Hi Peff, On Mon, May 18, 2020 at 12:50:56PM -0400, Jeff King wrote: > On Mon, May 18, 2020 at 11:47:17AM -0400, Denton Liu wrote: > > > Changes since v1: > > > > * Remove fallthrough in switch in favour of just extracting the common > > call out of the switch in patch 3 > > > > * Add more detail in function comment and use `const char linelen[4]` in > > patch 4 > > > > * Implement most of Peff's suggestions[0] in patch 5 > > > > * Only operate on stateless_connect() in patch 5 > > > > * Add tests in patch 5 > > > > * Drop "remote-curl: ensure last packet is a flush" in favour of > > "stateless-connect: send response end packet" > > Overall this looks pretty cleanly done. I left a few minor comments > throughout, but the real question is whether we prefer the "0002" packet > in the last one, or if we instead insist that the response end in a > flush. Thanks for the prompt review! > At first glance, the "0002" seems like it's more flexible, because we're > making fewer assumptions about what's being transferred over the > stateless-connect channel. But in reality it still has to be pktlines > (because we're checking them for incomplete or invalid packets already). > So all it really buys us is that the server response doesn't have to end > with a flush packet. > > So I dunno. The "0002" solution is slightly more flexible, but I'm not > sure it helps in practice. And it does eat up one of our two remaining > special packet markers. Yeah, I was worried about consuming a special packet. One alternative that I considered but is kind of gross is sending something like "0028gitremote-helper: response complete\n" instead of "0002". Then, instead of "0002" checks, we can check for that special string instead. I don't _think_ that stateless-connect currently allows for completely arbitrary data but I might be mistaken. > There is another solution, which would allow arbitrary data over > stateless-connect: adding an extra level of pktline framing between the > helper and the parent process. But that's rather ugly (inner pktlines > may be split across outer ones, so you have to do a bunch of buffer > reassembly). I think that's actually how v0 http works, IIRC. > IMHO it probably isn't worth pursuing. That extra layer wrecks the > elegance to the v2 stateless-connect approach, and we really do expect > only pktlines to go over it. This was the original approach that I was working on but I found it to be much too invasive for my liking. (Also, I never actually managed to get it working ;) ) I think I gave up when I realised I had to insert reframing logic into index-pack and unpack-objects. > So I think either of your solutions (enforcing a final flush, or the > 0002 packet) is preferable. I'm on the fence between them. I'm mostly on the fence too. One advantage of 0002, however, is that a malicious server can't end a request with 0002 as that's explicitly prevented. If a malicious server closes a connection after sending a 0000, I think that they could cause a deadlock to happen if there are multiple flush packets expected in a response. You mentioned in a sibling email that this currently doesn't happen wrt stateless-connect although I'm not sure if in the future, this is something that might change. I dunno. > -Peff
