Add support for external pthreads lib on windows and some docs about how to do.
It can build with LWS_WITH_THREADPOOL and LWS_WITH_MINIMAL_EXAMPLES including the
pthreads-dependent ones without warnings or errors on windows platform as well with this.
pthreads_t can be anything, including a struct - not a pointer-to-a-struct
but the struct itself. These can't be cast to a void * for printing as they can
on linux, where the base type is a pointer.
Let's fix all the usage of those to determine their own thread index in terms
of the meaning to the program rather than as a tid.
Fix pthreads detection in the minimal examples and add it where needed.
Fix unistd.h include to be conditional on not WIN32
With this, -DLWS_WITH_MINIMAL_EXAMPLES=1 is happy and warning-free
on windows.
Rate limiting does not work correctly with AVS server, the last
block of rx data is not coming. Disable it for now so the
returned data comes as rapidly as the server can send and the
client receive.
There's a subtle difference between fork and vfork... when doing the
dup() before the exec, with cfork we are still dealing with the
parent process "possessed" by the forked process briefly inbetween
the vfork() and the exec().
That matters because when we close the duplicated fds for the stdxxx
pipes, with vfork we're closing the fd we still want to hold in the
parent process.
Nobody uses this from the wrapper... it brings in mbedtls_x509_crt_info()
even if you're using -ffunctionsections for a loss of about 1.7KB on Arm.
Let's chop it out...
GCC -fanalyzer did find a real issue (unchecked malloc return)
but it mainly reported things that weren't true due to what
was happening outside of the particular compilation unit that
it could see.
Starting with gcc 10 (in fedora 32) there's a new static
analyzer built into gcc you can enable with -fanalyzer. It
doesn't slow compilation much, but it's a bit hit and miss,
it only analyzes each compilation unit standalone so it
reports issues that can never happen.
Enable it if the option LWS_WITH_FANALYZER is enabled and
cmake can see the actual compiler supports it.
The mbedtls openssl wrapper wants to use exports from mbedtls' net_sockets.c,
but this is only supposed to work on *nix and windows. Typically people
are using mbedtls on RTOS type platforms and to use it, net_sockets.c
needs some hacking.
Try to avoid that situation by porting the two exports we need into the
lws plat code and call from the wrapper.
read has a tight leash on the states it's happy to turn up there,
it's good to be like that but it turns out LRS_FLUSHING_BEFORE_CLOSE
should be whitelisted since it can happen under some transient
conditions and is valid.
https://github.com/warmcat/libwebsockets/issues/1872
In some cases devices may be too constrained to handle JSON policies but still
want to use SS apis and methodology.
This introduces an off-by-default cmake option LWS_WITH_SECURE_STREAMS_STATIC_POLICY_ONLY,
if enabled the JSON parsing part is excluded and it's assumed the user code
provides its policy as hardcoded policy structs.
If a user sets a default filename for a http mount (.def in lws_http_mount),
eg. 'default.html', then a GET request for '/' correctly forwards to
'/default.html'.
However, without this commit the default filename is not taken into account for subdirectories. Thus,
GET subdir/
will forward to
'subdir/index.html'
instead of the expected
'subdir/default.html'
This commit changes the behavior such that the user-provided default filename is also used for subdirectories.
There are a few automatic things that look for streamtypes that may or
may not exist now
- captive_portal_detect
- fetch_policy
- api_amazon_com_auth
logging them as notice every startup is pretty intrusive, change to info.
This extends threadpool slightly so it can bind enqueued tasks to a
secure streams handle as well as a straight wsi.
Either the .wsi must be set as before, or the .ss handle if you are
using secure streams, when enqueuing a task on the taskpool.
A couple of other helpers get ss-aware wrappers if LWS_WITH_SECURE_STREAMS
Although threadpool was originally designed for server (gitohashi)
actually it's also fine working with client wsi / Secure Streams,
if you have a situation a client connection is associated with heavy
processing.
For general OpenSSL case, we leave connection validity to system trust
store bundle to decide; even for mbedtls it may have been passed a
bundle externally and we don't want to have to list the x.509 stack
explicitly for a server we don't have any control over.
Instead of erroring out, allow the case no trust store is specified,
just use vhost[0] and let the system trust store decide if it likes
the server's cert or not.
No ABI change.
The endpoint field in streamtype policy may continue to just be the
hostname, like "warmcat.com".
But it's also possible now to be a url-formatted string, like, eg,
"https://warmcat.com:444/mailman/listinfo"
If so (ie, if it contains a : ) then the decoded elements may override
if tls is enabled, the endpoint address, the port, and the url path.
No ABI change.
Although the code is correct and the symbols should be defined, making some
prototypes conditional on cmake defines breaks their visibility when the
library is built.
They're conditional here to get around use of sqlite3 type in the prototypes
where we may not be including sqlite3 headers. Replace the conditional with
a grauitous typedef as a forward ref, since it's only referred to via
pointer types.
Make the policy load apis public with an extra argument that says if you want the
JSON to overlay on an existing policy rather than replace it.
Teach the stream type parser stuff to realize it already has an entry for the
stream type and to modify that rather than create a second one, allowing overlays
to modify stream types.
Add --force-portal and --force-no-internet flags to minimal-secure-streams and
use the new policy overlay stuff to force the policy for captive portal detection
to feel that there is one or that there's no internet.
Implement Captive Portal detection support in lws, with the actual
detection happening in platform code hooked up by lws_system_ops_t.
Add an implementation using Secure Streams as well, if the policy
defines captive_portal_detect streamtype, a SS using that streamtype
is used to probe if it's behind a captive portal.
We worked fine while an earlier typo meant this was never getting past the
preprocessor... when it did, it exposes that the signal handler type was
never implemented. Just remove for glib.
Process HTTP headers related to content length for ws connections
and make 1 callback before continuing to the ws upgrade code.
This gives one last opportunity to ws protocols to inspect server reply
before the ws upgrade code discard it. ie: download reply body in case
of any other response code than 101.
