mirror of
https://github.com/warmcat/libwebsockets.git
synced 2025-03-09 00:00:04 +01:00
rtos diet: make basic auth support a config option on by default
Remove wrapper content for < tls v1.2
This commit is contained in:
Andy Green
parent
ed04a266ea
commit
bb1a8d37fb
12 changed files with 43 additions and 4 deletions
|
|
@ -56,6 +56,8 @@ option(LWS_WITH_FTS "Full Text Search support" OFF)
|
|||
option(LWS_WITH_SYS_ASYNC_DNS "Nonblocking internal IPv4 + IPv6 DNS resolver" OFF)
|
||||
option(LWS_WITH_SYS_NTPCLIENT "Build in tiny ntpclient good for tls date validation and run via lws_system" OFF)
|
||||
option(LWS_WITH_SYS_DHCP_CLIENT "Build in tiny DHCP client" OFF)
|
||||
option(LWS_WITH_HTTP_BASIC_AUTH "Support Basic Auth" ON)
|
||||
|
||||
#
|
||||
# TLS library options... all except mbedTLS are basically OpenSSL variants.
|
||||
#
|
||||
|
|
|
|||
|
|
@ -120,6 +120,7 @@
|
|||
#cmakedefine LWS_WITH_GLIB
|
||||
#cmakedefine LWS_WITH_GTK
|
||||
#cmakedefine LWS_WITH_HTTP2
|
||||
#cmakedefine LWS_WITH_HTTP_BASIC_AUTH
|
||||
#cmakedefine LWS_WITH_HTTP_BROTLI
|
||||
#cmakedefine LWS_WITH_HTTP_PROXY
|
||||
#cmakedefine LWS_WITH_HTTP_STREAM_COMPRESSION
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
* libwebsockets - small server side websockets and web server implementation
|
||||
*
|
||||
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
|
||||
* Copyright (C) 2010 - 2020 Andy Green <andy@warmcat.com>
|
||||
*
|
||||
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to
|
||||
|
|
|
|||
|
|
@ -99,10 +99,12 @@ lws_client_connect_4_established(struct lws *wsi, struct lws *wsi_piggyback,
|
|||
"User-agent: lws\x0d\x0a", cpa, wsi->ocport,
|
||||
cpa, wsi->ocport);
|
||||
|
||||
#if defined(LWS_WITH_HTTP_BASIC_AUTH)
|
||||
if (wsi->vhost->proxy_basic_auth_token[0])
|
||||
plen += lws_snprintf((char *)pt->serv_buf + plen, 256,
|
||||
"Proxy-authorization: basic %s\x0d\x0a",
|
||||
wsi->vhost->proxy_basic_auth_token);
|
||||
#endif
|
||||
|
||||
plen += lws_snprintf((char *)pt->serv_buf + plen, 5, "\x0d\x0a");
|
||||
|
||||
|
|
|
|||
|
|
@ -89,6 +89,8 @@ lws_client_socket_service(struct lws *wsi, struct lws_pollfd *pollfd)
|
|||
break;
|
||||
#endif
|
||||
|
||||
#if defined(LWS_CLIENT_HTTP_PROXYING) && (defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2))
|
||||
|
||||
case LRS_WAITING_PROXY_REPLY:
|
||||
|
||||
/* handle proxy hung up on us */
|
||||
|
|
@ -131,6 +133,8 @@ lws_client_socket_service(struct lws *wsi, struct lws_pollfd *pollfd)
|
|||
|
||||
/* fallthru */
|
||||
|
||||
#endif
|
||||
|
||||
case LRS_H1C_ISSUE_HANDSHAKE:
|
||||
|
||||
/*
|
||||
|
|
@ -1109,6 +1113,7 @@ lws_generate_client_handshake(struct lws *wsi, char *pkt)
|
|||
}
|
||||
|
||||
#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2)
|
||||
#if defined(LWS_WITH_HTTP_BASIC_AUTH)
|
||||
|
||||
int
|
||||
lws_http_basic_auth_gen(const char *user, const char *pw, char *buf, size_t len)
|
||||
|
|
@ -1131,6 +1136,8 @@ lws_http_basic_auth_gen(const char *user, const char *pw, char *buf, size_t len)
|
|||
return 0;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
int
|
||||
lws_http_client_read(struct lws *wsi, char **buf, int *len)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -671,7 +671,9 @@ lejp_vhosts_cb(struct lejp_ctx *ctx, char reason)
|
|||
a->m.cache_intermediaries = arg_to_bool(ctx->buf);;
|
||||
return 0;
|
||||
case LEJPVP_MOUNT_BASIC_AUTH:
|
||||
#if defined(LWS_WITH_HTTP_BASIC_AUTH)
|
||||
a->m.basic_auth_login_file = a->p;
|
||||
#endif
|
||||
break;
|
||||
case LEJPVP_CGI_TIMEOUT:
|
||||
a->m.cgi_timeout = atoi(ctx->buf);
|
||||
|
|
|
|||
|
|
@ -800,7 +800,7 @@ lws_find_mount(struct lws *wsi, const char *uri_ptr, int uri_len)
|
|||
}
|
||||
#endif
|
||||
|
||||
#if !defined(LWS_PLAT_FREERTOS) && defined(LWS_WITH_FILE_OPS)
|
||||
#if defined(LWS_WITH_HTTP_BASIC_AUTH) && !defined(LWS_PLAT_FREERTOS) && defined(LWS_WITH_FILE_OPS)
|
||||
static int
|
||||
lws_find_string_in_file(const char *filename, const char *string, int stringlen)
|
||||
{
|
||||
|
|
@ -846,6 +846,8 @@ lws_find_string_in_file(const char *filename, const char *string, int stringlen)
|
|||
}
|
||||
#endif
|
||||
|
||||
#if defined(LWS_WITH_HTTP_BASIC_AUTH)
|
||||
|
||||
int
|
||||
lws_unauthorised_basic_auth(struct lws *wsi)
|
||||
{
|
||||
|
|
@ -881,6 +883,8 @@ lws_unauthorised_basic_auth(struct lws *wsi)
|
|||
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
int lws_clean_url(char *p)
|
||||
{
|
||||
if (p[0] == 'h' && p[1] == 't' && p[2] == 't' && p[3] == 'p') {
|
||||
|
|
@ -953,6 +957,8 @@ lws_http_get_uri_and_method(struct lws *wsi, char **puri_ptr, int *puri_len)
|
|||
return -1;
|
||||
}
|
||||
|
||||
#if defined(LWS_WITH_HTTP_BASIC_AUTH)
|
||||
|
||||
enum lws_check_basic_auth_results
|
||||
lws_check_basic_auth(struct lws *wsi, const char *basic_auth_login_file,
|
||||
unsigned int auth_mode)
|
||||
|
|
@ -1043,6 +1049,8 @@ lws_check_basic_auth(struct lws *wsi, const char *basic_auth_login_file,
|
|||
#endif
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
#if defined(LWS_WITH_HTTP_PROXY)
|
||||
/*
|
||||
* Set up an onward http proxy connection according to the mount this
|
||||
|
|
@ -1514,6 +1522,8 @@ lws_http_action(struct lws *wsi)
|
|||
if (ha)
|
||||
return n;
|
||||
|
||||
#if defined(LWS_WITH_HTTP_BASIC_AUTH)
|
||||
|
||||
/* basic auth? */
|
||||
|
||||
switch (lws_check_basic_auth(wsi, hit->basic_auth_login_file,
|
||||
|
|
@ -1526,6 +1536,7 @@ lws_http_action(struct lws *wsi)
|
|||
lws_return_http_status(wsi, HTTP_STATUS_FORBIDDEN, NULL);
|
||||
return lws_http_transaction_completed(wsi);
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(LWS_WITH_HTTP_PROXY)
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -255,9 +255,11 @@ int
|
|||
lws_process_ws_upgrade2(struct lws *wsi)
|
||||
{
|
||||
struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
|
||||
#if defined(LWS_WITH_HTTP_BASIC_AUTH)
|
||||
const struct lws_protocol_vhost_options *pvos = NULL;
|
||||
const char *ws_prot_basic_auth = NULL;
|
||||
|
||||
|
||||
/*
|
||||
* Allow basic auth a look-in now we bound the wsi to the protocol.
|
||||
*
|
||||
|
|
@ -282,6 +284,7 @@ lws_process_ws_upgrade2(struct lws *wsi)
|
|||
return lws_http_transaction_completed(wsi);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
/*
|
||||
* We are upgrading to ws, so http/1.1 + h2 and keepalive + pipelined
|
||||
|
|
|
|||
|
|
@ -34,24 +34,28 @@ IMPLEMENT_TLS_METHOD(TLS_ANY_VERSION, 0, TLS_method_func, TLS_client_method);
|
|||
|
||||
IMPLEMENT_TLS_METHOD(TLS1_2_VERSION, 0, TLS_method_func, TLSv1_2_client_method);
|
||||
|
||||
#if 0
|
||||
IMPLEMENT_TLS_METHOD(TLS1_1_VERSION, 0, TLS_method_func, TLSv1_1_client_method);
|
||||
|
||||
IMPLEMENT_TLS_METHOD(TLS1_VERSION, 0, TLS_method_func, TLSv1_client_method);
|
||||
|
||||
IMPLEMENT_SSL_METHOD(SSL3_VERSION, 0, TLS_method_func, SSLv3_client_method);
|
||||
#endif
|
||||
|
||||
/**
|
||||
* TLS or SSL server method collection
|
||||
*/
|
||||
IMPLEMENT_TLS_METHOD(TLS_ANY_VERSION, 1, TLS_method_func, TLS_server_method);
|
||||
|
||||
IMPLEMENT_TLS_METHOD(TLS1_1_VERSION, 1, TLS_method_func, TLSv1_1_server_method);
|
||||
|
||||
IMPLEMENT_TLS_METHOD(TLS1_2_VERSION, 1, TLS_method_func, TLSv1_2_server_method);
|
||||
|
||||
#if 0
|
||||
IMPLEMENT_TLS_METHOD(TLS1_1_VERSION, 1, TLS_method_func, TLSv1_1_server_method);
|
||||
|
||||
IMPLEMENT_TLS_METHOD(TLS1_VERSION, 0, TLS_method_func, TLSv1_server_method);
|
||||
|
||||
IMPLEMENT_SSL_METHOD(SSL3_VERSION, 1, TLS_method_func, SSLv3_server_method);
|
||||
#endif
|
||||
|
||||
/**
|
||||
* TLS or SSL method collection
|
||||
|
|
@ -60,11 +64,13 @@ IMPLEMENT_TLS_METHOD(TLS_ANY_VERSION, -1, TLS_method_func, TLS_method);
|
|||
|
||||
IMPLEMENT_SSL_METHOD(TLS1_2_VERSION, -1, TLS_method_func, TLSv1_2_method);
|
||||
|
||||
#if 0
|
||||
IMPLEMENT_SSL_METHOD(TLS1_1_VERSION, -1, TLS_method_func, TLSv1_1_method);
|
||||
|
||||
IMPLEMENT_SSL_METHOD(TLS1_VERSION, -1, TLS_method_func, TLSv1_method);
|
||||
|
||||
IMPLEMENT_SSL_METHOD(SSL3_VERSION, -1, TLS_method_func, SSLv3_method);
|
||||
#endif
|
||||
|
||||
/**
|
||||
* @brief get X509 object method
|
||||
|
|
|
|||
|
|
@ -59,6 +59,8 @@ callback_http(struct lws *wsi, enum lws_callback_reasons reason,
|
|||
#endif
|
||||
break;
|
||||
|
||||
#if defined(LWS_WITH_HTTP_BASIC_AUTH)
|
||||
|
||||
/* you only need this if you need to do Basic Auth */
|
||||
case LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER:
|
||||
{
|
||||
|
|
@ -76,6 +78,7 @@ callback_http(struct lws *wsi, enum lws_callback_reasons reason,
|
|||
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* chunks of chunked content, with header removed */
|
||||
case LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ:
|
||||
|
|
|
|||
|
|
@ -65,6 +65,7 @@ ENDMACRO()
|
|||
set(requirements 1)
|
||||
require_lws_config(LWS_ROLE_H1 1 requirements)
|
||||
require_lws_config(LWS_WITH_SERVER 1 requirements)
|
||||
require_lws_config(LWS_WITH_HTTP_BASIC_AUTH 1 requirements)
|
||||
|
||||
if (requirements)
|
||||
add_executable(${SAMP} ${SRCS})
|
||||
|
|
|
|||
|
|
@ -70,6 +70,7 @@ set(requirements 1)
|
|||
require_lws_config(LWS_ROLE_H1 1 requirements)
|
||||
require_lws_config(LWS_ROLE_WS 1 requirements)
|
||||
require_lws_config(LWS_WITH_SERVER 1 requirements)
|
||||
require_lws_config(LWS_WITH_HTTP_BASIC_AUTH 1 requirements)
|
||||
|
||||
if (requirements)
|
||||
add_executable(${SAMP} ${SRCS})
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue