This wonderfully large commit replaces basically everything under the
`server/filesystem` package, re-implementing essentially everything.
This is related to
https://github.com/pterodactyl/wings/security/advisories/GHSA-494h-9924-xww9
If any vulnerabilities related to symlinks persist after this commit, I
will be very upset.
Signed-off-by: Matthew Penner <me@matthewp.io>
commit f5baab4e88
Author: DaneEveritt <dane@daneeveritt.com>
Date: Sat Jul 9 17:50:53 2022 -0400
Finalize activity event sending logic and cron config
commit 9830387f21
Author: DaneEveritt <dane@daneeveritt.com>
Date: Sat Jul 9 16:26:13 2022 -0400
Send power events in a more usable format
commit 49f3a61d16
Author: DaneEveritt <dane@daneeveritt.com>
Date: Sat Jul 9 15:47:24 2022 -0400
Configure cron to actually send to endpoint
commit 28137c4c14
Author: DaneEveritt <dane@daneeveritt.com>
Date: Sat Jul 9 15:42:29 2022 -0400
Copy the body buffer otherwise subsequent backoff attempts will not have a buffer to send
commit 20e44bdc55
Author: DaneEveritt <dane@daneeveritt.com>
Date: Sat Jul 9 14:38:41 2022 -0400
Add internal logic to process activity events and send them to the panel
commit 0380488cd2
Author: DaneEveritt <dane@daneeveritt.com>
Date: Mon Jul 4 17:55:17 2022 -0400
Track power events
commit 9eab08b92f
Author: DaneEveritt <dane@daneeveritt.com>
Date: Mon Jul 4 17:36:03 2022 -0400
Initial logic to support logging activity on Wings to send back to the panel
If my debugging is correct, this should address pterodactyl/panel#3903 in its entirety by addressing a few areas where it was possible for a channel to lock up and cause everything to block
This change fixespterodactyl/panel#3921 by implementing logic to drop the oldest message in a channel and push the newest message onto the channel when the channel buffer is full.
This is distinctly different than the previous implementation which just dropped the newest messages, leading to confusing behavior on the client side when a large amount of data was sent over the connection.
Up to 10ms per channel is allowed for blocking before falling back to the drop logic.
This new package has significant better resource usage, and we do a _lot_ of JSON parsing in this application, so any amount of improvement becomes significant
Prior to this logic not only was the error response incorrect for events, but we registered event listeners before the authentication event; so if auth failed we flooded the socket with tons of output that was never going to be sent anyways.
This change now waits to register listeners until the socket is fully authenticated and we're guaranteed to have a token present.
This also fixes an improperly written server deletion listener to look at the correct context cancelation.
Theoretically this should help address the issues in pterodactyl/panel#3596 but I'm not really sure how that happens, and theres no steps for reproduction.
