Mirrors/libwebsockets
1
0
Fork 0
mirror of https://github.com/warmcat/libwebsockets.git synced 2025-03-30 00:00:16 +01:00
Code Issues Releases Wiki Activity

v4.2.0 release

Browse source
This commit is contained in:
Andy Green 2021-04-15 16:55:07 +00:00
parent 2850de1afa
commit 1367c11e1e
3 changed files with 58 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
CMakeLists.txt
View file

@ -373,8 +373,8 @@ set(PACKAGE "libwebsockets")
set(CPACK_RPM_PACKAGE_LICENSE "MIT") set(CPACK_RPM_PACKAGE_LICENSE "MIT")
set(CPACK_PACKAGE_NAME "${PACKAGE}") set(CPACK_PACKAGE_NAME "${PACKAGE}")
set(CPACK_PACKAGE_VERSION_MAJOR "4") set(CPACK_PACKAGE_VERSION_MAJOR "4")
set(CPACK_PACKAGE_VERSION_MINOR "1") set(CPACK_PACKAGE_VERSION_MINOR "2")
set(CPACK_PACKAGE_VERSION_PATCH_NUMBER "99") set(CPACK_PACKAGE_VERSION_PATCH_NUMBER "0")
set(CPACK_PACKAGE_VERSION_PATCH "${CPACK_PACKAGE_VERSION_PATCH_NUMBER}-${LWS_BUILD_HASH}") set(CPACK_PACKAGE_VERSION_PATCH "${CPACK_PACKAGE_VERSION_PATCH_NUMBER}-${LWS_BUILD_HASH}")
set(CPACK_PACKAGE_RELEASE 1) set(CPACK_PACKAGE_RELEASE 1)
@ -383,7 +383,7 @@ set(CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSIO
set(CPACK_PACKAGE_VENDOR "andy@warmcat.com") set(CPACK_PACKAGE_VENDOR "andy@warmcat.com")
set(CPACK_PACKAGE_CONTACT "andy@warmcat.com") set(CPACK_PACKAGE_CONTACT "andy@warmcat.com")
set(CPACK_PACKAGE_DESCRIPTION_SUMMARY "${PACKAGE} ${CPACK_PACKAGE_VERSION}") set(CPACK_PACKAGE_DESCRIPTION_SUMMARY "${PACKAGE} ${CPACK_PACKAGE_VERSION}")
set(SOVERSION "17") set(SOVERSION "18")
if(NOT CPACK_GENERATOR) if(NOT CPACK_GENERATOR)
if(UNIX) if(UNIX)
set(CPACK_GENERATOR "TGZ") set(CPACK_GENERATOR "TGZ")

4
READMEs/README.tls-sessions.md
View file

@ -89,7 +89,7 @@ caution. RFC5246 says
write session IDs to stable storage. write session IDs to stable storage.
The issue is that while in process memory the session object is relatively The issue is that while in process memory the session object is relatively
secure compared to ensitive secrets and tls library data already in process secure compared to sensitive secrets and tls library data already in process
memory. memory.
But when serialized to, eg, some external, unencrypted medium, the accessibility But when serialized to, eg, some external, unencrypted medium, the accessibility
@ -102,4 +102,4 @@ serialize any session in the cache associated with a vhost/host/port tuple, and
to preload any available session into a vhost session cache by describing the to preload any available session into a vhost session cache by describing the
endpoint hostname and port. endpoint hostname and port.
The session saving and loading apis aren't supported for mbedtls yet. The session saving and loading apis aren't supported for mbedtls yet.

53
changelog
View file

@ -1,6 +1,59 @@
Changelog Changelog
--------- ---------
v4.2.0
======
- Sai coverage upgrades, 495 builds on 27 platforms, including OSX M1,
Xenial, Bionic and Focal Ubuntu, Debian Sid and Buster on both 32 and
64-bit OS, and NetBSD, Solaris, FreeBSD, Windows, ESP32.
Ctest run on more scenarios including all LWS_WITH_DISTRO_RECOMMENDED.
More tests use valgrind if available on platform.
- RFC7231 date and time parsing and retry-after wired up to lws_retry
- `LWS_WITH_SUL_DEBUGGING` checks that no sul belonging to Secure Streams
and wsi objects are left registered on destruction
- Netlink monitoring on Linux dynamically tracks interface address and
routing changes, and immediately closes connections on invalidated
routes.
- RFC6724 DNS results sorting over ipv4 + ipv6 results, according to
available dynamic route information
- Support new event library, sdevent (systemd native loop), via
`LWS_WITH_SDEVENT`
- Reduce .rodata cost of role structs by making them sparse
- Additional Secure Streams QA tests and runtime state transition
validation
- SMD-over-ss-proxy documentation and helpers to simplify forwarding
- SSPC stream buffering at proxy and client set from policy by streamtype
- Trigger Captive Portal Detection if DNS resolution fails
- Switch all logs related to wsi and Secure Streams to use unique,
descriptive tags instead of pointers (which may be reallocated)
- Use NOITCE logging for Secure Streams and wsi lifecycle logging using
tags
- Update SSPC serialization to include versioning on initial handshake,
and pass client pid to proxy so related objects are tagged with it
- Enable errors on -Wconversion pedantic type-related build issues
throughout the lws sources and upgrade every affected cast.
- Windows remove WSA event implementation and replace with WSAPoll, with
a pair of UDP sockets instead of pipe() for `lws_cancel_service()`
- `lws_strcmp_wildcard()` helper that understand "x*", "x*y", "x*y*" etc
- `LWS_WITH_PLUGINS_BUILTIN` cmake option just builds plugins into the main
library image directly
- Secure Streams proxy supports policy for flow control between proxy and
clients
- libressl also supported along with boringssl, wolfssl
- prepared for openssl v3 compatibility, for main function and GENCRYPTO
- Fault injection apis can confirm operation of 48 error paths and counting
- `LWS_WITH_SYS_METRICS` keeps stats and reports them to user-defined
function, compatible with openmetrics
- windows platform knows how to prepare openssl with system trust store certs
- `LWS_WITH_SYS_CONMON` allows selected client connections to make precise
measurements of connection performance and DNS results, and report them in a struct
- New native support for uloop event loop (OpenWRT loop)
- More options around JWT
- Support TLS session caching and reuse by default, on both OpenSSL and
mbedtls
- Many fixes and improvements...
v4.1.0 v4.1.0
====== ======