channel: reject oversized messages on the sender side(, too). #171
Conversation
Reject oversized messages on the sender side, keeping the receiver side rejection intact. This should provide minimal low-level plumbing for clients to attempt application level corrective actions on the requestor side, if the high-level protocol is designed with this in mind. Co-authored-by: Alessio Cantillo <cantillo.trd@gmail.com> Co-authored-by: Qian Zhang <cosmoer@qq.com> Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
Co-authored-by: Alessio Cantillo <cantillo.trd@gmail.com> Co-authored-by: Qian Zhang <cosmoer@qq.com> Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
klihub
force-pushed
the
devel/sender-side-oversize-rejection
branch
from
e67f276
to
d8c00df
Compare
|
Uhmmkay... my intention was/is not to turn this into a Battle of the PRs (#119, #127 and this). I simply ran into this message length limitation myself. But I did in a context where the higher-level protocol was fairly easy to update to allow sending 'multi-part' requests, which were then transparently recombined on the receiving end into a single one and 'handed that up in the communication stack' for processing. Also I did not have the danger of a response overflowing. But since I still considered hitting the size limit a corner case, I wrote an implementation which tries sending everything in a single request and falls back to splitting it up only if it hits the size limit. But for that I was missing a reliable way to detect an overflow, and do it in a way which does not render the underlying transport unusable for sending further messages (which is the case for #127, unconditionally). Hence I ended up rolling this. Unfortunately I did not check if there are pending PRs trying to do the same. Once I noticed it, I tossed in Co-authored-by's for the other attempt's authors. I believe that this version does not suffer from the subject of the unaddressed review comments in the other PRs... |
klihub
force-pushed
the
devel/sender-side-oversize-rejection
branch
5 times, most recently
from
2268863
to
317417c
Compare
klihub
force-pushed
the
devel/sender-side-oversize-rejection
branch
4 times, most recently
from
6ed75d9
to
1a59039
Compare
Use a dedicated, grpc Status-compatible error to wrap the unique grpc status code, the size of the rejected message and the maximum allowed size when a message is rejected due to size limitations by the sending side. Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
klihub
force-pushed
the
devel/sender-side-oversize-rejection
branch
from
1a59039
to
b5cd6e4
Compare
There was a problem hiding this comment.
LGTM on the proviso that the follow up prs will handle oversize initiated by the server, if/where > lengthmax was possible before we tag and roll this behavior change into a public release.. IOW revert if we don't get all of the follow ups merged like 172. 172 currently disabling the server side check by default should be good enough given prior server side impls would continue with no behavior changes, unless configured to change where certain ttrpc impls are fixed to handle the max exceeded error... At least that's how I'm reading the golden path here :)
Reject oversized messages on the sender side (keeping the receiver side rejection code intact). Do not forcibly close in
channel.send()the underlying connection when an oversized message is rejected.This should provide minimal low-level means for ttrpc-based applications to detect oversized requests in
client.Call()and attempt an application level recovery/corrective actions, if the high-level protocol is designed with this in mind.