dohertj2/natsdotnet
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
253 Commits 2 Branches 0 Tags
7dcf5776b3cdaef61dbca1fa66f14865b55be9af
Commit Graph

183 Commits

Author SHA1 Message Date
Joseph Doherty
7a897c1087 feat: add MaxSubs enforcement, delivery-time deny filtering, auto-unsub cleanup 2026-02-23 00:53:15 -05:00
Joseph Doherty
e9b6c7fdd3 feat: add protocol tracing (<<- op arg) at LogLevel.Trace 2026-02-23 00:52:00 -05:00
Joseph Doherty
1269ae8275 feat: implement /subz endpoint with account filter, test subject, and pagination 2026-02-23 00:50:26 -05:00
Joseph Doherty
0347e8a28c fix: increment _removes counter in RemoveBatch for accurate stats 2026-02-23 00:48:53 -05:00
Joseph Doherty
6afe11ad4d feat: add per-account connection/subscription limits with AccountConfig 2026-02-23 00:46:16 -05:00
Joseph Doherty
345e7ca15c feat: implement log reopening on SIGUSR1 signal 2026-02-23 00:46:09 -05:00
Joseph Doherty
cc0fe04f3c feat: add generation-based cache, Stats, HasInterest, NumInterest, RemoveBatch, All, ReverseMatch to SubList 2026-02-23 00:45:28 -05:00
Joseph Doherty
cf75077bc4 feat: add CLI flags for debug/trace modes, file logging, syslog, color, timestamps 2026-02-23 00:43:27 -05:00
Joseph Doherty
4ad821394b feat: add -D/-V/-DV debug/trace CLI flags and file logging support 2026-02-23 00:41:49 -05:00
Joseph Doherty
b7c0e321d9 fix: move stale connection stat increments to detection site in RunPingTimerAsync 2026-02-23 00:41:12 -05:00
Joseph Doherty
0ec5583422 fix: address code quality review findings for batch 1 
- SubjectsCollide: split tokens once upfront instead of O(n²) TokenAt calls
- NatsHeaderParser: manual digit accumulation avoids string allocation and overflow
- NatsHeaders: use IReadOnlyDictionary for Headers, immutable Invalid sentinel
- PermissionLruCache: add missing Count property
 2026-02-23 00:40:14 -05:00
Joseph Doherty
cd4ae3cce6 feat: add stale connection stats tracking and varz exposure 2026-02-23 00:38:43 -05:00
Joseph Doherty
eb25d52ed5 feat: add RTT tracking and first-PING delay to NatsClient 2026-02-23 00:34:30 -05:00
Joseph Doherty
dddced444e feat: add NumTokens, TokenAt, SubjectsCollide, UTF-8 validation to SubjectMatch 2026-02-23 00:33:43 -05:00
Joseph Doherty
e87d4c00d9 feat: add NatsHeaderParser for MIME header parsing 2026-02-23 00:33:24 -05:00
Joseph Doherty
7cf6bb866e feat: add PermissionLruCache (128-entry LRU) and wire into ClientPermissions 2026-02-23 00:33:15 -05:00
Joseph Doherty
17a0a217dd feat: add MaxSubs, MaxSubTokens, Debug, Trace, LogFile, LogSizeLimit, Tags to NatsOptions 2026-02-23 00:32:12 -05:00
Joseph Doherty
573cd06bb1 feat: add logging and timestamp options to NatsOptions 2026-02-23 00:29:45 -05:00
Joseph Doherty
a0f02d6641 chore: add Serilog.Sinks.File and SyslogMessages packages 2026-02-23 00:28:32 -05:00
Joseph Doherty
3941c85e76 Merge branch 'feature/core-lifecycle' into main 
Reconcile close reason tracking: feature branch's MarkClosed() and
ShouldSkipFlush/FlushAndCloseAsync now use main's ClientClosedReason
enum. ClosedState enum retained for forward compatibility.
 2026-02-23 00:09:30 -05:00
Joseph Doherty
f5c0c4f906 feat: wire pending bytes and close reason into connz monitoring 2026-02-22 23:57:39 -05:00
Joseph Doherty
2fb14821e0 feat: add no-responders CONNECT validation and tests 
Reject connections that send no_responders:true without headers:true,
since the 503 HMSG response requires header support. Add three tests:
connection rejection, acceptance with headers, and 503 delivery flow.
 2026-02-22 23:56:49 -05:00
Joseph Doherty
04305447f9 feat: implement verbose mode (+OK after commands) 
When a client sends CONNECT {"verbose":true}, the server now responds
with +OK\r\n after successfully processing CONNECT, PING, SUB, UNSUB,
and PUB/HPUB commands, matching the Go NATS server behavior.
 2026-02-22 23:54:41 -05:00
Joseph Doherty
df39ebdc58 feat: add signal handling (SIGTERM, SIGUSR2, SIGHUP) and CLI stubs 2026-02-22 23:52:49 -05:00
Joseph Doherty
bce793fd42 perf: batch stat increments per read cycle in ProcessCommandsAsync 
Accumulate InMsgs/InBytes locally per ReadAsync cycle and flush once,
reducing from 4 Interlocked operations per published message to 2 per
read cycle. This matches the Go server's approach of batching stats.
 2026-02-22 23:52:09 -05:00
Joseph Doherty
e57605f090 feat: add PID file and ports file support 2026-02-22 23:50:22 -05:00
Joseph Doherty
c522ce99f5 feat: add delivery tracking and no-responders 503 support to ProcessMessage 
When a PUB with a reply-to subject has no matching subscribers and the
sender opted into no_responders, send a 503 HMSG back on the reply
subject so request-reply callers can fail fast instead of timing out.
 2026-02-22 23:49:39 -05:00
Joseph Doherty
34067f2b9b feat: add lame duck mode with staggered client shutdown 2026-02-22 23:48:06 -05:00
Joseph Doherty
45de110a84 feat: add flush-before-close for graceful client shutdown 2026-02-22 23:45:26 -05:00
Joseph Doherty
b68f898fa0 feat: add graceful shutdown, accept loop backoff, and task tracking 2026-02-22 23:43:25 -05:00
Joseph Doherty
31660a4187 feat: replace inline writes with channel-based write loop and batch flush 2026-02-22 23:41:44 -05:00
Joseph Doherty
600c6f9e5a feat: add system account ($SYS) and server NKey identity stubs 2026-02-22 23:39:22 -05:00
Joseph Doherty
086b4f50e8 feat: add close reason tracking to NatsClient 2026-02-22 23:36:55 -05:00
Joseph Doherty
38eaaa8b83 feat: add ephemeral port (port=0) support 2026-02-22 23:36:01 -05:00
Joseph Doherty
ad6a02b9a2 refactor: replace _connectReceived with ClientFlagHolder and add CloseReason tracking 2026-02-22 23:35:35 -05:00
Joseph Doherty
9ae75207fc feat: add ClosedState enum ported from Go client.go 2026-02-22 23:34:05 -05:00
Joseph Doherty
61c6b832e5 feat: add MaxPending, WriteDeadline options and error constants 2026-02-22 23:33:49 -05:00
Joseph Doherty
d0aa6a5fdd feat: add lifecycle options (lame duck, PID file, ports file, config stub) 2026-02-22 23:33:44 -05:00
Joseph Doherty
1a916a3f36 feat: add ClientFlags bitfield with thread-safe holder 2026-02-22 23:33:21 -05:00
Joseph Doherty
8bbfa54058 feat: add ClientClosedReason enum with 16 close reason values 2026-02-22 23:33:13 -05:00
Joseph Doherty
4d89661e79 feat: add monitoring HTTP endpoints and TLS support 
Monitoring HTTP:
- /varz, /connz, /healthz via Kestrel Minimal API
- Pagination, sorting, subscription details on /connz
- ServerStats atomic counters, CPU/memory sampling
- CLI flags: -m, --http_port, --http_base_path, --https_port

TLS Support:
- 4-mode negotiation: no TLS, required, TLS-first, mixed
- Certificate loading, pinning (SHA-256), client cert verification
- PeekableStream for non-destructive TLS detection
- Token-bucket rate limiter for TLS handshakes
- CLI flags: --tls, --tlscert, --tlskey, --tlscacert, --tlsverify

29 new tests (78 → 107 total), all passing.

# Conflicts:
#	src/NATS.Server.Host/Program.cs
#	src/NATS.Server/NATS.Server.csproj
#	src/NATS.Server/NatsClient.cs
#	src/NATS.Server/NatsOptions.cs
#	src/NATS.Server/NatsServer.cs
#	src/NATS.Server/Protocol/NatsProtocol.cs
#	tests/NATS.Server.Tests/ClientTests.cs
 2026-02-22 23:13:22 -05:00
Joseph Doherty
a6e9bd1467 feat: add monitoring port CLI args to server host 
Support -m/--http_port, --http_base_path, and --https_port flags for
configuring the monitoring HTTP endpoint from the command line.
 2026-02-22 23:08:04 -05:00
Joseph Doherty
543b185f7e fix: address code quality issues from review 
- Make ConnectReceived thread-safe with Volatile.Read/Write (accessed from auth timeout task and command pipeline)
- Include authTimeoutTask in Task.WhenAny to propagate exceptions
- Clear nonce after authentication with CryptographicOperations.ZeroMemory
- Avoid closure allocation on publish permission cache hot path (method group)
- Update AuthTimeout default to 2s to match Go server
 2026-02-22 23:07:31 -05:00
Joseph Doherty
c40c2cd994 test: add permission enforcement and NKey integration tests 
Fix NKey nonce verification: the NATS client signs the nonce string
(ASCII bytes of the base64url-encoded nonce), not the raw nonce bytes.
Pass the encoded nonce string bytes to the authenticator for verification.
 2026-02-22 23:03:41 -05:00
Joseph Doherty
9cb3e2fe0f feat: add per-account SubList isolation for message routing 
Subscriptions and message routing now go through account-specific SubLists
instead of a single global SubList. Clients in different accounts cannot
see each other's messages. When no account is specified (or auth is not
configured), all clients share the global $G account.
 2026-02-22 23:00:59 -05:00
Joseph Doherty
2980a343c1 feat: integrate authentication into server accept loop and client CONNECT processing 
Wire AuthService into NatsServer and NatsClient to enforce authentication
on incoming connections. The server builds an AuthService from NatsOptions,
sets auth_required in ServerInfo, and generates per-client nonces when
NKey auth is configured. NatsClient validates credentials in ProcessConnect,
enforces publish/subscribe permissions, and implements an auth timeout that
closes connections that don't send CONNECT in time. Existing tests without
auth continue to work since AuthService.IsAuthRequired is false by default.
 2026-02-22 22:55:50 -05:00
Joseph Doherty
2a2cc6f0a2 feat: add AuthService orchestrator with priority-ordered authentication 2026-02-22 22:44:58 -05:00
Joseph Doherty
6ebe791c6d feat: add authenticators, Account, and ClientPermissions (Tasks 3-7, 9) 
- Account: per-account SubList and client tracking
- IAuthenticator interface, AuthResult, ClientAuthContext
- TokenAuthenticator: constant-time token comparison
- UserPasswordAuthenticator: multi-user with bcrypt/plain support
- SimpleUserPasswordAuthenticator: single user/pass config
- NKeyAuthenticator: Ed25519 nonce signature verification
- ClientPermissions: SubList-based publish/subscribe authorization
 2026-02-22 22:41:45 -05:00
Joseph Doherty
19f35e6463 feat: add --tls, --tlscert, --tlskey, --tlscacert, --tlsverify CLI flags 2026-02-22 22:36:57 -05:00
Joseph Doherty
9eb108b1df feat: add /connz endpoint with pagination, sorting, and subscription details 2026-02-22 22:36:28 -05:00