1
0
Fork 0
mirror of https://github.com/warmcat/libwebsockets.git synced 2025-03-16 00:00:07 +01:00
Commit graph

3150 commits

Author SHA1 Message Date
Andy Green
6d45e6c5b1 spa: add info args and stride
This is aimed at allowing a stride to optionally be
given for the parameter name array... this will allow
use of lws_struct metadata as the parameter name
array.


Also introduce the option to put all allocations in
an lwsac instead of via lws_mallocs.
2019-04-06 07:34:36 +08:00
Andy Green
8a6cf749e8 post: only report BODY_COMPLETION once 2019-04-06 06:16:20 +08:00
Andy Green
38fb0e31da lws_struct
lws_struct JSON + sqlite3 serializer and deserializer


See READMEs/README.lws_struct.md
2019-04-06 06:08:47 +08:00
kzhdev
0850231a09 ws: client: if server sends no subprotocol prefer any existing protocol 2019-04-06 05:52:23 +08:00
kzhdev
c40394f968 openssl: client: handle no tcr 2019-04-06 05:52:23 +08:00
Andy Green
af817c6532 cgi: fix h2 timeouts 2019-04-06 05:52:23 +08:00
pavelxdd
0bfb172a9e http: basic auth: fix delay on Firefox
Firefox sends HTTP requests with "Connection: keep-alive" header.
When LWS responds with 401 and WWW-Authenticate header, Firefox
doesn't show an authentication dialog until connection is closed.
Adding "Content-Length: 0" solves the problem.
2019-04-03 17:00:15 +08:00
Andy Green
ede747f1bc openssl: client: check wsi from openssl private data
v2.4 was patched to check NULL wsi in the verify callback,
nobody has reported it on later versions, but might as well
check it too.
2019-04-03 08:06:14 +08:00
Kieran
a92cf6533f windows: fix build on VS2017 WIN10 2019-04-02 07:52:39 +08:00
elivdahan
1d6128d1fe cmake: Fix bzero mis-detection on MinGW
Using a C compiler ignores non-existent functions, and tries to link them anyway.

The compiler optimizes `bzero(buf, 1)` to `movb   $0x0,0xf(%esp)`, so bzero is
not called at all, and the linker succeeds.

Increase the buffer size to 100 to avoid this optimization.
2019-04-01 15:20:01 +08:00
Andy Green
fd1f4e4de7 lwsac_use_zero 2019-03-29 05:03:01 +08:00
Andy Green
080a72669b docs: add READMEs/README.porting.md 2019-03-28 06:47:02 +08:00
Andy Green
9bcbefea26 docs: lws_dll and lws_dll2 documentation 3 2019-03-26 14:54:50 +08:00
Andy Green
49d78fd0de ws proxy: also proxy ACCEPT_LANGUAGE 2019-03-26 14:54:50 +08:00
Andy Green
1062370f07 unix skt: allow control over skt user:group
If you're providing a unix socket service that will be proxied / served by another
process on the same machine, the unix fd permissions on the listening unix socket fd
have to be managed so only something running under the server credentials
can open the listening unix socket.
2019-03-26 14:54:49 +08:00
Andy Green
ce1f395ead context: add info members to drop privileges using user and group name strings
Up until now if you wanted to drop privs, a numeric uid and gid had to be
given in info to control post-init permissions... this adds info.username
and info.groupname where you can do the same using user and group names.

The internal plat helper lws_plat_drop_app_privileges() is updated to directly use
context instead of info both ways it can be called, and to be able to return fatal
errors.

All failures to lookup non-0 or -1 uid or gid names from uid, or to look up
uid or gid from username or groupnames given, get an err message and fatal exit.
2019-03-26 14:54:49 +08:00
Andy Green
59b468845d docs: correct lws_random doxygen docs 9 2019-03-26 14:54:49 +08:00
Andy Green
53c932e05d lws_hex_to_byte_array
Convert ascii hex into byte array
2019-03-23 12:41:29 +08:00
Andy Green
ff71e3cc0d close: after DROP_PROTOCOL no longer report traffic to callback
x
2019-03-23 08:02:53 +08:00
Andy Green
5c3a2be00d http proxy: proxy Authorization header
Sai notifications are signed using Authorization: and "sai" auth type.

After the auth type, the format is, eg, "sha256=<hash>" .
2019-03-22 18:52:08 +08:00
Andy Green
588cf0b8db lws_spa: add CLOSE callback
This should ease the situation where there was creation done in the
callback for LWS_UFS_OPEN
2019-03-22 16:55:51 +08:00
Andy Green
da3d8cb593 http proxy: support POST 2019-03-22 11:25:22 +08:00
Andy Green
f7860b6ac6 spa: allow instantiation with no parse array
If you just want a "file" in multipart, don't care about the length or
anything else, then you don't need any params tables and associated
allocations.
2019-03-22 11:23:06 +08:00
Andy Green
62c5a784e3 alpn: handle ALLOW_NON_SSL_ON_SSL_PORT 2019-03-22 05:30:22 +08:00
Andy Green
303c78a5dd hrtimer: insert must handle head tail pointers 2019-03-21 18:53:59 +08:00
Andy Green
d5d2bbc4db hrtimer: remove from correct dll before resetting 2019-03-21 13:41:36 +08:00
Andy Green
d1d313b4bf ws proxy: also proxy h1 ws to h1 and h2
lws has been able to proxy h2 or h1 inbound connections to an
h1 onward connection for a while now.  It's simple to use just
build with LWS_WITH_HTTP_PROXY and make a mount where the origin
is the onward connection details.  Unix sockets can also be
used as the onward connection.

This patch extends the support to be able to also do the same for
inbound h2 or h1 ws upgrades to an h1 ws onward connection as well.

This allows you to offer completely different services in a
common URL space, including ones that connect back by ws / wss.
2019-03-21 10:26:47 +08:00
Andy Green
668a3f440f minimal-http-server-eventlib-smp 2019-03-21 10:26:42 +08:00
Andy Green
13ae9927a3 lws_dll[2]_foreach_safe: add user cb param
The callback flow is a bit more disruptive than doing the iteration
directly in your function.  This helps by passing a user void *
into the callback set as an lws_dll[2]_foreach_safe() arg.
2019-03-21 10:24:58 +08:00
Andy Green
b227d10187 nossl recv: always respond to 0 length read as shutdown 2019-03-21 10:24:58 +08:00
Andy Green
462847bb6f lws_dll: remove lws_dll_lws and deprecate lws_dll_remove 2019-03-21 06:19:31 +08:00
Andy Green
ce5b9a3ad4 lws_dll: teach it to track tail as well as head 2019-03-21 06:19:30 +08:00
Andy Green
8dd3383368 lws_dll_foreach_safe 2019-03-21 06:19:30 +08:00
Andy Green
30eb3e94ab openssl: gencrypto: aes gcm AAD: use EncryptUpdate or DecryptUpdate to set AAD
Until 1.1.1b OpenSSL didn't mind we were setting AAD for AES GCM
using EVP_EncryptUpdate() for both encrypt and decrypt... but now
it noticed and the bug is fixed.
2019-03-21 06:18:32 +08:00
Andy Green
45f2c9f9f8 openssl3: handle EC_POINT_get_affine_coordinates api change 2019-03-20 21:00:29 +08:00
Andy Green
555c34b044 openssl: reuse client SSL_CTX where possible
If you have multiple vhosts with client contexts enabled, under
OpenSSL each one brings in the system cert bundle.

On libwebsockets.org, there are many vhosts and the waste adds up
to about 9MB of heap.

This patch makes a sha256 from the client context configuration, and
if a suitable client context already exists on another vhost, bumps
a refcount and reuses the client context.

In the case client contexts are configured differently, a new one
is created (and is available for reuse as well).
2019-03-18 06:54:38 +08:00
Andy Green
58ff44297c server-status: show correct statm value 2019-03-18 06:54:38 +08:00
Andy Green
15a0e543f4 minimal-http-server-proxy 2019-03-16 16:19:00 +08:00
Andy Green
59a2a787ee openssl: try to reduce memory usage 2019-03-16 10:17:28 +08:00
Andy Green
75c058e250 mbedtls: handle vhost without valid cert gracefully 2019-03-16 09:54:52 +08:00
Andy Green
4c3146c27c glibc: if malloc_trim() exists, call it periodically 2019-03-16 08:10:47 +08:00
Andy Green
c74e4995bf appveyor: add JOSE target 2019-03-15 15:28:30 +08:00
Andy Green
9c7162f253 windows: prepare for udp 2019-03-14 21:52:53 +08:00
Andy Green
579ed35249 jwk: remove unistd.h include 2019-03-14 21:22:17 +08:00
Andy Green
119aa5c0ad lws_dir: wrap dir scanning backend and convert lejp-conf
We use POSIX dir scanning apis normally, but for windows, we require libuv
to do it for us.

Formalize that into a wrapper lws_dir() that hides the backend code.

Make it configurable, ON by default and forced on with lejp-conf that
depends on it.
2019-03-14 20:06:25 +08:00
Santeri Hernejärvi
5d1cd3cb4b mbedtls: Fix reads getting stuck when the socket has disconnected
We've seen this behaviour when iOS resumes from sleep:

dbg> 0x11cd03750: ssl err dbg> lws_ssl_capable_read: WANT_READ
dbg> 0x11cd03750: LWS_SSL_CAPABLE_MORE_SERVICE
dbg> SSL Capable more service
dbg> 0x11cd03750: SSL_read says -1
dbg> 0x11cd03750: ssl err 2 errno 57
dbg> lws_ssl_capable_read: WANT_READ
dbg> 0x11cd0375dbg> SSL Capable more service
dbg> 0x11cd03750: SSL_read says -1
dbg> 0x11cd03750: ssl err 2 errno 57
dbg> lws_ssl_capable_read: WANT_READ
2019-03-14 19:09:33 +08:00
Andy Green
274b491080 dbus: selftests should use more unique mirror session name 2019-03-14 08:53:02 +08:00
Brian Lee
ce273b1c4f dbus: signal.h needed explicitly on some platforms 2019-03-14 07:17:57 +08:00
Andy Green
7c6cfd2d05 vhost: fix allocated protocol list freeing at destroy time 2019-03-12 11:57:43 +08:00
Andy Green
80ff6ed0df lwsac_use_zeroed: lwsac helper equivalent to zalloc 2019-03-12 11:57:43 +08:00