1
0
Fork 0
mirror of https://github.com/warmcat/libwebsockets.git synced 2025-03-16 00:00:07 +01:00
Commit graph

3811 commits

Author SHA1 Message Date
Andy Green
b1281f1f3a coverity: 50773: no need to set m any more when transitioning and exiting 2020-08-18 14:00:54 +01:00
Andy Green
cdbf86fe4a coverity: 51248: convince coverity we have an ah attached before dereference during parse 2020-08-18 14:00:54 +01:00
Andy Green
b63c7f1e8e coverity: 62131: check when logging role name for NULL 2020-08-18 14:00:54 +01:00
Andy Green
06005d14b4 coverity: 62154: calculation needed if WITH_FILE_OPS 2020-08-18 09:34:50 +01:00
Andy Green
048604751c coverity: 62584: init m only inside preprocessor conditional that needs it 2020-08-18 09:28:40 +01:00
Andy Green
60e2c65208 coverity: 62333; no need to init cce as set on all paths that use it 2020-08-18 09:19:34 +01:00
Andy Green
400355fdc3 coverity: 62458: coverity doesnt understand nonzero header length means simple_ptr cannot be NULL 2020-08-18 09:19:33 +01:00
Andy Green
9745c5cca8 coverity: 62477: explicitly check wsi->protocol even though client creation sets it 2020-08-18 09:11:45 +01:00
Andy Green
192b76c89b coverity: 62540: explicitly check for NULL even though cannot be 2020-08-18 09:08:03 +01:00
Andy Green
0f173e0bbe coverity: 62622: remove unused line 2020-08-18 09:00:39 +01:00
Andy Green
52182da689 sspc: protect wsi from NULL not cwsi 2020-08-17 16:27:05 +01:00
Andy Green
83912f40e8 sspc: proxy: extend DESTROY_ME 2020-08-17 14:36:33 +01:00
Andy Green
c6e1352e99 sspc: add translation helpers and comments about pss usage between client and proxy
Helpers remove casts and derefs.

Add additional pointer arithmetic in client_pss_to_sspc_h() helper to
remove dependency on handle_offset being the first thing in the userdata

Make the helper names explicit for different proxy and client pss handling,
so it should be clearer that client helpers belong in a client section and
vice versa.
2020-08-17 14:32:23 +01:00
Jed Lu
80992b0ebd sspc: client: audit all deserialize *pss references and confirmed checked for NULL 2020-08-17 06:57:30 +01:00
Andy Green
e8cbfea22d lws_smd: take care about build with disabled 2020-08-16 05:35:56 +01:00
Andy Green
7692d920a8 coverity: 244441: strerror broken on some platforms
Some platforms have strerror but it's broken according to Coverity.
Let's avoid it
2020-08-14 09:14:24 +01:00
Andy Green
491f0f6068 coverity: 324943: confirm get_random worked
In normal systems this doesn't have a way to fail.  But check it for
consistency.
2020-08-14 09:07:27 +01:00
Andy Green
aec2bdec2f coverity: 324897: mqtt: check unsub var for NULL 2020-08-14 09:02:29 +01:00
Andy Green
795d20081e coverity: 232068: hpack 6-bit index may be garbage
It's possible an attacker may send an illegal dynamic index
we can't succeed to look up
2020-08-14 08:56:19 +01:00
Andy Green
ecb8de3386 coverity: 232025: modulo with zero modulus
Add a generic helper macro that has defined operation with modulus 0
2020-08-14 08:46:31 +01:00
Andy Green
4a28bc8c87 coverity: 231739: clear false positive by needless checks
Client connection api must provide host
2020-08-14 07:27:08 +01:00
Andy Green
df2f135c09 coverity: 324692: mqtt: check for OOM in generate_id 2020-08-14 07:18:48 +01:00
Andy Green
908d259a47 coverity: 305064: clear false positive by needless NULL check
Add needless check so we don't keep getting the same coverity hit from different people
2020-08-14 07:02:07 +01:00
Andy Green
146858fb54 coverity: 231926: clear false positive by showing coverity what it wants to see
We can't get here without testing for COLON_PATH existing in http2.c as part of
the h2spec pass code.

		if (!lws_hdr_total_length(h2n->swsi, WSI_TOKEN_HTTP_COLON_PATH) ||
		    !lws_hdr_total_length(h2n->swsi, WSI_TOKEN_HTTP_COLON_METHOD) ||
		    !lws_hdr_total_length(h2n->swsi, WSI_TOKEN_HTTP_COLON_SCHEME) ||
		     lws_hdr_total_length(h2n->swsi, WSI_TOKEN_HTTP_COLON_STATUS) ||
		     lws_hdr_extant(h2n->swsi, WSI_TOKEN_CONNECTION)) {
			lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR,
				      "Pseudoheader checks");
			break;
		}

So there is no issue.  But show Coverity what it wants so we don't keep getting this
false positive reported by different coverity users.
2020-08-14 06:35:31 +01:00
Andy Green
7c9ead211a sspc-proxy-fragmented-dsh-must-use-fragmented-flags
We compute the refragmented flags when cutting up large client serialized
payload blocks.  But we had a bug where we didn't actually apply it and
applied the original client flags on the fragments.

That causes a crisis because EOM is used to mark end of post body and
complete the transaction, that is then happening on the first fragment.

This one-liner corrects it to use the computed, refragmented flags on the
dsh fragments and eliminate the problem.
2020-08-13 16:48:26 +01:00
Andy Green
44608abce6 sspc: fix intree build for sspc examples and increase post example body
Correct a comment about payload layout and add detailed comments about
dsh handling at proxy.

Increase the post size so it shows up fragmentation issues at the proxy.
2020-08-13 16:48:16 +01:00
Andy Green
54f98aff78 sspc: make it clear we can only get RPAR_STREAMTYPE in WAIT_INITIAL_TX state
Otherwise Coverity will complain we only set up ssi in WAIT_INITIAL_TX
2020-08-13 06:40:39 +01:00
Andy Green
d51e44388c sspc: ss timeout check is onward still alive before setting 2020-08-12 19:25:34 +01:00
Andy Green
ee404d7449 uv: cmake: use find_ only if no commandline paths
Libuv override paths were broken since the CMakeLists.txt refactor,
find_library worked OK.  This should go back to allowing both.
2020-08-12 07:26:03 +01:00
William Yu
98f63c6c8d freertos: explicitly include semphr.h
Although it's already included in lws esp-idf freertos case, in some
other freertos environments it's necessary to explicitly include
the semaphore header.
2020-08-12 05:54:27 +01:00
Andy Green
dd3bae8c71 ss: multipart without processing
Change the default to not process multipart mime at SS layer.

If it's desired, then set "http_multipart_ss_in" true in the policy on the streamtype.

To test, use lws-minimal-secure-streams-avs, which uses SS processing as it is.

To check it without the processing, change #if 1 to #if 0 around the policy for
"http_multipart_ss_in" in both places in avs.c, and also enable the hexdump in ss_avs_metadata_rx()
also in avs.c, and observe the multipart framing is passed through unchanged.
2020-08-11 11:07:13 +01:00
Andy Green
fff9ca6ee4 sspc: client: restrict forwarded bulk data to 2048 2020-08-10 15:04:10 +01:00
Andy Green
8669f6bf61 sspc: client: if not writing, make sure not to write 2020-08-10 15:04:10 +01:00
Jed Lu
793ba842fa ss: http: synthesize CONNECTED for PUT as well as POST 2020-08-10 15:04:10 +01:00
Andy Green
03af613c13 sspc: minimal examples: improve PROXY_API detection to work outside tree 2020-08-10 15:04:10 +01:00
Andy Green
629c8138b1 sai: freebsd 2020-08-10 15:04:10 +01:00
Andy Green
4cd381f933 cmake: tls: wolfssl
PARENT_SCOPE needs adjusting in a few places for wolfssl to work, and
we need a second level export of USE_WOLFSSL through lib/CMakeLists.txt

Add noi/f32 Sai build for WOLFSSL + MINIMAL_EXAMPLES
2020-08-10 15:04:10 +01:00
Andy Green
2edd83dac1 freebsd: sai build adaptations 2020-08-10 15:04:10 +01:00
Mike Owens
e3b34d3e08 Subject: Fixes to build on FreeBSD and Illumos 2020-08-10 15:04:10 +01:00
Andy Green
1f0cd18dd6 ss: server: check more carefully if built but not used on a wsi 2020-08-10 15:04:10 +01:00
Andy Green
77062d1c27 openssl: windows: also link with crypt32 in case used by openssl 2020-08-10 15:04:10 +01:00
Andy Green
74c7060c62 sspc: increase client packet size to 8192
This is only used on Linux-class devices
2020-08-10 15:04:10 +01:00
Andy Green
0f218eebbd sspc: deal with huge metadata 2020-08-10 15:04:10 +01:00
Andy Green
15e6ac25a4 sspc: make sure NUL on metadata name 2020-08-10 15:04:10 +01:00
Andy Green
6eb793bbef sspc: temp ignore txcr to support h1
We want to manage the proxy txcr, but at the moment the proxy doesn't pass
back information about if it's actually h1 or h2 it found across the internet.

Temporarily defeat txcr wait so we can support h1 until that's improved.
2020-08-10 15:04:10 +01:00
Andy Green
a71cbe785e sspc: http POST: synthesize CONNECTED to provoke client body write 2020-08-10 15:04:10 +01:00
Andy Green
d1d5cf2947 sspc: improve client async close flow 2020-08-10 15:04:10 +01:00
Andy Green
1b4bf38d5e sspc: add request_tx length variant
Add in the missing request_tx length variant, serialization and proxy
handling for it
2020-08-10 15:04:10 +01:00
Andy Green
3899a416a9 sspc: segregate client and proxy states properly 2020-08-10 15:04:10 +01:00
Andy Green
a6a9f22556 sspc: LWSSSPC: track onward request status 2020-08-10 15:04:10 +01:00