From 01cd2be5e3cbc8476a5bf75d4d674e8bc0b9a951 Mon Sep 17 00:00:00 2001 From: Vladislav Grishenko Date: Tue, 4 Feb 2020 05:35:10 +0500 Subject: [PATCH 1/5] httpd: improve connection acceptance and handling * allow up to 128 connections only within last 5 seconds * sync listening socet backlog count with currentmax connections * fix dead connections reset with 5 seconds timeout, previously they can hang even over 60 seconds * fix accepted conenction instant handling, previously they can hang forever if case of multiple client connections * minor cleanup --- release/src/router/httpd/httpd.c | 42 +++++++++++++++++++------------- 1 file changed, 25 insertions(+), 17 deletions(-) diff --git a/release/src/router/httpd/httpd.c b/release/src/router/httpd/httpd.c index 74db4298226..22b2b3767c5 100644 --- a/release/src/router/httpd/httpd.c +++ b/release/src/router/httpd/httpd.c @@ -95,13 +95,14 @@ typedef union { } usockaddr; #include "queue.h" -#define MAX_CONN_ACCEPT 64 -#define MAX_CONN_TIMEOUT 60 +#define MAX_CONN_ACCEPT 128 +#define MAX_CONN_TIMEOUT 5 typedef struct conn_item { TAILQ_ENTRY(conn_item) entry; int fd; usockaddr usa; + time_t deadline; } conn_item_t; typedef struct conn_list { @@ -279,6 +280,7 @@ int temp_turn_off_auth = 0; // for QISxxx.htm pages /* Const vars */ const int int_1 = 1; +const struct linger linger = { 1, 0 }; void http_login(unsigned int ip, char *url); void http_login_timeout(unsigned int ip, char *cookies, int fromapp_flag); @@ -357,7 +359,7 @@ initialize_listen_socket(usockaddr* usa, const char *ifname) perror("bind"); goto error; } - if (listen(fd, 1024) < 0) { + if (listen(fd, MAX_CONN_ACCEPT) < 0) { perror( "listen" ); goto error; } @@ -2072,12 +2074,16 @@ int main(int argc, char **argv) return errno; } + /* Reuse timestamp */ + tv.tv_sec = uptime(); + /* Check and accept new connection */ - item = NULL; for (i = 0; count && i < ARRAY_SIZE(listen_fd); i++) { if (listen_fd[i] < 0 || !FD_ISSET(listen_fd[i], &rfds)) continue; + count--; + item = malloc(sizeof(*item)); if (item == NULL) { perror("malloc"); @@ -2094,6 +2100,7 @@ int main(int argc, char **argv) /* Set the KEEPALIVE option to cull dead connections */ setsockopt(item->fd, SOL_SOCKET, SO_KEEPALIVE, &int_1, sizeof(int_1)); + item->deadline = tv.tv_sec + MAX_CONN_TIMEOUT; /* Add to active connections */ FD_SET(item->fd, &active_rfds); @@ -2101,12 +2108,12 @@ int main(int argc, char **argv) pool.count++; } /* Continue waiting over again */ - if (count && item) + if (count == 0) continue; /* Check and process pending or expired requests */ TAILQ_FOREACH_SAFE(item, &pool.head, entry, next) { - if (count && !FD_ISSET(item->fd, &rfds)) + if (item->deadline > tv.tv_sec && !FD_ISSET(item->fd, &rfds)) continue; /* Delete from active connections */ @@ -2115,19 +2122,19 @@ int main(int argc, char **argv) pool.count--; /* Process request if any */ - if (count) { + if (FD_ISSET(item->fd, &rfds)) { #ifdef RTCONFIG_HTTPS if (do_ssl) { ssl_stream_fd = item->fd; if (!(conn_fp = ssl_server_fopen(item->fd))) { perror("fdopen(ssl)"); - goto skip; + goto reset; } } else #endif if (!(conn_fp = fdopen(item->fd, "r+"))) { perror("fdopen"); - goto skip; + goto reset; } http_login_cache(&item->usa); @@ -2141,19 +2148,20 @@ int main(int argc, char **argv) #ifdef RTCONFIG_HTTPS if (!do_ssl) #endif - shutdown(item->fd, 2), item->fd = -1; + { + shutdown(item->fd, SHUT_RDWR); + item->fd = -1; + } fclose(conn_fp); - - skip: - /* Skip the rest of */ - if (--count == 0) - next = NULL; - + } else { + /* Reset connection */ + reset: + setsockopt(item->fd, SOL_SOCKET, SO_LINGER, &linger, sizeof(linger)); } /* Close timed out and/or still alive */ if (item->fd >= 0) { - shutdown(item->fd, 2); + shutdown(item->fd, SHUT_RDWR); close(item->fd); } From 7c45041aafdfca650927fba87a2a62c8b272dd05 Mon Sep 17 00:00:00 2001 From: Vladislav Grishenko Date: Tue, 4 Feb 2020 05:40:48 +0500 Subject: [PATCH 2/5] httpd: fix malformed 200 OK status --- release/src/router/httpd/httpd.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/release/src/router/httpd/httpd.c b/release/src/router/httpd/httpd.c index 22b2b3767c5..6aec95c1823 100644 --- a/release/src/router/httpd/httpd.c +++ b/release/src/router/httpd/httpd.c @@ -1342,10 +1342,10 @@ handle_request(void) } if(nvram_match("x_Setting", "0") && (strcmp(url, "QIS_default.cgi")==0 || strcmp(url, "page_default.cgi")==0 || !strcmp(websGetVar(file, "x_Setting", ""), "1"))){ if(!fromapp) set_referer_host(); - send_token_headers( 200, "Ok", handler->extra_header, handler->mime_type, fromapp); + send_token_headers( 200, "OK", handler->extra_header, handler->mime_type, fromapp); }else if(strncmp(url, "login.cgi", strlen(url))!=0){ - send_headers( 200, "Ok", handler->extra_header, handler->mime_type, fromapp); + send_headers( 200, "OK", handler->extra_header, handler->mime_type, fromapp); } if (strcasecmp(method, "head") != 0 && handler->output) { handler->output(file, conn_fp); From 608d51be9d0b5d8b0d8317d6c4f21a27b9b81fea Mon Sep 17 00:00:00 2001 From: Decoderman Date: Fri, 7 Feb 2020 16:01:03 +0100 Subject: [PATCH 3/5] Add files via upload Revision 1: Additional checks for standard amtm profile.add alias. Shows download server in use when updating. --- release/src/router/others/amtm | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/release/src/router/others/amtm b/release/src/router/others/amtm index 2e5dfff37e8..89400548b64 100755 --- a/release/src/router/others/amtm +++ b/release/src/router/others/amtm @@ -10,7 +10,7 @@ add=/jffs/addons/amtm amtmURL=https://fwupdate.asuswrt-merlin.net/amtm_fw -amtmRev=0 +amtmRev=1 a_m(){ [ -z "$am" ] && am=$1 || am="$am\\n$1";} c_nl(){ [ -n "$(tail -c2 "$1")" ] && echo >> "$1";} @@ -46,6 +46,8 @@ g_m(){ [ "$1" = amtm.mod ] && set -- "$1" "$2" "${add}/a_fw" [ "$3" ] || set -- "$1" "$2" "${add}" if [ "$2" = new ]; then + [ -z "$dlLoc" ] && a_m "\\n Getting from $(echo $amtmURL | awk -F[/:] '{print $4}')" + dlLoc=1 c_url "$amtmURL/$1" -o "$3/${1}.new" if [ -s "$3/${1}.new" ]; then if grep -wq '^#bof' "$3/${1}.new" && grep -wq '^#eof' "$3/${1}.new"; then @@ -156,13 +158,13 @@ init_amtm(){ fi mv /jffs/amtm-* "${add}" 2> /dev/null;mv /jffs/.amtm_* "${add}" 2> /dev/null c_t + if [ -f "/jffs/configs/profile.add" ]; then + sed -i '/alias amtm=/d' /jffs/configs/profile.add >/dev/null + r_w_e /jffs/configs/profile.add + unalias amtm 2> /dev/null + fi if [ -f /jffs/scripts/amtm ] || [ -f /opt/bin/amtm ]; then - rm -f /jffs/scripts/amtm;rm -f /opt/bin/amtm - if [ -f "/jffs/configs/profile.add" ]; then - sed -i '/alias amtm=/d' /jffs/configs/profile.add >/dev/null - r_w_e /jffs/configs/profile.add - unalias amtm 2> /dev/null - fi + rm -f /jffs/scripts/amtm /opt/bin/amtm a_m " amtm migrated to integrated firmware version" else a_m " Initializing amtm for first run" From fc7ed1e30a8fd921b7daf3c3e2185397288a21bd Mon Sep 17 00:00:00 2001 From: Eric Sauvageau Date: Sat, 8 Feb 2020 13:28:35 -0500 Subject: [PATCH 4/5] Updated documentation --- Changelog-NG.txt | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/Changelog-NG.txt b/Changelog-NG.txt index 60261272868..780491e1a15 100644 --- a/Changelog-NG.txt +++ b/Changelog-NG.txt @@ -1,9 +1,9 @@ Asuswrt-Merlin 384/NG Changelog =============================== -384.15 (xx-xxx-2020) +384.15 (8-Feb-2020) The RT-AC87U and RT-AC3200 are not supported by this release, see - the 384.13_3 release released separately for these two models. + the 384.13_4 release released separately for these two models. - NEW: wan-event script. The first parameter will be the WAN unit (0 for first WAN, 1 for secondary). The second parameter @@ -29,6 +29,8 @@ Asuswrt-Merlin 384/NG Changelog advanced firewall extension). The plugins for amtm are still maintained by its original author (thelonelycoder). + https://github.com/RMerl/asuswrt-merlin/wiki/AMTM + - UPDATED: Backported some fixes from 384_81981, mostly related to WAN, port bonding and mdns. - UPDATED: Merged GPL 384_7756 for RT-AX88U, which adds OFDMA and @@ -41,11 +43,12 @@ Asuswrt-Merlin 384/NG Changelog - CHANGED: Replaced entware-setup.sh script with link to amtm, as using the amtm Entware installer is now the supported method. + - CHANGED: Improved connection handling in httpd (themiron) - FIXED: Some of the newest DNSFilter servers weren't properly set up with IPv6 (dave14305) -384.13_3 (xx-xxx-2020) +384.13_4 (8-Feb-2020) This release is only available for the RT-AC87U and RT-AC3200. - NEW: wan-event script. The first parameter will be the WAN unit @@ -72,6 +75,8 @@ Asuswrt-Merlin 384/NG Changelog advanced firewall extension). The plugins for amtm are still maintained by its original author (thelonelycoder). + https://github.com/RMerl/asuswrt-merlin/wiki/AMTM + - UPDATED: odhcp6c to 1.1-97-ge199804 (themiron) - UPDATED: openssl-1.0 to 1.0.2u - UPDATED: curl to 7.67.0. @@ -80,6 +85,7 @@ Asuswrt-Merlin 384/NG Changelog - CHANGED: Replaced entware-setup.sh script with link to amtm, as using the amtm Entware installer is now the supported method. + - CHANGED: Improved connection handling in httpd (themiron) - FIXED: Some of the newest DNSFilter servers weren't properly set up with IPv6 (dave14305) From c7e4e10487403156b8715d0d5d7ac76e8a7cc2d8 Mon Sep 17 00:00:00 2001 From: Eric Sauvageau Date: Sat, 8 Feb 2020 13:29:16 -0500 Subject: [PATCH 5/5] Bumped revision to 384.15 final --- release/src-rt/version.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/release/src-rt/version.conf b/release/src-rt/version.conf index a6ed709ae62..05971b80284 100644 --- a/release/src-rt/version.conf +++ b/release/src-rt/version.conf @@ -1,5 +1,5 @@ KERNEL_VER=3.0 FS_VER=0.4 SERIALNO=384.15 -EXTENDNO=beta1 +EXTENDNO=0 RCNO=0