feat: switch to secsock

Switch to SecSock

Author: mookums

.github/workflows/build.yml

@@ -1,8 +1,14 @@
 name: build
 on:
-  push:
   pull_request:
     branches: [ main ]
+  push:
+    branches: [ main ]
+  workflow_dispatch:
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
 
 jobs:
   build-examples:
@@ -16,7 +22,7 @@ jobs:
       - uses: actions/checkout@v2
       - uses: goto-bus-stop/setup-zig@v2
         with:
-          version: 0.13.0
+          version: 0.14.0
       - name: Build all examples 
         run: zig build
 
@@ -32,6 +38,6 @@ jobs:
       - uses: actions/checkout@v2
       - uses: goto-bus-stop/setup-zig@v2
         with:
-          version: 0.13.0
+          version: 0.14.0
       - name: Build all examples 
         run: zig build test --summary all

README.md

@@ -3,11 +3,13 @@
 
 
 ## Installing
-Latest Zig Stable: `0.13.0`
+Compatible Zig Version: `0.14.0`
 
-Latest zzz release: `0.2.0`
+Compatible [tardy](https://github.com/tardy-org/tardy) Version: `v0.3.0`
+
+Latest Release: `0.3.0`
 ```
-zig fetch --save git+https://github.com/tardy-org/zzz#v0.2.0
+zig fetch --save git+https://github.com/tardy-org/zzz#v0.3.0
 ```
 
 You can then add the dependency in your `build.zig` file:
@@ -21,7 +23,7 @@ exe.root_module.addImport(zzz);
 ```
 
 ## zzz?
-zzz is a framework for writing performant and reliable networked services in Zig. It supports both HTTP and HTTPS (using BearSSL for TLS).
+zzz is a framework for writing performant and reliable networked services in Zig. It supports both HTTP and HTTPS.
 
 zzz currently supports Linux, Mac and Windows. Linux is currently the recommended target for deployments.
 
@@ -60,7 +62,7 @@ zzz can be configured to utilize minimal memory while remaining performant. The
     - `poll` for Linux, Mac and Windows.
 - Layered Router, including Middleware
 - Single and Multithreaded Support
-- TLS using BearSSL
+- TLS using [secsock](https://github.com/tardy-org/secsock) 
 - Memory Pooling for minimal allocations 
 
 ## Contribution

build.zig

@@ -17,16 +17,12 @@ pub fn build(b: *std.Build) void {
 
     zzz.addImport("tardy", tardy);
 
-    const bearssl = b.dependency("bearssl", .{
+    const secsock = b.dependency("secsock", .{
         .target = target,
         .optimize = optimize,
-        // Without this, you get an illegal instruction error on certain paths.
-        // This makes it slightly slower but prevents faults.
-        .BR_LE_UNALIGNED = false,
-        .BR_BE_UNALIGNED = false,
-    }).artifact("bearssl");
+    }).module("secsock");
 
-    zzz.linkLibrary(bearssl);
+    zzz.addImport("secsock", secsock);
 
     add_example(b, "basic", false, target, optimize, zzz);
     add_example(b, "cookies", false, target, optimize, zzz);
@@ -45,7 +41,7 @@ pub fn build(b: *std.Build) void {
         .root_source_file = b.path("./src/tests.zig"),
     });
     tests.root_module.addImport("tardy", tardy);
-    tests.root_module.linkLibrary(bearssl);
+    tests.root_module.addImport("secsock", secsock);
 
     const run_test = b.addRunArtifact(tests);
     run_test.step.dependOn(&tests.step);

build.zig.zon

@@ -1,15 +1,16 @@
 .{
-    .name = "zzz",
+    .name = .zzz,
+    .fingerprint = 0xc3273dca261a7ae0,
     .version = "0.3.0",
-    .minimum_zig_version = "0.13.0",
+    .minimum_zig_version = "0.14.0",
     .dependencies = .{
         .tardy = .{
-            .url = "git+https://github.com/mookums/tardy#084f5e04b333a68c6b3c433de241f3dcc368b84b",
-            .hash = "1220960cc794c77b2b1fcab1de6fcf37c6c9571433473541007a0a9258dd7f4f8c0b",
+            .url = "git+https://github.com/tardy-org/tardy?ref=v0.3.0#cd454060f3b6006368d53c05ab96cd16c73c34de",
+            .hash = "tardy-0.3.0-69wrgi7PAwDFhO7m0aXae6N15s2b28VIOrnRrSHHake6",
         },
-        .bearssl = .{
-            .url = "git+https://github.com/mookums/bearssl-zig#37a96eee56fe2543579bbc6da148ca886f3dd32b",
-            .hash = "12200e89d16612100a2f145cfa292537ac25b2205735fc1c644c799d2995f94e8e20",
+        .secsock = .{
+            .url = "git+https://github.com/tardy-org/secsock?ref=v0.1.0#263dcd630e32c7a5c7a0522a8d1fd04e39b75c24",
+            .hash = "secsock-0.0.0-p0qurf09AQD95s1NQF2MGpBqMmFz7cKZWibsgv_SQBAr",
         },
     },
 

docs/getting_started.md

@@ -27,12 +27,12 @@ const Context = http.Context;
 const Route = http.Route;
 const Respond = http.Respond;
 
-fn base_handler(_: *const Context, _: void) !Respond {
-    return Respond{ .standard = .{
+fn base_handler(ctx: *const Context, _: void) !Respond {
+    return ctx.response.apply(.{
         .status = .OK,
         .mime = http.Mime.HTML,
         .body = "Hello, world!",
-    } };
+    });
 }
 
 pub fn main() !void {
@@ -43,19 +43,18 @@ pub fn main() !void {
     const allocator = gpa.allocator();
     defer _ = gpa.deinit();
 
-    var t = try Tardy.init(allocator, .{ .threading = .single });
+    var t = try Tardy.init(allocator, .{ .threading = .auto });
     defer t.deinit();
 
     var router = try Router.init(allocator, &.{
         Route.init("/").get({}, base_handler).layer(),
     }, .{});
     defer router.deinit(allocator);
 
-    // create socket for tardy
     var socket = try Socket.init(.{ .tcp = .{ .host = host, .port = port } });
     defer socket.close_blocking();
     try socket.bind();
-    try socket.listen(256);
+    try socket.listen(4096);
 
     const EntryParams = struct {
         router: *const Router,
@@ -66,13 +65,13 @@ pub fn main() !void {
         EntryParams{ .router = &router, .socket = socket },
         struct {
             fn entry(rt: *Runtime, p: EntryParams) !void {
-                var server = Server.init(rt.allocator, .{
+                var server = Server.init(.{
                     .stack_size = 1024 * 1024 * 4,
                     .socket_buffer_bytes = 1024 * 2,
                     .keepalive_count_max = null,
-                    .connection_count_max = 10,
+                    .connection_count_max = 1024,
                 });
-                try server.serve(rt, p.router, p.socket);
+                try server.serve(rt, p.router, .{ .normal = p.socket });
             }
         }.entry,
     );

docs/https.md

@@ -1,5 +1,5 @@
 # HTTPS
-zzz utilizes [BearSSL](https://bearssl.org/) to provide a safe and performant TLS implementation. This TLS functionality is entirely separated from the I/O for maximum portability.
+zzz utilizes [secsock](https://github.com/tardy-org/secsock) to provide a safe and performant TLS implementation. This TLS functionality is entirely separated from the I/O for maximum portability.
 
 *Note: TLS Support is not **entirely** complete yet. It's a very rough area that will be getting cleaned up in a future development cycle*
 
@@ -23,7 +23,10 @@ const Route = http.Route;
 const Router = http.Router;
 const Respond = http.Respond;
 
-fn root_handler(_: *const Context, _: void) !Respond {
+const secsock = zzz.secsock;
+const SecureSocket = secsock.SecureSocket;
+
+fn root_handler(ctx: *const Context, _: void) !Respond {
     const body =
         \\ <!DOCTYPE html>
         \\ <html>
@@ -36,32 +39,26 @@ fn root_handler(_: *const Context, _: void) !Respond {
         \\ </html>
     ;
 
-    return Respond{ .standard = .{
+    return ctx.response.apply(.{
         .status = .OK,
         .mime = http.Mime.HTML,
         .body = body[0..],
-    } };
+    });
 }
 
 pub fn main() !void {
     const host: []const u8 = "0.0.0.0";
     const port: u16 = 9862;
 
-    var gpa = std.heap.GeneralPurposeAllocator(
-        .{ .thread_safe = true },
-    ){ .backing_allocator = std.heap.c_allocator };
+    var gpa = std.heap.GeneralPurposeAllocator(.{}){};
     const allocator = gpa.allocator();
     defer _ = gpa.deinit();
 
-    var t = try Tardy.init(allocator, .{ .threading = .single });
+    var t = try Tardy.init(allocator, .{ .threading = .auto });
     defer t.deinit();
 
     var router = try Router.init(allocator, &.{
         Route.init("/").get({}, root_handler).layer(),
-        Route.init("/embed/pico.min.css").embed_file(
-            .{ .mime = http.Mime.CSS },
-            @embedFile("embed/pico.min.css"),
-        ).layer(),
     }, .{});
     defer router.deinit(allocator);
 
@@ -71,25 +68,27 @@ pub fn main() !void {
     try socket.bind();
     try socket.listen(1024);
 
+    var bearssl = secsock.BearSSL.init(allocator);
+    defer bearssl.deinit();
+    try bearssl.add_cert_chain(
+        "CERTIFICATE",
+        @embedFile("certs/cert.pem"),
+        "EC PRIVATE KEY",
+        @embedFile("certs/key.pem"),
+    );
+    const secure = try bearssl.to_secure_socket(socket, .server);
+
     const EntryParams = struct {
         router: *const Router,
-        socket: Socket,
+        socket: SecureSocket,
     };
 
     try t.entry(
-        EntryParams{ .router = &router, .socket = socket },
+        EntryParams{ .router = &router, .socket = secure },
         struct {
             fn entry(rt: *Runtime, p: EntryParams) !void {
-                var server = Server.init(rt.allocator, .{
-                    .security = .{ .tls = .{
-                        .cert = .{ .file = .{ .path = "./examples/tls/certs/cert.pem" } },
-                        .key = .{ .file = .{ .path = "./examples/tls/certs/key.pem" } },
-                        .cert_name = "CERTIFICATE",
-                        .key_name = "EC PRIVATE KEY",
-                    } },
-                    .stack_size = 1024 * 1024 * 8,
-                });
-                try server.serve(rt, p.router, p.socket);
+                var server = Server.init(.{ .stack_size = 1024 * 1024 * 8 });
+                try server.serve(rt, p.router, .{ .secure = p.socket });
             }
         }.entry,
     );

examples/basic/main.zig

@@ -54,13 +54,13 @@ pub fn main() !void {
         EntryParams{ .router = &router, .socket = socket },
         struct {
             fn entry(rt: *Runtime, p: EntryParams) !void {
-                var server = Server.init(rt.allocator, .{
+                var server = Server.init(.{
                     .stack_size = 1024 * 1024 * 4,
                     .socket_buffer_bytes = 1024 * 2,
                     .keepalive_count_max = null,
                     .connection_count_max = 1024,
                 });
-                try server.serve(rt, p.router, p.socket);
+                try server.serve(rt, p.router, .{ .normal = p.socket });
             }
         }.entry,
     );

examples/cookies/main.zig

@@ -63,13 +63,13 @@ pub fn main() !void {
         EntryParams{ .router = &router, .socket = socket },
         struct {
             fn entry(rt: *Runtime, p: EntryParams) !void {
-                var server = Server.init(rt.allocator, .{
+                var server = Server.init(.{
                     .stack_size = 1024 * 1024 * 4,
                     .socket_buffer_bytes = 1024 * 2,
                     .keepalive_count_max = null,
                     .connection_count_max = 10,
                 });
-                try server.serve(rt, p.router, p.socket);
+                try server.serve(rt, p.router, .{ .normal = p.socket });
             }
         }.entry,
     );

examples/form/main.zig

@@ -107,11 +107,11 @@ pub fn main() !void {
         EntryParams{ .router = &router, .socket = socket },
         struct {
             fn entry(rt: *Runtime, p: EntryParams) !void {
-                var server = Server.init(rt.allocator, .{
+                var server = Server.init(.{
                     .stack_size = 1024 * 1024 * 4,
                     .socket_buffer_bytes = 1024 * 2,
                 });
-                try server.serve(rt, p.router, p.socket);
+                try server.serve(rt, p.router, .{ .normal = p.socket });
             }
         }.entry,
     );

examples/fs/main.zig

@@ -72,11 +72,11 @@ pub fn main() !void {
         EntryParams{ .router = &router, .socket = socket },
         struct {
             fn entry(rt: *Runtime, p: EntryParams) !void {
-                var server = Server.init(rt.allocator, .{
+                var server = Server.init(.{
                     .stack_size = 1024 * 1024 * 4,
                     .socket_buffer_bytes = 1024 * 4,
                 });
-                try server.serve(rt, p.router, p.socket);
+                try server.serve(rt, p.router, .{ .normal = p.socket });
             }
         }.entry,
     );