1
0
Fork 0
mirror of https://github.com/warmcat/libwebsockets.git synced 2025-03-16 00:00:07 +01:00
Commit graph

3620 commits

Author SHA1 Message Date
Andy Green
22a6a0073d safari: update default CSP to specify ws and wss schema
https://github.com/warmcat/libwebsockets/issues/1806
2019-12-29 19:59:16 +00:00
Andy Green
7221bc57b5 mux children: generalize helpers out of h2 implementation
This should be a NOP for h2 support and only affects internal
apis.  But it lets us reuse the working and reliable h2 mux
arrangements directly in other protocols later, and share code
so building for h2 + new protocols can take advantage of common
mux child handling struct and code.

Break out common mux handling struct into its own type.

Convert all uses of members that used to be in wsi->h2 to wsi->mux

Audit all references to the members and break out generic helpers
for anything that is useful for other mux-capable protocols to
reuse wsi->mux related features.
2019-12-29 19:59:16 +00:00
Andy Green
1eb4d335d2 active_conns: move out dependency on ah 2019-12-23 09:25:56 +00:00
Andy Green
36de0ada7d http client basic auth add helper and example 2019-12-22 18:17:45 +00:00
Andy Green
c4ab815aaf _GNU_SOURCE: only define if not already defined
https://github.com/warmcat/libwebsockets/issues/1803
2019-12-22 18:17:45 +00:00
Andy Green
c327c7fdb7 vhost destruction: dont allow all wsi closures to kill vh we are already in process of destroying
Saw this on travis selftests during context destroy

==18895== Invalid read of size 8
==18895==    at 0x415909: __lws_vhost_destroy2 (vhost.c:1063)
==18895==    by 0x40E65B: lws_context_destroy2 (context.c:929)
==18895==    by 0x40EBE5: lws_context_destroy (context.c:1128)
==18895==    by 0x40CC41: main (minimal-http-client-post.c:267)
==18895==  Address 0x6168688 is 728 bytes inside a block of size 792 free'd
==18895==    at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==18895==    by 0x45B29E: _realloc (alloc.c:120)
==18895==    by 0x45B2D6: lws_realloc (alloc.c:130)
==18895==    by 0x415ED7: __lws_vhost_destroy2 (vhost.c:1204)
==18895==    by 0x419164: lws_vhost_unbind_wsi (wsi.c:82)
==18895==    by 0x41236B: __lws_free_wsi (close.c:154)
==18895==    by 0x4134CF: __lws_close_free_wsi_final (close.c:650)
==18895==    by 0x4133BA: __lws_close_free_wsi (close.c:610)
==18895==    by 0x413528: lws_close_free_wsi (close.c:660)
==18895==    by 0x4158C7: __lws_vhost_destroy2 (vhost.c:1053)
==18895==    by 0x40E65B: lws_context_destroy2 (context.c:929)
==18895==    by 0x40EBE5: lws_context_destroy (context.c:1128)

Removing the last wsi from the vhost we started to destroy finalized the
vhost destruction, which is aimed at libuv async close cleanup.  But if
we already entered __lws_vhost_destroy2, we will definitely destroy the vhost
ourselves at the end of that function already.  So defeat the wsi close
triggering it.
2019-12-22 18:17:45 +00:00
Andy Green
d911bce379 spa: report 0-length FINAL_CONTENT
https://github.com/warmcat/libwebsockets/issues/1468

Just always report FINAL_CONTENT at the end, a zero length one
is okay.
2019-12-22 18:17:45 +00:00
Andy Green
c21f2dbe46 lextable: fix x-forwarded-for
https://github.com/warmcat/libwebsockets/issues/1801
2019-12-20 18:42:29 +00:00
Wojtek Kaniewski
ea50c8722c openssl: handle negotiation errors handling in client
If a client connects to a SSL server and the server sends handshake
alert (e.g. no matching ciphers) SSL_connect() fails, but because
SSL_ERROR_SSL return value is not handled, it's not considered a
failure. SSL_want_read() will return 1 and the client will happily wait
for more data from the server. Now if the server closes connection after
sending handshake alert, POLLIN event will be triggered,
lws_tls_client_connect() called again, but SSL_connect() will fail
without calling read(), so the client will end up consuming 100% CPU
because POLLIN will be triggered repeatedly.

Similar error handling is used in lws_tls_server_accept() and the
condition checks for SSL_ERROR_SSL. Using the same condition in
lws_tls_client_connect() fixes the problem.

Tested with OpenSSL 1.0.2k.
2019-12-19 21:30:09 +00:00
Andy Green
fb1b2842fd lws_strexp: flexible string expansion helper 2019-12-16 18:16:01 +00:00
Dane
10290048b0 basic auth: add callback option
Allow an http mount to specify it wants to check Basic Auth
requests via a protocol callback instead of a text file.
2019-12-14 23:55:28 +00:00
Jerry Jacobs
6879574d8d close.c: close reason length wrong
The string length is actually 25... solve it by measuring the same
string.
2019-12-14 23:55:28 +00:00
Andy Green
392dfe186b LWS_ERRNO: audit uses for case logging may destroy errno
On some platforms, it's possible that logging flow may reset errno.  In the case where
we try to log errno on those platforms and afterwards try to query it, we will get a
nasty surprise that the logged errno is destroyed by the time we come to test it.

In the two cases of this in the tree at the moment, sample errno into a temp and
log and test the temp.

Thanks to Sakthi Ramabadran for finding this.
2019-12-14 23:55:28 +00:00
Andy Green
fb54b590c7 adopt: pass wsi opaque so its set from the start 2019-12-09 14:48:54 +00:00
Andy Green
8c2114a430 minimal-raw-serial
Add a minimal example showing how to set up, send and receive on a
serial tty in the event loop.
2019-12-09 14:48:54 +00:00
Andy Green
2eeec91d3d tls: lws_system per-connection client certs
Now the generic lws_system blobs can cover client certs + key, let's
add support for applying one of the blob sets to a specific client
connection (rather than doing it via the vhost).
2019-12-09 14:48:54 +00:00
Andy Green
c1a3defb88 lws_system generic blobs
Remove the auth lws_system stuff and redo it using generic blobs
with separate namespaces.  Support pointing to already-in-memory
blobs without using heap as well as multi-fragment appened blobs
eg, parsed out of JSON chunk by chunk and chained in heap.

Support auth the new way, along with client cert + key in DER
namespaces.
2019-12-08 14:28:43 +00:00
Micon Frink
fdbfafd1b5 async dns: android: fix build error
https://github.com/warmcat/libwebsockets/issues/1783
2019-12-08 14:28:40 +00:00
Andy Green
cb2b0e88b2 fail paths: deregister notifier and be sure adopt returns NULL
Notifiers may also have scoped lifecycles, support deregister
2019-12-06 17:14:28 +00:00
Andy Green
68de449093 raw: client: make sure we get CONNECT and opaque_user_data before RX 2019-12-02 11:19:32 +00:00
Andy Green
277d0e5e4c license: fix up last mentions of lgpl outside of the source file license grant part 2019-12-02 11:19:30 +00:00
Andy Green
b4449e9f12 semmle: char comparison is actually constrained
It looks to semmle like the int size can be bigger than the char loop var.
But the size is the size of the IPv4 or IPv6 address, so it cannot make
a problem.
2019-12-01 18:04:19 +00:00
Olivier Langlois
6a40a3ba43 logs: with LWS_MAX_SMP more than 1 processess lws logs using larger stack buffer 2019-12-01 18:01:06 +00:00
Olivier Langlois
de8bb9ade7 pmd: create_context: warn if info.extensions non-NULL if built without EXTENSIONS 2019-12-01 17:48:05 +00:00
Andy Green
bca993f7ed ntpclient: update for udp adopt interface binding
https://github.com/warmcat/libwebsockets/issues/1781

Build this in travis so I could find this earlier
2019-11-28 05:23:50 +00:00
Andy Green
938540723c async dns: format string for pointer arithmetic
https://github.com/warmcat/libwebsockets/issues/1780
2019-11-28 05:17:23 +00:00
Andy Green
74712ea4f5 socks5: fix compile breakage
https://github.com/warmcat/libwebsockets/issues/1777
2019-11-27 19:19:48 +00:00
Andy Green
8e91a0d723 mbedtls: cast ecdh enum type for some toolchains 2019-11-27 07:39:37 +00:00
Andy Green
9d93677d7d ws pmd: deflatePending only has meaning during deflate
https://github.com/warmcat/libwebsockets/issues/1768
2019-11-23 07:44:05 +00:00
Andy Green
6ed3d8a9dd client: also allow stashed host param for client tls
Client connection items for protocols other than http ones
will never get into an ah.  Allow use of the values from the
client stash allocation instead if present.
2019-11-20 10:24:48 +00:00
Andy Green
0df23ef53b connect: fix getaddrinfo leak 2019-11-20 10:21:30 +00:00
Andy Green
aea978240a context: allow override validity timing 2019-11-20 10:17:36 +00:00
Andy Green
092ebf9879 cgi: minimal example 2019-11-20 05:20:59 +00:00
Andy Green
0f7f27801e http redirect: 303: force method to GET
This teaches http client stuff how to handle 303 redirects... these
can happen after POST where the server side wants you to come back with
a GET to the Location: mentioned.

lws client will follow the redirect and force GET, this works for both
h1 and h2.  Client protocol handler has to act differently if it finds
it is connecting for the initial POST or the subsequent GET, it can
find out which by checking a new api lws_http_is_redirected_to_get(wsi)
which returns nonzero if in GET mode.

Minimal example for server form-post has a new --303 switch to enable
this behaviour there and the client post example has additions to
check lws_http_is_redirected_to_get().
2019-11-17 10:47:01 +00:00
Andy Green
297aa86b60 lws_context_create: clean up cancel pipes on fail
https://github.com/warmcat/libwebsockets/issues/1765
2019-11-16 16:56:27 +00:00
Andy Green
285fb9c8ba server vfs: close: cleanup also at just_kill_connection
Also make sure to close the vfs handle on transaction completed as
well as close.
2019-11-16 09:00:15 +00:00
Andy Green
1d3e103c74 server: vfs: make sure handle freed if problems while setting up file transfer
https://github.com/warmcat/libwebsockets/issues/1765
2019-11-16 09:00:15 +00:00
Andy Green
724f4e9f22 http: chunked client 2019-11-16 09:00:15 +00:00
Andy Green
1968edcf44 cgi: reenable h1 with chunking 2019-11-16 09:00:15 +00:00
Andy Green
640a3f177c http_proxy: fix for mbedtls 2019-11-16 09:00:15 +00:00
Andy Green
44585d0fc0 http_proxy: fixes
Eg,

http_proxy=http://127.0.0.1:3128 ./bin/lws-minimal-http-client

works OK on h1 + h2
2019-11-15 08:28:50 +00:00
Andy Green
6975847e62 lws_getaddrinfov46: make sure to set ai_socktype for ipv6 2019-11-13 09:15:36 +00:00
Andy Green
2d04b40770 cov263976: paranoid check is dead code to coverity 2019-11-12 10:29:02 +00:00
Andy Green
b2a112568c cov263975: help coverity see false positive 2019-11-12 10:28:53 +00:00
Andy Green
4f6fdd41b9 h2 client: no point resetting ah
Resetting the ah and waiting a bit is the right strategy at the end of
http/1.1 client transaction.  But it's wrong for h2... drop the ah
instead if it's the end of a client transaction on h2.
2019-11-08 08:46:57 +00:00
Andy Green
5b19db1850 lws_system: auth: update 2019-11-08 08:46:57 +00:00
Andy Green
c8de9bbc2d ah: drop on LONG_POLL and allow dropping client ah early 2019-11-06 21:34:14 +00:00
Zhiwen Zheng
34eca205e5 acme: add wildcard support to CSR 2019-11-06 16:02:36 +00:00
Andy Green
2bc0b97b45 acme: mbedtls: update genrsa apis 2019-11-06 16:02:33 +00:00
Andy Green
6b4b2f28be alpn: move out of tls-server so it can be used if server disabled 2019-11-06 06:39:28 +00:00