When building without systemd event support (-DLWS_WITH_SDEVENT=OFF) on
a system that has libsystemd headers installed, lib/plat/unix-systemd.c
is build in anyway.
The final libwebsockets library has then references to symbols from
libsystemd even though it won't be linked.
Resulting in the follwoing linker errros:
--
/usr/bin/ld: /usr/local/lib/libwebsockets.so: undefined reference to `sd_is_socket_inet'
/usr/bin/ld: /usr/local/lib/libwebsockets.so: undefined reference to `sd_is_socket_unix'
/usr/bin/ld: /usr/local/lib/libwebsockets.so: undefined reference to `sd_listen_fds'
--
This commit ensures that unix-system.c is only build when LWS_WITH_SDEVENT is set and
the system has libsystemd headers installed.
Signed-off-by: Daniel Danzberger <dd@embedd.com>
From 6a043145ca6e9c55184013841a67b2fef87e44c0 Mon Sep 17 00:00:00 2001
Subject: [PATCH] Remove offset pointer optimization in inftrees.c.
inftrees.c was subtracting an offset from a pointer to an array,
in order to provide a pointer that allowed indexing starting at
the offset. This is not compliant with the C standard, for which
the behavior of a pointer decremented before its allocated memory
is undefined. Per the recommendation of a security audit of the
zlib code by Trail of Bits and TrustInSoft, in support of the
Mozilla Foundation, this tiny optimization was removed, in order
to avoid the possibility of undefined behavior.
Since eg, 1e-3 is a float without needing a decimal point, let's just
generally take it that anything with the exponent token is a float, ie, 1e3
is also a float despite it can be expressed as an integer.
This seems right also because E is itself not valid in an integer.
https://github.com/warmcat/libwebsockets/issues/3308
We allow a default 0 length in the incoming const info to mean a default
size (of 512). We implement it by copying the incoming const info to a
copy in the spa that we can adapt, which is all good.
But in two cases after we dumbly use the incoming const info directly
instead of the adapted copy.
https://github.com/warmcat/libwebsockets/issues/3294
It should be SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, but it was only SSL_VERIFY_FAIL_IF_NO_PEER_CERT, so it didn't verify the cert, it only checked its existence.
To fix that, turn on both just like openssl-server.c does.
After mbedtls version 3.0, support for TLS 1.0 and 1.1 has been removed. For details, please see https://github.com/Mbed-TLS/mbedtls/issues/4286.
If use a new version of mbedtls, connection errors may occur due to version reasons. So we hope it can be configured according to the supported version.
Signed-off-by: makejian <makejian@xiaomi.com>
