1
0
Fork 0
mirror of https://github.com/warmcat/libwebsockets.git synced 2025-03-16 00:00:07 +01:00
Commit graph

3620 commits

Author SHA1 Message Date
Andy Green
54029c4896 lws_struct: sqlite: order defaults to _lws_idx but may be overridden
The internal order that a dll2 of structs was written might or might not be
what the guy deserializing it cares about
2020-03-20 19:44:10 +00:00
Andy Green
5c657e0865 wolfssl: build fixes
Solve wolfssl wrappers being defines and header path availability for cmake tests
2020-03-20 09:35:54 +00:00
Andy Green
44fa7e39e3 lws_dir: uv: clean up temp loop on fail 2020-03-19 14:34:29 +00:00
Andy Green
93d6ab929b ss: reduce logging of unknown streamtypes
There are a few automatic things that look for streamtypes that may or
may not exist now

 - captive_portal_detect
 - fetch_policy
 - api_amazon_com_auth

logging them as notice every startup is pretty intrusive, change to info.
2020-03-19 14:05:18 +00:00
Andy Green
11837db0e0 mbedtls: support older versions without net_sockets.h 2020-03-19 10:14:25 +00:00
Andy Green
c6165f8680 lws_spawn: get result to temp si
We pass the temp si to the reap callback, we delete the lsp one beforehand.
But we were collecting the spawn retcode into the lsp one...
2020-03-18 12:20:41 +00:00
Andy Green
ed837acda0 lws_set_wsi_user: allow setting to override existing internal allocation 2020-03-18 12:19:51 +00:00
Andy Green
af20721500 threadpool: enable to use secure streams as well as direct wsi
This extends threadpool slightly so it can bind enqueued tasks to a
secure streams handle as well as a straight wsi.

Either the .wsi must be set as before, or the .ss handle if you are
using secure streams, when enqueuing a task on the taskpool.

A couple of other helpers get ss-aware wrappers if LWS_WITH_SECURE_STREAMS

Although threadpool was originally designed for server (gitohashi)
actually it's also fine working with client wsi / Secure Streams,
if you have a situation a client connection is associated with heavy
processing.
2020-03-16 13:58:07 +00:00
Andy Green
99e6aff537 ss: use system trust store if none given in policy
For general OpenSSL case, we leave connection validity to system trust
store bundle to decide; even for mbedtls it may have been passed a
bundle externally and we don't want to have to list the x.509 stack
explicitly for a server we don't have any control over.

Instead of erroring out, allow the case no trust store is specified,
just use vhost[0] and let the system trust store decide if it likes
the server's cert or not.


No ABI change.
2020-03-15 06:22:59 +00:00
Andy Green
f843668db9 ss: add lws_ss_to_user_object
The ss handle is opaque, so if you need to get the user allocation from the handle
outside of a callback, a helper is needed.

ABI change.
2020-03-15 06:22:18 +00:00
Andy Green
2cd8f599eb ss: allow url style endpoint addresses
The endpoint field in streamtype policy may continue to just be the
hostname, like "warmcat.com".

But it's also possible now to be a url-formatted string, like, eg,
"https://warmcat.com:444/mailman/listinfo"

If so (ie, if it contains a : ) then the decoded elements may override
if tls is enabled, the endpoint address, the port, and the url path.

No ABI change.
2020-03-15 06:19:38 +00:00
Andy Green
8adcdbb189 lws_spa: avoid reading past table
Didn't check the lenghts of the NUL-terminated header
table properly.

https://github.com/warmcat/libwebsockets/issues/1859
2020-03-15 06:19:17 +00:00
Andy Green
65a3d40d74 ss: support metadata string expansion in endpoint string
This lets you set metadata symbols exposed by the streamtype policy
into the endpoint address.

No ABI change
2020-03-14 17:04:43 +00:00
Andy Green
704eaa5e63 ss: allow streamtype policy overlays
Make the policy load apis public with an extra argument that says if you want the
JSON to overlay on an existing policy rather than replace it.

Teach the stream type parser stuff to realize it already has an entry for the
stream type and to modify that rather than create a second one, allowing overlays
to modify stream types.

Add --force-portal and --force-no-internet flags to minimal-secure-streams and
use the new policy overlay stuff to force the policy for captive portal detection
to feel that there is one or that there's no internet.
2020-03-14 17:04:43 +00:00
Andy Green
a60cb84c9e captive portal
Implement Captive Portal detection support in lws, with the actual
detection happening in platform code hooked up by lws_system_ops_t.

Add an implementation using Secure Streams as well, if the policy
defines captive_portal_detect streamtype, a SS using that streamtype
is used to probe if it's behind a captive portal.
2020-03-11 12:44:01 +00:00
Andy Green
fdb9b7fdd3 event libs: context_destroy sequencing 2020-03-10 19:13:43 +00:00
Andy Green
0648a83ca2 event libs: h1 pipelining needs to manage event lib additional data during handover too 2020-03-10 19:11:15 +00:00
Andy Green
84b9b2c69c glib: accidentally fixed unsupported signal watcher for glib
We worked fine while an earlier typo meant this was never getting past the
preprocessor... when it did, it exposes that the signal handler type was
never implemented.  Just remove for glib.
2020-03-10 12:34:34 +00:00
Andy Green
5b9fe01863 build: release mode compile fixes 2020-03-10 06:45:24 +00:00
Olivier Langlois
b6824c88fd http: allow receiving body in case ws upgrade failed
Process HTTP headers related to content length for ws connections
and make 1 callback before continuing to the ws upgrade code.
This gives one last opportunity to ws protocols to inspect server reply
before the ws upgrade code discard it. ie: download reply body in case
of any other response code than 101.
2020-03-07 21:07:54 +00:00
Andy Green
eaab6e28b0 client: unify post tls accept handling 2020-03-07 20:03:58 +00:00
Andy Green
61cd344c13 minilex: fix ROLE_WS=0 case 2020-03-06 15:22:36 +00:00
Andy Green
7efe93bb34 fallback: dont check after first ssl accept attempt 2020-03-06 10:18:43 +00:00
Andy Green
8dff5b7342 logs: don't print junk if no timestamp 2020-03-06 07:55:05 +00:00
Andy Green
1c6735e1a0 mux: disable already optimization
This leads to problems at the moment with sticky mux.requested_POLLOUT
causing writeable to not be sent.

Remove it and always set writeable on parents for now.
2020-03-06 07:55:05 +00:00
Andy Green
993c7c3192 fsmount: delete session dir on mount 2020-03-05 14:12:24 +00:00
Andy Green
765d393f82 clean: reduce some log level 2020-03-05 12:34:07 +00:00
Terry Zhang
eb9c01ae5c ws: make sure we understand frame finished when buflist_out flushed
When lws_write as many bytes as user can until function returns not all sent,
the next user`s lws_write call will write wrong frame to the other end. This
will cause connection be close by the other side.
2020-03-04 12:17:49 +00:00
Andy Green
0e94683897 freertos: forward-port lwip version adaptations 2020-03-04 12:17:49 +00:00
Andy Green
c25c37febd client: make sure all paths after connect go via tls if set 2020-03-04 12:17:49 +00:00
Andy Green
9695e23c00 ss: mqtt: add will and other sundries to policy
Replace the hacked-in constants with policy entries for sundry
MQTT features, and add to the policy readme.
2020-03-04 12:17:49 +00:00
Andy Green
28ce32af64 client: secure streams
Secure Streams is an optional layer on top of lws that separates policy
like endpoint selection and tls cert validation into a device JSON
policy document.

Code that wants to open a client connection just specifies a streamtype name,
and no longer deals with details like the endpoint, the protocol (!) or anything
else other than payloads and optionally generic metadata; the JSON policy
contains all the details for each streamtype.  h1, h2, ws and mqtt client
connections are supported.

Logical secure streams outlive any particular connection and supports "nailed-up"
connectivity regardless of underlying connection stability.
2020-03-04 12:17:49 +00:00
Sakthi Kannan
9d099ba7be client: MQTT
Adds client support for MQTT QoS0 and QoS1, compatible with AWS IoT

Supports stream binding where independent client connections to the
same endpoint can mux on a single tcp + tls connection with topic
routing managed internally.
2020-03-04 12:17:49 +00:00
Andy Green
d88d41090e cleaning: windows 2020-03-04 12:17:49 +00:00
Karl Vogel
7b50dc8830 event lib: fix LWS_WITH_GLIB typo 2020-03-04 12:17:49 +00:00
Andy Green
55ea791a77 lws_struct: store which toplevel schema matched
We can give the lws_struct parser a table of toplevel schemas, record
which one we chose so the caller can know how to interpret the result
2020-03-04 12:17:48 +00:00
Andy Green
30fc8e9caf lws_struct sqlite3
Continue with lws_struct, add sqlite support for one
level of lws_dll2_t lists of structs serialization and
deserialization, plus the matching api-test.
2020-03-04 11:00:04 +00:00
Andy Green
9a1f184915 rtos diet: http: remove headers at buildtime according to config
Headers related to ws or h2 are now elided if the ws or h2 role
is not enabled for build.  In addition, a new build-time option
LWS_WITH_HTTP_UNCOMMON_HEADERS on by default allows removal of
less-common http headers to shrink the parser footprint.

Minilex is adapted to produce 8 different versions of the lex
table, chosen at build-time according to which headers are
included in the build.

If you don't need the unusual headers, or aren't using h2 or ws,
this chops down the size of the ah and the rodata needed to hold
the parsing table from 87 strings / pointers to 49, and the
parsing table from 1177 to 696 bytes.
2020-03-04 11:00:04 +00:00
Andy Green
bb1a8d37fb rtos diet: make basic auth support a config option on by default
Remove wrapper content for < tls v1.2
2020-03-04 11:00:04 +00:00
Andy Green
ed04a266ea rtos diet: make raw_file role optional 2020-03-04 11:00:04 +00:00
Andy Green
3c663da99e rtos diet: mbedtls: wrapper: delete unused functions
Surprisingly -fdata-sections -ffunction-sections does not remove any string literals and __func__
implicit .rodata generated by the removed function's compilation.

That means potentially considerable deadweight is in the image even if the function is removed
at linktime.
2020-03-04 11:00:04 +00:00
Andy Green
94d488d2d5 jose: copy typ into jose object without testing for JWT 2020-03-04 11:00:04 +00:00
Andy Green
9adc64114b lws_set_wsi_user: allow setting if protocol pss size zero 2020-03-04 11:00:04 +00:00
Andy Green
a9b00f50ee socks5: add support to raw skt 2020-03-04 11:00:04 +00:00
Andy Green
62f22c9e0e malloc_trim: move out of unix plat and into lwsws
https://github.com/warmcat/libwebsockets/issues/1849
2020-03-04 11:00:04 +00:00
Olivier Langlois
5d74cf668c ev: check for IOURING 2020-03-01 08:14:44 +00:00
Andy Green
6bb116b8d8 socks5: cleanup and add test options
Refactor SOCKS5 client support to be gathered into
lib/core-net/socks5-client.c and make that build
contingent on LWS_WITH_SOCKS5.
2020-03-01 08:14:44 +00:00
Andy Green
0dd23d7073 tls restriction: account for pipelining and add test 2020-03-01 08:14:43 +00:00
Andy Green
1da0096d4d lws_fsmount: overlayfs apis 2020-02-21 17:32:41 +00:00
Andy Green
8a7e0edb7d lws_spawn_piped: break out from cgi
The vfork optimized spawn, stdxxx and terminal handling in the cgi
implementation is quite mature and sophisticated, and useful for
other things unrelated to cgi.  Break it out into its own public
api under LWS_WITH_SPAWN, off by default.

Expand it so the parent wsi is optional, and the role and protocol
bindings for stdxxx pipes can be set.  Allow optional sul timeout
and external lws_dll2 owner for extant children.

Remove inline style from minimal http-server-cgi
2020-02-21 17:32:41 +00:00