codecov[bot]
commented
1 year ago Codecov Report
Patch coverage: 22.64% and project coverage change: -0.08 :warning:
Comparison is base (
7c57026) 76.74% compared to head (1555b53) 76.65%.
Additional details and impacted files
```diff @@ Coverage Diff @@ ## main #424 +/- ## ========================================== - Coverage 76.74% 76.65% -0.08% ========================================== Files 199 199 Lines 13635 13654 +19 ========================================== + Hits 10463 10466 +3 - Misses 3172 3188 +16 ``` | Flag | Coverage Δ | | |---|---|---| | unittests | `76.65% <22.64%> (-0.08%)` | :arrow_down: | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Daniele+Salvatore+Albano#carryforward-flags-in-the-pull-request-comment) to find out more. | [Impacted Files](https://app.codecov.io/gh/danielealbano/cachegrand/pull/424?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Daniele+Salvatore+Albano) | Coverage Δ | | |---|---|---| | [src/network/channel/network\_channel\_tls.c](https://app.codecov.io/gh/danielealbano/cachegrand/pull/424?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Daniele+Salvatore+Albano#diff-c3JjL25ldHdvcmsvY2hhbm5lbC9uZXR3b3JrX2NoYW5uZWxfdGxzLmM=) | `2.09% <0.00%> (-0.10%)` | :arrow_down: | | [src/network/network.c](https://app.codecov.io/gh/danielealbano/cachegrand/pull/424?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Daniele+Salvatore+Albano#diff-c3JjL25ldHdvcmsvbmV0d29yay5j) | `79.43% <0.00%> (-0.57%)` | :arrow_down: | | [src/worker/network/worker\_network\_op.c](https://app.codecov.io/gh/danielealbano/cachegrand/pull/424?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Daniele+Salvatore+Albano#diff-c3JjL3dvcmtlci9uZXR3b3JrL3dvcmtlcl9uZXR3b3JrX29wLmM=) | `60.84% <12.00%> (-8.60%)` | :arrow_down: | | [src/worker/network/worker\_network\_iouring\_op.c](https://app.codecov.io/gh/danielealbano/cachegrand/pull/424?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Daniele+Salvatore+Albano#diff-c3JjL3dvcmtlci9uZXR3b3JrL3dvcmtlcl9uZXR3b3JrX2lvdXJpbmdfb3AuYw==) | `70.18% <60.00%> (+6.59%)` | :arrow_up: | ... and [3 files with indirect coverage changes](https://app.codecov.io/gh/danielealbano/cachegrand/pull/424/indirect-changes?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Daniele+Salvatore+Albano):umbrella: View full report in Codecov by Sentry.
:loudspeaker: Do you have feedback about the report comment? Let us know in this issue.
This PR changes when the TLS handshake is performed as currently a TCP/IP connection initiated on a TLS-enabled port will prevent the listener from starting its accept wait-loop until it completes the handshakes or fails it.
As consequence of the implementation, this behaviour can easily be used for DDOS attacks.
The PR moves the TLS handshake into the fiber created to handle the incoming connection ensuring that the TLS handshake itself will run the read and write operations in that fiber and not in the listener fiber leaving the listener fiber able to go back to accepting new connections.
To further improve the security, also a new flag to track the handshake status has been introduced and it's used to decide how much time a receive operation shall wait: if set to false, the receive operation will only wait up to 500ms for each read, ensuring that stalling TCP/IP connections over a TLS-enabled port will not saturate the allowed connections for no reason. As part of this additional implementation, a new receive timeout callback has been introduced in the worker network stack and its counterpart in the io_uring worker network stack support has been implemented.