brass and solid
  chat: pull room contacts from associated group
  chat: spell 'permanent' correctly
  eyre: remove padding from 'access' input
  chat: only delete metadata for a chat if you created it
  chat: settings inputs add borders on focus
  vere: disables gc on |mass in the daemon process
  chat: remove console.log from metadataAction
  chat: style fixes during review, use metadata-hook
  chat: edit description, color settings
  ...
2020-03-05 11:56:49 -08:00
Matilde Park
dd402e315f eyre: remove padding from 'access' input 2020-03-03 19:52:04 -05:00
Joe Bryan
53d9798cda vane: prints error notifications where not handled 2020-02-26 16:56:17 -08:00
Joe Bryan
4cae84d9ac vane: downcast all error notifications to %crud 2020-02-26 16:56:17 -08:00
Joe Bryan
df970ed417 arvo: passes errors to all vanes 2020-02-26 16:56:17 -08:00
Matilde Park
12b2d4756e eyre: add dark mode styling to sign-in 2020-02-21 21:56:25 -05:00
Isaac Visintainer
00a9eb9eab Merge branch 'master' into os1-rc 2020-02-19 16:04:21 -08:00