Commit Graph

97 Commits

Author SHA1 Message Date
Brian Warner
0ddc93110b work on new Code state machine design 2017-04-06 12:22:44 -07:00
Brian Warner
299f89c01f new idea on code-input helper API 2017-04-06 12:22:44 -07:00
Brian Warner
4bd9d3579c go back to "input_code" instead of "type_code" 2017-04-06 12:22:44 -07:00
Brian Warner
5f9894ca63 API updates, make most tests pass, disable others
* finally wire up "application versions"
* remove when_verifier (which used to fire after key establishment, but
  before the VERSION message was received or verified)
* fire when_verified and when_version at the same time (after VERSION is
  verified), but with different args
2017-04-06 12:22:44 -07:00
Brian Warner
9571fcd388 docs: write up "journaled mode" 2017-04-06 12:22:44 -07:00
Brian Warner
20ec911b6c add API list, and speculative sections on serialization and dilation 2017-04-06 12:22:44 -07:00
Brian Warner
b4fdcfe53b update api.md 2017-04-06 12:22:44 -07:00
Brian Warner
51a73d6962 client-protocol docs: improve 2017-04-06 12:21:00 -07:00
Brian Warner
dd6e139c19 document file-transfer protocol and Transit 2017-04-06 12:21:00 -07:00
Brian Warner
187e14862d document client-to-client protocol 2017-04-06 12:21:00 -07:00
Brian Warner
9314c6918f start documenting the protocols 2017-04-06 12:21:00 -07:00
Brian Warner
6ada8252b7 Code: handle being connected before being told what to do 2017-04-06 12:21:00 -07:00
Brian Warner
e9f3107127 deliver app-versions up to Wormhole 2017-04-06 12:21:00 -07:00
Brian Warner
60a61c995b implement w.derive_key() 2017-04-06 12:21:00 -07:00
Brian Warner
b7b8df17be rename NameplateLister to Lister (unique prefix L) 2017-04-06 12:21:00 -07:00
Brian Warner
9a2d992815 reminder how ConnectionService should fail if first attempt fails 2017-04-06 12:21:00 -07:00
Brian Warner
fcdcf30ba8 docs: move state machine diagrams into separate directory 2017-04-06 12:21:00 -07:00
Brian Warner
610db612ba improve error handling
errors raised while processing a received message will cause the Wormhole to
close-with-error, and any pending Deferreds will be errbacked
2017-04-06 12:21:00 -07:00
Brian Warner
26adaabe18 implement new split nameplate/mailbox/terminator
fails even worse than before, of course
2017-04-06 12:21:00 -07:00
Brian Warner
02bea00366 dot: split Mailbox and Nameplate into separate machines
add Terminator for shutdown
2017-04-06 12:21:00 -07:00
Brian Warner
97d1ff859b logic bug: M.S4B.close() must not re-send RELEASE 2017-04-06 12:21:00 -07:00
Brian Warner
41b7bcfed5 working on fixes 2017-04-06 12:21:00 -07:00
Brian Warner
b7df5e21eb more tests, still failing 2017-04-06 12:21:00 -07:00
Brian Warner
8a2810ba70 test basic code allocation 2017-04-06 12:21:00 -07:00
Brian Warner
ef1904bc52 get null test working (open and immediate close) 2017-04-06 12:21:00 -07:00
Brian Warner
c95b6d402c Code: don't sent tx_allocate until we're connected
So Code needs connected/lost from the RendezvousConnector
2017-04-06 12:21:00 -07:00
Brian Warner
d4bedeafbf general fixes 2017-04-06 12:21:00 -07:00
Brian Warner
20814a65f4 rename Wormhole (machine) to Boss, leave room for higher-level thing 2017-04-06 12:21:00 -07:00
Brian Warner
a2ed35ceb8 remove old files, lots of type work 2017-04-06 12:21:00 -07:00
Brian Warner
80661392b6 build out all state machines
still early: automat is happy (they're syntactically valid), but the Outputs
are not implemented, and there are plenty of type mismatches
2017-04-06 12:21:00 -07:00
Brian Warner
a3ec344eb8 clean up machine names/initials
C: Code
RC: Rendezvous Connector
R: Receive
2017-04-06 12:21:00 -07:00
Brian Warner
f3b1e847e9 fix everything: should now be consistent and correct
Start with machines.dot, which gives the override. Then traverse downwards
from wormhole.dot .
2017-04-06 12:21:00 -07:00
Brian Warner
e85309a784 split out receive/send machines 2017-04-06 12:21:00 -07:00
Brian Warner
a675648335 code.dot: better names 2017-04-06 12:21:00 -07:00
Brian Warner
c050d06753 update code.dot 2017-04-06 12:21:00 -07:00
Brian Warner
50050dc140 finish wormhole.dot 2017-04-06 12:21:00 -07:00
Brian Warner
2fc5af7bd0 nameplates.dot: done 2017-04-06 12:21:00 -07:00
Brian Warner
44cc1399c4 make mailbox/mailbox_close/machines consistent
finally get mailbox.png layout good enough
2017-04-06 12:21:00 -07:00
Brian Warner
c9f3abe703 rename .dot files, remove obsolete ones 2017-04-06 12:21:00 -07:00
Brian Warner
40e0d6b663 more work, feels better now 2017-04-06 12:21:00 -07:00
Brian Warner
16c477424c more demo work 2017-04-06 12:21:00 -07:00
Brian Warner
7f3e86acca more fussing, split out M_S0 2017-04-06 12:21:00 -07:00
Brian Warner
f6930a9bfc more thoughts 2017-04-06 12:21:00 -07:00
Brian Warner
cf981222c5 think about "checkpointing" as a state
with async exit when the checkpoint is finally written. Not sure this is the
best idea.
2017-04-06 12:21:00 -07:00
Brian Warner
20b80be342 remove stale machines 2017-04-06 12:21:00 -07:00
Brian Warner
3af375b173 finish Mailbox state machine, including close 2017-04-06 12:21:00 -07:00
Brian Warner
b934192f20 work on Mailbox machine 2017-04-06 12:21:00 -07:00
Brian Warner
11a80f0018 moving to separate machine class 2017-04-06 12:21:00 -07:00
Brian Warner
a9a0bc43c7 w4.dot: redraw Connection Machine to match 2017-04-06 12:21:00 -07:00
Brian Warner
0b28137948 w3.dot: figure out close() pathways
d=M_close() will always do the verbose clean shutdown thing, and the Deferred
won't fire (e.g. we won't move to state "Ss") until we've deallocated our
server resources (nameplates and mailboxes), and we've finished shutting down
our websocket connection. So integration tests should wait on the Deferred to
make sure everything has stopped moving and the reactor is clean.

CLI applications that are following the success path can use M_close() and
wait on the Deferred before terminating.

CLI applications that wind up on some error path can either use M_close(), or
just SIGINT and leave the server to GC stuff later.

GUI applications can use M_close() but ignore the Deferred, and assume that
the program will keep running long enough to get the deallocation messages
through.

GUI+DB applications can use M_close() and then stop recording state changes,
and if the program remains running long enough, everything will be
deallocated, but if it terminates too soon, the server will have to GC.
2017-04-06 12:21:00 -07:00