1
0
Fork 0
mirror of https://github.com/warmcat/libwebsockets.git synced 2025-03-09 00:00:04 +01:00
Commit graph

56 commits

Author SHA1 Message Date
Andy Green
ef4a85d0e1 ws: ext header is already delimited if present 2025-03-05 07:11:22 +00:00
Andy Green
a9b8fe7ebf ws: delimit ws upgrade protocol when exts available
https://github.com/warmcat/libwebsockets/issues/3151
2025-03-03 07:31:09 +00:00
Andy Green
c60bff0991 ws: extensions: allow h2 headers
https://github.com/warmcat/libwebsockets/issues/3151
2024-09-26 06:13:05 +01:00
Lonny Wong
8d4079884b pmd: revert #3014 and drain extensions before next ssl read 2023-11-24 05:51:46 +00:00
Andy Green
24c37d1ea1 h2: reply with selected extension 2023-11-23 09:45:12 +00:00
Lonny Wong
57d539ef51 pmd: fix buffer being reused while draining extensions 2023-11-23 09:45:12 +00:00
Andy Green
c9731c5f17 type comparisons: fixes
This is a huge patch that should be a global NOP.

For unix type platforms it enables -Wconversion to issue warnings (-> error)
for all automatic casts that seem less than ideal but are normally concealed
by the toolchain.

This is things like passing an int to a size_t argument.  Once enabled, I
went through all args on my default build (which build most things) and
tried to make the removed default cast explicit.

With that approach it neither change nor bloat the code, since it compiles
to whatever it was doing before, just with the casts made explicit... in a
few cases I changed some length args from int to size_t but largely left
the causes alone.

From now on, new code that is relying on less than ideal casting
will complain and nudge me to improve it by warnings.
2021-01-05 10:56:38 +00:00
Andy Green
0ceba15d9c lws_lifecycle
This adds some new objects and helpers for keeping and logging
info on grouped allocations, a group is, eg, SS handles or client
wsis.

Allocated objects get a context-unique "tag" string intended to replace
%p / wsi pointers etc.  Pointers quickly become confusing when
allocations are freed and reused, the tag string won't repeat
until you produce 2^64 objects in a context.

In addition the tag string documents the object group, with prefixes
like "wsi-" or "vh-" and contain object-specific additional
information like the vhost name, address / port  or the role of the wsi.
At creation time the lws code can use a format string and args
to add whatever group-specific info makes sense, eg, a wsi bound
to a secure stream can also append the guid of the secure stream,
it's copied into the new object tag and so is still available
cleanly after the stream is destroyed if the wsi outlives it.
2021-01-04 05:26:50 +00:00
Andy Green
4ae3ef51c1 ss: improve callback return consistency
Formalize the LWSSSSRET_ enums into a type "lws_ss_state_return_t"
returned by the rx, tx and state callbacks, and some private helpers
lws_ss_backoff() and lws_ss_event_helper().

Remove LWSSSSRET_SS_HANDLE_DESTROYED concept... the two helpers that could
have destroyed the ss and returned that, now return LWSSSSRET_DESTROY_ME
to the caller to perform or pass up to their caller instead.

Handle helper returns in all the ss protocols and update the rx / tx
calls to have their returns from rx / tx / event helper and ss backoff
all handled by unified code.
2020-08-31 16:51:37 +01:00
Andy Green
1f0cd18dd6 ss: server: check more carefully if built but not used on a wsi 2020-08-10 15:04:10 +01:00
Andy Green
7eb36102a9 ss: server: h1, h2, ws basic support
Add initial support for defining servers using Secure Streams
policy and api semantics.

Serving h1, h2 and ws should be functional, the new minimal
example shows a combined http + SS server with an incrementing
ws message shown in the browser over tls, in around 200 lines
of user code.

NOP out anything to do with plugins, they're not currently used.

Update the docs correspondingly.
2020-07-27 12:05:24 +01:00
Andy Green
1a93e73402 fakewsi: replace with smaller substructure
Currently we always reserve a fakewsi per pt so events that don't have a related actual
wsi, like vhost-protocol-init or vhost cert init via protocol callback can make callbacks
that look reasonable to user protocol handler code expecting a valid wsi every time.

This patch splits out stuff that user callbacks often unconditionally expect to be in
a wsi, like context pointer, vhost pointer etc into a substructure, which is composed
into struct lws at the top of it.  Internal references (struct lws is opaque, so there
are only internal references) are all updated to go via the substructre, the compiler
should make that a NOP.

Helpers are added when fakewsi is used and referenced.

If not PLAT_FREERTOS, we continue to provide a full fakewsi in the pt as before,
although the helpers improve consistency by zeroing down the substructure.  There is
a huge amount of user code out there over the last 10 years that did not always have
the minimal examples to follow, some of it does some unexpected things.

If it is PLAT_FREERTOS, that is a newer thing in lws and users have the benefit of
being able to follow the minimal examples' approach.  For PLAT_FREERTOS we don't
reserve the fakewsi in the pt any more, saving around 800 bytes.  The helpers then
create a struct lws_a (the substructure) on the stack, zero it down (but it is only
like 4 pointers) and prepare it with whatever we know like the context.

Then we cast it to a struct lws * and use it in the user protocol handler call.
In this case, the remainder of the struct lws is undefined.  However the amount of
old protocol handlers that might touch things outside of the substructure in
PLAT_FREERTOS is very limited compared to legacy lws user code and the saving is
significant on constrained devices.

User handlers should not be touching everything in a wsi every time anyway, there
are several cases where there is no valid wsi to do the call with.  Dereference of
things outside the substructure should only happen when the callback reason shows
there is a valid wsi bound to the activity (as in all the minimal examples).
2020-07-20 06:28:52 +01:00
Andy Green
006eeaa6a0 ws: correctly handle ESTABLISHED rejecting connection
https://github.com/warmcat/libwebsockets/issues/1973
2020-07-15 16:18:00 +01:00
Andy Green
286cf4357a sul: multiple timer domains
Adapt the pt sul owner list to be an array, and define two different lists,
one that acts like before and is the default for existing users, and another
that has the ability to cooperate with systemwide suspend to restrict the
interval spent suspended so that it will wake in time for the earliest
thing on this wake-suspend sul list.

Clean the api a bit and add lws_sul_cancel() that only needs the sul as the
argument.

Add a flag for client creation info to indicate that this client connection
is important enough that, eg, validity checking it to detect silently dead
connections should go on the wake-suspend sul list.  That flag is exposed in
secure streams policy so it can be added to a streamtype with
"swake_validity": true

Deprecate out the old vhost timer stuff that predates sul.  Add a flag
LWS_WITH_DEPRECATED_THINGS in cmake so users can get it back temporarily
before it will be removed in a v4.2.

Adapt all remaining in-tree users of it to use explicit suls.
2020-06-02 08:37:10 +01:00
Andy Green
bb1a8d37fb rtos diet: make basic auth support a config option on by default
Remove wrapper content for < tls v1.2
2020-03-04 11:00:04 +00:00
Andy Green
0995c27f50 coverity: fixes plugin error path leak and logging method sign check
Broadened the checking config to

cmake .. -DCMAKE_BUILD_TYPE=DEBUG \
         -DLWS_WITH_SYS_ASYNC_DNS=1 \
         -DLWS_WITH_SYS_NTPCLIENT=1 \
         -DLWS_WITH_SYS_DHCP_CLIENT=1 \
         -DLWS_WITH_GENCRYPTO=1 \
         -DLWS_WITH_DETAILED_LATENCY=1 \
         -DLWS_IPV6=1 \
         -DLWS_WITH_FTS=1 \
         -DLWS_WITH_LWSWS=1 \
         -DLWS_UNIX_SOCK=1 \
         -DLWS_WITH_HTTP_PROXY=1 \
         -DLWS_WITH_MINIMAL_EXAMPLES=1
2020-01-14 08:23:25 +00:00
Andy Green
157acfc906 windows: clean type warnings
There are some minor public api type improvements rather than cast everywhere
inside lws and user code to work around them... these changed from int to
size_t

 - lws_buflist_use_segment() return
 - lws_tokenize_t .len and .token_len
 - lws_tokenize_cstr() length
 - lws_get_peer_simple() namelen
 - lws_get_peer_simple_fd() namelen, int fd -> lws_sockfd_type fd
 - lws_write_numeric_address() len
 - lws_sa46_write_numeric_address() len

These changes are typically a NOP for user code
2020-01-11 14:04:50 +00:00
Andy Green
7dcb4eeaa6 reverse-proxy: allow proxying rfc8441 ws CONNECT
Take the opportunity to provide public method index constants
2020-01-05 22:17:58 +00:00
Andy Green
7221bc57b5 mux children: generalize helpers out of h2 implementation
This should be a NOP for h2 support and only affects internal
apis.  But it lets us reuse the working and reliable h2 mux
arrangements directly in other protocols later, and share code
so building for h2 + new protocols can take advantage of common
mux child handling struct and code.

Break out common mux handling struct into its own type.

Convert all uses of members that used to be in wsi->h2 to wsi->mux

Audit all references to the members and break out generic helpers
for anything that is useful for other mux-capable protocols to
reuse wsi->mux related features.
2019-12-29 19:59:16 +00:00
Dane
10290048b0 basic auth: add callback option
Allow an http mount to specify it wants to check Basic Auth
requests via a protocol callback instead of a text file.
2019-12-14 23:55:28 +00:00
Andy Green
38e43bb51e ws-over-h2: disable validity checking on encapsulated wsi
The h2 nwsi is subject to its own validity checking PINGs,
we don't need to also do them to encapsulated ws-over-h2
2019-11-05 04:53:09 +00:00
Andy Green
0ab4a707fb format strings: ban %.*s as some platforms lack it
The %.*s is very handy to print strings where you have a length, but
there is no NUL termination.  It's quite widely supported but at least
one vendor RTOS toolchain doesn't have it.

Since there aren't that many uses of it yet, audit all uses and
convert to a new helper lws_strnncpy() which uses the smaller of
two lengths.
2019-11-04 13:49:14 +00:00
Andy Green
32a35d0c4b fixes: various small fixes 2019-09-22 03:08:36 -07:00
Andy Green
d7f0521aeb private.h: rename to contain dir
Having unique private header names is a requirement of a particular
platform build system it's desirable to work with
2019-08-15 10:49:52 +01:00
Andy Green
26319663f7 license: switch LGPLv2.1+SLE parts to MIT 2019-08-14 10:44:38 +01:00
Devin Barillari
4e7cefb006 ws: server: limit string check length for tokenizer on upgrade 2019-07-31 05:08:14 +01:00
Andy Green
431e4e82e1 ws: pass noncompressed server RX of zero length 2019-07-30 19:17:35 +01:00
Orgad Shaneh
19049d2f28 Change some struct members to unsigned char
Enables removal of superfluous casts, and fixes strict-aliasing warnings with
GCC 4.1.
2019-05-30 08:21:33 +08:00
Andy Green
7ca8b77f2c pmd: split ebufs to track in and out 2019-05-06 07:31:32 +01:00
Andy Green
bb0e7d986d rx flow: handle partial flow buffer consumption
https://github.com/warmcat/libwebsockets/issues/1550

rx flow control needs to handle the situation that it is draining from
a previous rx flow control period, and the user code reasserts rx flow
control partway through that.

The accounting for the used rx then boils down to only trimming the
rxflow buflist we were "replaying" to consume however much we managed
to deliver of that this time before the rx flow control came again.

"Normal" rx consumption is wrong in this case, since we accounted for
it entirely in the rxflow cache buflist.

The patch recognizes this situation, does the accounting in the cache
buflist, and then lies to the caller that there was no rx consumption
to be accounted for at his level.
2019-04-21 19:35:18 +01:00
Andy Green
d1d313b4bf ws proxy: also proxy h1 ws to h1 and h2
lws has been able to proxy h2 or h1 inbound connections to an
h1 onward connection for a while now.  It's simple to use just
build with LWS_WITH_HTTP_PROXY and make a mount where the origin
is the onward connection details.  Unix sockets can also be
used as the onward connection.

This patch extends the support to be able to also do the same for
inbound h2 or h1 ws upgrades to an h1 ws onward connection as well.

This allows you to offer completely different services in a
common URL space, including ones that connect back by ws / wss.
2019-03-21 10:26:47 +08:00
Andy Green
3a31c47fcd ws: setting default protocol index to an illegal index disables default ws binding
On lwsws, incoming ws connections to the default vhost
are not rejected by the dummy protocol handler and not
really serviced either, leading to bots connecting to it to
get immortal, idle ws connections with no timeout (since it's an
established ws connection).

Rejecting these connections by default by adding a handler
for ESTABLISHED in the dummy handler will solve it nicely,
but it will break an unknown number of dumb. protocol-less
user implementations that rely on this behaviour by using
break; from their own ESTABLISHED handler and calling
through to the currently NOP dummy handler one.

Add support to assertively disable the default protocol
index used for subprotocol-less ws connections instead.
2019-03-10 08:02:02 +08:00
Andy Green
572ffb4a7c http: log ws upgrades 2019-03-10 08:02:02 +08:00
cjakeway
608d34e1b7 ws: subprotocol parsing: allow dot
https://github.com/warmcat/libwebsockets/issues/1467
2019-01-13 07:54:57 +08:00
Andy Green
4e2eef35d4 plugin: lws deaddrop 2018-11-28 15:06:10 +08:00
Andy Green
a74a966fbf ws: support basic auth
Until now basic auth only protected http actions in the protected
mount.

This extends the existing basic auth scheme to also be consulted for
ws upgrades if a "basic-auth" pvo exists on the selected protocol for
the vhost.  The value of the pvo is the usual basic auth credentials
file same as for the http case.
2018-11-28 15:06:10 +08:00
Andy Green
9bed6d6fc6 clean: general whitespace cleanup 2018-11-23 08:47:56 +08:00
Andy Green
f6ae0edf8d strict host check vhost flag
https://github.com/warmcat/libwebsockets/issues/1423

If you vhost->options has the flag LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK,
then if the server is sent an upgrade request, the content of the Host: header is
required to match the vhost name + port.  The port is set to the well-known values
of 80 and 443 if no :port on the host: value, depending on tls or not on the
connection.

minimal-ws-server can now take a -h flag to set this.  lejp-conf (eg, lwsws) can now take
a flag strict-host-check on the vhost to enable it as well.
2018-11-13 09:55:06 +08:00
Andy Green
14764ccbe2 ws client: apply tokenize to upgrade header
Switches to use lws_hdr_copy() for the case the header is fragmented

See also https://github.com/warmcat/libwebsockets/issues/1435
2018-10-18 06:30:07 +08:00
Andy Green
33a6034875 codacy: minor fixes 2018-10-13 08:16:27 +08:00
Andy Green
3696480b57 ws upgrade hs: require Host hdr 2018-10-13 08:16:27 +08:00
Andy Green
7b9e6c70f7 ws-upgrade-hs: check connection header
This header, and ws requirement, only exists on h1.
2018-10-13 08:16:27 +08:00
Andy Green
f0418c62bf lws_tokenize: convert ws protocol parsing 2018-10-13 08:16:27 +08:00
Anzey
bbbdc85421 ws: protocol list whitespace fix
https://github.com/warmcat/libwebsockets/issues/1423#issuecomment-427690736
2018-10-13 08:16:27 +08:00
Andy Green
5760a562d8 ws-over-h2: unbreak 2018-10-02 05:42:56 +08:00
Andy Green
ebed5e74cb threadpool 2018-09-11 18:27:59 +08:00
Andy Green
b31f8b2aa6 ws role: use protocol bind and unbind and transition earlier
Now individual role callbacks are added in an earlier patch for protocol
bind and unbind, change the ws upgrade action to use the generic protocol
bind and unbind apis so the corresponding callbacks are issued for ws.
2018-09-11 18:27:59 +08:00
Andy Green
de064fd65a refactor: core code in lib/core and private-libwebsockets.h to core/private.h
This commit is coverity-clean as tested

cmake .. -DLWS_WITH_MINIMAL_EXAMPLES=1 -DLWS_WITHOUT_EXTENSIONS=1 -DLWS_WITH_ACME=1 -DLWS_WITH_LWSWS=1 -DLWS_WITH_LIBUV=1 -DLWS_WITH_HTTP2=1 -DLWS_WITHOUT_CLIENT=0 -DLWS_WITHOUT_SERVER=0 -DLWS_UNIX_SOCK=1 -DLWS_WITH_TLS=0 -DLWS_WITH_MBEDTLS=0 -DLWS_WITH_CGI=1 -DCMAKE_BUILD_TYPE=DEBUG -DLWS_WITH_GENERIC_SESSIONS=1 -DLWS_WITH_RANGES=1 -DLWS_ROLE_WS=1 -DLWS_MAX_SMP=16 -DLWS_ROLE_H1=1 -DLWS_WITH_WOLFSSL=0 -DLWS_WITH_LIBEV=0 -DLWS_WITH_LIBEVENT=1
2018-05-03 10:49:36 +08:00
Andy Green
f497562a62 refactor: change event lib minimal examples to serve as the test apps 2018-04-30 19:17:32 +08:00
Andy Green
27e86e2641 cmake: allow setting LWS_ROLE_WS
You can build lws without support for ws, with -DLWS_ROLE_WS=0.

This is thanks to the role ops isolating all the ws-specific business
in the ws role.

Also retire more test apps replaced by minmal-examples.
2018-04-25 08:42:18 +08:00