From 3aa6aa83d05249d7081a8c19a28ce9b9c4566da2 Mon Sep 17 00:00:00 2001 From: Stefan Boberg Date: Thu, 12 Mar 2026 17:02:01 +0100 Subject: Add --no-network option (#831) - Add `--no-network` CLI option which disables all TCP/HTTPS listeners, restricting zenserver to Unix domain socket communication only. - Also fixes asio upgrade breakage on main --- src/zenserver/config/config.cpp | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) (limited to 'src/zenserver/config/config.cpp') diff --git a/src/zenserver/config/config.cpp b/src/zenserver/config/config.cpp index 858225032..c550b174c 100644 --- a/src/zenserver/config/config.cpp +++ b/src/zenserver/config/config.cpp @@ -153,6 +153,7 @@ ZenServerConfiguratorBase::AddCommonConfigOptions(LuaConfig::Options& LuaOptions LuaOptions.AddOption("network.port"sv, ServerOptions.BasePort, "port"sv); LuaOptions.AddOption("network.forceloopback"sv, ServerOptions.HttpConfig.ForceLoopback, "http-forceloopback"sv); LuaOptions.AddOption("network.unixsocket"sv, ServerOptions.HttpConfig.UnixSocketPath, "unix-socket"sv); + LuaOptions.AddOption("network.nonetwork"sv, ServerOptions.HttpConfig.NoNetwork, "no-network"sv); LuaOptions.AddOption("network.https.port"sv, ServerOptions.HttpConfig.HttpsPort, "https-port"sv); LuaOptions.AddOption("network.https.certfile"sv, ServerOptions.HttpConfig.CertFile, "cert-file"sv); LuaOptions.AddOption("network.https.keyfile"sv, ServerOptions.HttpConfig.KeyFile, "key-file"sv); @@ -322,6 +323,13 @@ ZenServerCmdLineOptions::AddCliOptions(cxxopts::Options& options, ZenServerConfi cxxopts::value(ServerOptions.HttpConfig.UnixSocketPath), ""); + options.add_option("network", + "", + "no-network", + "Disable TCP/HTTPS listeners; only accept connections via --unix-socket", + cxxopts::value(ServerOptions.HttpConfig.NoNetwork)->default_value("false"), + ""); + options.add_option("network", "", "https-port", @@ -513,6 +521,25 @@ ZenServerCmdLineOptions::ApplyOptions(cxxopts::Options& options, ZenServerConfig } #endif + // Validate --no-network + if (ServerOptions.HttpConfig.NoNetwork) + { + if (ServerOptions.HttpConfig.UnixSocketPath.empty()) + { + throw OptionParseException("'--no-network' requires '--unix-socket' to be set", options.help()); + } +#if ZEN_WITH_HTTPSYS + if (ServerOptions.HttpConfig.ServerClass == "httpsys") + { + throw OptionParseException("'--no-network' is not compatible with '--http=httpsys'", options.help()); + } +#endif + if (ServerOptions.HttpConfig.ServerClass.empty()) + { + ServerOptions.HttpConfig.ServerClass = "asio"; + } + } + // Validate generic HTTPS options (used by ASIO backend) if (ServerOptions.HttpConfig.HttpsPort > 0) { -- cgit v1.2.3 From 7723e3b48a112d107bb0f6f3c0569b565e937e7d Mon Sep 17 00:00:00 2001 From: Stefan Boberg Date: Fri, 13 Mar 2026 09:02:52 +0100 Subject: Switch httpclient default back-end over to libcurl (#832) Switches the default HTTP client to the libcurl-based backend and follows up with a series of correctness fixes and code quality improvements to `CurlHttpClient`. **Backend switch & build fixes:** - Switch default HTTP client to libcurl-based backend - Suppress `[[nodiscard]]` warning when building fmt - Miscellaneous bugfixes in HttpClient/libcurl - Pass `-y` to `xmake config` in `xmake test` task **Boilerplate reduction:** - Add `Session::SetHeaders()` for RAII ownership of `curl_slist`, eliminating manual `curl_slist_free_all` calls from every verb method - Add `Session::PerformWithResponseCallbacks()` to absorb the repeated 12-line write+header callback setup block - Extract `ParseHeaderLine()` shared helper, replacing 4 duplicate header-parsing implementations - Extract `BuildHeaderMap()` and `ApplyContentTypeFromHeaders()` helpers to deduplicate header-to-map conversion and Content-Type scanning - Unify the two `DoWithRetry` overloads (PayloadFile variant now delegates to the Validate variant) **Correctness fixes:** - `TransactPackage`: both phases now use `PerformWithResponseCallbacks()`, fixing missing abort support and a dead header collection loop - `TransactPackage`: error path now routes through `CommonResponse`, preserving curl error codes and messages for the caller - `ValidatePayload`: merged 3 separate header-scan loops into a single pass **Performance improvements:** - Replace `fmt::format` with `ExtendableStringBuilder` in `BuildHeaderList` and `BuildUrlWithParameters`, eliminating heap allocations in the common case - Replace `curl_easy_escape`/`curl_free` with inline URL percent-encoding using `AsciiSet` - Remove wasteful `CommonResponse(...)` construction in retry logging, formatting directly from `CurlResult` fields --- src/zenserver/config/config.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/zenserver/config/config.cpp') diff --git a/src/zenserver/config/config.cpp b/src/zenserver/config/config.cpp index c550b174c..8118cb424 100644 --- a/src/zenserver/config/config.cpp +++ b/src/zenserver/config/config.cpp @@ -413,7 +413,7 @@ ZenServerCmdLineOptions::AddCliOptions(cxxopts::Options& options, ZenServerConfi "", "httpclient", "Select HTTP client implementation (e.g. 'curl', 'cpr')", - cxxopts::value(ServerOptions.HttpClient.Backend)->default_value("cpr"), + cxxopts::value(ServerOptions.HttpClient.Backend)->default_value("curl"), ""); options.add_option("network", -- cgit v1.2.3 From ef586f5930ac761f8e8e18cde2ebd5248efeaa4a Mon Sep 17 00:00:00 2001 From: Stefan Boberg Date: Fri, 13 Mar 2026 09:24:59 +0100 Subject: Unix Domain Socket auto discovery (#833) This PR adds end-to-end Unix domain socket (UDS) support, allowing zen CLI to discover and connect to UDS-only servers automatically. - **`unix://` URI scheme in zen CLI**: The `-u` / `--hosturl` option now accepts `unix:///path/to/socket` to connect to a zenserver via a Unix domain socket instead of TCP. - **Per-instance shared memory for extended server info**: Each zenserver instance now publishes a small shared memory section (keyed by SessionId) containing per-instance data that doesn't fit in the fixed-size ZenServerEntry -- starting with the UDS socket path. This is a 4KB pagefile-backed section on Windows (`Global\ZenInstance_{sessionid}`) and a POSIX shared memory object on Linux/Mac (`/UnrealEngineZen_{sessionid}`). - **Client-side auto-discovery of UDS servers**: `zen info`, `zen status`, etc. now automatically discover and prefer UDS connections when a server publishes a socket path. Servers running with `--no-network` (UDS-only) are no longer invisible to the CLI. - **`kNoNetwork` flag in ZenServerEntry**: Servers started with `--no-network` advertise this in their shared state entry. Clients skip TCP fallback for these servers, and display commands (`ps`, `status`, `top`) show `-` instead of a port number to indicate TCP is not available. --- src/zenserver/config/config.cpp | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'src/zenserver/config/config.cpp') diff --git a/src/zenserver/config/config.cpp b/src/zenserver/config/config.cpp index 8118cb424..60ae93853 100644 --- a/src/zenserver/config/config.cpp +++ b/src/zenserver/config/config.cpp @@ -201,6 +201,7 @@ struct ZenServerCmdLineOptions std::string DataDir; std::string BaseSnapshotDir; std::string SecurityConfigPath; + std::string UnixSocketPath; std::string PortStr; ZenLoggingCmdLineOptions LoggingOptions; @@ -320,7 +321,7 @@ ZenServerCmdLineOptions::AddCliOptions(cxxopts::Options& options, ZenServerConfi "", "unix-socket", "Unix domain socket path to listen on (in addition to TCP)", - cxxopts::value(ServerOptions.HttpConfig.UnixSocketPath), + cxxopts::value(UnixSocketPath), ""); options.add_option("network", @@ -480,6 +481,11 @@ ZenServerCmdLineOptions::ApplyOptions(cxxopts::Options& options, ZenServerConfig ServerOptions.BaseSnapshotDir = MakeSafeAbsolutePath(BaseSnapshotDir); ServerOptions.SecurityConfigPath = MakeSafeAbsolutePath(SecurityConfigPath); + if (!UnixSocketPath.empty()) + { + ServerOptions.HttpConfig.UnixSocketPath = MakeSafeAbsolutePath(UnixSocketPath); + } + if (PortStr != "auto") { int Port = 0; -- cgit v1.2.3