Somehow, a string replacement of ns by fsm had damaged
the license text and introduced garbage.
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
Updates the `lws_pt_destroy()` logic to ensure the pipe fds are closed if either `pt->dummy_pipe_fds[0]` or `pt->dummy_pipe_fds[1]` are still valid (previously was only checking `pt->dummy_pipe_fds[0]` which was resulting in the write fd to leak whenever a context was destroyed).
Addresses issue #2855 by allowing the parsing of the final byte when there are at least 3 bytes remaining in the buffer.
For every 4 bytes of input, a maximum of 3 bytes of output are generated when decoding the base64 string. The buffer space, therefore, only requires an additional 3 bytes of space. The code checks for space in the buffer before adding null termination.
Adds a reference to the libwebsockets context to the OpenSSL context
used by the client vhost. This allows SSL info callbacks to work
correctly for clients, like it currently does for servers.
Co-authored-by: Marty Flickinger <marty.flickinger@garmin.com>
Signed-off-by: Marty Flickinger <marty.flickinger@garmin.com>
Signed-off-by: Nate Karstens <nate.karstens@garmin.com>
In case of an SSL_ERROR_SSL in lws_tls_client_connect, the
lws_ssl_get_error call was calling lws_tls_err_describe_clear which
cleared the OpenSSL error from the stack. Thus, the tls.err_helper
attribute was set to the default value from ERR_error_string_n, masking
the actual OpenSSL error message from client code.
Subject: [PATCH] remove LWS_CALLBACK_OPENSSL_CONTEXT_REQUIRES_PRIVATE_KEY
callback
When a certificate for a TLS connection is provided, but a private
key is not, the SSL_CTX initialization exits early, before the
CONTEXT_REQUIRES_PRIVATE_KEY callback can be issued.
Remove the now obsolete callback and update the vhost
field description to state that the LOAD_EXTRA_SERVER_VERIFY_CERTS
callback should be used instead.
Subject: [PATCH] lib/secure-streams: Fix clang build error
`-Wunused-but-set-variable`
When building with clang-15, I got the following error:
```
error: variable 'm' set but not used [-Werror,-Wunused-but-set-variable]
int n, m = 0;
^
```
Let's just remove the `m` variable here, it's not used.
Signed-off-by: Ammar Faizi <ammarfaizi2@gnuweeb.org>
openssl can be built without threads resulting in the following build
failure:
-- Looking for HMAC_CTX_new
-- Looking for HMAC_CTX_new - not found
[...]
In file included from /home/buildroot/autobuild/instance-0/output-1/build/libwebsockets-4.3.1/include/libwebsockets.h:661,
from /home/buildroot/autobuild/instance-0/output-1/build/libwebsockets-4.3.1/lib/core/./private-lib-core.h:140,
from /home/buildroot/autobuild/instance-0/output-1/build/libwebsockets-4.3.1/lib/plat/unix/unix-misc.c:28:
/home/buildroot/autobuild/instance-0/output-1/build/libwebsockets-4.3.1/include/libwebsockets/lws-genhash.h:85:18: error: field 'ctx' has incomplete type
85 | HMAC_CTX ctx;
| ^~~
To fix this build failure, don't unconditionally add pthread if openssl
has been found through pkg-config as openssl.pc will contain the
appropriate dependencies (i.e. -lpthread but also -lz or -latomic)
Fixes:
- http://autobuild.buildroot.org/results/2ae9e3249b6fcc9e6c30e7783e264fc6599e61df
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
