karliss
commented
3 years ago What is the remaining use for webserver in rizin. I thought that webui was removed.
Open XVilka opened 3 years ago
karliss
commented
3 years ago What is the remaining use for webserver in rizin. I thought that webui was removed.
XVilka
commented
3 years ago rz-pipe through http:// protocol/URI
jvoisin
commented
3 years ago What about using windbg or gdb/llbm protocol instead of http?
ret2libc
commented
3 years ago @jvoisin would windbg/gdb/llbm be flexible enough to allow rz-pipe through them? (i know nothing about those protocols, sorry).
yossizap
commented
3 years ago The GDB/LLDB/WinDBG protocols are more suitable for debugging processes and aren't easy to read, debug and extend. I think that the idea here is to share rizin's stdin/stdout/stderr over a simple protocol with custom commands.
It's possible to implement any functionality in rizin using gdb's "monitor" command that passes a string to a custom command implementation in the interpreter(OpenOCD does this) but a gdb frontend connecting to a server with this implementation will only be able to send commands using target remote | command so I don't really see the advantage compared to http.
fyi, it's already possible to run rizin as a gdbserver(and connect to it with lldb/gdb/another instance of rizin) for debugging using =g
$ rizin -
[0x00000000]> =g?
|Usage: =[g] [...] # gdb server
| gdbserver:
| =g port file [args] listen on 'port' debugging 'file' using gdbserver
| =g! port file [args] same as above, but debug protocol messages (like gdbserver --remote-debug)not sure if this is actually stable
XVilka
commented
3 years ago GDB protocol is a mess with a mix of XML, text, and binary data. WinDbg is slightly better but isn't well documented. If you want to use the specifically designed protocol, it's probably better to just serialize some structures like current Projects feature do and send them over the network.
stale[bot]
commented
3 years ago This issue has been automatically marked as stale because it has not had recent activity. Considering a lot has probably changed since its creation, we kindly ask you to check again if the issue you reported is still relevant in the current version of rizin. If it is, update this issue with a comment, otherwise it will be automatically closed if no further activity occurs. Thank you for your contributions.
stale[bot]
commented
2 years ago This issue has been automatically marked as stale because it has not had recent activity. Considering a lot has probably changed since its creation, we kindly ask you to check again if the issue you reported is still relevant in the current version of rizin. If it is, update this issue with a comment, otherwise it will be automatically closed if no further activity occurs. Thank you for your contributions.
stale[bot]
commented
2 years ago This issue has been automatically closed because marked as stale and it has not been updated since then. If the issue is still relevant, feel free to re-open it or open a new one.
Currently, Rizin implements all features for the Web server by itself, thus prone to more mistakes in handling network protocols, lagging behind SSL/TLS evolution, etc.
I propose to consider to use existing and wide-spread small embeddable C library that implements all of that and is being updated in lockstep with the Web/protocols progress. Ideally, we should find something that is LGPL/MIT/BSD-licensed.
Possible candidates are:
See these files that are to be changed:
librz/core/rtr_http.clibrz/socket/socket_http.clibrz/socket/socket_http_server.cNote, that we should avoid too many unnecessary dependencies and still be able to build the
rizinstatically and be sure it works the same under all supported platforms - Linux, Windows, MacOS, *BSD, Haiku, etc.Speaking of
libmicrohttpdit is relatively small: