1
0
Fork 0
mirror of https://github.com/warmcat/libwebsockets.git synced 2025-03-09 00:00:04 +01:00
Commit graph

3618 commits

Author SHA1 Message Date
Mykola Stryebkov
3c334d4906 windows: pipe role does not use file handle any more 2021-04-05 10:55:04 +01:00
Andy Green
7f8e2edc3d windows: cancel pipe is in pts not context 2021-04-05 10:55:04 +01:00
Andy Green
7d8f742594 smp: more lock assertions 2021-04-05 10:55:04 +01:00
Andy Green
b582dd49fb client: add CONNECTING protocol cb 2021-04-05 10:55:04 +01:00
Andy Green
d291c02a23 ss: sspc: add conmon performance telemetry
This provides a way to get ahold of LWS_WITH_CONMON telemetry from Secure
Streams, it works the same with direct onward connections or via the proxy.

You can mark streamtypes with a "perf": true policy attribute... this
causes the onward connections on those streamtypes to collect information
about the connection performance, and the unsorted DNS results.

Streams with that policy attribute receive extra data in their rx callback,
with the LWSSS_FLAG_PERF_JSON flag set on it, containing JSON describing the
performance of the onward connection taken from CONMON data, in a JSON
representation.  Streams without the "perf" attribute set never receive
this extra rx.

The received JSON is based on the CONMON struct info and looks like

{"peer":"46.105.127.147","dns_us":596,"sockconn_us":31382,"tls_us":28180,"txn_resp_us:23015,"dns":["2001:41d0:2:ee93::1","46.105.127.147"]}

A new minimal example minimal-secure-streams-perf is added that collects
this data on an HTTP GET from warmcat.com, and is built with a -client
version as well if LWS_WITH_SECURE_STREAMS_PROXY_API is set, that operates
via the ss proxy and produces the same result at the client.
2021-04-05 10:55:04 +01:00
Andy Green
51490ae6e6 Fault injection
add lws_xos: xoshiro256 PRNG
2021-04-05 10:55:04 +01:00
Catalin
33f5bf2e2d tls sessions: openssl: ttl based internal expiry 2021-04-05 10:54:55 +01:00
Andy Green
9483df3b17 openssl: check for X509_VERIFY_PARAM_set1_host also using CHECK_SYMBOL_EXISTS 2021-04-04 17:20:07 +01:00
Andy Green
7451702722 tls-sessions: serialization 2021-04-04 05:45:53 +01:00
Andy Green
e2f1dd1c82 mbedtls: session cache and resume 2021-04-04 05:44:08 +01:00
Catalin
d5753b6298 tls: openssl-only: client-only: session caching 2021-04-04 05:34:11 +01:00
Andy Green
e4d381eadd metrics: increase type of us_schedule to uint64_t 2021-04-02 16:50:49 +01:00
Bram Peeters
3ff6a9d462 vhost: dont log null origin 2021-04-02 16:50:49 +01:00
Andy Green
e2f42387b7 route: assert if route table becomes full 2021-04-02 16:50:49 +01:00
Gary Christiansen
12f20503b4 mqtt: Fixes setting the length of the last will message
It was previously using the length of the topic for the message. It
would break if the topic and message were not the same length.
2021-04-02 16:44:35 +01:00
Jed Lu
69f2ad9ced ss: allow that request_tx may get told DESTROY_ME 2021-04-01 09:09:10 +01:00
Chunho Lee
ff76604006 ss: mqtt: Wrap ACK_REMOTE to ACK_REMOTE transition with LWS_ROLE_MQTT
Wrap ACK_REMOTE to ACK_REMOTE transition with
"#if defined(LWS_ROLE_MQTT) /.../ #endif".
2021-03-31 09:39:12 +01:00
Andy Green
0c98d94481 ss: mqtt: allow ACK_REMOTE to ACK_REMOTE transition
MQTT doesn't follow http type transaction flow, so it's
quite possible to have n PUBLISH getting acked in a row.
2021-03-30 08:10:52 +01:00
Chunho Lee
25ae9facc9 mqtt: topic validation for different mqtt servers
AWS IoT enforces limits topic level and length. If 'aws_iot' is set
on the policy, the topic limits will be enforced for AWS IoT.
2021-03-30 07:38:37 +01:00
Sakthi Kannan
f3531ef673 mqtt: wildcard topic and topic to 256 chars
Adding supports to MQTT wildcard support, topic to 256 chars,
incorrect topic validation.
2021-03-30 07:38:37 +01:00
Sakthi Kannan
a088b72696 mqtt: Setting the CONNECTED state only when SUBACK is received
Setting the CONNECTED state only when SUBACK is received if the stream has
defined a subscription topic. This is to avoid SS from sending out SUBSCRIBE
right after CONNACK, even when the connection is not valid.
2021-03-30 07:38:32 +01:00
Andy Green
eda5c1b60a sai: openbsd: fix sigv4 2021-03-29 19:36:26 +01:00
Andy Green
6c4a127310 active_conns: simplify h1 exclusion rule 2021-03-29 19:36:26 +01:00
Pavel Otchertsov
ebe44543ee cmake: check if _GNU_SOURCE is already defined 2021-03-25 10:08:41 +00:00
Pavel Otchertsov
f84b90ba03 use gmtime_r instead of gmtime if possible
Also check tm result is not NULL before using it.
2021-03-25 10:08:40 +00:00
Pavel Otchertsov
932527a3e7 access-log: use localtime_r instead of localtime if possible
Also replace the WIN32 check to global LWS_HAVE_LOCALTIME_R in logs.c
2021-03-25 09:12:11 +00:00
Pavel Otchertsov
9453d246d9 unix: fix usage of getpwnam_r and friends
These functions can return 0 code but still store NULL in result, if no matching group or username found.
Also the buffer of 64 size could be too small to store all string fields in result.
2021-03-25 08:40:52 +00:00
Andy Green
b9ee27f3c5 unix: use getpwnam_r and friends
Figure out if the threadsafe versions are available on the platform and
use them if so
2021-03-25 08:40:52 +00:00
Andy Green
ffb49e2612 http: post: defer body pending end until no more buffered out 2021-03-25 08:40:52 +00:00
Andy Green
ae0b52c0df lws_hex_from_byte_array 2021-03-25 08:40:52 +00:00
Andy Green
f576f317aa ws: wsi unusability only applies when no pending
We basically hear about HUP out-of-band with respect to
pending rx... now we mark the wsi as "unusable" once we
see the HUP - the connection has ended.

This means we have to differentiate between the wsi
being unusable for new things now, like replying, and
what it has already sent still being servicible and
pending.
2021-03-25 08:40:52 +00:00
Andy Green
50e1f1ed13 h2: dont try to get ahead of POST if its a cgi mount or proxied 2021-03-25 08:40:52 +00:00
Andy Green
51790705a0 unix_skt: handle 0 length read as close
This was commented during the metrics patch for some reason...
commenting it breaks UDS -> web serving proxying.

Uncomment it and see what the other problem is..
2021-03-25 08:40:52 +00:00
Andy Green
b5bc6028e6 http_proxy: report failed http code
Improve how we report what happened with http_proxy... if
we can't recognize the response as http/1.0 or http/1.1
do a CCE with "http_proxy fail", or if we did get valid h1
response but no 200 response code, do a CCE with
"http_proxy -> xxx" where xxx is the decimal representation
of the response code, eg, "http_proxy -> 407"
2021-03-25 08:40:52 +00:00
Andy Green
fb9abfdf0e ws: accept newer IANA close codes
Close codes 1012 - 1014 are not defined in RFC6455 but were defined later
in https://www.iana.org/assignments/websocket/websocket.xml#close-code-number

Accept these guys that are a bit late to the party, and 1015 as well.
2021-03-25 08:40:52 +00:00
Andreas Weigel
319a00c067 jwt: sign via info
Offer a more extensible way to form and sign JWTs
2021-03-25 08:40:52 +00:00
Andy Green
0f42f0d9ad uloop 2021-03-17 12:23:34 +00:00
Andy Green
e97a61f22b logs: reduce verbosity on plugins probing 2021-03-17 12:23:28 +00:00
Andy Green
06509e287d lws_conmon: connection monitoring and stats generation
This provides a build option LWS_WITH_CONMON that lets user code recover
detailed connection stats on client connections with the LCCSCF_CONMON
flag.

In addition to latencies for dns, socket connection, tls and first protocol
response where possible, it also provides the user code an unfiltered list
of DNS responses that the client received, and the peer it actually
succeded to connect to.
2021-03-17 07:31:49 +00:00
Andy Green
67eed51fea openbsd: fix up ctest 2021-03-17 07:31:30 +00:00
Andy Green
b34862bf8a netbsd: follow openbsd use of wait4
Otherwise sai is sometimes failing to get the correct process exit code

spawn: use WEXITSTATUS macro

On openbsd at least, the process retcode isn't in the low 8 bits, but must
be recovered using the official macro.
2021-03-16 08:15:28 +00:00
Andy Green
1000a52df3 logs: prioritize WITH_NO_LOGS even in release
Really not having any logs makes it difficult to know what is really
happening, but if that's you're thing this will align debug and release
modes to just have ERR and USER if you give WITH_NO_LOGS
2021-03-15 12:56:15 +00:00
Andy Green
ad5047a687 sspc: make sure we cancel any retry 2021-03-14 19:50:08 +00:00
Andy Green
3ca8625129 adopt: rejection should not loop with listen adoption 2021-03-14 15:05:19 +00:00
Andy Green
baccd5b238 ss: make sure pointer to failed ss creation is wiped out 2021-03-14 15:05:19 +00:00
Andy Green
f35a3b8969 ssproxy: break immediately after determining we will not allow the stream 2021-03-14 15:05:19 +00:00
Andy Green
4df5e015ed ssproxy: deal with lack of policy when replying with stream denied 2021-03-14 15:05:19 +00:00
Andy Green
546c151555 ss: add set_metadata that takes a heap copy and make ss-h1 use it
Until now we set metadata value pointers into the onward wsi ah data
area... that's OK until we get a situation the wsi has gone away before we
have a chance to deliver the metadata over the proxy link.

Add a variant lws_ss_alloc_set_metadata() that allocates space on the heap
and takes a copy of the input metadata.  Change ss-h1 to alloc copies of
its metadata so we no longer race the wsi ah lifetime.
2021-03-14 15:05:18 +00:00
Andy Green
4804624905 ss: force check all set_metadata returns
lws_ss_set_metadata can fail... eg, due to transient OOM situation... if it does,
caller must take appropriate action like disconnect and retry.

So mark the api as requiring the result checking, and make sure all the
examples do it.
2021-03-14 08:58:26 +00:00
Andreas Weigel
12d535f839 x509: support DER recovery 2021-03-13 08:06:17 +00:00