1) Remove the whole ah rxbuf and put things on to the wsi buflist
This eliminates the whole detachability thing based on ah rxbuf
state... ah can always be detached.
2) Remove h2 scratch and put it on the wsi buflist
3) Remove preamble_rx and use the wsi buflist
This was used in the case adopted sockets had already been read.
Basically there are now only three forced service scenarios
- something in buflist (and not in state LRS_DEFERRING_ACTION)
- tls layer has buffered rx
- extension has buffered rx
This is a net removal of around 400 lines of special-casing.
For h1 / ws, a combination of removing POLLIN wait and
stashing any unused rx lets us immediately respond to
rx flow control requests in a simple and effective way,
because the tcp socket is the stream.
But for muxed protocols like h2, that technique cannot
be used because we cannot silence the whole bundle of
streams because one can't handle any more rx dynamically.
There are control frames and content for other streams
serialized inbetween the flow controlled stream content.
We have no choice but to read to so we can see the other
things. Therefore for muxed protocols like h2 and spdy,
rx flow control boils down to tx credit manipulation
on individual streams to staunch the flow at the peer.
However that requires a round trip to take effect, any
transmitted packets that were in flight before the tx credit
reduction arrives at the remote peer are still going to come
and have to be dealt with by adding them to the stash.
This patch introduces lws_buflist scatter-gather type
buffer management for rxflow handling, so we can append
buffer segments in a linked-list to handle whatever rx
is unavoidably in flight on a stream that is trying to
assert rx flow control.
Since new roles may be incompatible with http, add support for
alpn names at the role struct, automatic generation of the
default list of alpn names that servers advertise, and the
ability to override the used alpn names per-vhost and per-
client connection.
This not only lets you modulate visibility or use of h2,
but also enables vhosts that only offer non-http roles,
as well as restricting http role vhosts to only alpn
identifiers related to http roles.
This completely removes the loop self-running stuff.
Static allocations (uv_idle, timers etc) are referenced-counted in the context
same as the wsi are. When lws wants to close, he first closes all his wsi, then
when that is completed in the uv close callbacks, he closes all of his static
uv handles. When that is also completed in the uv callbacks, he stops the loop
so the lws context can destroy and exit.
Any direct libuv allocations in protocol handlers must participate in the
reference counting. Two new apis are provided
- lws_libuv_static_refcount_add(handle, context) to mark the handle with
a pointer to the context and increment the global uv object counter
- lws_libuv_static_refcount_del() which should be used as the close callback
for your own libuv objects declared in the protocol scope.
Previously down network interfaces without an IPv4 address are
removed from the posix api that lists network interfaces.
That means if you bound a vhost listen socket to a particular
interface, it will fail at startup time.
This patch adds these vhosts to a list, starts the vhost without
a listen socket, and checks to see if the vhost's network interface
has appeared while the rest of lws is running.
If it appears, the listen socket is opened on the network interface
and the vhost becomes reachable.
This is just an internal mass change of LWS_NO_EXTENSIONS to
LWS_WITHOUT_EXTENSIONS to match the public name and eliminate
all instances of LWS_NO_EXTENSIONS.
This allows you to set a 404 handler URL on a vhost.
The necessary user code looks like...
info.error_document_404 = "/404.html";
... at vhost-creation time.
In the existing lws_return_http_status() api, if it sees
the vhost has an "error_document_404" path set and that
we are trying to report a 404, it changes the action
instead to a redirect to the error_document_404 path.
The redirect target is returned using 404 status code.
If the redirect target doesn't exist, then it falls back
to just reporting the simple canned 404.
Re-use wsi->preamble_rx to also hold leftover rx after dealing with POST
body. Ensure ah->rx is always big enough to cope with what may have
been read into the pt->serv_buf.
Update the check for forced needed to also accept non-NULL wsi->preamble
as well as ah->rxpos != ah->rxlen as indication forced needed.
Disable autoservice on ah reset during transaction completed... it may
close the wsi underneath us when it sees and processes the pending
wsi->preamble_rx recursively otherwise.
ESP32 module price is now within range of 8266 price.
ESP32 capability and OS support is hugely better than 8266,
we can support mbedtls tls, http/2 etc with ESP32.
I'm no longer testing on ESP8266... there's no more
user traffic... it's time to go.
This provides platform-independent support for time discontiguities.
On embedded without battery RTC, commonly we only get time after
NTP completes. This makes the cert checking happen when we have
a reasonable time and introduces lws_compare_time_t() to correctly
compare time_t s that may sit on either side of a time discontiguity.
After startup, and once per day, check the validity dates on our ssl certs,
and broadcast callbacks with the information so interested plugins can
know.
If our clock is < May 2016, we don't try to judge the certs, because clearly
we don't know what time it is.
- Add platform helpers for pipe creation.
- Change the direct-to-fds implementation to create a wsi for each
pt and use the normal apis to bind it to the event loop.
- Modifiy context creation and destroy to create and remove the
event pipe wsis.
- Create the event pipe wsis during context create if using the
default poll() event loop, or when the other event loops start
otherwise.
- Add handler that calls back user code with
LWS_CALLBACK_EVENT_WAIT_CANCELLED
This patch allows you to call `lws_cancel_service(struct lws_context *context)`
from another thread.
It's very cheap for the other thread to call and is safe without
locking.
Every use protocol receives a LWS_CALLBACK_EVENT_WAIT_CANCELLED from
the main thread serialized normally in the event loop.
This adds some optional apis around JSON Web Keys and JSON Web Signatures.
HMAC SHA256/384/512 and RSA + SHA256/384/512 are supported.
This also add a new "LWS_WITH_SELFTESTS" that enables the selftests.
HTTP/2 support is now able to serve the test server, complete with
websockets, from a single vhost.
- This works the same with both OpenSSL and mbedTLS.
- POST is now wired up and works (also for file upload).
- CGI is wired up and works.
- Redirect is adapted and works
- lwsws works.
- URI urldecode, sanitation and argument parsing wired up for :path
valgrind clean (aside from openssl-style false uninit data usage in mbedtls send occasionally)
h2spec reports:
$ h2spec -h 127.0.0.1 -p 7681 -t -k -o 1
...
145 tests, 145 passed, 0 skipped, 0 failed"
Incorporates:
- "https://github.com/warmcat/libwebsockets/pull/1039
Fixes issue with -Werror=unused-variable flag
- 2c843a1395
ssl: fix infinite loop on client cert verification failure
Signed-off-by: Petar Paradzik <petar.paradzik@sartura.hr>"
Caused and fixes Coverity 184887 - 184892
For some targets like ESP32, the ah pool is mainly sitting idle wasting memory.
For HTTP/2, if the client sends a series of pipelined headers on different SIDs
that exist simultaneously, there is no way to stall the headers to wait for an
ah, because we must read the stream for stuff like WINDOW_UPDATE on the other
streams.
In both these cases having the ability to free unused ah completely and allocate
more dynamically if there is memory is useful, so this patch makes the ah pool
an initially-empty linked list that allocates on demand up to the "max pool
size" limit from the context info. When nobody wants an ah, it is freed (if
someone was waiting for it, it is directly reused).
For ESP32 it means no large, permanent alloc when lws starts and dynamic alloc
according to how many streams the client opens, which can be controlled by
SETTINGS.
Almost all the CMake options begin with LWS_WITH_..., but many of the
symbols passed to lws are LWS_USE_... , this causes neededless confusion,
compounded by the fact that a few CMake options also begin with
LWS_USE_.
This patch globally converts all LWS_USE_... to LWS_WITH_..., so there
is only one prefix to remember in both CMake and the code.
The affected public CMake options are
LWS_USE_BORINGSSL -> LWS_WITH_BORINGSSL
LWS_USE_CYASSL -> LWS_WITH_CYASSL
LWS_USE_WOLFSSL -> LWS_WITH_WOLFSSL
LWS_USE_MBEDTLS -> LWS_WITH_MBEDTLS
LWS_USE_BUNDLED_ZLIB -> LWS_WITH_BUNDLED_ZLIB
