1
0
Fork 0
mirror of https://github.com/warmcat/libwebsockets.git synced 2025-03-09 00:00:04 +01:00
Commit graph

89 commits

Author SHA1 Message Date
Andy Green
b05e95ec87 pipe: only pt destroy pipe close should close pipe fds
https://github.com/warmcat/libwebsockets/issues/2873
2024-09-25 08:38:44 +01:00
Andy Green
9e658fa996 threadpool: improve relationship with LWS_HAVE_PTHREAD_H
Make it clear in more places that threadpool is only built if pthreads
available.

https://github.com/warmcat/libwebsockets/issues/2607
2022-05-17 15:37:16 +01:00
Andy Green
0d9acf7a31 http: redirect: keep ssl options at redirect 2022-01-04 16:00:07 +00:00
Andy Green
91da9e30c7 cancel pipe: mark close when wsi is close 2021-12-14 08:09:25 +00:00
Andy Green
4d81fee54f validity: take context and pt lock before close 2021-08-31 05:45:40 +01:00
Andy Green
ee510154a0 fi: wsi: fault to fake peer hangup after a delay range
Example usage, client

$ valgrind ./bin/lws-minimal-secure-streams-stress-client -c 4 --budget 40

proxy

$ valgrind ./lws-minimal-secure-streams-proxy --fault-injection "ss=mintest/wsi/timedclose(20%),ss=mintest/wsi/timedclose_ms(0..100)"
2021-07-04 10:29:54 +01:00
Andy Green
5d8cf03221 logs: log contexts 2021-07-01 05:20:53 +01:00
Andy Green
8e76634ed3 logs: introduce log_cx 2021-07-01 05:20:53 +01:00
Andy Green
576bed631f sspc: close: differentiate between ss and sspc at final wsi close
A second chunk of ss / sspc handling did not get cleaned up
along with the other patch from a few weeks ago, it wrongly
treats sspc the same as ss.  This can cause the wrong thing
to be zeroed down, 64-bit and 32-bit builds end up with
different victims.

This patch makes it understand the difference and treat them
accordingly, same as the main for_ss handling.
2021-06-26 13:03:13 +01:00
Andy Green
9e8eb28c72 sul: improve debugging 2021-06-26 13:03:13 +01:00
Andy Green
6163c96727 vhost: allow multiple listen sockets
Some platforms need two sockets with AF_INET and AF_INET6 to listen to both
protocols.

This patch changes the single listen socket each vhost could previously
handle to become an lws_dll2 and adapts the related code to handle them as
a linked-list rather than as a singleton.

The next patch adapts the listen / server code to create multiple listen
wsi for vhosts listening on multiple ip protocols.
2021-06-22 15:55:47 +01:00
Andy Green
272dba8307 http: redo redirects to follow close flow
Until now although we can follow redirects, and they can promote the
protocol from h1->h2, we couldn't handle h2 wsi reuse since there are many
states in the wsi affected by being h2.

This wipes the related states in lws_wsi_reset() and follows the generic
wsi close flow before deviating into the redirect really close to the end,
ensuring we cleaned out evidence of our previous life properly.

h2->h2 redirects work properly after this.

The max number of redirects is increased from 3 -> 4 since this was seen in
the wild with www and then geographic-based redirects.
2021-06-22 15:55:29 +01:00
Andy Green
350a6dc9ef threadpool: disassociate wsi on close 2021-06-20 06:03:59 +01:00
Jed Lu
ae8b11aa83 ss: do not restrict close handling to WITH_SERVER 2021-05-26 14:07:27 +01:00
Andy Green
7d8f742594 smp: more lock assertions 2021-04-05 10:55:04 +01:00
Andy Green
51490ae6e6 Fault injection
add lws_xos: xoshiro256 PRNG
2021-04-05 10:55:04 +01:00
Andy Green
06509e287d lws_conmon: connection monitoring and stats generation
This provides a build option LWS_WITH_CONMON that lets user code recover
detailed connection stats on client connections with the LCCSCF_CONMON
flag.

In addition to latencies for dns, socket connection, tls and first protocol
response where possible, it also provides the user code an unfiltered list
of DNS responses that the client received, and the peer it actually
succeded to connect to.
2021-03-17 07:31:49 +00:00
Andy Green
3f4623bb36 lws_metrics
There are a few build options that are trying to keep and report
various statistics

 - DETAILED_LATENCY
 - SERVER_STATUS
 - WITH_STATS

remove all those and establish a generic rplacement, lws_metrics.

lws_metrics makes its stats available via an lws_system ops function
pointer that the user code can set.

Openmetrics export is supported, for, eg, prometheus scraping.
2021-03-08 21:47:28 +00:00
Andy Green
3fe08ce5d8 fault injection 2021-02-20 13:54:35 +00:00
Andy Green
95a545b741 evlib: count extant evlib handles instead of wsi 2021-01-19 17:07:33 +00:00
Andy Green
c9731c5f17 type comparisons: fixes
This is a huge patch that should be a global NOP.

For unix type platforms it enables -Wconversion to issue warnings (-> error)
for all automatic casts that seem less than ideal but are normally concealed
by the toolchain.

This is things like passing an int to a size_t argument.  Once enabled, I
went through all args on my default build (which build most things) and
tried to make the removed default cast explicit.

With that approach it neither change nor bloat the code, since it compiles
to whatever it was doing before, just with the casts made explicit... in a
few cases I changed some length args from int to size_t but largely left
the causes alone.

From now on, new code that is relying on less than ideal casting
will complain and nudge me to improve it by warnings.
2021-01-05 10:56:38 +00:00
Andy Green
e11d78dc5e sspc: cleanup bridged wsi 2021-01-04 05:40:12 +00:00
Andy Green
93f54c61c5 ss: enforce balanced CONNECT vs DISCONNECT 2021-01-04 05:26:50 +00:00
Andy Green
0ceba15d9c lws_lifecycle
This adds some new objects and helpers for keeping and logging
info on grouped allocations, a group is, eg, SS handles or client
wsis.

Allocated objects get a context-unique "tag" string intended to replace
%p / wsi pointers etc.  Pointers quickly become confusing when
allocations are freed and reused, the tag string won't repeat
until you produce 2^64 objects in a context.

In addition the tag string documents the object group, with prefixes
like "wsi-" or "vh-" and contain object-specific additional
information like the vhost name, address / port  or the role of the wsi.
At creation time the lws code can use a format string and args
to add whatever group-specific info makes sense, eg, a wsi bound
to a secure stream can also append the guid of the secure stream,
it's copied into the new object tag and so is still available
cleanly after the stream is destroyed if the wsi outlives it.
2021-01-04 05:26:50 +00:00
Andy Green
5947e54a66 ss: mark client wsi bound to ss using flag 2020-12-24 16:14:36 +00:00
Andy Green
426623433a ss-srv: destroy accepted clients on ws close 2020-11-28 10:58:38 +00:00
Andy Green
2bcae2b3b6 context: refactor destroy flow 2020-11-28 10:58:38 +00:00
Andy Green
3549a94ce6 roles: compress role ops structs
role ops are usually only sparsely filled, there are currently 20
function pointers but several roles only fill in two.  No single
role has more than 14 of the ops.  On a 32/64 bit build this part
of the ops struct takes a fixed 80 / 160 bytes then.

First reduce the type of the callback reason part from uint16_t to
uint8_t, this saves 12 bytes unconditionally.

Change to a separate function pointer array with a nybble index
array, it costs 10 bytes for the index and a pointer to the
separate array, for 32-bit the cost is

2 + (4 x ops_used)

and for 64-bit

6 + (8 x ops_used)

for 2 x ops_used it means 32-bit: 10 vs 80 / 64-bit: 22 vs 160

For a typical system with h1 (9), h2 (14), listen (2), netlink (2),
pipe (1), raw_skt (3), ws (12), == 43 ops_used out of 140, it means
the .rodata for this reduced from 32-bit: 560 -> 174 (386 byte
saving) and 64-bit: 1120 -> 350 (770 byte saving)

This doesn't account for the changed function ops calling code, two
ways were tried, a preprocessor macro and explicit functions

For an x86_64 gcc 10 build with most options, release mode,
.text + .rodata

before patch:          553282
accessor macro:        552714 (568 byte saving)
accessor functions:    553674 (392 bytes worse than without patch)

therefore we went with the macros
2020-11-28 10:58:38 +00:00
Andy Green
9eb4c4fac2 client: rfc6724 dns results sorting
RFC6724 defines an ipv6-centric DNS result sorting algorithm, that
takes route and source address route information for the results
given by the DNS resolution, and sorts them in order of preferability,
which defines the order they should be tried in.

If LWS_WITH_NETLINK, then lws takes care about collecting and monitoring
the interface, route and source address information, and uses it to
perform the RFC6724 sorting to re-sort the DNS before trying to make
the connections.
2020-11-28 10:58:07 +00:00
Andy Green
44e860642b docs: switch to use main 2020-10-19 16:35:03 +01:00
Andy Green
db5b2c1403 close: ensure any pending sul_connect_timeout cancelled 2020-10-09 21:30:49 +01:00
Andy Green
aa539e607b client: awaiting header is only a CCE for ws
In the case http client doesn't get a response and closes, currently
it is confused, it reports it as a CLIENT_CONNECTION_ERROR but then
also a CLOSED_CLIENT_HTTP.

Adapt the logic so we only go that way for ws connection... not getting
the server headers means not reaching ESTABLISHED, which makes it a
CCE not a CLOSE.

Also make sure we never issue a CLOSE type callback if we issued a CCE.
2020-09-16 12:30:46 +01:00
Andy Green
b1a084e7be ss: server: make sure failures after adopt invalidate ss copy of wsi
For server, if the adoption of the incoming connection proceeds but then
fails early on, eg, tls alert due to hostname mismatch with cert, the
wsi close happens but it doesn't clean up the invalidated reference to
itself in the server ss object... if it became established, that's handled
by the ss protocol callback.

This patch helps the close path to understand there is a related ss object
and to clean up after itself.
2020-09-13 14:37:15 +01:00
Andy Green
095b76853e smp: lws_mutex_refcount: add assert held helper
also additional pt locks shown as needed by that
2020-08-31 16:51:37 +01:00
Andy Green
8235db7726 smp: additional vhost locks 2020-08-31 16:51:37 +01:00
Andy Green
1a93e73402 fakewsi: replace with smaller substructure
Currently we always reserve a fakewsi per pt so events that don't have a related actual
wsi, like vhost-protocol-init or vhost cert init via protocol callback can make callbacks
that look reasonable to user protocol handler code expecting a valid wsi every time.

This patch splits out stuff that user callbacks often unconditionally expect to be in
a wsi, like context pointer, vhost pointer etc into a substructure, which is composed
into struct lws at the top of it.  Internal references (struct lws is opaque, so there
are only internal references) are all updated to go via the substructre, the compiler
should make that a NOP.

Helpers are added when fakewsi is used and referenced.

If not PLAT_FREERTOS, we continue to provide a full fakewsi in the pt as before,
although the helpers improve consistency by zeroing down the substructure.  There is
a huge amount of user code out there over the last 10 years that did not always have
the minimal examples to follow, some of it does some unexpected things.

If it is PLAT_FREERTOS, that is a newer thing in lws and users have the benefit of
being able to follow the minimal examples' approach.  For PLAT_FREERTOS we don't
reserve the fakewsi in the pt any more, saving around 800 bytes.  The helpers then
create a struct lws_a (the substructure) on the stack, zero it down (but it is only
like 4 pointers) and prepare it with whatever we know like the context.

Then we cast it to a struct lws * and use it in the user protocol handler call.
In this case, the remainder of the struct lws is undefined.  However the amount of
old protocol handlers that might touch things outside of the substructure in
PLAT_FREERTOS is very limited compared to legacy lws user code and the saving is
significant on constrained devices.

User handlers should not be touching everything in a wsi every time anyway, there
are several cases where there is no valid wsi to do the call with.  Dereference of
things outside the substructure should only happen when the callback reason shows
there is a valid wsi bound to the activity (as in all the minimal examples).
2020-07-20 06:28:52 +01:00
Andy Green
da7ef0468b cgi: add spawn reap callback 2020-07-20 06:28:52 +01:00
Andy Green
6ae43ee06e lws_wsi_close: add helper 2020-07-20 06:28:52 +01:00
Andy Green
30761e760a sul: LWS_WITH_SUL_DEBUGGING 2020-07-15 16:18:00 +01:00
Andy Green
0fb8504b20 client: suppress CONNECTION_ERROR if still in client_connect_via_info
If the client connection attempt fails early, we report it will a NULL
return from the client connection api.  If it fails later, perhaps after
more times around the event loop, we report it as a CONNECTION_ERROR.

This patch makes sure we don't do CONNECTION_ERROR flow if in fact we
are still in the client_connect_via_info() and in a position to report
the failure by returning NULL from there, without it under some
conditions we will do both a CONNECTION_ERROR and return NULL.
2020-06-30 19:35:41 +01:00
Andy Green
c0294c3e10 clean: use lws_intptr_t where needed 2020-06-03 06:48:06 +01:00
Andy Green
2c46d3882f client: reset: detach wsi from buflist pending owner on reset 2020-05-27 08:40:12 +01:00
Andy Green
9f1d019352 CTest: migrate and deprecate existing selftest scripts
Replace the bash selftest plumbing with CTest.

To use the selftests, build with -DLWS_WITH_MINIMAL_EXAMPLES=1
and `CTEST_OUTPUT_ON_FAILURE=1 make test` or just
`make test`.

To disable tests that require internet access, also give
-DLWS_CTEST_INTERNET_AVAILABLE=0

Remove travis and appveyor scripts on master.

Remove travis and appveyor decals on README.md.
2020-05-11 15:40:13 +01:00
Andy Green
3d995cf7c5 fds: add sanity checks 2020-05-05 06:34:58 +01:00
Andy Green
a57e62d502 ctest: fixes-and-changes 2020-04-19 08:43:01 +01:00
Andy Green
28ce32af64 client: secure streams
Secure Streams is an optional layer on top of lws that separates policy
like endpoint selection and tls cert validation into a device JSON
policy document.

Code that wants to open a client connection just specifies a streamtype name,
and no longer deals with details like the endpoint, the protocol (!) or anything
else other than payloads and optionally generic metadata; the JSON policy
contains all the details for each streamtype.  h1, h2, ws and mqtt client
connections are supported.

Logical secure streams outlive any particular connection and supports "nailed-up"
connectivity regardless of underlying connection stability.
2020-03-04 12:17:49 +00:00
Sakthi Kannan
9d099ba7be client: MQTT
Adds client support for MQTT QoS0 and QoS1, compatible with AWS IoT

Supports stream binding where independent client connections to the
same endpoint can mux on a single tcp + tls connection with topic
routing managed internally.
2020-03-04 12:17:49 +00:00
Andy Green
ed04a266ea rtos diet: make raw_file role optional 2020-03-04 11:00:04 +00:00
Andy Green
8a7e0edb7d lws_spawn_piped: break out from cgi
The vfork optimized spawn, stdxxx and terminal handling in the cgi
implementation is quite mature and sophisticated, and useful for
other things unrelated to cgi.  Break it out into its own public
api under LWS_WITH_SPAWN, off by default.

Expand it so the parent wsi is optional, and the role and protocol
bindings for stdxxx pipes can be set.  Allow optional sul timeout
and external lws_dll2 owner for extant children.

Remove inline style from minimal http-server-cgi
2020-02-21 17:32:41 +00:00
Andy Green
af2f1f9a87 event-lib-glib
Adds support for glib event library.
2020-02-21 17:32:41 +00:00